【软件名称】:Melody V1.52
【软件大小】:495 KB
【软件类别】:国外软件 / 共享版 / 媒体播放
【加入时间】:2003-07-01 15:32:34
【开 发 商】:http://www.lighttek.com/
【软件简介】:Melody是一个可以用来播放WAV、MPEG (MP3)、MIDI、MOD、IT*、XM*、S3*、ME*、MPP、MDZ文件及音乐CD的多媒体播放程序。整体的操作介面非常类似文件管理软件,它是以目录切换的方式来直接呈现/播放所支持的文件类型(歌曲),所以在歌曲的播放控制上别有一种独特的风格。
【作 者】:cyclotron
【破解过程】:用Fi2.45检查,Delphi编写,无壳。于是用W32Dasm反汇编后查找错误信息,找到关键点如下:
:004472DB 53
push ebx
/* 在这里设断 */
:004472DC 56
push esi
:004472DD 8BD8
mov ebx, eax
:004472DF 33C0
xor eax, eax
:004472E1 55
push ebp
:004472E2 688B744400 push
0044748B
:004472E7 64FF30 push
dword ptr fs:[eax]
:004472EA 648920 mov
dword ptr fs:[eax], esp
:004472ED 8D55F4 lea
edx, dword ptr [ebp-0C]
:004472F0 8B83E0010000 mov eax, dword
ptr [ebx+000001E0]
:004472F6 E80D6FFDFF call
0041E208
/* 用户名是否为空? */
:004472FB 837DF400 cmp
dword ptr [ebp-0C], 00000000
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:004472B9(C)
|
:004472FF 0F845B010000 je 00447460
:00447305 8D55F0 lea
edx, dword ptr [ebp-10]
:00447308 8B83DC010000 mov eax, dword
ptr [ebx+000001DC]
:0044730E E8F56EFDFF call
0041E208
/* 试炼码是否为空? */
:00447313 837DF000 cmp
dword ptr [ebp-10], 00000000
:00447317 0F8443010000 je 00447460
:0044731D 8D55F4 lea
edx, dword ptr [ebp-0C]
/* edx取得试炼码地址 */
:00447320 8B83E0010000 mov eax, dword
ptr [ebx+000001E0]
:00447326 E8DD6EFDFF call
0041E208
/* 取试炼码长度 */
:0044732B 8B45F4 mov
eax, dword ptr [ebp-0C]
:0044732E E865FAFBFF call
00406D98
/* 将试炼码转为16进制 */
:00447333 8945EC mov
dword ptr [ebp-14], eax
:00447336 DB45EC fild
dword ptr [ebp-14]
:00447339 E88AB6FBFF call
004029C8
:0044733E 8945FC mov
dword ptr [ebp-04], eax
/* 存入局部变量[ebp-04] */
:00447341 8D55F8 lea
edx, dword ptr [ebp-08]
:00447344 8B83DC010000 mov eax, dword
ptr [ebx+000001DC]
:0044734A E8B96EFDFF call
0041E208
:0044734F 33F6
xor esi, esi
:00447351 8B45F8 mov
eax, dword ptr [ebp-08]
/* eax取得用户名地址 */
:00447354 E86BC8FBFF call
00403BC4
/* 取用户名长度 */
:00447359 85C0
test eax, eax
/* 是否大于0? */
:0044735B 7E13
jle 00447370
:0044735D BA01000000 mov edx,
00000001
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:0044736E(C)
|
:00447362 8B4DF8 mov
ecx, dword ptr [ebp-08]
:00447365 0FB64C11FF movzx
ecx, byte ptr [ecx+edx-01]
:0044736A 03F1
add esi, ecx
:0044736C 42
inc edx
:0044736D 48
dec eax
:0044736E 75F2
jne 00447362
/* esi取得用户名各位的ASCII和 */
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:0044735B(C)
|
:00447370 8975EC mov
dword ptr [ebp-14], esi
/* 存入局部变量[ebp-14] */
:00447373 DB45EC fild
dword ptr [ebp-14]
:00447376 E84DB6FBFF call
004029C8
:0044737B 8BD0
mov edx, eax
/* 取出前面的和送到edx */
:0044737D C1E007 shl
eax, 07
/* 逻辑左移7位 */
:00447380 03C2
add eax, edx
/* 与原值相加 */
:00447382 8BF0
mov esi, eax
/* 送esi */
:00447384 3B75FC cmp
esi, dword ptr [ebp-04]
/* 关键比较 */
:00447387 0F85C9000000 jne 00447456
/* 这里绝对不能跳 */
/* 下面的程序段处理注册信息在界面上的显示 */
:0044738D B201
mov dl, 01
:0044738F A128634400 mov eax,
dword ptr [00446328]
:00447394 E88BF0FFFF call
00446424
:00447399 8BF0
mov esi, eax
:0044739B B101
mov cl, 01
* Possible StringData Ref from
Code Obj ->"\software\Lighttek\Melody"
|
:0044739D BAA0744400 mov edx,
004474A0
:004473A2 8BC6
mov eax, esi
:004473A4 E873F1FFFF call
0044651C
:004473A9 8D55F4 lea
edx, dword ptr [ebp-0C]
:004473AC 8B83DC010000 mov eax, dword
ptr [ebx+000001DC]
:004473B2 E8516EFDFF call
0041E208
:004473B7 8B4DF4 mov
ecx, dword ptr [ebp-0C]
* Possible StringData Ref from
Code Obj ->"username"
|
:004473BA BAC4744400 mov edx,
004474C4
:004473BF 8BC6
mov eax, esi
:004473C1 E81AF3FFFF call
004466E0
:004473C6 8D55F4 lea
edx, dword ptr [ebp-0C]
:004473C9 8B83E0010000 mov eax, dword
ptr [ebx+000001E0]
:004473CF E8346EFDFF call
0041E208
:004473D4 8B45F4 mov
eax, dword ptr [ebp-0C]
:004473D7 E8BCF9FBFF call
00406D98
:004473DC 8945EC mov
dword ptr [ebp-14], eax
:004473DF DB45EC fild
dword ptr [ebp-14]
:004473E2 83C4F8 add
esp, FFFFFFF8
:004473E5 DD1C24 fstp
qword ptr [esp]
:004473E8 9B
wait
* Possible StringData Ref from
Code Obj ->"usercode"
|
:004473E9 BAD8744400 mov edx,
004474D8
:004473EE 8BC6
mov eax, esi
:004473F0 E81BF4FFFF call
00446810
:004473F5 8BC6
mov eax, esi
:004473F7 E88CF0FFFF call
00446488
:004473FC 8BC6
mov eax, esi
:004473FE E831BAFBFF call
00402E34
:00447403 8D55F4 lea
edx, dword ptr [ebp-0C]
:00447406 8B83DC010000 mov eax, dword
ptr [ebx+000001DC]
:0044740C E8F76DFDFF call
0041E208
:00447411 8B4DF4 mov
ecx, dword ptr [ebp-0C]
:00447414 8D45E8 lea
eax, dword ptr [ebp-18]
* Possible StringData Ref from
Code Obj ->"Registered for "
|
:00447417 BAEC744400 mov edx,
004474EC
:0044741C E8EFC7FBFF call
00403C10
:00447421 8B55E8 mov
edx, dword ptr [ebp-18]
:00447424 A110FE4400 mov eax,
dword ptr [0044FE10]
:00447429 8B00
mov eax, dword ptr [eax]
:0044742B 8B80A8020000 mov eax, dword
ptr [eax+000002A8]
:00447431 E8026EFDFF call
0041E238
:00447436 A110FE4400 mov eax,
dword ptr [0044FE10]
:0044743B 8B00
mov eax, dword ptr [eax]
:0044743D 8B80A4020000 mov eax, dword
ptr [eax+000002A4]
:00447443 33D2
xor edx, edx
:00447445 E81A6DFDFF call
0041E164
:0044744A A1B0074500 mov eax,
dword ptr [004507B0]
:0044744F E81C49FEFF call
0042BD70
:00447454 EB0A
jmp 00447460
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:00447387(C)
/* 注意这个关键跳转 */
|
* Possible StringData Ref from
Code Obj ->"Invalide registration name or "
->"code.
Try again."
|
:00447456 B804754400 mov eax,
00447504
:0044745B E8E000FFFF call
00437540
【整 理】:
用户名:cyclotron
注册码:127581
【注册信息保存】:
HKEY_CURRENT_USER\Software\lighttek\Melody\usecode
HKEY_CURRENT_USER\Software\lighttek\Melody\usename
【Turbo C 注册机】:
#include "stdio.h"
#include "string.h"
void main()
{unsigned long regcode=0,i;
char regname[30];
printf("\t***************************************************\n\n");
printf("\t\tKeyGen for Melody V1.52\n\t\t\tProduced by cyclotron\n\n");
printf("\t***************************************************\n\n");
do
printf("\n\tPlease input your Regname:");
while(!strlen(gets(regname)));
for(i=0;regname[i];i++)
regcode+=regname[i];
regcode+=regcode<<7;
printf("\n\tYour Regcode is:\t%ld\n",regcode);
printf("\n\tThank you for your use!\n");
getchar();
}
cyclotron
2003.7.1
特为纪念中国共产党诞生82周年而作