软件主页http://www.21cnnet.net/
0167:0052E410 8B0DA45E1301 MOV ECX,[01135EA4] 0167:0052E416 E8355CEDFF CALL 00404050 0167:0052E41B 8B45EC MOV EAX,[EBP-14] 0167:0052E41E E8E15BEDFF CALL 00404004 0167:0052E423 A1A45E1301 MOV EAX,[01135EA4] 0167:0052E428 E8D75BEDFF CALL 00404004 0167:0052E42D 8BF0 MOV ESI,EAX 0167:0052E42F 85F6 TEST ESI,ESI 0167:0052E431 0F8EB0000000 JNG NEAR 0052E4E7 0167:0052E437 BB01000000 MOV EBX,01 以下循环对机器码与用户名+“sef1sn8y3420dnu20fps”进行如下计算 0167:0052E43C 8D45E8 LEA EAX,[EBP-18] 0167:0052E43F 50 PUSH EAX 0167:0052E440 B901000000 MOV ECX,01 0167:0052E445 8BD3 MOV EDX,EBX 0167:0052E447 A1A45E1301 MOV EAX,[01135EA4] 0167:0052E44C E8BB5DEDFF CALL 0040420C 0167:0052E451 8B45E8 MOV EAX,[EBP-18] 0167:0052E454 E86F5DEDFF CALL 004041C8 0167:0052E459 8BF8 MOV EDI,EAX 0167:0052E45B A190BA5700 MOV EAX,[0057BA90] 0167:0052E460 8B00 MOV EAX,[EAX] 0167:0052E462 E89D5BEDFF CALL 00404004 0167:0052E467 3BD8 CMP EBX,EAX 0167:0052E469 7F23 JG 0052E48E 0167:0052E46B 8D45E4 LEA EAX,[EBP-1C] 0167:0052E46E 50 PUSH EAX 0167:0052E46F A190BA5700 MOV EAX,[0057BA90] 0167:0052E474 8B00 MOV EAX,[EAX] 0167:0052E476 B901000000 MOV ECX,01 0167:0052E47B 8BD3 MOV EDX,EBX 0167:0052E47D E88A5DEDFF CALL 0040420C 0167:0052E482 8B45E4 MOV EAX,[EBP-1C] 0167:0052E485 E83E5DEDFF CALL 004041C8 0167:0052E48A 8BD0 MOV EDX,EAX 0167:0052E48C EB1D JMP SHORT 0052E4AB 0167:0052E48E 8D45E0 LEA EAX,[EBP-20] 0167:0052E491 50 PUSH EAX 0167:0052E492 B901000000 MOV ECX,01 0167:0052E497 8BD3 MOV EDX,EBX 0167:0052E499 8B45F0 MOV EAX,[EBP-10] 0167:0052E49C E86B5DEDFF CALL 0040420C 0167:0052E4A1 8B45E0 MOV EAX,[EBP-20] 0167:0052E4A4 E81F5DEDFF CALL 004041C8 0167:0052E4A9 8BD0 MOV EDX,EAX 0167:0052E4AB 8A07 MOV AL,[EDI] //按位取机器码给al 0167:0052E4AD 8A12 MOV DL,[EDX] //用户名按位取出给dl 0167:0052E4AF 3C41 CMP AL,41 //判断al等不等于"A" 0167:0052E4B1 7502 JNZ 0052E4B5等于A就变为f 0167:0052E4B3 B066 MOV AL,66 0167:0052E4B5 8BF8 MOV EDI,EAX 0167:0052E4B7 81E7FF000000 AND EDI,FF 机器码按位与运算 0167:0052E4BD 33C0 XOR EAX,EAX 0167:0052E4BF 8AC2 MOV AL,DL 0167:0052E4C1 03F8 ADD EDI,EAX //相加 0167:0052E4C3 03FB ADD EDI,EBX //相加 0167:0052E4C5 8D4DDC LEA ECX,[EBP-24] 0167:0052E4C8 BA02000000 MOV EDX,02 0167:0052E4CD 8BC7 MOV EAX,EDI 0167:0052E4CF E8F8B6EDFF CALL 00409BCC 0167:0052E4D4 8B55DC MOV EDX,[EBP-24] 0167:0052E4D7 8D45F8 LEA EAX,[EBP-08] 0167:0052E4DA E82D5BEDFF CALL 0040400C 0167:0052E4DF 43 INC EBX 0167:0052E4E0 4E DEC ESI 0167:0052E4E1 0F8555FFFFFF JNZ NEAR 0052E43C 0167:0052E4E7 8B45F8 MOV EAX,[EBP-08] 0167:0052E4EA E8155BEDFF CALL 00404004 0167:0052E4EF 8D45FC LEA EAX,[EBP-04] 0167:0052E4F2 8B55F8 MOV EDX,[EBP-08] 0167:0052E4F5 E82259EDFF CALL 00403E1C 0167:0052E4FA 8B45FC MOV EAX,[EBP-04] 0167:0052E4FD E8025BEDFF CALL 00404004 0167:0052E502 8BF0 MOV ESI,EAX 0167:0052E504 85F6 TEST ESI,ESI 0167:0052E506 0F8EF6000000 JNG NEAR 0052E602 0167:0052E50C BB01000000 MOV EBX,01 以下循环对上面循环得到字符串进行再处理。 如果字符串中有A、1、2、r、4、5、8、0、E等字符要分别替换成 M、O、3、7、J、6、D、M、D 0167:0052E511 8B45FC MOV EAX,[EBP-04] 0167:0052E514 807C18FF41 CMP BYTE [EAX+EBX-01],41 0167:0052E519 750D JNZ 0052E528 0167:0052E51B 8D45FC LEA EAX,[EBP-04] 0167:0052E51E E8B15CEDFF CALL 004041D4 0167:0052E523 C64418FF4D MOV BYTE [EAX+EBX-01],4D 0167:0052E528 8B45FC MOV EAX,[EBP-04] 0167:0052E52B 807C18FF31 CMP BYTE [EAX+EBX-01],31 .......................... ..................
0167:0052E5D1 750D JNZ 0052E5E0 0167:0052E5D3 8D45FC LEA EAX,[EBP-04] 0167:0052E5D6 E8F95BEDFF CALL 004041D4 0167:0052E5DB C64418FF44 MOV BYTE [EAX+EBX-01],44 0167:0052E5E0 8D45D8 LEA EAX,[EBP-28] 0167:0052E5E3 8B55FC MOV EDX,[EBP-04] 0167:0052E5E6 8A541AFF MOV DL,[EDX+EBX-01] 0167:0052E5EA E83D59EDFF CALL 00403F2C 0167:0052E5EF 8B55D8 MOV EDX,[EBP-28] 0167:0052E5F2 8D45F4 LEA EAX,[EBP-0C] 0167:0052E5F5 E8125AEDFF CALL 0040400C 0167:0052E5FA 43 INC EBX 0167:0052E5FB 4E DEC ESI 0167:0052E5FC 0F850FFFFFFF JNZ NEAR 0052E511 0167:0052E602 A120BB5700 MOV EAX,[0057BB20] 0167:0052E607 8B00 MOV EAX,[EAX] 0167:0052E609 8B55F4 MOV EDX,[EBP-0C] 0167:0052E60C E8035BEDFF CALL 00404114 //d edx=真注册码 0167:0052E611 7523 JNZ 0052E636 0167:0052E613 B301 MOV BL,01 0167:0052E615 A114B85700 MOV EAX,[0057B814] 0167:0052E61A 8B1590BA5700 MOV EDX,[0057BA90] 0167:0052E620 8B12 MOV EDX,[EDX] 0167:0052E622 E8B157EDFF CALL 00403DD8 0167:0052E627 A1A4B85700 MOV EAX,[0057B8A4] 0167:0052E62C 8B55F4 MOV EDX,[EBP-0C] 0167:0052E62F E8A457EDFF CALL 00403DD8 0167:0052E634 EB02 JMP SHORT 0052E638 我的机器码为A21471E8-299,用户名:zhaocuo[CCG]得到的注册码为DO9C96M79FMCBB9B797FDBM3。 注册码放在注册表的HKEY_CURRENT_USER\Software\Osb\Demo中Pass=“DO9C96M79FMCBB9B797FDBM3” 欢迎光临我的破解小站: http://59596.126.com |
|
查看所有0条评论>>