【破文标题】Magic DVD Ripper 5.2.1 build 3
【破文作者】tianxj
【作者主页】www.chinapyg.com
【破解工具】PEiD,OD
【破解平台】Windows XP
【软件名称】Magic DVD Ripper 5.2.1 build 3(2008-2-5版)
【软件大小】2557KB
【原版下载】华军软件园
【保护方式】注册码
【软件简介】
Magic DVD Ripper 是一款DVD 电影抓取工具,支持 DVD to VCD,DVD to SVCD 转换,抓取后的DVD已经去除了区位码保护和MacroVision 保护,支持抓取或者转换完成后自动关机的功能,完整的支持市面上各种流行的DVD和VCD刻录机和盘片!
【破解声明】我是一只小菜鸟,偶得一点心得,愿与大家分享:)
初学Crack,只是感兴趣,没有其它目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------
【破解内容】
--------------------------------------------------------------
**************************************************************
一、运行程序,进行注册,输入错误的注册信息进行检测,有提示信息
"Register Code is not correct!Please copy and paste your user name and register code."
**************************************************************
二、用PEiD对这个软件查壳,为 Borland C++ 1999
**************************************************************
三、运行OD,打开MagicDVDRipper,右键超级字串参考查找ASCII.
发现"Register Code is not correct!Please copy and paste your user name and register code."有多处,分别下断。
0041EF18 . 55 push ebp 0041EF19 . 8BEC mov ebp,esp 0041EF1B . 83C4 AC add esp,-54 0041EF1E . 53 push ebx 0041EF1F . 56 push esi 0041EF20 . 57 push edi 0041EF21 . 8945 B8 mov dword ptr ss:[ebp-48],eax 0041EF24 . B8 2CDA5300 mov eax,MagicDVD.0053DA2C 0041EF29 . E8 46C10E00 call MagicDVD.0050B074 0041EF2E . 66:C745 CC 080>mov word ptr ss:[ebp-34],8 0041EF34 . 66:C745 CC 080>mov word ptr ss:[ebp-34],8 0041EF3A . 66:C745 CC 200>mov word ptr ss:[ebp-34],20 0041EF40 . 33C0 xor eax,eax 0041EF42 . 33F6 xor esi,esi 0041EF44 . 8945 F4 mov dword ptr ss:[ebp-C],eax 0041EF47 . 8D55 F4 lea edx,dword ptr ss:[ebp-C] 0041EF4A . FF45 D8 inc dword ptr ss:[ebp-28] 0041EF4D . 8B4D B8 mov ecx,dword ptr ss:[ebp-48] 0041EF50 . 8B81 F8020000 mov eax,dword ptr ds:[ecx+2F8] 0041EF56 . E8 99950B00 call MagicDVD.004D84F4 ; //将用户名长度送入EAX 0041EF5B . 8D45 F4 lea eax,dword ptr ss:[ebp-C] 0041EF5E . 8B00 mov eax,dword ptr ds:[eax] ; //将用户名送入EAX 0041EF60 . 33D2 xor edx,edx 0041EF62 . 8955 FC mov dword ptr ss:[ebp-4],edx 0041EF65 . 8D55 FC lea edx,dword ptr ss:[ebp-4] 0041EF68 . FF45 D8 inc dword ptr ss:[ebp-28] 0041EF6B . E8 00B50500 call MagicDVD.0047A470 0041EF70 . FF4D D8 dec dword ptr ss:[ebp-28] 0041EF73 . 8D45 F4 lea eax,dword ptr ss:[ebp-C] 0041EF76 . BA 02000000 mov edx,2 0041EF7B . E8 E0AC0F00 call MagicDVD.00519C60 0041EF80 . 66:C745 CC 140>mov word ptr ss:[ebp-34],14 0041EF86 . 837D FC 00 cmp dword ptr ss:[ebp-4],0 ; //将用户名与0比较 0041EF8A . 74 05 je short MagicDVD.0041EF91 ; //若相等则跳 0041EF8C . 8B45 FC mov eax,dword ptr ss:[ebp-4] ; //将用户名送入EAX 0041EF8F . EB 05 jmp short MagicDVD.0041EF96 0041EF91 > B8 A3D85300 mov eax,MagicDVD.0053D8A3 0041EF96 > 8945 B4 mov dword ptr ss:[ebp-4C],eax ; //将用户名送入[ebp-4C] 0041EF99 . 33FF xor edi,edi ; //将edi清零 0041EF9B . 8B45 B4 mov eax,dword ptr ss:[ebp-4C] ; //将用户名送入EAX 0041EF9E . 8BD8 mov ebx,eax ; //将用户名送入EBX 0041EFA0 . EB 08 jmp short MagicDVD.0041EFAA 0041EFA2 > 33C0 xor eax,eax ; //将eax清零 0041EFA4 . 8A03 mov al,byte ptr ds:[ebx] ; //将[ebx]ASCII码16进制送入AL 0041EFA6 . 03F0 add esi,eax ; //esi=esi+eax,esi初始值为0 0041EFA8 . 47 inc edi ; //edi+1 0041EFA9 . 43 inc ebx ; //ebx+1 0041EFAA > 8B55 B4 mov edx,dword ptr ss:[ebp-4C] ; //将用户名送入EDX 0041EFAD . 52 push edx 0041EFAE . E8 79BC0E00 call MagicDVD.0050AC2C 0041EFB3 . 59 pop ecx 0041EFB4 . 3BF8 cmp edi,eax ; //将edi与用户名长度比较 0041EFB6 .^ 72 EA jb short MagicDVD.0041EFA2 ; //若小于则跳 0041EFB8 . 81E6 FFFF0080 and esi,8000FFFF ; //将esi与8000FFFF作与运算 0041EFBE . 79 08 jns short MagicDVD.0041EFC8 0041EFC0 . 4E dec esi 0041EFC1 . 81CE 0000FFFF or esi,FFFF0000 0041EFC7 . 46 inc esi 0041EFC8 > 56 push esi ; /Arg3 0041EFC9 . 68 A4D85300 push MagicDVD.0053D8A4 ; |Arg2 = 0053D8A4 ASCII "%04X" 0041EFCE . 8D4D AC lea ecx,dword ptr ss:[ebp-54] ; | 0041EFD1 . 51 push ecx ; |Arg1 0041EFD2 . E8 11F70E00 call MagicDVD.0050E6E8 ; \//将esi转为字符串送入ECX 0041EFD7 . 66:C745 CC 2C0>mov word ptr ss:[ebp-34],2C 0041EFDD . 33C0 xor eax,eax 0041EFDF . 83C4 0C add esp,0C 0041EFE2 . 8945 F0 mov dword ptr ss:[ebp-10],eax 0041EFE5 . 8D55 F0 lea edx,dword ptr ss:[ebp-10] 0041EFE8 . FF45 D8 inc dword ptr ss:[ebp-28] 0041EFEB . 8B4D B8 mov ecx,dword ptr ss:[ebp-48] 0041EFEE . 8B81 FC020000 mov eax,dword ptr ds:[ecx+2FC] 0041EFF4 . E8 FB940B00 call MagicDVD.004D84F4 0041EFF9 . 8D45 F0 lea eax,dword ptr ss:[ebp-10] 0041EFFC . 8B00 mov eax,dword ptr ds:[eax] ; //将试练码送入EAX 0041EFFE . 33D2 xor edx,edx 0041F000 . 8955 EC mov dword ptr ss:[ebp-14],edx 0041F003 . 8D55 EC lea edx,dword ptr ss:[ebp-14] 0041F006 . FF45 D8 inc dword ptr ss:[ebp-28] 0041F009 . E8 62B40500 call MagicDVD.0047A470 0041F00E . 8D45 EC lea eax,dword ptr ss:[ebp-14] 0041F011 . 33C9 xor ecx,ecx 0041F013 . 894D F8 mov dword ptr ss:[ebp-8],ecx 0041F016 . 8D55 F8 lea edx,dword ptr ss:[ebp-8] 0041F019 . FF45 D8 inc dword ptr ss:[ebp-28] 0041F01C . E8 FFAE0F00 call MagicDVD.00519F20 0041F021 . FF4D D8 dec dword ptr ss:[ebp-28] 0041F024 . 8D45 EC lea eax,dword ptr ss:[ebp-14] 0041F027 . BA 02000000 mov edx,2 0041F02C . E8 2FAC0F00 call MagicDVD.00519C60 0041F031 . FF4D D8 dec dword ptr ss:[ebp-28] 0041F034 . 8D45 F0 lea eax,dword ptr ss:[ebp-10] 0041F037 . BA 02000000 mov edx,2 0041F03C . E8 1FAC0F00 call MagicDVD.00519C60 0041F041 . 66:C745 CC 140>mov word ptr ss:[ebp-34],14 0041F047 . 837D F8 00 cmp dword ptr ss:[ebp-8],0 ; //将试练码与0比较 0041F04B . 74 05 je short MagicDVD.0041F052 ; //若相等则跳 0041F04D . 8B75 F8 mov esi,dword ptr ss:[ebp-8] ; //将试练码送入esi 0041F050 . EB 05 jmp short MagicDVD.0041F057 0041F052 > BE A9D85300 mov esi,MagicDVD.0053D8A9 0041F057 > 33FF xor edi,edi 0041F059 . 8BDE mov ebx,esi ; //将试练码送入ebx 0041F05B . EB 12 jmp short MagicDVD.0041F06F 0041F05D > 0FBE03 movsx eax,byte ptr ds:[ebx] ; //依次将试练码ASCII码16进制送入eax 0041F060 . 83F8 6F cmp eax,6F ; //将eax与6F即"o"比较 0041F063 . 74 05 je short MagicDVD.0041F06A ; //若相等则跳 0041F065 . 83F8 4F cmp eax,4F ; //将eax与6F即"0"比较 0041F068 . 75 03 jnz short MagicDVD.0041F06D ; //若不相等则跳 0041F06A > C603 30 mov byte ptr ds:[ebx],30 ; //将30即"0"送入[ebx] 0041F06D > 47 inc edi ; //edi+1 0041F06E . 43 inc ebx ; //ebx+1 0041F06F > 56 push esi 0041F070 . E8 B7BB0E00 call MagicDVD.0050AC2C 0041F075 . 59 pop ecx 0041F076 . 3BF8 cmp edi,eax ; //将edi与eax比较 0041F078 .^ 72 E3 jb short MagicDVD.0041F05D ; //若小与等于则跳 0041F07A . 66:C745 CC 380>mov word ptr ss:[ebp-34],38 0041F080 . 8D45 E8 lea eax,dword ptr ss:[ebp-18] 0041F083 . 8BD6 mov edx,esi 0041F085 . E8 7EAA0F00 call MagicDVD.00519B08 0041F08A . FF45 D8 inc dword ptr ss:[ebp-28] 0041F08D . 8B10 mov edx,dword ptr ds:[eax] 0041F08F . 8B45 B8 mov eax,dword ptr ss:[ebp-48] 0041F092 . 8B80 FC020000 mov eax,dword ptr ds:[eax+2FC] 0041F098 . E8 87940B00 call MagicDVD.004D8524 0041F09D . FF4D D8 dec dword ptr ss:[ebp-28] 0041F0A0 . 8D45 E8 lea eax,dword ptr ss:[ebp-18] 0041F0A3 . BA 02000000 mov edx,2 0041F0A8 . E8 B3AB0F00 call MagicDVD.00519C60 0041F0AD . 8A4E 05 mov cl,byte ptr ds:[esi+5] ; //将试练码第6位ASCII码16进制送入cl 0041F0B0 . 3A4D AC cmp cl,byte ptr ss:[ebp-54] ; //将试练码第6位与新字符串的第1位比较 0041F0B3 . 75 26 jnz short MagicDVD.0041F0DB ; //若不相等则跳 0041F0B5 . 8A46 04 mov al,byte ptr ds:[esi+4] ; //将试练码第5位ASCII码16进制送入al 0041F0B8 . 3A45 AD cmp al,byte ptr ss:[ebp-53] ; //将试练码第5位与新字符串的第2位比较 0041F0BB . 75 1E jnz short MagicDVD.0041F0DB ; //若不相等则跳 0041F0BD . 8A56 12 mov dl,byte ptr ds:[esi+12] ; //将试练码第19位ASCII码16进制送入dl 0041F0C0 . 3A55 AE cmp dl,byte ptr ss:[ebp-52] ; //将试练码第19位与新字符串的第3位比较 0041F0C3 . 75 16 jnz short MagicDVD.0041F0DB ; //若不相等则跳 0041F0C5 . 8A0E mov cl,byte ptr ds:[esi] ; //将试练码第1位ASCII码16进制送入cl 0041F0C7 . 3A4D AF cmp cl,byte ptr ss:[ebp-51] ; //将试练码第1位与新字符串的第4位比较 0041F0CA . 75 0F jnz short MagicDVD.0041F0DB ; //若不相等则跳 0041F0CC . 8B45 B8 mov eax,dword ptr ss:[ebp-48] 0041F0CF . C780 4C020000 >mov dword ptr ds:[eax+24C],1 0041F0D9 . EB 3E jmp short MagicDVD.0041F119 0041F0DB > 66:C745 CC 440>mov word ptr ss:[ebp-34],44 0041F0E1 . BA AAD85300 mov edx,MagicDVD.0053D8AA ; ASCII "Register Code is not correct!Please copy and paste your user name and register code." 0041F0E6 . 8D45 E4 lea eax,dword ptr ss:[ebp-1C] 0041F0E9 . E8 1AAA0F00 call MagicDVD.00519B08 0041F0EE . FF45 D8 inc dword ptr ss:[ebp-28] 0041F0F1 . 8B00 mov eax,dword ptr ds:[eax] 0041F0F3 . E8 40390B00 call MagicDVD.004D2A38 0041F0F8 . FF4D D8 dec dword ptr ss:[ebp-28] 0041F0FB . 8D45 E4 lea eax,dword ptr ss:[ebp-1C] 0041F0FE . BA 02000000 mov edx,2 0041F103 . E8 58AB0F00 call MagicDVD.00519C60 0041F108 . 8B4D B8 mov ecx,dword ptr ss:[ebp-48] 0041F10B . 8B81 FC020000 mov eax,dword ptr ds:[ecx+2FC] 0041F111 . 8B10 mov edx,dword ptr ds:[eax] 0041F113 . FF92 C0000000 call dword ptr ds:[edx+C0] 0041F119 > FF4D D8 dec dword ptr ss:[ebp-28] 0041F11C . 8D45 F8 lea eax,dword ptr ss:[ebp-8] 0041F11F . BA 02000000 mov edx,2 0041F124 . E8 37AB0F00 call MagicDVD.00519C60 0041F129 . FF4D D8 dec dword ptr ss:[ebp-28] 0041F12C . 8D45 FC lea eax,dword ptr ss:[ebp-4] 0041F12F . BA 02000000 mov edx,2 0041F134 . E8 27AB0F00 call MagicDVD.00519C60 0041F139 . 66:C745 CC 080>mov word ptr ss:[ebp-34],8 0041F13F . 66:C745 CC 000>mov word ptr ss:[ebp-34],0 0041F145 . EB 49 jmp short MagicDVD.0041F190 0041F147 . 66:C745 CC 500>mov word ptr ss:[ebp-34],50 0041F14D . BA 01D95300 mov edx,MagicDVD.0053D901 ; ASCII "Register Code is not correct!Please copy and paste your user name and register code." 0041F152 . 8D45 E0 lea eax,dword ptr ss:[ebp-20] 0041F155 . E8 AEA90F00 call MagicDVD.00519B08 0041F15A . FF45 D8 inc dword ptr ss:[ebp-28] 0041F15D . 8B00 mov eax,dword ptr ds:[eax] 0041F15F . E8 D4380B00 call MagicDVD.004D2A38 0041F164 . FF4D D8 dec dword ptr ss:[ebp-28] 0041F167 . 8D45 E0 lea eax,dword ptr ss:[ebp-20] 0041F16A . BA 02000000 mov edx,2 0041F16F . E8 ECAA0F00 call MagicDVD.00519C60 0041F174 . 8B4D B8 mov ecx,dword ptr ss:[ebp-48] 0041F177 . 8B81 FC020000 mov eax,dword ptr ds:[ecx+2FC] 0041F17D . 8B10 mov edx,dword ptr ds:[eax] 0041F17F . FF92 C0000000 call dword ptr ds:[edx+C0] 0041F185 . 66:C745 CC 100>mov word ptr ss:[ebp-34],10 0041F18B . E8 B2790F00 call MagicDVD.00516B42 0041F190 > 8B4D BC mov ecx,dword ptr ss:[ebp-44] 0041F193 . 64:890D 000000>mov dword ptr fs:[0],ecx 0041F19A . 5F pop edi 0041F19B . 5E pop esi 0041F19C . 5B pop ebx 0041F19D . 8BE5 mov esp,ebp 0041F19F . 5D pop ebp 0041F1A0 . C3 retn
【破解总结】
--------------------------------------------------------------
【算法总结】
用户名各字符ASCII码16进制累加,转为字符串形式,将注册码第1、第5、第6、第19位分别与字符串的第4、第2、第1、第3位比较,若相等则
注册成功
--------------------------------------------------------------
【算法注册机】
(略)
--------------------------------------------------------------
【注册信息】
用户名:abcdef
注册码:58882088888888888858
呵呵,过年了送个靓号 ^_^
-------------------------------------------------------------
感谢飘云老大、猫老大、Nisy老大以及很多前辈们的学习教程以及所有帮助过我的论坛兄弟姐妹们!谢谢
--------------------------------------------------------------
【版权声明】破文是学习的手记,兴趣是成功的源泉;本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!