下载页面:
http://www.skycn.com/soft/11528.html
软件大小:
108 KB
软件语言: 简体中文
软件类别: 国产软件 / 共享版 / 文件分割
应用平台: Win9x/NT/2000/XP
加入时间:
2003-03-29 07:08:09
下载次数: 151
推荐等级: ***
开 发 商: http://www.websamba.com/morequick
【软件简介】: QuickSplit 可以帮助你切割大文件,并且也可以帮你把切割好的文件组合好.你想组合割好的文件时,只要运行自动生成的批处理文件就可以了。
【软件限制】:注册后提供更好的服务。
【作者声明】:初学Crack,只是感兴趣,没有其它目的。失误之处敬请诸位大侠赐教!
【破解工具】:TRW2000娃娃修改版、Ollydbg1.09、FI2.5、W32Dasm 10修改版
—————————————————————————————————
【过 程】:
QuickSplit.exe
无壳,VC++6.0编写。
机器码:23935472
试炼码:13572468
—————————————————————————————————
:00401DA0 6AFF
push FFFFFFFF
:00401DA2 6818544200
push 00425418
:00401DA7 64A100000000
mov eax, dword ptr fs:[00000000]
:00401DAD 50
push eax
:00401DAE 64892500000000
mov dword ptr fs:[00000000], esp
:00401DB5
83EC0C sub esp,
0000000C
:00401DB8 A138124300 mov
eax, dword ptr [00431238]
:00401DBD 55
push ebp
:00401DBE 56
push esi
:00401DBF 57
push
edi
:00401DC0 8BF1
mov esi, ecx
:00401DC2 89442414
mov dword ptr [esp+14], eax
:00401DC6 C744242000000000
mov [esp+20], 00000000
:00401DCE 8944240C
mov dword ptr [esp+0C], eax
:00401DD2
8D442414 lea eax, dword
ptr [esp+14]
:00401DD6 8D8E98000000 lea
ecx, dword ptr [esi+00000098]
:00401DDC 50
push eax
:00401DDD C644242401
mov [esp+24], 01
:00401DE2 E861A50100
call 0041C348
:00401DE7 8D4C240C
lea ecx, dword ptr [esp+0C]
:00401DEB
51 push
ecx
:00401DEC 8D4E5C
lea ecx, dword ptr [esi+5C]
:00401DEF E854A50100
call 0041C348
:00401DF4 8B54240C
mov edx, dword ptr [esp+0C]
====>EDX=13572468 试炼码
:00401DF8
837AF801 cmp dword ptr
[edx-08], 00000001
====>至少要填2位注册码
S
:00401DFC
0F8EB2000000 jle 00401EB4
====>跳则OVER!
:00401E02
8B442414 mov eax, dword
ptr [esp+14]
====>EAX=23935472
机器码
:00401E06
50 push
eax
:00401E07 E89B980000 call
0040B6A7
====>把23935472转换成16进制值=16D39F0
入EAX
:00401E0C
8B4C2410 mov ecx, dword
ptr [esp+10]
====>ECX=13572468
:00401E10
8BF8 mov
edi, eax
====>EDI=EAX=16D39F0
:00401E12
51 push
ecx
:00401E13 E88F980000 call
0040B6A7
====>把13572468转换成16进制值=00CF1974
入EAX
:00401E18
83C408 add esp,
00000008
:00401E1B 8BCE
mov ecx, esi
:00401E1D 8BE8
mov ebp, eax
====>EBP=EAX=00CF1974
:00401E1F
57 push
edi
:00401E20 E8EB020000 call
00402110
====>算法CALL!进入!
:00401E25
3BC5 cmp
eax, ebp
====>比较注册码!
====>EAX=0306A515(H)=50767125(D)
====>EBP=00CF1974(H)=13572468(D)
:00401E27
0F8587000000 jne 00401EB4
====>不跳则OVER!
:00401E2D
6803040000 push 00000403
:00401E32
8BCE mov
ecx, esi
:00401E34 E85CC10100 call
0041DF95
:00401E39 8BF8
mov edi, eax
:00401E3B 6A00
push 00000000
:00401E3D 8BCF
mov ecx, edi
:00401E3F
E853C30100 call 0041E197
:00401E44
8B1538124300 mov edx, dword ptr [00431238]
:00401E4A
89542410 mov dword ptr
[esp+10], edx
* Possible
Reference to String Resource ID=00014: "鑼?
|
:00401E4E 6A0E
push 0000000E
:00401E50 8D4C2414
lea ecx, dword ptr [esp+14]
:00401E54 C644242402
mov [esp+24], 02
:00401E59 E854C40100
call 0041E2B2
:00401E5E 8B442410
mov eax, dword ptr [esp+10]
:00401E62
8BCF mov
ecx, edi
:00401E64 50
push eax
:00401E65 E8EAC10100
call 0041E054
:00401E6A 6802040000
push 00000402
:00401E6F 8BCE
mov ecx, esi
:00401E71 E81FC10100
call 0041DF95
:00401E76 6A00
push 00000000
:00401E78
8BC8 mov
ecx, eax
:00401E7A E818C30100 call
0041E197
:00401E7F E89E050200 call
00422422
:00401E84 8B4004
mov eax, dword ptr [eax+04]
:00401E87 55
push ebp
*
Possible StringData Ref from Data Obj ->"RKey"
|
:00401E88 680C114300
push 0043110C
*
Possible StringData Ref from Data Obj ->"Settings"
|
:00401E8D 6800114300
push 00431100
:00401E92 8BC8
mov ecx, eax
:00401E94 E807ED0100
call 00420BA0
:00401E99 6AFF
push FFFFFFFF
:00401E9B
6A00 push
00000000
* Possible
Reference to String Resource ID=00012: ""`勮?戾:`袥魙??"
|
:00401E9D 6A0C
push 0000000C
:00401E9F E8E2EA0100
call 00420986
====>呵呵,胜利女神!
:00401EA4
8D4C2410 lea ecx, dword
ptr [esp+10]
:00401EA8 C644242001
mov [esp+20], 01
:00401EAD E8AF790100
call 00419861
:00401EB2 EB0B
jmp 00401EBF
*
Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00401DFC(C),
:00401E27(C)
|
:00401EB4 6AFF
push FFFFFFFF
:00401EB6 6A00
push 00000000
*
Possible Reference to String Resource ID=00013: "鑼?"
|
:00401EB8 6A0D
push 0000000D
:00401EBA E8C7EA0100
call 00420986
====>BAD BOY!
—————————————————————————————————
进入算法CALL:401E20 call 00402110
*
Referenced by a CALL at Addresses:
|:00401E20 , :0040207F
|
:00402110
8B442404 mov eax, dword
ptr [esp+04]
====>EAX=[esp+04]=16D39F0
:00402114
35E548B401 xor eax, 01B448E5
====>EAX=16D39F0 XOR 01B448E5=00D97115
:00402119
0500342D02 add eax, 022D3400
====>EAX=00D97115 + 022D3400=0306A515
呵呵,把0306A515(H)转换成10进制值50767125(D)就是注册码了!
:0040211E
7905 jns
00402125
:00402120 99
cdq
:00402121 33C2
xor eax, edx
:00402123 2BC2
sub eax, edx
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040211E(C)
|
:00402125
C20400 ret 0004
—————————————————————————————————
【算
法 总 结】:
机器码的16进制值异或01B448E5后再加上022D3400的结果的十进制值就是注册码了。
—————————————————————————————————
【C++ KeyGen】:
呵呵,刚看了几天的C++,偶然碰到了这个超级简单的算法。
呵呵,就用我这“超级蹩脚”的C++做
fly 的第二个算法注册机吧!诸位老师见笑了!
#include<iostream.h>
#include<math.h>
void
main()
{
int m;
cout<<"\n★★★★QuickSplit V1.0.3212 KeyGen{3th}★★★★\n\n\n\n";
cout<<"请输入机器码:";
cin >>m;
m^=0X01B448E5;
m+=0X022D3400;
cout<<"\n呵呵,注册码:"<<m<<endl;
cout<<"\n\n\nCracked
By 巢水工作坊——fly【OCN】 2003-4-4 18:44 编译";
cout<<"\n\n\n
* * * 按回车退出!* * *";cin.get();cin.get();
}
—————————————————————————————————
【KeyMake之内存注册机】:
中断地址:401E25
中断次数:1
第一字节:3B
指令长度:2
寄存器方式:EAX
十进制
试炼码必须超过1位!
—————————————————————————————————
【注册信息保存】:
同文件夹下的QuickSplit.ini文件中:
[Setting]
DestSize=1.400000
SizeType=2
CreateBatFile=1
[Settings]
RKey=50767125
—————————————————————————————————
【整 理】:
机器码:23935472
注册码:50767125
—————————————————————————————————
Cracked By
巢水工作坊——fly【OCN】
2003-4-4 18:44