Morpher for Windows version 2.0 的中文修改版 -pc6资讯

您的位置：首页 → 精文荟萃 → 破解文章 → Morpher for Windows version 2.0 的中文修改版

Morpher for Windows version 2.0 的中文修改版 时间：2004/10/15 0:55:00来源：本站整理作者：蓝点我要评论(0)

　简介:
你看过电影的『变脸』吗？这是一个蛮好玩的图形处理软件，可让你将一张图形
中的脸，变形转换成另一张图形中的脸；或是将一张图形中的脸部给它扭曲。例如你
可以透过 Morpher 的变形处理技术，将一张「男」的图片变成一张「女」的图片，
或者将猫与狗的图片结合而成一张图片。蛮好玩的！

软件保护介绍:
用户名与注册码无关,软件没有加壳,但是进行了字符保护,无法用静态反汇编查找到有用
的提示信息,所以要从动态跟踪入手!

:00409950 E866610100             call 0041FABB
:00409955 C645FC02               mov [ebp-04], 02
:00409959 8D4DE8                 lea ecx, dword ptr [ebp-18]
:0040995C E85A610100             call 0041FABB
:00409961 C645FC03               mov [ebp-04], 03
:00409965 8D4D80                 lea ecx, dword ptr [ebp-80]
:00409968 E8C51D0100             call 0041B732
:0040996D 83F801                 cmp eax, 00000001
:00409970 7577                   jne 004099E9
:00409972 8D45E0                 lea eax, dword ptr [ebp-20]
:00409975 8D4DEC                 lea ecx, dword ptr [ebp-14]
:00409978 50                     push eax
:00409979 E895630100             call 0041FD13
:0040997E 8D45DC                 lea eax, dword ptr [ebp-24]
:00409981 8D4DE8                 lea ecx, dword ptr [ebp-18]
:00409984 50                     push eax
:00409985 E889630100             call 0041FD13
:0040998A 8B7DF0                 mov edi, dword ptr [ebp-10]
:0040998D 6A0A                   push 0000000A
:0040998F 56                     push esi
:00409990 FF75EC                 push [ebp-14]
:00409993 E868390000             call 0040D300--------------->将输入的SN变成十六进制
:00409998 83C40C                 add esp, 0000000C
:0040999B 8987E0000000           mov dword ptr [edi+000000E0], eax
:004099A1 50                     push eax
:004099A2 E830040000             call 00409DD7--------------->算法关键CALL
:004099A7 83C404                 add esp, 00000004
:004099AA 85C0                   test eax, eax--------------->比较EAX是否为0
:004099AC 7579                   jne 00409A27---------------->不为0则跳,跳就成功了
:004099AE 8D4DF0                 lea ecx, dword ptr [ebp-10]
:004099B1 E805610100             call 0041FABB

* Possible Reference to String Resource ID=61218: "鑼
cn."
                                |
:004099B6 6822EF0000             push 0000EF22
:004099BB 8D4DF0                 lea ecx, dword ptr [ebp-10]
:004099BE C645FC04               mov [ebp-04], 04
:004099C2 E8F07D0100             call 004217B7
:004099C7 6A10                   push 00000010

* Reference To: USER32.MessageBeep, Ord:0196h
                                |
:004099C9 FF15743D4500           Call dword ptr [00453D74]----------->发出BEEP声音
:004099CF 6A10                   push 00000010

* Possible StringData Ref from Data Obj ->"Error"---------------->错误提示
                                |
:004099D1 68CCB54400             push 0044B5CC
:004099D6 FF75F0                 push [ebp-10]

=======================================================================================
:00409DD7 8B4C2404               mov ecx, dword ptr [esp+04]---->ECX=输入SN的十六进制
:00409DDB 56                     push esi
:00409DDC BE971F0000             mov esi, 00001F97-------------->ESI=&H1F97
:00409DE1 8BC1                   mov eax, ecx------------------->EAX=ECX
:00409DE3 2BD2                   sub edx, edx------------------->EDX=0
:00409DE5 F7F6                   div esi------------------------>EAX=EAX/ESI----|这两句说明注册码
:00409DE7 0FAFC6                 imul eax, esi------------------>EAX=EAX*ESI----|要能被&H1F97整除
:00409DEA 3BC1                   cmp eax, ecx------------------->比较EAX和ECX
:00409DEC 750D                   jne 00409DFB------------------->不等则跳
:00409DEE B801000000             mov eax, 00000001
:00409DF3 81F9A03B0100           cmp ecx, 00013BA0
:00409DF9 7702                   ja 00409DFD

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00409DEC(C)
|
:00409DFB 33C0 xor eax, eax

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00409DF9(C)
|
:00409DFD 5E pop esi
:00409DFE C3 ret

原版:
http://www.asahi-net.or.jp/~FX6M-FJMY/mop05e.html