您的位置:首页精文荟萃破解文章 → 蓝帆打支票 V5.0 算法分析

蓝帆打支票 V5.0 算法分析

时间:2004/10/15 0:55:00来源:本站整理作者:蓝点我要评论(0)

 

00401F88 . E8 FFF90B00 CALL dfcg.004C198C《=入此CALL
============================================================================================
004C198C /$ 55 PUSH EBP
004C198D |. 8BEC MOV EBP,ESP
004C198F |. 83C4 CC ADD ESP,-34
004C1992 |. 53 PUSH EBX《=EBX=01122B66=17967974这个就是注册码(EBX是怎么来的呢?我没看出来!请熊哥指教!!它的机器码还在后面才出现,怪!!)
004C1993 |. 894D F8 MOV DWORD PTR SS:[EBP-8],ECX
004C1996 |. 8955 D0 MOV DWORD PTR SS:[EBP-30],EDX
004C1999 |. 8BD8 MOV EBX,EAX
004C199B |. B8 7CA34E00 MOV EAX,dfcg.004EA37C
004C19A0 |. E8 5B54FFFF CALL dfcg.004B6E00
004C19A5 |. 66:C745 E4 080>MOV WORD PTR SS:[EBP-1C],8
004C19AB |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004C19AE |. 8BD3 MOV EDX,EBX
004C19B0 |. E8 43FCFFFF CALL dfcg.004C15F8
004C19B5 |. FF45 F0 INC DWORD PTR SS:[EBP-10]
004C19B8 |. 66:C745 E4 140>MOV WORD PTR SS:[EBP-1C],14
004C19BE |. 8D4D FC LEA ECX,DWORD PTR SS:[EBP-4]
004C19C1 |. 894D CC MOV DWORD PTR SS:[EBP-34],ECX
004C19C4 |. 8B45 CC MOV EAX,DWORD PTR SS:[EBP-34]
004C19C7 |. 8B55 D0 MOV EDX,DWORD PTR SS:[EBP-30]
004C19CA |. 8B12 MOV EDX,DWORD PTR DS:[EDX]《=Stack DS:[0012ff7c]=010b278c,ASCII 为机器码2040821
004C19CC |. E8 F724FFFF CALL dfcg.004B3EC8
004C19D1 |. 66:C745 E4 200>MOV WORD PTR SS:[EBP-1C],20
004C19D7 |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
004C19DA |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004C19DD |. E8 5AFDFFFF CALL dfcg.004C173C
004C19E2 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004C19E5 |. 66:C745 E4 2C0>MOV WORD PTR SS:[EBP-1C],2C
004C19EB |. 50 PUSH EAX
004C19EC |. FF4D F0 DEC DWORD PTR SS:[EBP-10]
004C19EF |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004C19F2 |. BA 02000000 MOV EDX,2
004C19F7 |. E8 10FDFFFF CALL dfcg.004C170C
004C19FC |. 58 POP EAX
004C19FD |. 66:C745 E4 200>MOV WORD PTR SS:[EBP-1C],20
004C1A03 |. FF45 F0 INC DWORD PTR SS:[EBP-10]
004C1A06 |. 8B55 D4 MOV EDX,DWORD PTR SS:[EBP-2C]
004C1A09 |. 64:67:8916 000>MOV DWORD PTR FS:[0],EDX
004C1A0F |. 5B POP EBX
004C1A10 |. 8BE5 MOV ESP,EBP
004C1A12 |. 5D POP EBP
004C1A13 \. C3 RETN
===========================================================================================

00401F8D . 8D85 7CFFFFFF LEA EAX,DWORD PTR SS:[EBP-84]
00401F93 . 50 PUSH EAX
00401F94 . BA 0D614D00 MOV EDX,dfcg.004D610D ; ASCII " "
00401F99 . 8D85 78FFFFFF LEA EAX,DWORD PTR SS:[EBP-88]
00401F9F . E8 54F60B00 CALL dfcg.004C15F8
00401FA4 . FF85 34FFFFFF INC DWORD PTR SS:[EBP-CC]
00401FAA . 33C9 XOR ECX,ECX
00401FAC . 898D 74FFFFFF MOV DWORD PTR SS:[EBP-8C],ECX
00401FB2 . 8D8D 74FFFFFF LEA ECX,DWORD PTR SS:[EBP-8C]
00401FB8 . FF85 34FFFFFF INC DWORD PTR SS:[EBP-CC]
00401FBE . 8D95 78FFFFFF LEA EDX,DWORD PTR SS:[EBP-88]
00401FC4 . 58 POP EAX
00401FC5 . E8 86F70B00 CALL dfcg.004C1750
00401FCA . 8D95 74FFFFFF LEA EDX,DWORD PTR SS:[EBP-8C]
00401FD0 . 8B02 MOV EAX,DWORD PTR DS:[EDX]
00401FD2 . 50 PUSH EAX
00401FD3 . BA 13614D00 MOV EDX,dfcg.004D6113
00401FD8 . 8D85 70FFFFFF LEA EAX,DWORD PTR SS:[EBP-90]
00401FDE . E8 15F60B00 CALL dfcg.004C15F8
00401FE3 . FF85 34FFFFFF INC DWORD PTR SS:[EBP-CC]
00401FE9 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
00401FEB . 52 PUSH EDX
00401FEC . BA EC604D00 MOV EDX,dfcg.004D60EC
00401FF1 . 8D45 80 LEA EAX,DWORD PTR SS:[EBP-80]
00401FF4 . E8 FFF50B00 CALL dfcg.004C15F8
00401FF9 . FF85 34FFFFFF INC DWORD PTR SS:[EBP-CC] ; |
00401FFF . 8B00 MOV EAX,DWORD PTR DS:[EAX] ; |
00402001 . 59 POP ECX ; |
00402002 . 5A POP EDX ; |
00402003 . E8 4C4B0600 CALL dfcg.00466B54《=出现注册对话框 \dfcg.00466B54 00402008 . 8D85 6CFFFFFF LEA EAX,DWORD PTR SS:[EBP-94]
0040200E . 8B00 MOV EAX,DWORD PTR DS:[EAX]《=假码入EAX
00402010 . E8 AF030A00 CALL dfcg.004A23C4《=逐位取假码并转换为16进制放EAX
00402015 . 8BF8 MOV EDI,EAX《=EAX=76ADF1=7777777(假码)
00402017 . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC]
0040201D . 8D85 6CFFFFFF LEA EAX,DWORD PTR SS:[EBP-94]
00402023 . BA 02000000 MOV EDX,2
00402028 . E8 DFF60B00 CALL dfcg.004C170C======================
0040202D . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC] 我看不出这些CALL在做什么!
00402033 . 8D85 70FFFFFF LEA EAX,DWORD PTR SS:[EBP-90]
00402039 . BA 02000000 MOV EDX,2
0040203E . E8 C9F60B00 CALL dfcg.004C170C
00402043 . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC]
00402049 . 8D85 74FFFFFF LEA EAX,DWORD PTR SS:[EBP-8C]
0040204F . BA 02000000 MOV EDX,2
00402054 . E8 B3F60B00 CALL dfcg.004C170C
00402059 . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC]
0040205F . 8D85 78FFFFFF LEA EAX,DWORD PTR SS:[EBP-88]
00402065 . BA 02000000 MOV EDX,2
0040206A . E8 9DF60B00 CALL dfcg.004C170C
0040206F . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC]
00402075 . 8D85 7CFFFFFF LEA EAX,DWORD PTR SS:[EBP-84]
0040207B . BA 02000000 MOV EDX,2
00402080 . E8 87F60B00 CALL dfcg.004C170C
00402085 . FF8D 34FFFFFF DEC DWORD PTR SS:[EBP-CC]
0040208B . 8D45 80 LEA EAX,DWORD PTR SS:[EBP-80]
0040208E . BA 02000000 MOV EDX,2
00402093 . E8 74F60B00 CALL dfcg.004C170C======================
00402098 . 66:C785 28FFFF>MOV WORD PTR SS:[EBP-D8],128
004020A1 . 3BDF CMP EBX,EDI《=比较真假码,EDI=76ADF1=7777777(假码),EBX=01122B66=17967974(真码)
004020A3 . 0F85 F2000000 JNZ dfcg.0040219B
内存注册机
中断地址 4020A1
中断次数 1
第一字节 3B
指令长度 2
寄存器方式》EBX》十进制


ID=压力锅2

    
    
     
    
    
     

相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么

文章评论
发表评论

热门文章 去除winrar注册框方法

最新文章 比特币病毒怎么破解 比去除winrar注册框方法 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)通过Access破解MSSQL获得数据

人气排行 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)qq相册密码破解方法去除winrar注册框方法(适应任何版本)怎么用手机破解收费游戏华为无线猫HG522破解如何给软件脱壳基础教程