下载页面:
http://www.skycn.com/soft/9373.html
软件大小:
6951 KB
软件语言: 简体中文
软件类别: 国产软件 / 共享版 / 行政管理
应用平台: Win9x/NT/2000/XP
加入时间:
2003-03-10 10:08:30
下载次数: 9165
推荐等级: ****
开 发 商: http://lqohero.51.net/
【软件简介】: 管得多2003是一款集数据库、文件管理、数据浏览一身的傻瓜式通用型信息管理软件。它用途广泛,操作简便,将信息进行树型目录分类是该软件的一大特色。管理内容可以根据需要自行定义,查询方便快捷,信息输入速度极快。数据分析所见即得。并内置有职工档案管理系统、工资管理系统、学生档案管理系统,学生成绩管理系统、客户关系管理系统、固定资产管理系统、商品信息管理系统、图书管理系统、源程序片断管理系统、文件管理系统等多套系统。
【软件限制】:60次试用
【作者声明】:初学Crack,只是感兴趣,没有其它目的。失误之处敬请诸位大侠赐教!
【破解工具】:TRW2000娃娃修改版、Ollydbg1.09、PEiD、W32Dasm 9.0白金版
—————————————————————————————————
【过 程】:
呵呵,想找一款好用的软件来管理我曾经“研究”过的程序的资料,托朋友从
天空 上寻觅,谁知找了好几个也没有如意的。今天朋友又拿来这个东东给我,顺手CRACK,虽然用不上,也算不枉费朋友的一番功夫呀。^O^^O^
BrightEYE.exe
无壳,Delphi 6.0 编写。如今不加壳的软件少见了。
软件分2个版本:标准版+网络版 无任何限制;个人版 数据不能超过500行,目录不能超过3层。
这个Delphi的东东用TRW下万能断点,PMODULE返回程序领空后F12七次就到核心了。
用户号:85KA089DJ012SL
试炼码:13572468
—————————————————————————————————
:00606286
E819DCE4FF call 00453EA4
====>来到这里
:0060628B
8B55FC mov edx,
dword ptr [ebp-04]
====>EDX=13572468
:0060628E
8BC3 mov
eax, ebx
:00606290 E823000000 call
006062B8
====>F10走过这里就出来错误提示了!进入!
:00606295
33C0 xor
eax, eax
:00606297 5A
pop edx
:00606298 59
pop ecx
:00606299 59
pop ecx
:0060629A
648910 mov dword
ptr fs:[eax], edx
:0060629D 68B2626000
push 006062B2
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:006062B0(U)
|
:006062A2
8D45FC lea eax,
dword ptr [ebp-04]
:006062A5 E8E2E9DFFF
call 00404C8C
:006062AA C3
ret
—————————————————————————————————
进入关键CALL:00606290 call 006062B8
*
Referenced by a CALL at Address:
|:00606290
|
:006062B8 55
push ebp
:006062B9
8BEC mov
ebp, esp
:006062BB 83C4F0
add esp, FFFFFFF0
:006062BE 53
push ebx
:006062BF 56
push esi
:006062C0
57 push
edi
:006062C1 33C9
xor ecx, ecx
:006062C3 894DF0
mov dword ptr [ebp-10], ecx
:006062C6 8955FC
mov dword ptr [ebp-04],
edx
:006062C9 8B45FC
mov eax, dword ptr [ebp-04]
====>EAX=13572468
:006062CC
E85BEEDFFF call 0040512C
:006062D1
33C0 xor
eax, eax
:006062D3 55
push ebp
:006062D4 686E646000
push 0060646E
:006062D9 64FF30
push dword ptr fs:[eax]
:006062DC 648920
mov dword ptr fs:[eax],
esp
:006062DF A104216100 mov
eax, dword ptr [00612104]
:006062E4 E8AF9AF7FF
call 0057FD98
====>标准版+网络版算法CALL!
:006062E9
8945F4 mov dword
ptr [ebp-0C], eax
====>[ebp-0C]=06672F18
注册码的16进制值
:006062EC
33C0 xor
eax, eax
:006062EE 55
push ebp
:006062EF 680E636000
push 0060630E
:006062F4 64FF30
push dword ptr fs:[eax]
:006062F7 648920
mov dword ptr fs:[eax],
esp
:006062FA 8B45FC
mov eax, dword ptr [ebp-04]
====>EAX=13572468
试炼码
:006062FD
E8323BE0FF call 00409E34
====>将13572468转化成16进制值表示
:00606302
8BD8 mov
ebx, eax
====>EBX=00CF1974(H)=13572468(D)
:00606304
33C0 xor
eax, eax
:00606306 5A
pop edx
:00606307 59
pop ecx
:00606308 59
pop ecx
:00606309
648910 mov dword
ptr fs:[eax], edx
:0060630C EB0D
jmp 0060631B
:0060630E E90DE0DFFF
jmp 00404320
:00606313 83CBFF
or ebx, FFFFFFFF
:00606316
E831E4DFFF call 0040474C
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0060630C(U)
|
:0060631B
33C0 xor
eax, eax
:0060631D 8945F8
mov dword ptr [ebp-08], eax
:00606320 8B45FC
mov eax, dword ptr [ebp-04]
====>EAX=13572468 试炼码
*
Possible StringData Ref from Code Obj ->"liyunhong3398"
|
:00606323 BA84646000
mov edx, 00606484
====>EDX=liyunhong3398
个人版注册码
:00606328 E85BEDDFFF
call 00405088
====>比较 个人版 注册码!
:0060632D
7507 jne
00606336
====>不跳则 个人版 注册成功!
:0060632F C745F801000000 mov [ebp-08], 00000001
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0060632D(C)
|
:00606336
837DF800 cmp dword ptr
[ebp-08], 00000000
:0060633A 7509
jne 00606345
:0060633C 3B5DF4
cmp ebx, dword ptr [ebp-0C]
====>比较 标准版+网络版 注册码!
====>EBX=00CF1974
====>[ebp-0C]=06672F18
:0060633F
0F8501010000 jne 00606446
====>不跳则 标准版+网络版 注册成功!
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0060633A(C)
|
:00606345
C745F801000000 mov [ebp-08], 00000001
:0060634C
E8DF5CE0FF call 0040C030
:00606351
83C4F8 add esp,
FFFFFFF8
:00606354 DD1C24
fstp qword ptr [esp]
:00606357 9B
wait
:00606358 8D45F0
lea eax, dword ptr [ebp-10]
:0060635B
E8206AE0FF call 0040CD80
:00606360
8B55F0 mov edx,
dword ptr [ebp-10]
:00606363 8D45F8
lea eax, dword ptr [ebp-08]
:00606366 E8AD67F7FF
call 0057CB18
:0060636B A1D01E6100
mov eax, dword ptr [00611ED0]
:00606370
C70001000000 mov dword ptr [eax], 00000001
:00606376
A1481B6100 mov eax, dword ptr
[00611B48]
:0060637B 8B00
mov eax, dword ptr [eax]
:0060637D 8B8014030000
mov eax, dword ptr [eax+00000314]
:00606383
E844E0EBFF call 004C43CC
:00606388
84C0 test
al, al
:0060638A 7512
jne 0060639E
:0060638C A1481B6100
mov eax, dword ptr [00611B48]
:00606391 8B00
mov eax, dword ptr [eax]
:00606393
8B8014030000 mov eax, dword ptr [eax+00000314]
:00606399
E8E2DEEBFF call 004C4280
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0060638A(C)
|
:0060639E
A1481B6100 mov eax, dword ptr
[00611B48]
:006063A3 8B00
mov eax, dword ptr [eax]
:006063A5 8B8014030000
mov eax, dword ptr [eax+00000314]
:006063AB
E81405ECFF call 004C68C4
:006063B0
A1481B6100 mov eax, dword ptr
[00611B48]
:006063B5 8B00
mov eax, dword ptr [eax]
:006063B7 8B8014030000
mov eax, dword ptr [eax+00000314]
:006063BD
E89A08ECFF call 004C6C5C
:006063C2
A1481B6100 mov eax, dword ptr
[00611B48]
:006063C7 8B00
mov eax, dword ptr [eax]
:006063C9 8B8014030000
mov eax, dword ptr [eax+00000314]
*
Possible StringData Ref from Code Obj ->"cisu"
|
:006063CF BA9C646000
mov edx, 0060649C
:006063D4 E85BF1EBFF
call 004C5534
:006063D9 BABFF1FFFF
mov edx, FFFFF1BF
:006063DE 8B08
mov ecx, dword ptr [eax]
:006063E0
FF91A8000000 call dword ptr [ecx+000000A8]
:006063E6
A1481B6100 mov eax, dword ptr
[00611B48]
:006063EB 8B00
mov eax, dword ptr [eax]
:006063ED 8B8014030000
mov eax, dword ptr [eax+00000314]
*
Possible StringData Ref from Code Obj ->"Zuce"
====>保存注册信息!
:006063F3
BAAC646000 mov edx, 006064AC
:006063F8
E837F1EBFF call 004C5534
:006063FD
B201 mov
dl, 01
:006063FF 8B08
mov ecx, dword ptr [eax]
:00606401 FF9194000000
call dword ptr [ecx+00000094]
:00606407 A1481B6100
mov eax, dword ptr [00611B48]
:0060640C
8B00 mov
eax, dword ptr [eax]
:0060640E 8B8014030000
mov eax, dword ptr [eax+00000314]
:00606414 8B10
mov edx, dword ptr [eax]
:00606416
FF9248020000 call dword ptr [edx+00000248]
:0060641C
A1481B6100 mov eax, dword ptr
[00611B48]
:00606421 8B00
mov eax, dword ptr [eax]
:00606423 8B8014030000
mov eax, dword ptr [eax+00000314]
:00606429
E85EDEEBFF call 004C428C
*
Possible StringData Ref from Code Obj ->"注册成功!请重启本软件!"
====>呵呵,胜利女神!
:0060642E
B8BC646000 mov eax, 006064BC
:00606433
E88460E4FF call 0044C4BC
:00606438
A1D4216100 mov eax, dword ptr
[006121D4]
:0060643D 8B00
mov eax, dword ptr [eax]
:0060643F E8A8AEE6FF
call 004712EC
:00606444 EB0A
jmp 00606450
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0060633F(C)
|
*
Possible StringData Ref from Code Obj ->"无效注册码!"
====>BAD BOY!
:00606446
B8E0646000 mov eax, 006064E0
:0060644B
E86C60E4FF call 0044C4BC
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00606444(U)
|
:00606450
33C0 xor
eax, eax
:00606452 5A
pop edx
:00606453 59
pop ecx
:00606454 59
pop ecx
:00606455
648910 mov dword
ptr fs:[eax], edx
:00606458 6875646000
push 00606475
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00606473(U)
|
:0060645D
8D45F0 lea eax,
dword ptr [ebp-10]
:00606460 E827E8DFFF
call 00404C8C
:00606465 8D45FC
lea eax, dword ptr [ebp-04]
:00606468 E81FE8DFFF
call 00404C8C
:0060646D C3
ret
—————————————————————————————————
进入算法CALL:006062E4 call 0057FD98
*
Referenced by a CALL at Address:
|:006062E4
|
:0057FD98 55
push ebp
:0057FD99
8BEC mov
ebp, esp
:0057FD9B 33C9
xor ecx, ecx
:0057FD9D 51
push ecx
:0057FD9E 51
push ecx
:0057FD9F 51
push
ecx
:0057FDA0 51
push ecx
:0057FDA1 51
push ecx
:0057FDA2 51
push ecx
:0057FDA3 51
push
ecx
:0057FDA4 53
push ebx
:0057FDA5 56
push esi
:0057FDA6 57
push edi
:0057FDA7 8BD8
mov ebx,
eax
:0057FDA9 33C0
xor eax, eax
:0057FDAB 55
push ebp
:0057FDAC 68A9005800
push 005800A9
:0057FDB1 64FF30
push dword ptr fs:[eax]
:0057FDB4
648920 mov dword
ptr fs:[eax], esp
:0057FDB7 8D45EC
lea eax, dword ptr [ebp-14]
:0057FDBA 8B13
mov edx, dword ptr [ebx]
====>EDX=85KA089DJ012SL 用户号
:0057FDBC
E8634FE8FF call 00404D24
:0057FDC1
8D45F8 lea eax,
dword ptr [ebp-08]
:0057FDC4 E8C34EE8FF
call 00404C8C
:0057FDC9 8B45EC
mov eax, dword ptr [ebp-14]
:0057FDCC E87351E8FF
call 00404F44
====>取用户号长度
:0057FDD1
8BD8 mov
ebx, eax
====>EBX=EAX=C
:0057FDD3
85DB test
ebx, ebx
:0057FDD5 0F8ED2000000 jle
0057FEAD
:0057FDDB BE01000000 mov
esi, 00000001
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:0057FEA7(C)
|
:0057FDE0
8D45FC lea eax,
dword ptr [ebp-04]
:0057FDE3 50
push eax
:0057FDE4 B901000000
mov ecx, 00000001
:0057FDE9 8BD6
mov edx, esi
:0057FDEB 8B45EC
mov eax, dword ptr
[ebp-14]
:0057FDEE E8A953E8FF call
0040519C
:0057FDF3 8B45FC
mov eax, dword ptr [ebp-04]
:0057FDF6 BAC4005800
mov edx, 005800C4
:0057FDFB E88852E8FF
call 00405088
:0057FE00 0F8487000000
je 0057FE8D
:0057FE06 8B45FC
mov eax, dword ptr [ebp-04]
:0057FE09
BAD0005800 mov edx, 005800D0
:0057FE0E
E87552E8FF call 00405088
:0057FE13
7478 je 0057FE8D
:0057FE15
8B45FC mov eax,
dword ptr [ebp-04]
:0057FE18 BADC005800
mov edx, 005800DC
:0057FE1D E86652E8FF
call 00405088
:0057FE22 7469
je 0057FE8D
:0057FE24 8B45FC
mov eax, dword ptr [ebp-04]
:0057FE27
BAE8005800 mov edx, 005800E8
:0057FE2C
E85752E8FF call 00405088
:0057FE31
745A je 0057FE8D
:0057FE33
8B45FC mov eax,
dword ptr [ebp-04]
:0057FE36 BAE8005800
mov edx, 005800E8
:0057FE3B E84852E8FF
call 00405088
:0057FE40 744B
je 0057FE8D
:0057FE42 8B45FC
mov eax, dword ptr [ebp-04]
:0057FE45
BAF4005800 mov edx, 005800F4
:0057FE4A
E83952E8FF call 00405088
:0057FE4F
743C je 0057FE8D
:0057FE51
8B45FC mov eax,
dword ptr [ebp-04]
:0057FE54 BA00015800
mov edx, 00580100
:0057FE59 E82A52E8FF
call 00405088
:0057FE5E 742D
je 0057FE8D
:0057FE60 8B45FC
mov eax, dword ptr [ebp-04]
:0057FE63
BA0C015800 mov edx, 0058010C
:0057FE68
E81B52E8FF call 00405088
:0057FE6D
741E je 0057FE8D
:0057FE6F
8B45FC mov eax,
dword ptr [ebp-04]
:0057FE72 BA18015800
mov edx, 00580118
:0057FE77 E80C52E8FF
call 00405088
:0057FE7C 740F
je 0057FE8D
:0057FE7E 8B45FC
mov eax, dword ptr [ebp-04]
:0057FE81
BA24015800 mov edx, 00580124
:0057FE86
E8FD51E8FF call 00405088
:0057FE8B
7518 jne
0057FEA5
* Referenced
by a (U)nconditional or (C)onditional Jump at Addresses:
|:0057FE00(C), :0057FE13(C),
:0057FE22(C), :0057FE31(C), :0057FE40(C)
|:0057FE4F(C), :0057FE5E(C), :0057FE6D(C),
:0057FE7C(C)
|
:0057FE8D 8D45F8
lea eax, dword ptr [ebp-08]
:0057FE90 8B55FC
mov edx, dword ptr [ebp-04]
:0057FE93
E8B450E8FF call 00404F4C
:0057FE98
8B45F8 mov eax,
dword ptr [ebp-08]
:0057FE9B E8A450E8FF
call 00404F44
:0057FEA0 83F806
cmp eax, 00000006
:0057FEA3 7408
je 0057FEAD
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0057FE8B(C)
|
:0057FEA5
46 inc
esi
:0057FEA6 4B
dec ebx
:0057FEA7 0F8533FFFFFF
jne 0057FDE0
====>呵呵,这循环其实是正序取用户号中大于0的数字!
*
Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0057FDD5(C),
:0057FEA3(C)
|
:0057FEAD 837DF800
cmp dword ptr [ebp-08], 00000000
====>[ebp-08]=858912
:0057FEB1
740C je 0057FEBF
:0057FEB3
8B45F8 mov eax,
dword ptr [ebp-08]
====>EAX=[ebp-08]=858912
:0057FEB6
E8799FE8FF call 00409E34
====>取858912的16进制值
:0057FEBB
8BF8 mov
edi, eax
====>EDI=000D1B20(H)=858912(D)
:0057FEBD EB05 jmp 0057FEC4
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:0057FEB1(C)
|
:0057FEBF
BFB19C0800 mov edi, 00089CB1
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0057FEBD(U)
|
:0057FEC4
8D45FC lea eax,
dword ptr [ebp-04]
:0057FEC7 E8C04DE8FF
call 00404C8C
:0057FECC 8B45F8
mov eax, dword ptr [ebp-08]
:0057FECF E87050E8FF
call 00404F44
:0057FED4 8BD8
mov ebx,
eax
:0057FED6 4B
dec ebx
:0057FED7 85DB
test ebx, ebx
:0057FED9 7C2F
jl 0057FF0A
:0057FEDB 43
inc ebx
:0057FEDC
33F6 xor
esi, esi
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:0057FF08(C)
|
:0057FEDE
8D45E8 lea eax,
dword ptr [ebp-18]
:0057FEE1 50
push eax
:0057FEE2 8B45F8
mov eax, dword ptr [ebp-08]
:0057FEE5 E85A50E8FF
call 00404F44
:0057FEEA 8BD0
mov edx,
eax
:0057FEEC 2BD6
sub edx, esi
:0057FEEE B901000000
mov ecx, 00000001
:0057FEF3 8B45F8
mov eax, dword ptr [ebp-08]
:0057FEF6
E8A152E8FF call 0040519C
:0057FEFB
8B55E8 mov edx,
dword ptr [ebp-18]
:0057FEFE 8D45FC
lea eax, dword ptr [ebp-04]
:0057FF01 E84650E8FF
call 00404F4C
:0057FF06 46
inc esi
:0057FF07
4B dec
ebx
:0057FF08 75D4
jne 0057FEDE
====>这个循环把858912倒序排列!
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0057FED9(C)
|
:0057FF0A
8B45FC mov eax,
dword ptr [ebp-04]
====>EAX=219858
:0057FF0D
E8229FE8FF call 00409E34
====>取219858的16进制值
:0057FF12
8945F0 mov dword
ptr [ebp-10], eax
====>[ebp-10]=00035AD2(H)=219858(D)
:0057FF15
8D45F8 lea eax,
dword ptr [ebp-08]
:0057FF18 E86F4DE8FF
call 00404C8C
:0057FF1D 8B45EC
mov eax, dword ptr [ebp-14]
:0057FF20 E81F50E8FF
call 00404F44
:0057FF25 8BD8
mov ebx,
eax
:0057FF27 85DB
test ebx, ebx
:0057FF29 0F8CDA000000
jl 00580009
:0057FF2F 43
inc ebx
:0057FF30 33F6
xor esi, esi
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00580003(C)
|
:0057FF32
8D45FC lea eax,
dword ptr [ebp-04]
:0057FF35 50
push eax
:0057FF36 8B45EC
mov eax, dword ptr [ebp-14]
:0057FF39 E80650E8FF
call 00404F44
:0057FF3E 8BD0
mov edx,
eax
:0057FF40 2BD6
sub edx, esi
:0057FF42 B901000000
mov ecx, 00000001
:0057FF47 8B45EC
mov eax, dword ptr [ebp-14]
:0057FF4A
E84D52E8FF call 0040519C
:0057FF4F
8B45FC mov eax,
dword ptr [ebp-04]
:0057FF52 BAC4005800
mov edx, 005800C4
:0057FF57 E82C51E8FF
call 00405088
:0057FF5C 0F8487000000
je 0057FFE9
:0057FF62 8B45FC
mov eax, dword ptr [ebp-04]
:0057FF65 BAD0005800
mov edx, 005800D0
:0057FF6A
E81951E8FF call 00405088
:0057FF6F
7478 je 0057FFE9
:0057FF71
8B45FC mov eax,
dword ptr [ebp-04]
:0057FF74 BADC005800
mov edx, 005800DC
:0057FF79 E80A51E8FF
call 00405088
:0057FF7E 7469
je 0057FFE9
:0057FF80 8B45FC
mov eax, dword ptr [ebp-04]
:0057FF83
BAE8005800 mov edx, 005800E8
:0057FF88
E8FB50E8FF call 00405088
:0057FF8D
745A je 0057FFE9
:0057FF8F
8B45FC mov eax,
dword ptr [ebp-04]
:0057FF92 BAE8005800
mov edx, 005800E8
:0057FF97 E8EC50E8FF
call 00405088
:0057FF9C 744B
je 0057FFE9
:0057FF9E 8B45FC
mov eax, dword ptr [ebp-04]
:0057FFA1
BAF4005800 mov edx, 005800F4
:0057FFA6
E8DD50E8FF call 00405088
:0057FFAB
743C je 0057FFE9
:0057FFAD
8B45FC mov eax,
dword ptr [ebp-04]
:0057FFB0 BA00015800
mov edx, 00580100
:0057FFB5 E8CE50E8FF
call 00405088
:0057FFBA 742D
je 0057FFE9
:0057FFBC 8B45FC
mov eax, dword ptr [ebp-04]
:0057FFBF
BA0C015800 mov edx, 0058010C
:0057FFC4
E8BF50E8FF call 00405088
:0057FFC9
741E je 0057FFE9
:0057FFCB
8B45FC mov eax,
dword ptr [ebp-04]
:0057FFCE BA18015800
mov edx, 00580118
:0057FFD3 E8B050E8FF
call 00405088
:0057FFD8 740F
je 0057FFE9
:0057FFDA 8B45FC
mov eax, dword ptr [ebp-04]
:0057FFDD
BA24015800 mov edx, 00580124
:0057FFE2
E8A150E8FF call 00405088
:0057FFE7
7518 jne
00580001
* Referenced
by a (U)nconditional or (C)onditional Jump at Addresses:
|:0057FF5C(C), :0057FF6F(C),
:0057FF7E(C), :0057FF8D(C), :0057FF9C(C)
|:0057FFAB(C), :0057FFBA(C), :0057FFC9(C),
:0057FFD8(C)
|
:0057FFE9 8D45F8
lea eax, dword ptr [ebp-08]
:0057FFEC 8B55FC
mov edx, dword ptr [ebp-04]
:0057FFEF
E8584FE8FF call 00404F4C
:0057FFF4
8B45F8 mov eax,
dword ptr [ebp-08]
:0057FFF7 E8484FE8FF
call 00404F44
:0057FFFC 83F806
cmp eax, 00000006
:0057FFFF 7408
je 00580009
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0057FFE7(C)
|
:00580001
46 inc
esi
:00580002 4B
dec ebx
:00580003 0F8529FFFFFF
jne 0057FF32
====>呵呵,这循环其实是倒序取用户号中大于0的数字!
*
Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0057FF29(C),
:0057FFFF(C)
|
:00580009 837DF800
cmp dword ptr [ebp-08], 00000000
:0058000D 740D
je 0058001C
:0058000F
8B45F8 mov eax,
dword ptr [ebp-08]
====>EAX=[ebp-08]=219858
:00580012
E81D9EE8FF call 00409E34
====>取219858的16进制值
:00580017
8945F4 mov dword
ptr [ebp-0C], eax
====>[ebp-0C]=00035AD2(H)=219858(D)
:0058001A EB07 jmp 00580023
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:0058000D(C)
|
:0058001C
C745F4D89B0A00 mov [ebp-0C], 000A9BD8
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0058001A(U)
|
:00580023
8D45FC lea eax,
dword ptr [ebp-04]
:00580026 E8614CE8FF
call 00404C8C
:0058002B 8B45F8
mov eax, dword ptr [ebp-08]
:0058002E E8114FE8FF
call 00404F44
:00580033 8BD8
mov ebx,
eax
:00580035 4B
dec ebx
:00580036 85DB
test ebx, ebx
:00580038 7C2F
jl 00580069
:0058003A 43
inc ebx
:0058003B
33F6 xor
esi, esi
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:00580067(C)
|
:0058003D
8D45E4 lea eax,
dword ptr [ebp-1C]
:00580040 50
push eax
:00580041 8B45F8
mov eax, dword ptr [ebp-08]
:00580044 E8FB4EE8FF
call 00404F44
:00580049 8BD0
mov edx,
eax
:0058004B 2BD6
sub edx, esi
:0058004D B901000000
mov ecx, 00000001
:00580052 8B45F8
mov eax, dword ptr [ebp-08]
:00580055
E84251E8FF call 0040519C
:0058005A
8B55E4 mov edx,
dword ptr [ebp-1C]
:0058005D 8D45FC
lea eax, dword ptr [ebp-04]
:00580060 E8E74EE8FF
call 00404F4C
:00580065 46
inc esi
:00580066
4B dec
ebx
:00580067 75D4
jne 0058003D
====>这个循环把219858倒序排列!晕,为什么重复。
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00580038(C)
|
:00580069
8B45FC mov eax,
dword ptr [ebp-04]
====>EAX=858921
:0058006C
E8C39DE8FF call 00409E34
====>取858912的16进制值=000D1B20
:00580071
6BF779 imul esi,
edi, 00000079
====>ESI=000D1B20 *
79=0631D220
:00580074
6B55F40B imul edx, dword
ptr [ebp-0C], 0000000B
====>EDX=00035AD2
* 0B=0024E706
:00580078
03F2 add
esi, edx
====>ESI=0631D220 + 0024E706=0656B926
:0058007A
0375F0 add esi,
dword ptr [ebp-10]
====>ESI=0656B926
+ 00035AD2=065A13F8
:0058007D
03F0 add
esi, eax
====>ESI=065A13F8 + 000D1B20=06672F18
====>06672F18的10进制值107425560就是我的注册码了!
:0058007F
8BDE mov
ebx, esi
:00580081 33C0
xor eax, eax
:00580083 5A
pop edx
:00580084 59
pop ecx
:00580085 59
pop
ecx
:00580086 648910
mov dword ptr fs:[eax], edx
:00580089 68B0005800
push 005800B0
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005800AE(U)
|
:0058008E
8D45E4 lea eax,
dword ptr [ebp-1C]
:00580091 BA03000000
mov edx, 00000003
:00580096 E8154CE8FF
call 00404CB0
:0058009B 8D45F8
lea eax, dword ptr [ebp-08]
:0058009E BA02000000
mov edx, 00000002
:005800A3
E8084CE8FF call 00404CB0
:005800A8
C3 ret
—————————————————————————————————
【算
法 总 结】:
一、个人版:注册码固定为liyunhong3398
二、标准版+网络版:算法乍看有点麻烦,其实挺简单。
1、正序取用户号85KA089DJ012SL中大于0的数字:858912(D)=000D1B20(H)
2、倒序取用户号85KA089DJ012SL中大于0的数字:219858(D)=00035AD2(H)
3、000D1B20
* 79=0631D220
4、00035AD2 * 0B=0024E706
5、0631D220 + 0024E706=0656B926
6、0656B926
+ 00035AD2 + 000D1B20=06672F18
06672F18的10进制值107425560就是我的注册码了!
—————————————————————————————————
【完 美 爆 破】:
0060633F
0F8501010000 jne 00606446
改为:
909090909090 NOP掉
(标准版+网络版)
—————————————————————————————————
【KeyMake之{76th}内存注册机】:
中断地址:006062E9
中断次数:1
第一字节:89
指令长度:3
寄存器方式:EAX
十进制
—————————————————————————————————
【注册信息保存】:
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\ODBC\ODBC.INI\PublicProDataBase]
"UseNumber"=dword:00000002
"Date"="03-4-30"
—————————————————————————————————
【整 理】:
用户号:85KA089DJ012SL
注册码:107425560
—————————————————————————————————
, _/
/| _.-~/
\_ , 青春都一饷
( /~ / \~-._
|\
`\\ _/
\ ~\ ) 忍把浮名
_-~~~-.) )__/;;,. \_ //'
/'_,\ --~ \ ~~~- ,;;\___( (.-~~~-.
换了破解轻狂
`~ _( ,_..--\ ( ,;'' /
~-- /._`\
/~~//' /' `~\
) /--.._, )_ `~
" `~" "
`" /~'`\ `\\~~\
"
" "~' ""
Cracked By 巢水工作坊——fly [OCN][FCG]
2003-04-30 14:16