破解者:HMILY[BCG]
破解于:2002-12-29
软件名称:XX速查 v3.0
* Possible StringData Ref from Code Obj ->"BiXwDIdi5168qcIEFMEWDSVdkvmemifPCiEsefGF21QCLM"
->"WE" --->这个是注册码计算的基数
|
:005B3567 B9E4365B00 mov ecx, 005B36E4
:005B356C E8FB140000 call 005B4A6C ->注册码的计算 ->跟进去研究一下。
:005B3571 8B45F4 mov eax, dword ptr [ebp-0C]
:005B3574 8D55FC lea edx, dword ptr [ebp-04]
:005B3577 E84C64E5FF call 004099C8
:005B357C 8D55E8 lea edx, dword ptr [ebp-18]
:005B357F 8B8600030000 mov eax, dword ptr [esi+00000300]
:005B3585 E8B638E8FF call 00436E40
:005B358A 8B45E8 mov eax, dword ptr [ebp-18]
:005B358D 8D55EC lea edx, dword ptr [ebp-14]
:005B3590 E8C766E5FF call 00409C5C
:005B3595 8B45EC mov eax, dword ptr [ebp-14]
:005B3598 8D55F0 lea edx, dword ptr [ebp-10]
:005B359B E82864E5FF call 004099C8
:005B35A0 8B55F0 mov edx, dword ptr [ebp-10] -|真假注册码分别传入eax、edx
:005B35A3 8B45FC mov eax, dword ptr [ebp-04] -|
:005B35A6 E8590DE5FF call 00404304 ->注册码的对比
:005B35AB 757C jne 005B3629 ->不相等、出错
:005B35AD 33C9 xor ecx, ecx
* Possible StringData Ref from Code Obj ->"Microyzcsjcid"
|
:005B35AF BACC365B00 mov edx, 005B36CC
:005B35B4 8BC3 mov eax, ebx
:005B35B6 E80901EBFF call 004636C4
:005B35BB 8B4DFC mov ecx, dword ptr [ebp-04]
* Possible StringData Ref from Code Obj ->"hdh"
|
:005B35BE BA20375B00 mov edx, 005B3720
:005B35C3 8BC3 mov eax, ebx
:005B35C5 E85600EBFF call 00463620
:005B35CA 8BC3 mov eax, ebx
:005B35CC E877FAEAFF call 00463048
:005B35D1 8BC3 mov eax, ebx
:005B35D3 E874FBE4FF call 0040314C
* Possible StringData Ref from Code Obj ->"注册成功!"
|
:005B35D8 BA2C375B00 mov edx, 005B372C
:005B35DD 8B8608030000 mov eax, dword ptr [esi+00000308]
:005B35E3 E88838E8FF call 00436E70
:005B35E8 A1CCA65B00 mov eax, dword ptr [005BA6CC]
:005B35ED 8B00 mov eax, dword ptr [eax]
:005B35EF 8B803C040000 mov eax, dword ptr [eax+0000043C]
* Possible StringData Ref from Code Obj ->"软件已注册,谢谢您的支持!"
|
:005B35F5 BA40375B00 mov edx, 005B3740
:005B35FA E87138E8FF call 00436E70
:005B35FF A1CCA65B00 mov eax, dword ptr [005BA6CC]
:005B3604 8B00 mov eax, dword ptr [eax]
:005B3606 8B8040040000 mov eax, dword ptr [eax+00000440]
:005B360C 33D2 xor edx, edx
:005B360E E84537E8FF call 00436D58
:005B3613 A1CCA65B00 mov eax, dword ptr [005BA6CC]
:005B3618 8B00 mov eax, dword ptr [eax]
:005B361A 8B8040040000 mov eax, dword ptr [eax+00000440]
:005B3620 B201 mov dl, 01
:005B3622 8B08 mov ecx, dword ptr [eax]
:005B3624 FF51FC call [ecx-04]
:005B3627 EB2A jmp 005B3653
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005B35AB(C)
|
:005B3629 6A10 push 00000010
* Possible StringData Ref from Code Obj ->"提示"
|
:005B362B 685C375B00 push 005B375C
* Possible StringData Ref from Code Obj ->"注册码错误!请速与作者联系"
|
:005B3630 6864375B00 push 005B3764
:005B3635 A138BF5B00 mov eax, dword ptr [005BBF38]
:005B363A E8AD99E8FF call 0043CFEC
:005B363F 50 push eax
==============================================================================================
* Referenced by a CALL at Addresses:
|:005B356C , :005B37D5 , :005B45D1
|
:005B4A6C 55 push ebp ->跟入上面那个call来到这里
:005B4A6D 8BEC mov ebp, esp
:005B4A6F 83C4F4 add esp, FFFFFFF4
:005B4A72 53 push ebx
:005B4A73 56 push esi
:005B4A74 57 push edi
:005B4A75 894DF8 mov dword ptr [ebp-08], ecx
:005B4A78 8955FC mov dword ptr [ebp-04], edx
:005B4A7B 8B45FC mov eax, dword ptr [ebp-04]
:005B4A7E E825F9E4FF call 004043A8
:005B4A83 8B45F8 mov eax, dword ptr [ebp-08]
:005B4A86 E81DF9E4FF call 004043A8
:005B4A8B 33C0 xor eax, eax
:005B4A8D 55 push ebp
:005B4A8E 68334B5B00 push 005B4B33
:005B4A93 64FF30 push dword ptr fs:[eax]
:005B4A96 648920 mov dword ptr fs:[eax], esp
:005B4A99 837DF800 cmp dword ptr [ebp-08], 00000000
:005B4A9D 750D jne 005B4AAC
:005B4A9F 8D45F8 lea eax, dword ptr [ebp-08]
* Possible StringData Ref from Code Obj ->"diVEiXsMOie2bPqACIE"
|
:005B4AA2 BA4C4B5B00 mov edx, 005B4B4C
:005B4AA7 E860F5E4FF call 0040400C
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005B4A9D(C)
|
:005B4AAC BE01000000 mov esi, 00000001
:005B4AB1 8B45FC mov eax, dword ptr [ebp-04]
:005B4AB4 E83BF7E4FF call 004041F4
:005B4AB9 8BF8 mov edi, eax
:005B4ABB 85FF test edi, edi
:005B4ABD 7E4E jle 005B4B0D
:005B4ABF BB01000000 mov ebx, 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005B4B0B(C)
|
:005B4AC4 8B45FC mov eax, dword ptr [ebp-04] ->机器码传入eax
:005B4AC7 8A4418FF mov al, byte ptr [eax+ebx-01] ->依次取机器码
:005B4ACB 240F and al, 0F ->和0x0F做与运算
:005B4ACD 8B55F8 mov edx, dword ptr [ebp-08] ->基数传入edx
:005B4AD0 8A5432FF mov dl, byte ptr [edx+esi-01] ->依次取基数
:005B4AD4 80E20F and dl, 0F ->取得的基数和0x0F做与运算
:005B4AD7 32C2 xor al, dl ->两个数的结果相互做异或运算
:005B4AD9 8845F7 mov byte ptr [ebp-09], al ->把异或的结果保存到ebp-09
:005B4ADC 8D45FC lea eax, dword ptr [ebp-04]
:005B4ADF E8E0F8E4FF call 004043C4
:005B4AE4 8B55FC mov edx, dword ptr [ebp-04] ->取机器码
:005B4AE7 8A541AFF mov dl, byte ptr [edx+ebx-01] ->依次取机器码
:005B4AEB 80E2F0 and dl, F0 ->取得的机器码和0xF0做与运算
:005B4AEE 8A4DF7 mov cl, byte ptr [ebp-09] ->取出异或结果传给cl
:005B4AF1 02D1 add dl, cl ->把机器码与0xF0的运算结果和cl相加
:005B4AF3 885418FF mov byte ptr [eax+ebx-01], dl
:005B4AF7 46 inc esi
:005B4AF8 8B45F8 mov eax, dword ptr [ebp-08]
:005B4AFB E8F4F6E4FF call 004041F4
:005B4B00 3BF0 cmp esi, eax
:005B4B02 7E05 jle 005B4B09
:005B4B04 BE01000000 mov esi, 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:005B4B02(C)
|
:005B4B09 43 inc ebx
:005B4B0A 4F dec edi
:005B4B0B 75B7 jne 005B4AC4
==============================================================================================
它的算法已经明确,就做个注册机吧。
TC 2.0下调试通过
#include "stdio.h"
int key[48]={'B','i','X','w','D','I','d','i','5','1','6','8','q','c','I','E','F','M','E','W','D','S','V','d','k','v','m','e','m','i','f','P','C','i','E','s','e','f','G','F','2','1','Q','C','L','M','W','E'};
main()
{
char S[10],*p=S;
int *p1=key;
unsigned long a,b,c,d,e;
printf("ChengYuSuCha v3.0 keygen by HMILY[BCG]\n");
printf("My e-mail : gyyxll@21cn.com\n");
printf("***************HMILY[BCG]***************\n");
printf("please enter your serial : ");
gets(S);
printf(" Your register code is : ");
while(*p!='\0')
{
a=*p&0x0F;
b=*p1&0x0F;
c=a^b;
d=*p&0xF0;
e=c+d;
p++;p1++;
printf("%c",e);
}
}
相关视频
相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么
热门文章 去除winrar注册框方法
最新文章
比特币病毒怎么破解 比去除winrar注册框方法
华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)通过Access破解MSSQL获得数据
人气排行 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)qq相册密码破解方法去除winrar注册框方法(适应任何版本)怎么用手机破解收费游戏华为无线猫HG522破解如何给软件脱壳基础教程
查看所有0条评论>>