大名鼎鼎II V2.12 算法分析
-
大名鼎鼎II V2.12
软件大小: 3615 KB
软件语言: 简体中文
软件类别: 国产软件 / 共享版 / 信息管理
应用平台: Win9x/NT/2000/XP
界面预览: 无
加入时间: 2003-08-24 10:20:32
下载: http://www.skycn.com/soft/11248.html
推荐等级:
联 系 人: Thinknet@china.com
开 发 商: http://www.snksoft.com/
【软件简介】:大名鼎鼎名片管理系统是专为中国人量身定做一款个人信息管理类软件,其功能及易用性堪称目前市面上同类软件之首。大名鼎鼎独特的姓氏拼音、自定义无限级分类功能,可以轻而易举的实现名片的闪电查找。考虑到商务人士的需求,大名鼎鼎还专门为商业用户设计了信封打印、邮件群发功能,并且,其名片打印功能已经授权北京汉王科技公司"名片通6.0"系统使用。大名鼎鼎还为广大用户设计了多重个性化设置功能:头像显示功能可以兼容QQ头像图片;照片显示模式和虚拟名片可以更加形象的显示名片信息;大字体功能更加方便老年朋友使用。
【软件限制】:试用时间、功能限制
【作者声明】:只是为了学习和研究软件内含的设计思想和原理,没有其它目的。 谢谢!!
【破解工具】:”刀枪棍棒“
————————————————————————————————————————
【过 程】:
应XXLJWBH的要求,写了个破文,希望得到抛”玉“引砖的效果---> ”谁砸的!“
脱壳,DEDE,查找注册信息!这个东东还有浮点运算!
送给LJWBH兄弟!
单位:[OCN][YMON]
用户名:dvchen
用户序列号试练码:2008
用户注册码试练码:13572468
————————————————————————————————————————
机器码是如何得到的:
0054D24E |. B8 98D35400 MOV EAX,THINKCAR.0054D398
|. ====>ASCII "Coname"
0054D253 |. E8 88700500 CALL THINKCAR.005A42E0
0054D258 |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4
|. ====>单位:[OCN][YMON]
0054D25B |. 50 PUSH EAX
0054D25C |. 8D4D F8 LEA ECX,DWORD PTR SS:[EBP-8]
0054D25F |. 33D2 XOR EDX,EDX
0054D261 |. B8 A8D35400 MOV EAX,THINKCAR.0054D3A8
|. ====>ASCII "Username"
0054D266 |. E8 75700500 CALL THINKCAR.005A42E0
0054D26B |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8]
|. ====>姓名:dvchen
0054D26E |. 58 POP EAX
0054D26F |. E8 807EEBFF CALL THINKCAR.004050F4
0054D274 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
|. ====>连接起来--[[OCN]YMON]dvchen
0054D277 |. 8B83 28030000 MOV EAX,DWORD PTR DS:[EBX+328]
0054D27D |. E8 0EF7F3FF CALL THINKCAR.0048C990
0054D282 |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
0054D285 |. 8B83 28030000 MOV EAX,DWORD PTR DS:[EBX+328]
0054D28B |. E8 D0F6F3FF CALL THINKCAR.0048C960
0054D290 |. 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
0054D293 |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
0054D296 |. E8 5984EBFF CALL THINKCAR.004056F4
0054D29B |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
0054D29E |. E8 216A0500 CALL THINKCAR.005A3CC4
|. ====>机器码计算->跟进
0054D2A3 |. 83C4 F4 ADD ESP,-0C
0054D2A6 |. DB3C24 FSTP TBYTE PTR SS:[ESP]
|. ====>20040583.000000000000
0054D2A9 |. 9B WAIT
0054D2AA |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
0054D2AD |. E8 42EBEBFF CALL THINKCAR.0040BDF4
0054D2B2 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
|. ====>得到机器码:20040583
————————————————————————————————————————
求机器码的Call过程:
005A3CC4 /$ 55 PUSH EBP
005A3CC5 |. 8BEC MOV EBP,ESP
005A3CC7 |. 83C4 EC ADD ESP,-14
005A3CCA |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
005A3CCD |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
005A3CD0 |. E8 4B1DE6FF CALL THINKCAR.00405A20
005A3CD5 |. 33C0 XOR EAX,EAX
005A3CD7 |. 55 PUSH EBP
005A3CD8 |. 68 4F3D5A00 PUSH THINKCAR.005A3D4F
005A3CDD |. 64:FF30 PUSH DWORD PTR FS:[EAX]
005A3CE0 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
005A3CE3 |. C745 F0 000000>MOV DWORD PTR SS:[EBP-10],40000000
005A3CEA |. C745 F4 311A73>MOV DWORD PTR SS:[EBP-C],41731A31
005A3CF1 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005A3CF4 |. 33D2 XOR EDX,EDX
005A3CF6 |. E8 311BE6FF CALL THINKCAR.0040582C
005A3CFB |. 74 34 JE SHORT THINKCAR.005A3D31
005A3CFD |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005A3D00 |. E8 0F1AE6FF CALL THINKCAR.00405714
005A3D05 |. 85C0 TEST EAX,EAX
005A3D07 |. 7E 30 JLE SHORT THINKCAR.005A3D39
005A3D09 |. BA 01000000 MOV EDX,1
005A3D0E |> 8B4D FC /MOV ECX,DWORD PTR SS:[EBP-4]
005A3D11 |. 66:8B4C51 FE |MOV CX,WORD PTR DS:[ECX+EDX*2-2]
|. |====>[OCN][YMON]dvchen依次送入CX
005A3D16 |. 66:81F1 2802 |XOR CX,228
|. |====>分别同228异或
005A3D1B |. 0FB7C9 |MOVZX ECX,CX
005A3D1E |. 894D EC |MOV DWORD PTR SS:[EBP-14],ECX
005A3D21 |. DB45 EC |FILD DWORD PTR SS:[EBP-14]
005A3D24 |. DC45 F0 |FADD QWORD PTR SS:[EBP-10]
|. |====>异或的值加上20030228.00000000
005A3D27 |. DD5D F0 |FSTP QWORD PTR SS:[EBP-10]
|. |====>计算后得到20040583机器码
005A3D2A |. 9B |WAIT
005A3D2B |. 42 |INC EDX
005A3D2C |. 48 |DEC EAX
005A3D2D |.^75 DF \JNZ SHORT THINKCAR.005A3D0E
005A3D2F |. EB 08 JMP SHORT THINKCAR.005A3D39
005A3D31 |> 33C0 XOR EAX,EAX
005A3D33 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
005A3D36 |. 8945 F4 MOV DWORD PTR SS:[EBP-C],EAX
005A3D39 |> 33C0 XOR EAX,EAX
005A3D3B |. 5A POP EDX
005A3D3C |. 59 POP ECX
005A3D3D |. 59 POP ECX
005A3D3E |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
005A3D41 |. 68 563D5A00 PUSH THINKCAR.005A3D56
005A3D46 |> 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
005A3D49 |. E8 1218E6FF CALL THINKCAR.00405560
005A3D4E \. C3 RETN
————————————————————————————————————————
求注册码的过程:
005A3DC8 /$ 55 PUSH EBP
005A3DC9 |. 8BEC MOV EBP,ESP
005A3DCB |. B9 06000000 MOV ECX,6
005A3DD0 |> 6A 00 /PUSH 0
005A3DD2 |. 6A 00 |PUSH 0
005A3DD4 |. 49 |DEC ECX
005A3DD5 |.^75 F9 \JNZ SHORT THINKCAR.005A3DD0
005A3DD7 |. 53 PUSH EBX
005A3DD8 |. 33C0 XOR EAX,EAX
005A3DDA |. 55 PUSH EBP
005A3DDB |. 68 0C3F5A00 PUSH THINKCAR.005A3F0C
005A3DE0 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
005A3DE3 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
005A3DE6 |. 8D4D FC LEA ECX,DWORD PTR SS:[EBP-4]
005A3DE9 |. 33D2 XOR EDX,EDX
005A3DEB |. B8 243F5A00 MOV EAX,THINKCAR.005A3F24
|. ====>ASCII "Coname"
005A3DF0 |. E8 EB040000 CALL THINKCAR.005A42E0
005A3DF5 |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
005A3DF8 |. 50 PUSH EAX
005A3DF9 |. 8D4D F8 LEA ECX,DWORD PTR SS:[EBP-8]
005A3DFC |. 33D2 XOR EDX,EDX
005A3DFE |. B8 343F5A00 MOV EAX,THINKCAR.005A3F34
|. ====>ASCII "Username"
005A3E03 |. E8 D8040000 CALL THINKCAR.005A42E0
005A3E08 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8]
005A3E0B |. 58 POP EAX
005A3E0C |. E8 E312E6FF CALL THINKCAR.004050F4
005A3E11 |. 837D FC 00 CMP DWORD PTR SS:[EBP-4],0
005A3E15 |. 75 07 JNZ SHORT THINKCAR.005A3E1E
005A3E17 |. 33DB XOR EBX,EBX
005A3E19 |. E9 A9000000 JMP THINKCAR.005A3EC7
005A3E1E |> 8D4D EC LEA ECX,DWORD PTR SS:[EBP-14]
005A3E21 |. 33D2 XOR EDX,EDX
005A3E23 |. B8 243F5A00 MOV EAX,THINKCAR.005A3F24
005A3E28 |. E8 B3040000 CALL THINKCAR.005A42E0
005A3E2D |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
005A3E30 |. 50 PUSH EAX
005A3E31 |. 8D4D E8 LEA ECX,DWORD PTR SS:[EBP-18]
005A3E34 |. 33D2 XOR EDX,EDX
005A3E36 |. B8 343F5A00 MOV EAX,THINKCAR.005A3F34
005A3E3B |. E8 A0040000 CALL THINKCAR.005A42E0
005A3E40 |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
005A3E43 |. 58 POP EAX
005A3E44 |. E8 AB12E6FF CALL THINKCAR.004050F4
005A3E49 |. 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
005A3E4C |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
005A3E4F |. E8 A018E6FF CALL THINKCAR.004056F4
005A3E54 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
005A3E57 |. E8 68FEFFFF CALL THINKCAR.005A3CC4
005A3E5C |. D80D 403F5A00 FMUL DWORD PTR DS:[5A3F40]
|. ====>机器码乘以10=20040583.000000000000*10
005A3E62 |. DB7D DC FSTP TBYTE PTR SS:[EBP-24]
005A3E65 |. 9B WAIT
005A3E66 |. 8D4D D4 LEA ECX,DWORD PTR SS:[EBP-2C]
005A3E69 |. 33D2 XOR EDX,EDX
005A3E6B |. B8 4C3F5A00 MOV EAX,THINKCAR.005A3F4C
005A3E70 |. E8 6B040000 CALL THINKCAR.005A42E0
|. ====>取出序列号试练码:2008
005A3E75 |. 8B55 D4 MOV EDX,DWORD PTR SS:[EBP-2C]
005A3E78 |. 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
005A3E7B |. E8 7418E6FF CALL THINKCAR.004056F4
005A3E80 |. 8B45 D8 MOV EAX,DWORD PTR SS:[EBP-28]
005A3E83 |. E8 3CFEFFFF CALL THINKCAR.005A3CC4
|. ====>算法跟进
005A3E88 |. DB6D DC FLD TBYTE PTR SS:[EBP-24]
|. ====>机器码:200405830.00000000000
005A3E8B |. DEC1 FADDP ST(1),ST
|. ====>机器码和(序列号的计算结果)相加
|. ====>200405830.00000000000+20032366.000000000000
005A3E8D |. 83C4 F8 ADD ESP,-8
005A3E90 |. DD1C24 FSTP QWORD PTR SS:[ESP]
|. ====>相加得到:220438196.00000000000
005A3E93 |. 9B WAIT
005A3E94 |. E8 C7FEFFFF CALL THINKCAR.005A3D60
|. ====>算法跟进
005A3E99 |. 83C4 F4 ADD ESP,-0C
005A3E9C |. DB3C24 FSTP TBYTE PTR SS:[ESP]
|. ====>得到5262574508.9999994880
005A3E9F |. 9B WAIT
005A3EA0 |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
005A3EA3 |. E8 4C7FE6FF CALL THINKCAR.0040BDF4
005A3EA8 |. 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
|. ====>四舍五入得到真正的注册码5262574509
005A3EAB |. 50 PUSH EAX
005A3EAC |. 8D4D D0 LEA ECX,DWORD PTR SS:[EBP-30]
005A3EAF |. 33D2 XOR EDX,EDX
005A3EB1 |. B8 5C3F5A00 MOV EAX,THINKCAR.005A3F5C
005A3EB6 |. E8 25040000 CALL THINKCAR.005A42E0
005A3EBB |. 8B55 D0 MOV EDX,DWORD PTR SS:[EBP-30]
|. ====>假码13572468
005A3EBE |. 58 POP EAX
|. ====>真码5262574509
005A3EBF |. E8 7413E6FF CALL THINKCAR.00405238
|. ====>真假注册码比较
|. ====>此处下断可做内存注册机
————————————————————————————————————————
序列号结果算法Call:
005A3CC4 /$ 55 PUSH EBP
005A3CC5 |. 8BEC MOV EBP,ESP
005A3CC7 |. 83C4 EC ADD ESP,-14
005A3CCA |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
005A3CCD |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
005A3CD0 |. E8 4B1DE6FF CALL THINKCAR.00405A20
005A3CD5 |. 33C0 XOR EAX,EAX
005A3CD7 |. 55 PUSH EBP
005A3CD8 |. 68 4F3D5A00 PUSH THINKCAR.005A3D4F
005A3CDD |. 64:FF30 PUSH DWORD PTR FS:[EAX]
005A3CE0 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
005A3CE3 |. C745 F0 000000>MOV DWORD PTR SS:[EBP-10],40000000
005A3CEA |. C745 F4 311A73>MOV DWORD PTR SS:[EBP-C],41731A31
005A3CF1 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005A3CF4 |. 33D2 XOR EDX,EDX
005A3CF6 |. E8 311BE6FF CALL THINKCAR.0040582C
005A3CFB |. 74 34 JE SHORT THINKCAR.005A3D31
005A3CFD |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005A3D00 |. E8 0F1AE6FF CALL THINKCAR.00405714
005A3D05 |. 85C0 TEST EAX,EAX
005A3D07 |. 7E 30 JLE SHORT THINKCAR.005A3D39
005A3D09 |. BA 01000000 MOV EDX,1
005A3D0E |> 8B4D FC /MOV ECX,DWORD PTR SS:[EBP-4]
005A3D11 |. 66:8B4C51 FE |MOV CX,WORD PTR DS:[ECX+EDX*2-2]
|. |====>2008依次送入CX
005A3D16 |. 66:81F1 2802 |XOR CX,228
|. |====>分别同228异或
005A3D1B |. 0FB7C9 |MOVZX ECX,CX
005A3D1E |. 894D EC |MOV DWORD PTR SS:[EBP-14],ECX
005A3D21 |. DB45 EC |FILD DWORD PTR SS:[EBP-14]
005A3D24 |. DC45 F0 |FADD QWORD PTR SS:[EBP-10]
|. |====>异或的值加上20030228.00000000
005A3D27 |. DD5D F0 |FSTP QWORD PTR SS:[EBP-10]
|. |====> 计算后得到20032366.000000000000
005A3D2A |. 9B |WAIT
005A3D2B |. 42 |INC EDX
005A3D2C |. 48 |DEC EAX
005A3D2D |.^75 DF \JNZ SHORT THINKCAR.005A3D0E
005A3D2F |. EB 08 JMP SHORT THINKCAR.005A3D39
005A3D31 |> 33C0 XOR EAX,EAX
005A3D33 |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
005A3D36 |. 8945 F4 MOV DWORD PTR SS:[EBP-C],EAX
005A3D39 |> 33C0 XOR EAX,EAX
005A3D3B |. 5A POP EDX
005A3D3C |. 59 POP ECX
005A3D3D |. 59 POP ECX
005A3D3E |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
005A3D41 |. 68 563D5A00 PUSH THINKCAR.005A3D56
005A3D46 |> 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
005A3D49 |. E8 1218E6FF CALL THINKCAR.00405560
005A3D4E \. C3 RETN
————————————————————————————————————————
最后注册码结果的计算Call:
005A3D60 /$ 55 PUSH EBP
005A3D61 |. 8BEC MOV EBP,ESP
005A3D63 |. 83C4 F0 ADD ESP,-10
005A3D66 |. DD45 08 FLD QWORD PTR SS:[EBP+8]
|. ====>取出机器码和(序列号的计算结果)相加结果
|. ====>220438196.0000000
005A3D69 |. D81D B43D5A00 FCOMP DWORD PTR DS:[5A3DB4]
005A3D6F |. DFE0 FSTSW AX
005A3D71 |. 9E SAHF
005A3D72 |. 73 0C JNB SHORT THINKCAR.005A3D80
005A3D74 |. 33C0 XOR EAX,EAX
005A3D76 |. 8945 08 MOV DWORD PTR SS:[EBP+8],EAX
005A3D79 |. C745 0C 0000F0>MOV DWORD PTR SS:[EBP+C],3FF00000
005A3D80 |> DD45 08 FLD QWORD PTR SS:[EBP+8]
005A3D83 |. D80D B83D5A00 FMUL DWORD PTR DS:[5A3DB8]
|. ====>乘以75
|. ====>220438196.0000000*75
005A3D89 |. DB2D BC3D5A00 FLD TBYTE PTR DS:[5A3DBC]
|. ====>取出3.1415926535897932800
005A3D8F |. DEF9 FDIVP ST(1),ST
|. ====>除以3.1415926535897932800
005A3D91 |. E8 5EEFE5FF CALL THINKCAR.00402CF4
005A3D96 |. 05 E4000000 ADD EAX,0E4
|. ====>最后结果再加上0E4
005A3D9B |. 83D2 00 ADC EDX,0
005A3D9E |. 8945 F0 MOV DWORD PTR SS:[EBP-10],EAX
005A3DA1 |. 8955 F4 MOV DWORD PTR SS:[EBP-C],EDX
005A3DA4 |. DF6D F0 FILD QWORD PTR SS:[EBP-10]
005A3DA7 |. DD5D F8 FSTP QWORD PTR SS:[EBP-8]
|. ====>得到5262574508.9999994880
005A3DAA |. 9B WAIT
005A3DAB |. DD45 F8 FLD QWORD PTR SS:[EBP-8]
005A3DAE |. 8BE5 MOV ESP,EBP
005A3DB0 |. 5D POP EBP
005A3DB1 \. C2 0800 RETN 8
————————————————————————————————————————
【算 法 总 结】:
算法很简单,我就不罗嗦了!
————————————————————————————————————————
【整 理】:
单位:[OCN][YMON]
用户名:dvchen
机器码:20040583
用户序列号:2008
用户注册码:5262574509
相关视频
相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么
- 文章评论
-
热门文章
去除winrar注册框方法
最新文章
比特币病毒怎么破解 比去除winrar注册框方法
华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)通过Access破解MSSQL获得数据人气排行 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)qq相册密码破解方法去除winrar注册框方法(适应任何版本)怎么用手机破解收费游戏华为无线猫HG522破解如何给软件脱壳基础教程
查看所有0条评论>>