【破文标题】Farsight Calculator 2.8算法分析
【破文作者】tianxj
【作者邮箱】tianxj_2007@126.com
【作者主页】WwW.ChiNaPYG.CoM
【破解工具】PEiD,OD
【破解平台】Windows XP sp2
【软件名称】Farsight Calculator 2.8
【软件大小】1907KB
【软件类别】国外软件/理科工具
【软件授权】共享版
【软件语言】英文
【运行环境】Win9x/Me/NT/2000/XP/2003
【更新时间】2008-11-18
【原版下载】华军软件园
【保护方式】注册码
【软件简介】一个易于使用的计算器,可让您储存您的计算过程作为一个程序,并执行算术运算,超过100种的功能,包括代数,三角,双曲,日期,统计,金融等此外farsight计算器包含了一套功能强大的工具,如“财务盒” , “日期计算” , “单位转换”等。
【破解声明】我是一只小菜鸟,偶得一点心得,愿与大家分享:)
--------------------------------------------------------------
【破解内容】
--------------------------------------------------------------
**************************************************************
一、运行程序,进行注册,输入错误的注册信息进行检测,有提示信息
"Invalid Registered User or Key!"
**************************************************************
二、用PEiD对FarsightCalc.exe查壳,为 Borland Delphi 6.0 - 7.0
**************************************************************
三、运行OD,打开FarsightCalc.exe,用DeDe查找按钮事件
==============================================================
00609F5C . 55 PUSH EBP 00609F5D . 8BEC MOV EBP, ESP 00609F5F . 6A 00 PUSH 0 00609F61 . 6A 00 PUSH 0 00609F63 . 53 PUSH EBX 00609F64 . 8BD8 MOV EBX, EAX 00609F66 . 33C0 XOR EAX, EAX 00609F68 . 55 PUSH EBP 00609F69 . 68 DC9F6000 PUSH Farsight.00609FDC 00609F6E . 64:FF30 PUSH DWORD PTR FS:[EAX] 00609F71 . 64:8920 MOV DWORD PTR FS:[EAX], ESP 00609F74 . 8D55 FC LEA EDX, DWORD PTR [EBP-4] 00609F77 . 8B83 00030000 MOV EAX, DWORD PTR [EBX+300] 00609F7D . E8 269BEBFF CALL Farsight.004C3AA8 00609F82 . 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //试练码 00609F85 . 50 PUSH EAX 00609F86 . 8D55 F8 LEA EDX, DWORD PTR [EBP-8] 00609F89 . 8B83 FC020000 MOV EAX, DWORD PTR [EBX+2FC] 00609F8F . E8 149BEBFF CALL Farsight.004C3AA8 00609F94 . 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //用户名 00609F97 . 5A POP EDX ; //试练码 00609F98 . E8 EBEEFFFF CALL Farsight.00608E88 ; //关键CALL 00609F9D . 84C0 TEST AL, AL 00609F9F . 75 20 JNZ SHORT Farsight.00609FC1 ; //关键跳转 00609FA1 . 6A 00 PUSH 0 00609FA3 . B9 E89F6000 MOV ECX, Farsight.00609FE8 00609FA8 . BA EC9F6000 MOV EDX, Farsight.00609FEC ; ASCII "Invalid Registered User or Key!" 00609FAD . A1 84866100 MOV EAX, DWORD PTR [618684] 00609FB2 8B DB 8B 00609FB3 . 00E8 ADD AL, CH 00609FB5 . 0B47 E8 OR EAX, DWORD PTR [EDI-18] 00609FB8 . FF33 PUSH DWORD PTR [EBX] 00609FBA . C089 834C0200>ROR BYTE PTR [ECX+24C83], 0 ; 位移常数超出 1..31 的范围 00609FC1 > 33C0 XOR EAX, EAX 00609FC3 . 5A POP EDX 00609FC4 . 59 POP ECX 00609FC5 . 59 POP ECX 00609FC6 . 64:8910 MOV DWORD PTR FS:[EAX], EDX 00609FC9 . 68 E39F6000 PUSH Farsight.00609FE3 00609FCE > 8D45 F8 LEA EAX, DWORD PTR [EBP-8] 00609FD1 . BA 02000000 MOV EDX, 2 00609FD6 . E8 C1AEDFFF CALL Farsight.00404E9C 00609FDB . C3 RETN 00609FDC .^ E9 0FA7DFFF JMP Farsight.004046F0 00609FE1 .^ EB EB JMP SHORT Farsight.00609FCE 00609FE3 . 5B POP EBX 00609FE4 . 59 POP ECX 00609FE5 . 59 POP ECX 00609FE6 . 5D POP EBP 00609FE7 . C3 RETN ============================================================== 00608E88 $ 55 PUSH EBP 00608E89 . 8BEC MOV EBP, ESP 00608E8B . 83C4 F0 ADD ESP, -10 00608E8E . 53 PUSH EBX 00608E8F . 56 PUSH ESI 00608E90 . 57 PUSH EDI 00608E91 . 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608E94 . 8945 FC MOV DWORD PTR [EBP-4], EAX 00608E97 . 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E9A . E8 89C4DFFF CALL Farsight.00405328 00608E9F . 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608EA2 . E8 81C4DFFF CALL Farsight.00405328 00608EA7 . 33C0 XOR EAX, EAX 00608EA9 . 55 PUSH EBP 00608EAA . 68 888F6000 PUSH Farsight.00608F88 00608EAF . 64:FF30 PUSH DWORD PTR FS:[EAX] 00608EB2 . 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608EB5 . C645 F7 00 MOV BYTE PTR [EBP-9], 0 00608EB9 . 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608EBC . 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608EBF . E8 F4FEFFFF CALL Farsight.00608DB8 ; //关键CALL 00608EC4 . 84C0 TEST AL, AL 00608EC6 . 0F84 A1000000 JE Farsight.00608F6D ; //关键跳转 00608ECC . 33C0 XOR EAX, EAX 00608ECE . 55 PUSH EBP 00608ECF . 68 638F6000 PUSH Farsight.00608F63 00608ED4 . 64:FF30 PUSH DWORD PTR FS:[EAX] 00608ED7 . 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608EDA . B9 3F000F00 MOV ECX, 0F003F 00608EDF . B2 01 MOV DL, 1 00608EE1 . A1 E82C4400 MOV EAX, DWORD PTR [442CE8] 00608EE6 . E8 419FE3FF CALL Farsight.00442E2C 00608EEB . 8945 F0 MOV DWORD PTR [EBP-10], EAX 00608EEE . 33C0 XOR EAX, EAX 00608EF0 . 55 PUSH EBP 00608EF1 . 68 528F6000 PUSH Farsight.00608F52 00608EF6 . 64:FF30 PUSH DWORD PTR FS:[EAX] 00608EF9 . 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608EFC . BA 01000080 MOV EDX, 80000001 00608F01 . 8B45 F0 MOV EAX, DWORD PTR [EBP-10] 00608F04 . E8 BB9FE3FF CALL Farsight.00442EC4 00608F09 . B1 01 MOV CL, 1 00608F0B . BA A48F6000 MOV EDX, Farsight.00608FA4 ; ASCII "SOFTWARE\farsightsoft\FarsightCalc" 00608F10 . 8B45 F0 MOV EAX, DWORD PTR [EBP-10] 00608F13 . E8 10A0E3FF CALL Farsight.00442F28 00608F18 . 8B4D FC MOV ECX, DWORD PTR [EBP-4] 00608F1B . BA D08F6000 MOV EDX, Farsight.00608FD0 ; ASCII "UserName" 00608F20 . 8B45 F0 MOV EAX, DWORD PTR [EBP-10] 00608F23 . E8 74A3E3FF CALL Farsight.0044329C 00608F28 . 8B4D F8 MOV ECX, DWORD PTR [EBP-8] 00608F2B . BA E48F6000 MOV EDX, Farsight.00608FE4 ; ASCII "Sn" 00608F30 . 8B45 F0 MOV EAX, DWORD PTR [EBP-10] 00608F33 . E8 64A3E3FF CALL Farsight.0044329C 00608F38 . C645 F7 01 MOV BYTE PTR [EBP-9], 1 00608F3C . 33C0 XOR EAX, EAX 00608F3E . 5A POP EDX 00608F3F . 59 POP ECX 00608F40 . 59 POP ECX 00608F41 . 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608F44 . 68 598F6000 PUSH Farsight.00608F59 00608F49 > 8B45 F0 MOV EAX, DWORD PTR [EBP-10] 00608F4C . E8 F7AFDFFF CALL Farsight.00403F48 00608F51 . C3 RETN 00608F52 .^ E9 99B7DFFF JMP Farsight.004046F0 00608F57 .^ EB F0 JMP SHORT Farsight.00608F49 00608F59 . 33C0 XOR EAX, EAX 00608F5B . 5A POP EDX 00608F5C . 59 POP ECX 00608F5D . 59 POP ECX 00608F5E . 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608F61 . EB 0A JMP SHORT Farsight.00608F6D 00608F63 .^ E9 D4B4DFFF JMP Farsight.0040443C 00608F68 . E8 FBB8DFFF CALL Farsight.00404868 00608F6D > 33C0 XOR EAX, EAX 00608F6F . 5A POP EDX 00608F70 . 59 POP ECX 00608F71 . 59 POP ECX 00608F72 . 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608F75 . 68 8F8F6000 PUSH Farsight.00608F8F 00608F7A > 8D45 F8 LEA EAX, DWORD PTR [EBP-8] 00608F7D . BA 02000000 MOV EDX, 2 00608F82 . E8 15BFDFFF CALL Farsight.00404E9C 00608F87 . C3 RETN 00608F88 .^ E9 63B7DFFF JMP Farsight.004046F0 00608F8D .^ EB EB JMP SHORT Farsight.00608F7A 00608F8F . 8A45 F7 MOV AL, BYTE PTR [EBP-9] 00608F92 . 5F POP EDI 00608F93 . 5E POP ESI 00608F94 . 5B POP EBX 00608F95 . 8BE5 MOV ESP, EBP 00608F97 . 5D POP EBP 00608F98 . C3 RETN ============================================================== 00608DB8 /$ 55 PUSH EBP 00608DB9 |. 8BEC MOV EBP, ESP 00608DBB |. 83C4 F4 ADD ESP, -0C 00608DBE |. 53 PUSH EBX 00608DBF |. 33C9 XOR ECX, ECX 00608DC1 |. 894D F4 MOV DWORD PTR [EBP-C], ECX 00608DC4 |. 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608DC7 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608DCA |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608DCD |. E8 56C5DFFF CALL Farsight.00405328 00608DD2 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608DD5 |. E8 4EC5DFFF CALL Farsight.00405328 00608DDA |. 33C0 XOR EAX, EAX 00608DDC |. 55 PUSH EBP 00608DDD |. 68 7A8E6000 PUSH Farsight.00608E7A 00608DE2 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608DE5 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608DE8 |. 33DB XOR EBX, EBX 00608DEA |. 8D55 F4 LEA EDX, DWORD PTR [EBP-C] 00608DED |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608DF0 |. E8 9F0AE0FF CALL Farsight.00409894 00608DF5 |. 837D F4 00 CMP DWORD PTR [EBP-C], 0 00608DF9 |. 74 64 JE SHORT Farsight.00608E5F ; //注册码为空则跳 00608DFB |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608DFE |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E01 |. E8 FEFBFFFF CALL Farsight.00608A04 ; //关键CALL1 00608E06 |. 84C0 TEST AL, AL 00608E08 |. 74 04 JE SHORT Farsight.00608E0E ; //关键跳转 00608E0A |. 33DB XOR EBX, EBX 00608E0C |. EB 51 JMP SHORT Farsight.00608E5F 00608E0E |> 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608E11 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E14 |. E8 27F7FFFF CALL Farsight.00608540 ; //关键CALL2 00608E19 |. 84C0 TEST AL, AL 00608E1B |. 74 04 JE SHORT Farsight.00608E21 ; //关键跳转 00608E1D |. B3 01 MOV BL, 1 00608E1F |. EB 3E JMP SHORT Farsight.00608E5F 00608E21 |> 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608E24 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E27 |. E8 C8FCFFFF CALL Farsight.00608AF4 ; //关键CALL3 00608E2C |. 84C0 TEST AL, AL 00608E2E |. 74 2F JE SHORT Farsight.00608E5F ; //关键跳转 00608E30 |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608E33 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E36 |. E8 65FDFFFF CALL Farsight.00608BA0 ; //关键CALL4 00608E3B |. 84C0 TEST AL, AL 00608E3D |. 74 20 JE SHORT Farsight.00608E5F ; //关键跳转 00608E3F |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608E42 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E45 |. E8 0AFEFFFF CALL Farsight.00608C54 ; //关键CALL5 00608E4A |. 84C0 TEST AL, AL 00608E4C |. 74 11 JE SHORT Farsight.00608E5F ; //关键跳转 00608E4E |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608E51 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608E54 |. E8 ABFEFFFF CALL Farsight.00608D04 ; //关键CALL6 00608E59 |. 84C0 TEST AL, AL 00608E5B |. 74 02 JE SHORT Farsight.00608E5F ; //关键跳转 00608E5D |. B3 01 MOV BL, 1 00608E5F |> 33C0 XOR EAX, EAX 00608E61 |. 5A POP EDX 00608E62 |. 59 POP ECX 00608E63 |. 59 POP ECX 00608E64 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608E67 |. 68 818E6000 PUSH Farsight.00608E81 00608E6C |> 8D45 F4 LEA EAX, DWORD PTR [EBP-C] 00608E6F |. BA 03000000 MOV EDX, 3 00608E74 |. E8 23C0DFFF CALL Farsight.00404E9C 00608E79 \. C3 RETN 00608E7A .^ E9 71B8DFFF JMP Farsight.004046F0 00608E7F .^ EB EB JMP SHORT Farsight.00608E6C 00608E81 . 8BC3 MOV EAX, EBX 00608E83 . 5B POP EBX 00608E84 . 8BE5 MOV ESP, EBP 00608E86 . 5D POP EBP 00608E87 . C3 RETN ============================================================== 00608A04 /$ 55 PUSH EBP 00608A05 |. 8BEC MOV EBP, ESP 00608A07 |. 83C4 DC ADD ESP, -24 00608A0A |. 53 PUSH EBX 00608A0B |. 33C9 XOR ECX, ECX 00608A0D |. 894D E0 MOV DWORD PTR [EBP-20], ECX 00608A10 |. 894D DC MOV DWORD PTR [EBP-24], ECX 00608A13 |. 894D E4 MOV DWORD PTR [EBP-1C], ECX 00608A16 |. 894D F8 MOV DWORD PTR [EBP-8], ECX 00608A19 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608A1C |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608A1F |. E8 04C9DFFF CALL Farsight.00405328 00608A24 |. 33C0 XOR EAX, EAX 00608A26 |. 55 PUSH EBP 00608A27 |. 68 AD8A6000 PUSH Farsight.00608AAD 00608A2C |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608A2F |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608A32 |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 00608A35 |. B9 C48A6000 MOV ECX, Farsight.00608AC4 ; ASCII "pb" 00608A3A |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608A3D |. E8 42C7DFFF CALL Farsight.00405184 ; //将用户名与"pb"相连 00608A42 |. 8B45 E4 MOV EAX, DWORD PTR [EBP-1C] ; //相连字符串 00608A45 |. 8D55 E8 LEA EDX, DWORD PTR [EBP-18] 00608A48 |. E8 9BF9FFFF CALL Farsight.006083E8 ; //标准MD5运算 00608A4D |. 8D45 E8 LEA EAX, DWORD PTR [EBP-18] 00608A50 |. 8D55 F8 LEA EDX, DWORD PTR [EBP-8] 00608A53 |. E8 04FAFFFF CALL Farsight.0060845C 00608A58 |. 8D55 E0 LEA EDX, DWORD PTR [EBP-20] 00608A5B |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //相连字符串MD5_32值小写 00608A5E |. E8 B90BE0FF CALL Farsight.0040961C ; //MD5值转大写 00608A63 |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //MD5值大写 00608A66 |. 50 PUSH EAX 00608A67 |. 8D55 DC LEA EDX, DWORD PTR [EBP-24] 00608A6A |. B8 D08A6000 MOV EAX, Farsight.00608AD0 ; ASCII "56f9c69b5ad4bfd656c8dec9c6228223" 00608A6F |. E8 A80BE0FF CALL Farsight.0040961C ; //"56f9c69b5ad4bfd656c8dec9c6228223"转大写 00608A74 |. 8B55 DC MOV EDX, DWORD PTR [EBP-24] ; //"56f9c69b5ad4bfd656c8dec9c6228223"大写 00608A77 |. 58 POP EAX ; //MD5值大写 00608A78 |. E8 07C8DFFF CALL Farsight.00405284 ; //比较 00608A7D |. 75 04 JNZ SHORT Farsight.00608A83 ; //关键跳转 00608A7F |. B3 01 MOV BL, 1 00608A81 |. EB 02 JMP SHORT Farsight.00608A85 00608A83 |> 33DB XOR EBX, EBX 00608A85 |> 33C0 XOR EAX, EAX 00608A87 |. 5A POP EDX 00608A88 |. 59 POP ECX 00608A89 |. 59 POP ECX 00608A8A |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608A8D |. 68 B48A6000 PUSH Farsight.00608AB4 00608A92 |> 8D45 DC LEA EAX, DWORD PTR [EBP-24] 00608A95 |. BA 03000000 MOV EDX, 3 00608A9A |. E8 FDC3DFFF CALL Farsight.00404E9C 00608A9F |. 8D45 F8 LEA EAX, DWORD PTR [EBP-8] 00608AA2 |. BA 02000000 MOV EDX, 2 00608AA7 |. E8 F0C3DFFF CALL Farsight.00404E9C 00608AAC \. C3 RETN 00608AAD .^ E9 3EBCDFFF JMP Farsight.004046F0 00608AB2 .^ EB DE JMP SHORT Farsight.00608A92 00608AB4 . 8BC3 MOV EAX, EBX 00608AB6 . 5B POP EBX 00608AB7 . 8BE5 MOV ESP, EBP 00608AB9 . 5D POP EBP 00608ABA . C3 RETN ============================================================== 00608540 /$ 55 PUSH EBP 00608541 |. 8BEC MOV EBP, ESP 00608543 |. B9 0F000000 MOV ECX, 0F 00608548 |> 6A 00 /PUSH 0 0060854A |. 6A 00 |PUSH 0 0060854C |. 49 |DEC ECX 0060854D |.^ 75 F9 \JNZ SHORT Farsight.00608548 0060854F |. 51 PUSH ECX 00608550 |. 53 PUSH EBX 00608551 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608554 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608557 |. E8 CCCDDFFF CALL Farsight.00405328 0060855C |. 33C0 XOR EAX, EAX 0060855E |. 55 PUSH EBP 0060855F |. 68 D9876000 PUSH Farsight.006087D9 00608564 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608567 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 0060856A |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 0060856D |. B9 F0876000 MOV ECX, Farsight.006087F0 ; ASCII "tq" 00608572 |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608575 |. E8 0ACCDFFF CALL Farsight.00405184 ; //将用户名与"tq"相连 0060857A |. 8B45 E4 MOV EAX, DWORD PTR [EBP-1C] ; //相连字符串 0060857D |. 8D55 E8 LEA EDX, DWORD PTR [EBP-18] 00608580 |. E8 63FEFFFF CALL Farsight.006083E8 ; //标准MD5运算 00608585 |. 8D45 E8 LEA EAX, DWORD PTR [EBP-18] 00608588 |. 8D55 F8 LEA EDX, DWORD PTR [EBP-8] 0060858B |. E8 CCFEFFFF CALL Farsight.0060845C 00608590 |. 8D55 E0 LEA EDX, DWORD PTR [EBP-20] 00608593 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //相连字符串MD5_32值小写 00608596 |. E8 8110E0FF CALL Farsight.0040961C ; //MD5值转大写 0060859B |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //MD5值大写 0060859E |. 50 PUSH EAX 0060859F |. 8D55 DC LEA EDX, DWORD PTR [EBP-24] 006085A2 |. B8 FC876000 MOV EAX, Farsight.006087FC ; ASCII "35e2233a9cbbd40e0da83ca5c185f975" 006085A7 |. E8 7010E0FF CALL Farsight.0040961C ; //"35e2233a9cbbd40e0da83ca5c185f975"转大写 006085AC |. 8B55 DC MOV EDX, DWORD PTR [EBP-24] ; //"35e2233a9cbbd40e0da83ca5c185f975"大写 006085AF |. 58 POP EAX ; //MD5值大写 006085B0 |. E8 CFCCDFFF CALL Farsight.00405284 ; //比较 006085B5 |. 75 07 JNZ SHORT Farsight.006085BE ; //关键跳转 006085B7 |. B3 01 MOV BL, 1 006085B9 |. E9 F3010000 JMP Farsight.006087B1 006085BE |> 8D55 D8 LEA EDX, DWORD PTR [EBP-28] 006085C1 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 006085C4 |. E8 5310E0FF CALL Farsight.0040961C 006085C9 |. 8B45 D8 MOV EAX, DWORD PTR [EBP-28] 006085CC |. 50 PUSH EAX 006085CD |. 8D55 D4 LEA EDX, DWORD PTR [EBP-2C] 006085D0 |. B8 28886000 MOV EAX, Farsight.00608828 ; ASCII "f115d581f549c82370d3225ecb083c33" 006085D5 |. E8 4210E0FF CALL Farsight.0040961C 006085DA |. 8B55 D4 MOV EDX, DWORD PTR [EBP-2C] 006085DD |. 58 POP EAX 006085DE |. E8 A1CCDFFF CALL Farsight.00405284 006085E3 |. 75 07 JNZ SHORT Farsight.006085EC 006085E5 |. B3 01 MOV BL, 1 006085E7 |. E9 C5010000 JMP Farsight.006087B1 006085EC |> 8D55 D0 LEA EDX, DWORD PTR [EBP-30] 006085EF |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 006085F2 |. E8 2510E0FF CALL Farsight.0040961C 006085F7 |. 8B45 D0 MOV EAX, DWORD PTR [EBP-30] 006085FA |. 50 PUSH EAX 006085FB |. 8D55 CC LEA EDX, DWORD PTR [EBP-34] 006085FE |. B8 54886000 MOV EAX, Farsight.00608854 ; ASCII "0ee7e7d913e291d1286c24190509120e" 00608603 |. E8 1410E0FF CALL Farsight.0040961C 00608608 |. 8B55 CC MOV EDX, DWORD PTR [EBP-34] 0060860B |. 58 POP EAX 0060860C |. E8 73CCDFFF CALL Farsight.00405284 00608611 |. 75 07 JNZ SHORT Farsight.0060861A 00608613 |. B3 01 MOV BL, 1 00608615 |. E9 97010000 JMP Farsight.006087B1 0060861A |> 8D55 C8 LEA EDX, DWORD PTR [EBP-38] 0060861D |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 00608620 |. E8 F70FE0FF CALL Farsight.0040961C 00608625 |. 8B45 C8 MOV EAX, DWORD PTR [EBP-38] 00608628 |. 50 PUSH EAX 00608629 |. 8D55 C4 LEA EDX, DWORD PTR [EBP-3C] 0060862C |. B8 80886000 MOV EAX, Farsight.00608880 ; ASCII "3bfa2682f416c4c3fccc711fe0dc8cee" 00608631 |. E8 E60FE0FF CALL Farsight.0040961C 00608636 |. 8B55 C4 MOV EDX, DWORD PTR [EBP-3C] 00608639 |. 58 POP EAX 0060863A |. E8 45CCDFFF CALL Farsight.00405284 0060863F |. 75 07 JNZ SHORT Farsight.00608648 00608641 |. B3 01 MOV BL, 1 00608643 |. E9 69010000 JMP Farsight.006087B1 00608648 |> 8D55 C0 LEA EDX, DWORD PTR [EBP-40] 0060864B |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 0060864E |. E8 C90FE0FF CALL Farsight.0040961C 00608653 |. 8B45 C0 MOV EAX, DWORD PTR [EBP-40] 00608656 |. 50 PUSH EAX 00608657 |. 8D55 BC LEA EDX, DWORD PTR [EBP-44] 0060865A |. B8 AC886000 MOV EAX, Farsight.006088AC ; ASCII "506f33b54388fee67d3774826ba03791" 0060865F |. E8 B80FE0FF CALL Farsight.0040961C 00608664 |. 8B55 BC MOV EDX, DWORD PTR [EBP-44] 00608667 |. 58 POP EAX 00608668 |. E8 17CCDFFF CALL Farsight.00405284 0060866D |. 75 07 JNZ SHORT Farsight.00608676 0060866F |. B3 01 MOV BL, 1 00608671 |. E9 3B010000 JMP Farsight.006087B1 00608676 |> 8D55 B8 LEA EDX, DWORD PTR [EBP-48] 00608679 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 0060867C |. E8 9B0FE0FF CALL Farsight.0040961C 00608681 |. 8B45 B8 MOV EAX, DWORD PTR [EBP-48] 00608684 |. 50 PUSH EAX 00608685 |. 8D55 B4 LEA EDX, DWORD PTR [EBP-4C] 00608688 |. B8 D8886000 MOV EAX, Farsight.006088D8 ; ASCII "c4a1bf0654a796c1549cc2a44b4d0461" 0060868D |. E8 8A0FE0FF CALL Farsight.0040961C 00608692 |. 8B55 B4 MOV EDX, DWORD PTR [EBP-4C] 00608695 |. 58 POP EAX 00608696 |. E8 E9CBDFFF CALL Farsight.00405284 0060869B |. 75 07 JNZ SHORT Farsight.006086A4 0060869D |. B3 01 MOV BL, 1 0060869F |. E9 0D010000 JMP Farsight.006087B1 006086A4 |> 8D55 B0 LEA EDX, DWORD PTR [EBP-50] 006086A7 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 006086AA |. E8 6D0FE0FF CALL Farsight.0040961C 006086AF |. 8B45 B0 MOV EAX, DWORD PTR [EBP-50] 006086B2 |. 50 PUSH EAX 006086B3 |. 8D55 AC LEA EDX, DWORD PTR [EBP-54] 006086B6 |. B8 04896000 MOV EAX, Farsight.00608904 ; ASCII "373b7b3855aa309731693787a369c95d" 006086BB |. E8 5C0FE0FF CALL Farsight.0040961C 006086C0 |. 8B55 AC MOV EDX, DWORD PTR [EBP-54] 006086C3 |. 58 POP EAX 006086C4 |. E8 BBCBDFFF CALL Farsight.00405284 006086C9 |. 75 07 JNZ SHORT Farsight.006086D2 006086CB |. B3 01 MOV BL, 1 006086CD |. E9 DF000000 JMP Farsight.006087B1 006086D2 |> 8D55 A8 LEA EDX, DWORD PTR [EBP-58] 006086D5 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 006086D8 |. E8 3F0FE0FF CALL Farsight.0040961C 006086DD |. 8B45 A8 MOV EAX, DWORD PTR [EBP-58] 006086E0 |. 50 PUSH EAX 006086E1 |. 8D55 A4 LEA EDX, DWORD PTR [EBP-5C] 006086E4 |. B8 30896000 MOV EAX, Farsight.00608930 ; ASCII "7ac600e921e8bd51d68a1b622f74c1e6" 006086E9 |. E8 2E0FE0FF CALL Farsight.0040961C 006086EE |. 8B55 A4 MOV EDX, DWORD PTR [EBP-5C] 006086F1 |. 58 POP EAX 006086F2 |. E8 8DCBDFFF CALL Farsight.00405284 006086F7 |. 75 07 JNZ SHORT Farsight.00608700 006086F9 |. B3 01 MOV BL, 1 006086FB |. E9 B1000000 JMP Farsight.006087B1 00608700 |> 8D55 A0 LEA EDX, DWORD PTR [EBP-60] 00608703 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 00608706 |. E8 110FE0FF CALL Farsight.0040961C 0060870B |. 8B45 A0 MOV EAX, DWORD PTR [EBP-60] 0060870E |. 50 PUSH EAX 0060870F |. 8D55 9C LEA EDX, DWORD PTR [EBP-64] 00608712 |. B8 5C896000 MOV EAX, Farsight.0060895C ; ASCII "9e0c00afca2e84555efc91dfe754a2b7" 00608717 |. E8 000FE0FF CALL Farsight.0040961C 0060871C |. 8B55 9C MOV EDX, DWORD PTR [EBP-64] 0060871F |. 58 POP EAX 00608720 |. E8 5FCBDFFF CALL Farsight.00405284 00608725 |. 75 07 JNZ SHORT Farsight.0060872E 00608727 |. B3 01 MOV BL, 1 00608729 |. E9 83000000 JMP Farsight.006087B1 0060872E |> 8D55 98 LEA EDX, DWORD PTR [EBP-68] 00608731 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 00608734 |. E8 E30EE0FF CALL Farsight.0040961C 00608739 |. 8B45 98 MOV EAX, DWORD PTR [EBP-68] 0060873C |. 50 PUSH EAX 0060873D |. 8D55 94 LEA EDX, DWORD PTR [EBP-6C] 00608740 |. B8 88896000 MOV EAX, Farsight.00608988 ; ASCII "be8b20277c95834b292b1073825273f3" 00608745 |. E8 D20EE0FF CALL Farsight.0040961C 0060874A |. 8B55 94 MOV EDX, DWORD PTR [EBP-6C] 0060874D |. 58 POP EAX 0060874E |. E8 31CBDFFF CALL Farsight.00405284 00608753 |. 75 04 JNZ SHORT Farsight.00608759 00608755 |. B3 01 MOV BL, 1 00608757 |. EB 58 JMP SHORT Farsight.006087B1 00608759 |> 8D55 90 LEA EDX, DWORD PTR [EBP-70] 0060875C |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 0060875F |. E8 B80EE0FF CALL Farsight.0040961C 00608764 |. 8B45 90 MOV EAX, DWORD PTR [EBP-70] 00608767 |. 50 PUSH EAX 00608768 |. 8D55 8C LEA EDX, DWORD PTR [EBP-74] 0060876B |. B8 B4896000 MOV EAX, Farsight.006089B4 ; ASCII "d106cc90aefcc54fa16a2e086aecc6e7" 00608770 |. E8 A70EE0FF CALL Farsight.0040961C 00608775 |. 8B55 8C MOV EDX, DWORD PTR [EBP-74] 00608778 |. 58 POP EAX 00608779 |. E8 06CBDFFF CALL Farsight.00405284 0060877E |. 75 04 JNZ SHORT Farsight.00608784 00608780 |. B3 01 MOV BL, 1 00608782 |. EB 2D JMP SHORT Farsight.006087B1 00608784 |> 8D55 88 LEA EDX, DWORD PTR [EBP-78] 00608787 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] 0060878A |. E8 8D0EE0FF CALL Farsight.0040961C 0060878F |. 8B45 88 MOV EAX, DWORD PTR [EBP-78] 00608792 |. 50 PUSH EAX 00608793 |. 8D55 84 LEA EDX, DWORD PTR [EBP-7C] 00608796 |. B8 E0896000 MOV EAX, Farsight.006089E0 ; ASCII "659c1868d7a2344992da9ceda33b1ff6" 0060879B |. E8 7C0EE0FF CALL Farsight.0040961C 006087A0 |. 8B55 84 MOV EDX, DWORD PTR [EBP-7C] 006087A3 |. 58 POP EAX 006087A4 |. E8 DBCADFFF CALL Farsight.00405284 006087A9 |. 75 04 JNZ SHORT Farsight.006087AF 006087AB |. B3 01 MOV BL, 1 006087AD |. EB 02 JMP SHORT Farsight.006087B1 006087AF |> 33DB XOR EBX, EBX 006087B1 |> 33C0 XOR EAX, EAX 006087B3 |. 5A POP EDX 006087B4 |. 59 POP ECX 006087B5 |. 59 POP ECX 006087B6 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 006087B9 |. 68 E0876000 PUSH Farsight.006087E0 006087BE |> 8D45 84 LEA EAX, DWORD PTR [EBP-7C] 006087C1 |. BA 19000000 MOV EDX, 19 006087C6 |. E8 D1C6DFFF CALL Farsight.00404E9C 006087CB |. 8D45 F8 LEA EAX, DWORD PTR [EBP-8] 006087CE |. BA 02000000 MOV EDX, 2 006087D3 |. E8 C4C6DFFF CALL Farsight.00404E9C 006087D8 \. C3 RETN 006087D9 .^ E9 12BFDFFF JMP Farsight.004046F0 006087DE .^ EB DE JMP SHORT Farsight.006087BE 006087E0 . 8BC3 MOV EAX, EBX 006087E2 . 5B POP EBX 006087E3 . 8BE5 MOV ESP, EBP 006087E5 . 5D POP EBP 006087E6 . C3 RETN ============================================================== 00608AF4 /$ 55 PUSH EBP 00608AF5 |. 8BEC MOV EBP, ESP 00608AF7 |. 83C4 E0 ADD ESP, -20 00608AFA |. 53 PUSH EBX 00608AFB |. 33C9 XOR ECX, ECX 00608AFD |. 894D E0 MOV DWORD PTR [EBP-20], ECX 00608B00 |. 894D F4 MOV DWORD PTR [EBP-C], ECX 00608B03 |. 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608B06 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608B09 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608B0C |. E8 17C8DFFF CALL Farsight.00405328 00608B11 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608B14 |. E8 0FC8DFFF CALL Farsight.00405328 00608B19 |. 33C0 XOR EAX, EAX 00608B1B |. 55 PUSH EBP 00608B1C |. 68 828B6000 PUSH Farsight.00608B82 00608B21 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608B24 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608B27 |. 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608B2A |. B9 988B6000 MOV ECX, Farsight.00608B98 ; ASCII "hgfjk" 00608B2F |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608B32 |. E8 4DC6DFFF CALL Farsight.00405184 ; //将用户名与"hgfjk"相连 00608B37 |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //相连字符串 00608B3A |. 8D55 E4 LEA EDX, DWORD PTR [EBP-1C] 00608B3D |. E8 A6F8FFFF CALL Farsight.006083E8 ; //标准MD5运算 00608B42 |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 00608B45 |. 8D55 F4 LEA EDX, DWORD PTR [EBP-C] 00608B48 |. E8 0FF9FFFF CALL Farsight.0060845C 00608B4D |. 8B45 F4 MOV EAX, DWORD PTR [EBP-C] ; //相连字符串MD5_32值小写 00608B50 |. 8A00 MOV AL, BYTE PTR [EAX] 00608B52 |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] ; //试练码 00608B55 |. 3A02 CMP AL, BYTE PTR [EDX] 00608B57 |. 75 04 JNZ SHORT Farsight.00608B5D ; //试练码第1位与MD5值第1位比较,不等则跳 00608B59 |. B3 01 MOV BL, 1 00608B5B |. EB 02 JMP SHORT Farsight.00608B5F 00608B5D |> 33DB XOR EBX, EBX 00608B5F |> 33C0 XOR EAX, EAX 00608B61 |. 5A POP EDX 00608B62 |. 59 POP ECX 00608B63 |. 59 POP ECX 00608B64 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608B67 |. 68 898B6000 PUSH Farsight.00608B89 00608B6C |> 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608B6F |. E8 04C3DFFF CALL Farsight.00404E78 00608B74 |. 8D45 F4 LEA EAX, DWORD PTR [EBP-C] 00608B77 |. BA 03000000 MOV EDX, 3 00608B7C |. E8 1BC3DFFF CALL Farsight.00404E9C 00608B81 \. C3 RETN 00608B82 .^ E9 69BBDFFF JMP Farsight.004046F0 00608B87 .^ EB E3 JMP SHORT Farsight.00608B6C 00608B89 . 8BC3 MOV EAX, EBX 00608B8B . 5B POP EBX 00608B8C . 8BE5 MOV ESP, EBP 00608B8E . 5D POP EBP 00608B8F . C3 RETN ============================================================== 00608BA0 /$ 55 PUSH EBP 00608BA1 |. 8BEC MOV EBP, ESP 00608BA3 |. 83C4 E0 ADD ESP, -20 00608BA6 |. 53 PUSH EBX 00608BA7 |. 33C9 XOR ECX, ECX 00608BA9 |. 894D E0 MOV DWORD PTR [EBP-20], ECX 00608BAC |. 894D F4 MOV DWORD PTR [EBP-C], ECX 00608BAF |. 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608BB2 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608BB5 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608BB8 |. E8 6BC7DFFF CALL Farsight.00405328 00608BBD |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608BC0 |. E8 63C7DFFF CALL Farsight.00405328 00608BC5 |. 33C0 XOR EAX, EAX 00608BC7 |. 55 PUSH EBP 00608BC8 |. 68 2F8C6000 PUSH Farsight.00608C2F 00608BCD |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608BD0 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608BD3 |. 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608BD6 |. B9 488C6000 MOV ECX, Farsight.00608C48 ; ASCII "hgfjhkjk" 00608BDB |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608BDE |. E8 A1C5DFFF CALL Farsight.00405184 ; //将用户名与"hgfjhkjk"相连 00608BE3 |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //相连字符串 00608BE6 |. 8D55 E4 LEA EDX, DWORD PTR [EBP-1C] 00608BE9 |. E8 FAF7FFFF CALL Farsight.006083E8 ; //标准MD5运算 00608BEE |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 00608BF1 |. 8D55 F4 LEA EDX, DWORD PTR [EBP-C] 00608BF4 |. E8 63F8FFFF CALL Farsight.0060845C 00608BF9 |. 8B45 F4 MOV EAX, DWORD PTR [EBP-C] ; //相连字符串MD5_32值小写 00608BFC |. 8A00 MOV AL, BYTE PTR [EAX] 00608BFE |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] 00608C01 |. 3A42 01 CMP AL, BYTE PTR [EDX+1] 00608C04 |. 75 04 JNZ SHORT Farsight.00608C0A ; //试练码第2位与MD5值第1位比较,不等则跳 00608C06 |. B3 01 MOV BL, 1 00608C08 |. EB 02 JMP SHORT Farsight.00608C0C 00608C0A |> 33DB XOR EBX, EBX 00608C0C |> 33C0 XOR EAX, EAX 00608C0E |. 5A POP EDX 00608C0F |. 59 POP ECX 00608C10 |. 59 POP ECX 00608C11 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608C14 |. 68 368C6000 PUSH Farsight.00608C36 00608C19 |> 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608C1C |. E8 57C2DFFF CALL Farsight.00404E78 00608C21 |. 8D45 F4 LEA EAX, DWORD PTR [EBP-C] 00608C24 |. BA 03000000 MOV EDX, 3 00608C29 |. E8 6EC2DFFF CALL Farsight.00404E9C 00608C2E \. C3 RETN 00608C2F .^ E9 BCBADFFF JMP Farsight.004046F0 00608C34 .^ EB E3 JMP SHORT Farsight.00608C19 00608C36 . 8BC3 MOV EAX, EBX 00608C38 . 5B POP EBX 00608C39 . 8BE5 MOV ESP, EBP 00608C3B . 5D POP EBP 00608C3C . C3 RETN ============================================================== 00608C54 /$ 55 PUSH EBP 00608C55 |. 8BEC MOV EBP, ESP 00608C57 |. 83C4 E0 ADD ESP, -20 00608C5A |. 53 PUSH EBX 00608C5B |. 33C9 XOR ECX, ECX 00608C5D |. 894D E0 MOV DWORD PTR [EBP-20], ECX 00608C60 |. 894D F4 MOV DWORD PTR [EBP-C], ECX 00608C63 |. 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608C66 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608C69 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608C6C |. E8 B7C6DFFF CALL Farsight.00405328 00608C71 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608C74 |. E8 AFC6DFFF CALL Farsight.00405328 00608C79 |. 33C0 XOR EAX, EAX 00608C7B |. 55 PUSH EBP 00608C7C |. 68 E38C6000 PUSH Farsight.00608CE3 00608C81 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608C84 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608C87 |. 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608C8A |. B9 FC8C6000 MOV ECX, Farsight.00608CFC ; ASCII "hgfjk77" 00608C8F |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608C92 |. E8 EDC4DFFF CALL Farsight.00405184 ; //将用户名与"hgfjk77"相连 00608C97 |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //相连字符串 00608C9A |. 8D55 E4 LEA EDX, DWORD PTR [EBP-1C] 00608C9D |. E8 46F7FFFF CALL Farsight.006083E8 ; //标准MD5运算 00608CA2 |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 00608CA5 |. 8D55 F4 LEA EDX, DWORD PTR [EBP-C] 00608CA8 |. E8 AFF7FFFF CALL Farsight.0060845C 00608CAD |. 8B45 F4 MOV EAX, DWORD PTR [EBP-C] ; //相连字符串MD5_32值小写 00608CB0 |. 8A00 MOV AL, BYTE PTR [EAX] 00608CB2 |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] 00608CB5 |. 3A42 02 CMP AL, BYTE PTR [EDX+2] 00608CB8 |. 75 04 JNZ SHORT Farsight.00608CBE ; //试练码第3位与MD5值第1位比较,不等则跳 00608CBA |. B3 01 MOV BL, 1 00608CBC |. EB 02 JMP SHORT Farsight.00608CC0 00608CBE |> 33DB XOR EBX, EBX 00608CC0 |> 33C0 XOR EAX, EAX 00608CC2 |. 5A POP EDX 00608CC3 |. 59 POP ECX 00608CC4 |. 59 POP ECX 00608CC5 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608CC8 |. 68 EA8C6000 PUSH Farsight.00608CEA 00608CCD |> 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608CD0 |. E8 A3C1DFFF CALL Farsight.00404E78 00608CD5 |. 8D45 F4 LEA EAX, DWORD PTR [EBP-C] 00608CD8 |. BA 03000000 MOV EDX, 3 00608CDD |. E8 BAC1DFFF CALL Farsight.00404E9C 00608CE2 \. C3 RETN 00608CE3 .^ E9 08BADFFF JMP Farsight.004046F0 00608CE8 .^ EB E3 JMP SHORT Farsight.00608CCD 00608CEA . 8BC3 MOV EAX, EBX 00608CEC . 5B POP EBX 00608CED . 8BE5 MOV ESP, EBP 00608CEF . 5D POP EBP 00608CF0 . C3 RETN ============================================================== 00608D04 /$ 55 PUSH EBP 00608D05 |. 8BEC MOV EBP, ESP 00608D07 |. 83C4 E0 ADD ESP, -20 00608D0A |. 53 PUSH EBX 00608D0B |. 33C9 XOR ECX, ECX 00608D0D |. 894D E0 MOV DWORD PTR [EBP-20], ECX 00608D10 |. 894D F4 MOV DWORD PTR [EBP-C], ECX 00608D13 |. 8955 F8 MOV DWORD PTR [EBP-8], EDX 00608D16 |. 8945 FC MOV DWORD PTR [EBP-4], EAX 00608D19 |. 8B45 FC MOV EAX, DWORD PTR [EBP-4] ; //用户名 00608D1C |. E8 07C6DFFF CALL Farsight.00405328 00608D21 |. 8B45 F8 MOV EAX, DWORD PTR [EBP-8] ; //试练码 00608D24 |. E8 FFC5DFFF CALL Farsight.00405328 00608D29 |. 33C0 XOR EAX, EAX 00608D2B |. 55 PUSH EBP 00608D2C |. 68 938D6000 PUSH Farsight.00608D93 00608D31 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00608D34 |. 64:8920 MOV DWORD PTR FS:[EAX], ESP 00608D37 |. 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608D3A |. B9 AC8D6000 MOV ECX, Farsight.00608DAC ; ASCII "hgfjksss5" 00608D3F |. 8B55 FC MOV EDX, DWORD PTR [EBP-4] ; //用户名 00608D42 |. E8 3DC4DFFF CALL Farsight.00405184 ; //将用户名与"hgfjksss5"相连 00608D47 |. 8B45 E0 MOV EAX, DWORD PTR [EBP-20] ; //相连字符串 00608D4A |. 8D55 E4 LEA EDX, DWORD PTR [EBP-1C] 00608D4D |. E8 96F6FFFF CALL Farsight.006083E8 ; //标准MD5运算 00608D52 |. 8D45 E4 LEA EAX, DWORD PTR [EBP-1C] 00608D55 |. 8D55 F4 LEA EDX, DWORD PTR [EBP-C] 00608D58 |. E8 FFF6FFFF CALL Farsight.0060845C 00608D5D |. 8B45 F4 MOV EAX, DWORD PTR [EBP-C] ; //相连字符串MD5_32值小写 00608D60 |. 8A00 MOV AL, BYTE PTR [EAX] 00608D62 |. 8B55 F8 MOV EDX, DWORD PTR [EBP-8] 00608D65 |. 3A42 03 CMP AL, BYTE PTR [EDX+3] 00608D68 |. 75 04 JNZ SHORT Farsight.00608D6E ; //试练码第4位与MD5值第1位比较,不等则跳 00608D6A |. B3 01 MOV BL, 1 00608D6C |. EB 02 JMP SHORT Farsight.00608D70 00608D6E |> 33DB XOR EBX, EBX 00608D70 |> 33C0 XOR EAX, EAX 00608D72 |. 5A POP EDX 00608D73 |. 59 POP ECX 00608D74 |. 59 POP ECX 00608D75 |. 64:8910 MOV DWORD PTR FS:[EAX], EDX 00608D78 |. 68 9A8D6000 PUSH Farsight.00608D9A 00608D7D |> 8D45 E0 LEA EAX, DWORD PTR [EBP-20] 00608D80 |. E8 F3C0DFFF CALL Farsight.00404E78 00608D85 |. 8D45 F4 LEA EAX, DWORD PTR [EBP-C] 00608D88 |. BA 03000000 MOV EDX, 3 00608D8D |. E8 0AC1DFFF CALL Farsight.00404E9C 00608D92 \. C3 RETN 00608D93 .^ E9 58B9DFFF JMP Farsight.004046F0 00608D98 .^ EB E3 JMP SHORT Farsight.00608D7D 00608D9A . 8BC3 MOV EAX, EBX 00608D9C . 5B POP EBX 00608D9D . 8BE5 MOV ESP, EBP 00608D9F . 5D POP EBP 00608DA0 . C3 RETN
【破解总结】
--------------------------------------------------------------
【算法总结】
1.关键CALL1、2是对比黑名单中用户名的MD5值
关键CALL3、4、5、6是依次比较注册码
2.注册码的第1位为用户名与"hgfjk"相连字符串的MD5值小写的第1位
注册码的第2位为用户名与"hgfjhkjk"相连字符串的MD5值小写的第1位
注册码的第3位为用户名与"hgfjk77"相连字符串的MD5值小写的第1位
注册码的第4位为用户名与"hgfjksss5"相连字符串的MD5值小写的第1位
--------------------------------------------------------------
【算法注册机】
〖易语言代码〗
.版本 2
.支持库 dp1
.子程序 _按钮1_被单击
.判断开始 (编辑框1.内容 = “”)
编辑框2.内容 = “请输入用户名!”
.默认
编辑框2.内容 = 取文本左边 (取数据摘要 (到字节集 (编辑框1.内容 + “hgfjk”)), 1) + 取文本左边 (取数据摘要 (到字节集 (编辑框1.内容 + “hgfjhkjk”)), 1) + 取文本左边 (取数据摘要 (到字节集 (编辑框1.内容 + “hgfjk77”)), 1) + 取文本左边 (取数据摘要 (到字节集 (编辑框1.内容 + “hgfjksss5”)), 1)
.判断结束
--------------------------------------------------------------
【注册信息】
一组可用注册信息
用户名:tianxj
注册码:97b5
保存在[HKEY_CURRENT_USER\Software\farsightsoft\FarsightCalc]
--------------------------------------------------------------
感谢飘云老大、猫老大、Nisy老大以及很多前辈们的学习教程以及徐超等所有帮助过我的论坛兄弟姐妹们!谢谢
--------------------------------------------------------------
【版权声明】破文是学习的手记,兴趣是成功的源泉;本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!
_/_/_/ _/ _/ _/_/_/
_/ _/ _/ _/ _/
_/_/_/ _/_/ _/_/_/_/
_/ _/ _/ _/
_/ _/ _/_/_/ _/ tianxj