BT发动机 V4.5 超简单注册验证
破解人:Baby2008
日 期:2005.04.15
下载地址:http://www.soft4kids.com/cn/
-------------------------------------------------------------------------------------------------------------
00407B6C >/. 55 push ebp ; <-Tform_reg@button_okClick
00407B6D |. 8BEC mov ebp,esp
00407B6F |. 83C4 B8 add esp,-48
00407B72 |. 53 push ebx
00407B73 |. 56 push esi
00407B74 |. 57 push edi
00407B75 |. 8BD8 mov ebx,eax
00407B77 |. B8 44525300 mov eax,btengine.00535244
00407B7C >|. E8 43B91000 call btengine.005134C4 ; ->:TGlyphList._PROC_005134C4()
00407B81 |. 8BC3 mov eax,ebx
00407B83 |. E8 58020000 call btengine.00407DE0 ; 注册验证关键
00407B88 |. 84C0 test al,al
00407B8A |. 0F84 32020000 je btengine.00407DC2 ; 爆破点
00407B90 |. B2 01 mov dl,1
00407B92 |. A1 1C3A4900 mov eax,dword ptr ds:[493A1C]
00407B97 |. E8 80BF0800 call btengine.00493B1C
00407B9C |. 8BF0 mov esi,eax
00407B9E |. BA 01000080 mov edx,80000001
00407BA3 |. 8BC6 mov eax,esi
00407BA5 |. E8 1E601100 call btengine.0051DBC8 ; 以下代码保存注册信息
00407BAA |. 66:C745 C8 0800 mov word ptr ss:[ebp-38],8
00407BB0 |. BA 2A505300 mov edx,btengine.0053502A ; ASCII "Software\soft4kids\btengine"
-------------------------------------------------------------------------------------------------------------
关键Call btengine.00407DE0
-------------------------------------------------------------------------------------------------------------
00407DE0 /$ 55 push ebp
00407DE1 |. 8BEC mov ebp,esp
00407DE3 |. 83C4 C4 add esp,-3C
00407DE6 |. 53 push ebx
00407DE7 |. 56 push esi
00407DE8 |. 8BD8 mov ebx,eax
00407DEA |. 8D75 C4 lea esi,[local.15]
00407DED |. B8 14535300 mov eax,btengine.00535314
00407DF2 |. E8 CDB61000 call btengine.005134C4
00407DF7 |. 66:C746 10 0800 mov word ptr ds:[esi+10],8
00407DFD |. 33D2 xor edx,edx
00407DFF |. 33C9 xor ecx,ecx
00407E01 |. 8955 FC mov [local.1],edx
00407E04 |. 33C0 xor eax,eax
00407E06 |. FF46 1C inc dword ptr ds:[esi+1C]
00407E09 |. 8D55 F0 lea edx,[local.4]
00407E0C |. 66:C746 10 1400 mov word ptr ds:[esi+10],14
00407E12 |. 66:C746 10 2000 mov word ptr ds:[esi+10],20
00407E18 |. 894D F8 mov [local.2],ecx
00407E1B |. 33C9 xor ecx,ecx
00407E1D |. FF46 1C inc dword ptr ds:[esi+1C]
00407E20 |. 66:C746 10 1400 mov word ptr ds:[esi+10],14
00407E26 |. 66:C746 10 2C00 mov word ptr ds:[esi+10],2C
00407E2C |. 8945 F0 mov [local.4],eax
00407E2F |. 52 push edx
00407E30 |. FF46 1C inc dword ptr ds:[esi+1C]
00407E33 |. 894D F4 mov [local.3],ecx
00407E36 |. FF46 1C inc dword ptr ds:[esi+1C]
00407E39 |. 8D55 F4 lea edx,[local.3]
00407E3C |. 8B83 00030000 mov eax,dword ptr ds:[ebx+300]
00407E42 |. E8 C97E0E00 call btengine.004EFD10
00407E47 |. 8D45 F4 lea eax,[local.3] ; |
00407E4A |. B9 06000000 mov ecx,6 ; |
00407E4F |. BA 01000000 mov edx,1 ; |
00407E54 |. E8 93611100 call btengine.0051DFEC ; \btengine.0051DFEC
00407E59 |. 8D55 F0 lea edx,[local.4] ; 注册码1-6位
00407E5C |. 8D45 FC lea eax,[local.1]
00407E5F |. E8 805F1100 call btengine.0051DDE4
00407E64 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407E67 |. 8D45 F0 lea eax,[local.4]
00407E6A |. BA 02000000 mov edx,2
00407E6F |. E8 405F1100 call btengine.0051DDB4
00407E74 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407E77 |. 8D45 F4 lea eax,[local.3]
00407E7A |. BA 02000000 mov edx,2
00407E7F |. E8 305F1100 call btengine.0051DDB4
00407E84 |. 66:C746 10 3800 mov word ptr ds:[esi+10],38
00407E8A |. 33C9 xor ecx,ecx
00407E8C |. 8D45 E8 lea eax,[local.6]
00407E8F |. 894D E8 mov [local.6],ecx
00407E92 |. 50 push eax
00407E93 |. FF46 1C inc dword ptr ds:[esi+1C]
00407E96 |. 33D2 xor edx,edx
00407E98 |. 8955 EC mov [local.5],edx
00407E9B |. 8D55 EC lea edx,[local.5]
00407E9E |. FF46 1C inc dword ptr ds:[esi+1C]
00407EA1 |. 8B83 00030000 mov eax,dword ptr ds:[ebx+300]
00407EA7 |. E8 647E0E00 call btengine.004EFD10
00407EAC |. 8D45 EC lea eax,[local.5] ; |
00407EAF |. B9 06000000 mov ecx,6 ; |
00407EB4 |. BA 07000000 mov edx,7 ; |
00407EB9 |. E8 2E611100 call btengine.0051DFEC ; \btengine.0051DFEC
00407EBE |. 8D55 E8 lea edx,[local.6] ; 注册码第7-12位
00407EC1 |. 8D45 F8 lea eax,[local.2]
00407EC4 |. E8 1B5F1100 call btengine.0051DDE4
00407EC9 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407ECC |. 8D45 E8 lea eax,[local.6]
00407ECF |. BA 02000000 mov edx,2
00407ED4 |. E8 DB5E1100 call btengine.0051DDB4
00407ED9 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407EDC |. 8D45 EC lea eax,[local.5]
00407EDF |. BA 02000000 mov edx,2
00407EE4 |. E8 CB5E1100 call btengine.0051DDB4
00407EE9 |. 8B45 FC mov eax,[local.1] ; 注册码1-6位
00407EEC |. E8 F7FE0800 call btengine.00497DE8 ; StrToInt
00407EF1 |. 8BD8 mov ebx,eax ; EBX=StrToInt(注册码1-6位)
00407EF3 |. 8B45 F8 mov eax,[local.2] ; 注册码7-12位
00407EF6 |. E8 EDFE0800 call btengine.00497DE8 ; EAX=StrToInt(注册码7-12位)
00407EFB |. 03D8 add ebx,eax ; 相加
00407EFD |. 81FB 610A1600 cmp ebx,160A61 ; =$160A61
00407F03 |. 75 2F jnz short btengine.00407F34
00407F05 |. B0 01 mov al,1
00407F07 |. BA 02000000 mov edx,2
00407F0C |. 50 push eax
00407F0D |. 8D45 F8 lea eax,[local.2]
00407F10 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407F13 |. E8 9C5E1100 call btengine.0051DDB4
00407F18 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407F1B |. 8D45 FC lea eax,[local.1]
00407F1E |. BA 02000000 mov edx,2
00407F23 |. E8 8C5E1100 call btengine.0051DDB4
00407F28 |. 58 pop eax
00407F29 |. 8B16 mov edx,dword ptr ds:[esi]
00407F2B |. 64:8915 00000000 mov dword ptr fs:[0],edx
00407F32 |. EB 2D jmp short btengine.00407F61
00407F34 |> 33C0 xor eax,eax
00407F36 |. BA 02000000 mov edx,2
00407F3B |. 50 push eax
00407F3C |. 8D45 F8 lea eax,[local.2]
00407F3F |. FF4E 1C dec dword ptr ds:[esi+1C]
00407F42 |. E8 6D5E1100 call btengine.0051DDB4
00407F47 |. FF4E 1C dec dword ptr ds:[esi+1C]
00407F4A |. 8D45 FC lea eax,[local.1]
00407F4D |. BA 02000000 mov edx,2
00407F52 |. E8 5D5E1100 call btengine.0051DDB4
00407F57 |. 58 pop eax
00407F58 |. 8B16 mov edx,dword ptr ds:[esi]
00407F5A |. 64:8915 00000000 mov dword ptr fs:[0],edx
00407F61 |> 5E pop esi
00407F62 |. 5B pop ebx
00407F63 |. 8BE5 mov esp,ebp
00407F65 |. 5D pop ebp
00407F66 \. C3 retn
-------------------------------------------------------------------------------------------------------------
注册算法总结:
只要满足 StrToStr(注册码1-6位)+StrToStr(注册码7-12位)=$160A61 即可,用户名不参加注册计算。
(16进制)160A61=(十进制)1444449=800000+644449
一个可用的注册码:
用户名:Baby2008
注册码:800000644449
用BT下载的朋友可以试试,省30大洋的注册费!