一款益智类拼图游戏的注册算法分析(附:成品注册机)
【文章标题】:一款益智类拼图游戏的注册算法分析(附:成品注册机)【文章作者】:pj2020
【软件名称】:B-Jigsaw (拼图) 7.7【软件大小】:1.69 MB
【保护方式】:注册码
【下载地址】:见附件
【加壳方式】:无壳
【编写工具】:Borland C++
【逆向工具】:PEID、OD
【操作平台】:盗版XP3
【作者声明】:只是感兴趣,没有其他目的
【软件简介】: 非常好玩的一流的拼图游戏,界面简单、容易上手。支持BMP和JPG两种图片格式创建拼图,并能生成锯齿状拼图。可以自已调整难度和拼图大小。自带打印功能,可以自己定义背景音乐(MID和MP3)和音效。还可以通过它生成一个单个图片的拼图游戏送给朋友。是送MM的极品游戏。
【思路方法】:一、查壳:无壳
二、试用版本试用十天。试注册:User name:abcde Registration code:123456789错误提示:Invalid user name or registration code.
三、下断点:MessageBoxA:
点击注册按钮断下后,F8单步走,
走到00411070这里弹出注册框,输入注册信息,点确定断下:
走到004110EC,此CALL为算法部分,F7进入:
进入算法部分(重点):
004116E8 $55 push ebp
004116E9 .8BEC mov ebp,esp
004116EB .83C4 8C add esp,-0x74
004116EE .B8 38634D00 mov eax,bjigsaw.004D6338
004116F3 .53 push ebx
004116F4 .56 push esi
004116F5 .57 push edi
004116F6 .894D BC mov dword ptr ss:,ecx
004116F9 .8955 F8 mov dword ptr ss:,edx ;用户名 "abcde"
004116FC .E8 F3450B00 call bjigsaw.004C5CF4
00411701 .C745 B4 01000>mov dword ptr ss:,0x1
00411708 .8D55 F8 lea edx,dword ptr ss:
0041170B .8D45 F8 lea eax,dword ptr ss:
0041170E .E8 D9F60B00 call bjigsaw.004D0DEC
00411713 .FF45 B4 inc dword ptr ss:
00411716 .66:C745 A8 08>mov word ptr ss:,0x8
0041171C .8D45 F8 lea eax,dword ptr ss:
0041171F .E8 04F90B00 call bjigsaw.004D1028
00411724 .83F8 08 cmp eax,0x8 ;比较用户名长度是否大于8
00411727 .7F 5E jg short bjigsaw.00411787
00411729 .66:C745 A8 14>mov word ptr ss:,0x14
0041172F .33D2 xor edx,edx
00411731 .8955 EC mov dword ptr ss:,edx
00411734 .8D4D EC lea ecx,dword ptr ss:
00411737 .FF45 B4 inc dword ptr ss:
0041173A .BA 08000000 mov edx,0x8
0041173F .B0 20 mov al,0x20
00411741 .E8 02F90B00 call bjigsaw.004D1048
00411746 .8D55 EC lea edx,dword ptr ss:
00411749 .33C0 xor eax,eax
0041174B .8945 E8 mov dword ptr ss:,eax
0041174E .8D4D E8 lea ecx,dword ptr ss:
00411751 .FF45 B4 inc dword ptr ss:
00411754 .8D45 F8 lea eax,dword ptr ss:
00411757 .E8 B4F70B00 call bjigsaw.004D0F10
0041175C .8D55 E8 lea edx,dword ptr ss:
0041175F .8D45 F8 lea eax,dword ptr ss:
00411762 .E8 81F70B00 call bjigsaw.004D0EE8
00411767 .FF4D B4 dec dword ptr ss:
0041176A .8D45 E8 lea eax,dword ptr ss:
0041176D .BA 02000000 mov edx,0x2
00411772 .E8 41F70B00 call bjigsaw.004D0EB8 ;若用户名长度小于等于8,则补8个空格 "abcde "
00411777 .FF4D B4 dec dword ptr ss:
0041177A .8D45 EC lea eax,dword ptr ss:
0041177D .BA 02000000 mov edx,0x2
00411782 .E8 31F70B00 call bjigsaw.004D0EB8
00411787 >E8 44FF0B00 call <jmp.&KERNEL32.GetTickCount> ; [GetTickCount
0041178C .8945 94 mov dword ptr ss:,eax
0041178F .66:C745 A8 08>mov word ptr ss:,0x8
00411795 .B8 01000000 mov eax,0x1
0041179A >40 inc eax
0041179B .83F8 64 cmp eax,0x64
0041179E .^ 7C FA jl short bjigsaw.0041179A
004117A0 .E8 2BFF0B00 call <jmp.&KERNEL32.GetTickCount> ; [GetTickCount
004117A5 .8B55 94 mov edx,dword ptr ss: ;bjigsaw.00524BB0
004117A8 .2BC2 sub eax,edx
004117AA .3D E8030000 cmp eax,0x3E8 ;eax=0001817F
004117AF .76 0D jbe short bjigsaw.004117BE
004117B1 .8B0D FCDF4D00 mov ecx,dword ptr ds: ;bjigsaw.004DE7AC
004117B7 .8B01 mov eax,dword ptr ds:
004117B9 .E8 06200700 call bjigsaw.004837C4
004117BE >66:C745 A8 08>mov word ptr ss:,0x8
004117C4 .66:C745 A8 20>mov word ptr ss:,0x20
004117CA .33C0 xor eax,eax
004117CC .BB 01000000 mov ebx,0x1
004117D1 .8945 F4 mov dword ptr ss:,eax
004117D4 .FF45 B4 inc dword ptr ss:
004117D7 .83FB 08 cmp ebx,0x8
004117DA .66:C745 A8 08>mov word ptr ss:,0x8
004117E0 .0F8F 4A020000 jg bjigsaw.00411A30
004117E6 >8B3D 50584D00 mov edi,dword ptr ds: ;19位固定字串:awgsJiBtAANrPNYOntA
004117EC .57 push edi
004117ED .E8 36420B00 call bjigsaw.004C5A28
004117F2 .59 pop ecx ;
004117F3 .50 push eax
004117F4 .8BC3 mov eax,ebx
004117F6 .5A pop edx ;
004117F7 .8BCA mov ecx,edx ;edx=00000013
004117F9 .33D2 xor edx,edx
004117FB .F7F1 div ecx
004117FD .8A0417 mov al,byte ptr ds: ;取前4位固定字串的双数位al=77 ('w')/=73 ('s')/=69 ('i')/=74 ('t')
00411800 .50 push eax
00411801 .8BF3 mov esi,ebx
00411803 .56 push esi
00411804 .8D45 F8 lea eax,dword ptr ss:
00411807 .50 push eax
00411808 .E8 23F50B00 call bjigsaw.004D0D30
0041180D .83C4 08 add esp,0x8
00411810 .8D45 F8 lea eax,dword ptr ss:
00411813 .E8 A4F90B00 call bjigsaw.004D11BC
00411818 .8B55 F8 mov edx,dword ptr ss: ;新用户名(ASCII "abcde ")
0041181B .03F2 add esi,edx
0041181D .4E dec esi
0041181E .58 pop eax ;
0041181F .8A16 mov dl,byte ptr ds: ;取前4位新用户名的单数位dl=61 ('a')/=63 ('c')/=65 ('e')/=20 (' ')
00411821 .32C2 xor al,dl ;二者进行异或
00411823 .0FBEC0 movsx eax,al
00411826 .66:C745 A8 08>mov word ptr ss:,0x8
0041182C .85C0 test eax,eax
0041182E . /7D 02 jge short bjigsaw.00411832 ;异或结果是否大于等于0
00411830 . |F7D8 neg eax ;如果eax小于0,异或结果求补
00411832 >66:C745 A8 38>mov word ptr ss:,0x38
00411838 .33D2 xor edx,edx
0041183A .8955 E4 mov dword ptr ss:,edx
0041183D .8D55 E4 lea edx,dword ptr ss:
00411840 .FF45 B4 inc dword ptr ss:
00411843 .E8 38950A00 call bjigsaw.004BAD80
00411848 .66:C745 A8 2C>mov word ptr ss:,0x2C
0041184E .8D45 E4 lea eax,dword ptr ss:
00411851 .E8 D2F70B00 call bjigsaw.004D1028
00411856 .48 dec eax
00411857 .7E 22 jle short bjigsaw.0041187B
00411859 .6A 02 push 0x2
0041185B .8D4D E4 lea ecx,dword ptr ss:
0041185E .51 push ecx
0041185F .E8 CCF40B00 call bjigsaw.004D0D30
00411864 .83C4 08 add esp,0x8
00411867 .8D45 E4 lea eax,dword ptr ss:
0041186A .E8 4DF90B00 call bjigsaw.004D11BC ;
0041186F .8B55 E4 mov edx,dword ptr ss: ;取上面异或结果转十进制的前两位
00411872 .42 inc edx
00411873 .0FBE0A movsx ecx,byte ptr ds: ;依次取第二位:
00411876 .83F9 30 cmp ecx,0x30 ;判断第二位是否为0
00411879 .75 56 jnz short bjigsaw.004118D1
0041187B >66:C745 A8 44>mov word ptr ss:,0x44
00411881 .8D45 E0 lea eax,dword ptr ss:
00411884 .B2 31 mov dl,0x31 ;dl=0x31
00411886 .E8 9DF50B00 call bjigsaw.004D0E28 ;如果第二位为0,则用1代替0
0041188B .FF45 B4 inc dword ptr ss:
0041188E .33C0 xor eax,eax
00411890 .8945 DC mov dword ptr ss:,eax
00411893 .8D45 F4 lea eax,dword ptr ss:
00411896 .FF45 B4 inc dword ptr ss:
00411899 .8D55 E0 lea edx,dword ptr ss:
0041189C .8D4D DC lea ecx,dword ptr ss:
0041189F .E8 6CF60B00 call bjigsaw.004D0F10
004118A4 .8D55 DC lea edx,dword ptr ss:
004118A7 .8D45 F4 lea eax,dword ptr ss:
004118AA .E8 39F60B00 call bjigsaw.004D0EE8
004118AF .FF4D B4 dec dword ptr ss:
004118B2 .8D45 DC lea eax,dword ptr ss:
004118B5 .BA 02000000 mov edx,0x2
004118BA .E8 F9F50B00 call bjigsaw.004D0EB8
004118BF .FF4D B4 dec dword ptr ss:
004118C2 .8D45 E0 lea eax,dword ptr ss:
004118C5 .BA 02000000 mov edx,0x2
004118CA .E8 E9F50B00 call bjigsaw.004D0EB8
004118CF .EB 6E jmp short bjigsaw.0041193F
004118D1 >66:C745 A8 50>mov word ptr ss:,0x50
004118D7 .6A 02 push 0x2
004118D9 .8D4D E4 lea ecx,dword ptr ss:
004118DC .51 push ecx
004118DD .E8 4EF40B00 call bjigsaw.004D0D30
004118E2 .83C4 08 add esp,0x8
004118E5 .8D45 E4 lea eax,dword ptr ss:
004118E8 .E8 CFF80B00 call bjigsaw.004D11BC
004118ED .8B55 E4 mov edx,dword ptr ss: ;
004118F0 .8D45 D8 lea eax,dword ptr ss:
004118F3 .42 inc edx
004118F4 .8A12 mov dl,byte ptr ds: ;
004118F6 .E8 2DF50B00 call bjigsaw.004D0E28
004118FB .FF45 B4 inc dword ptr ss:
004118FE .33C0 xor eax,eax
00411900 .8945 D4 mov dword ptr ss:,eax
00411903 .8D45 F4 lea eax,dword ptr ss:
00411906 .FF45 B4 inc dword ptr ss:
00411909 .8D55 D8 lea edx,dword ptr ss:
0041190C .8D4D D4 lea ecx,dword ptr ss:
0041190F .E8 FCF50B00 call bjigsaw.004D0F10
00411914 .8D55 D4 lea edx,dword ptr ss:
00411917 .8D45 F4 lea eax,dword ptr ss:
0041191A .E8 C9F50B00 call bjigsaw.004D0EE8
0041191F .FF4D B4 dec dword ptr ss:
00411922 .8D45 D4 lea eax,dword ptr ss:
00411925 .BA 02000000 mov edx,0x2
0041192A .E8 89F50B00 call bjigsaw.004D0EB8
0041192F .FF4D B4 dec dword ptr ss:
00411932 .8D45 D8 lea eax,dword ptr ss:
00411935 .BA 02000000 mov edx,0x2
0041193A .E8 79F50B00 call bjigsaw.004D0EB8
0041193F >8D45 E4 lea eax,dword ptr ss:
00411942 .E8 E1F60B00 call bjigsaw.004D1028
00411947 .85C0 test eax,eax
00411949 .7F 56 jg short bjigsaw.004119A1
0041194B .66:C745 A8 5C>mov word ptr ss:,0x5C
00411951 .8D45 D0 lea eax,dword ptr ss:
00411954 .B2 31 mov dl,0x31
00411956 .E8 CDF40B00 call bjigsaw.004D0E28
0041195B .FF45 B4 inc dword ptr ss:
0041195E .33C0 xor eax,eax
00411960 .8945 CC mov dword ptr ss:,eax
00411963 .8D45 F4 lea eax,dword ptr ss:
00411966 .FF45 B4 inc dword ptr ss:
00411969 .8D55 D0 lea edx,dword ptr ss:
0041196C .8D4D CC lea ecx,dword ptr ss:
0041196F .E8 9CF50B00 call bjigsaw.004D0F10
00411974 .8D55 CC lea edx,dword ptr ss:
00411977 .8D45 F4 lea eax,dword ptr ss:
0041197A .E8 69F50B00 call bjigsaw.004D0EE8
0041197F .FF4D B4 dec dword ptr ss:
00411982 .8D45 CC lea eax,dword ptr ss:
00411985 .BA 02000000 mov edx,0x2
0041198A .E8 29F50B00 call bjigsaw.004D0EB8
0041198F .FF4D B4 dec dword ptr ss:
00411992 .8D45 D0 lea eax,dword ptr ss:
00411995 .BA 02000000 mov edx,0x2
0041199A .E8 19F50B00 call bjigsaw.004D0EB8
0041199F .EB 6D jmp short bjigsaw.00411A0E
004119A1 >66:C745 A8 68>mov word ptr ss:,0x68
004119A7 .6A 01 push 0x1
004119A9 .8D4D E4 lea ecx,dword ptr ss:
004119AC .51 push ecx
004119AD .E8 7EF30B00 call bjigsaw.004D0D30
004119B2 .83C4 08 add esp,0x8
004119B5 .8D45 E4 lea eax,dword ptr ss:
004119B8 .E8 FFF70B00 call bjigsaw.004D11BC
004119BD .8B55 E4 mov edx,dword ptr ss: ;
004119C0 .8D45 C8 lea eax,dword ptr ss:
004119C3 .8A12 mov dl,byte ptr ds: ; 依次取第一位:
004119C5 .E8 5EF40B00 call bjigsaw.004D0E28
004119CA .FF45 B4 inc dword ptr ss:
004119CD .33C0 xor eax,eax
004119CF .8945 C4 mov dword ptr ss:,eax
004119D2 .8D45 F4 lea eax,dword ptr ss:
004119D5 .FF45 B4 inc dword ptr ss:
004119D8 .8D55 C8 lea edx,dword ptr ss:
004119DB .8D4D C4 lea ecx,dword ptr ss:
004119DE .E8 2DF50B00 call bjigsaw.004D0F10
004119E3 .8D55 C4 lea edx,dword ptr ss:
004119E6 .8D45 F4 lea eax,dword ptr ss:
004119E9 .E8 FAF40B00 call bjigsaw.004D0EE8
004119EE .FF4D B4 dec dword ptr ss:
004119F1 .8D45 C4 lea eax,dword ptr ss:
004119F4 .BA 02000000 mov edx,0x2
004119F9 .E8 BAF40B00 call bjigsaw.004D0EB8 ;反向相连接:ASCII "22612148"
004119FE .FF4D B4 dec dword ptr ss:
00411A01 .8D45 C8 lea eax,dword ptr ss:
00411A04 .BA 02000000 mov edx,0x2
00411A09 .E8 AAF40B00 call bjigsaw.004D0EB8
00411A0E >83C3 02 add ebx,0x2
00411A11 .FF4D B4 dec dword ptr ss:
00411A14 .8D45 E4 lea eax,dword ptr ss:
00411A17 .BA 02000000 mov edx,0x2
00411A1C .E8 97F40B00 call bjigsaw.004D0EB8
00411A21 .66:C745 A8 08>mov word ptr ss:,0x8
00411A27 .83FB 08 cmp ebx,0x8
00411A2A .^ 0F8E B6FDFFFF jle bjigsaw.004117E6
00411A30 >E8 9BFC0B00 call <jmp.&KERNEL32.GetTickCount> ; [GetTickCount
00411A35 .8B4D 94 mov ecx,dword ptr ss: ;bjigsaw.00524BB0
00411A38 .2BC1 sub eax,ecx
00411A3A .3D E8030000 cmp eax,0x3E8
00411A3F .76 0C jbe short bjigsaw.00411A4D
00411A41 .A1 FCDF4D00 mov eax,dword ptr ds:
00411A46 .8B00 mov eax,dword ptr ds:
00411A48 .E8 771D0700 call bjigsaw.004837C4
00411A4D >66:C745 A8 74>mov word ptr ss:,0x74
00411A53 .8B45 F4 mov eax,dword ptr ss: ;
00411A56 .E8 55930A00 call bjigsaw.004BADB0
00411A5B .66:C745 A8 08>mov word ptr ss:,0x8
00411A61 .8BF0 mov esi,eax
00411A63 .EB 0D jmp short bjigsaw.00411A72
00411A65 .33F6 xor esi,esi
00411A67 .66:C745 A8 7C>mov word ptr ss:,0x7C
00411A6D .E8 F8C50B00 call bjigsaw.004CE06A
00411A72 >66:C745 A8 08>mov word ptr ss:,0x8
00411A78 .BB 01000000 mov ebx,0x1
00411A7D .EB 2E jmp short bjigsaw.00411AAD
00411A7F >8BFB mov edi,ebx
00411A81 .57 push edi
00411A82 .8D45 F8 lea eax,dword ptr ss:
00411A85 .50 push eax
00411A86 .E8 A5F20B00 call bjigsaw.004D0D30
00411A8B .83C4 08 add esp,0x8
00411A8E .8D45 F8 lea eax,dword ptr ss:
00411A91 .E8 26F70B00 call bjigsaw.004D11BC
00411A96 .8B55 F8 mov edx,dword ptr ss: ;新用户名 "abcde "
00411A99 .8D041B lea eax,dword ptr ds: ;eax=ebx*2
00411A9C .03FA add edi,edx
00411A9E .8D53 FF lea edx,dword ptr ds: ;edx=ebx-1
00411AA1 .F7EA imul edx ;eax=eax*edx
00411AA3 .4F dec edi
00411AA4 .0FBE0F movsx ecx,byte ptr ds: ;ecx=依次取新用户名 "abcde "ASC码
00411AA7 .0FAFC8 imul ecx,eax ;ecx=ecx*eax
00411AAA .03F1 add esi,ecx ;esi=esi+ecx
00411AAC .43 inc ebx
00411AAD >8D45 F8 lea eax,dword ptr ss:
00411AB0 .E8 73F50B00 call bjigsaw.004D1028
00411AB5 .3BD8 cmp ebx,eax ;eax=0000000D
00411AB7 .^ 7E C6 jle short bjigsaw.00411A7F
00411AB9 .E8 12FC0B00 call <jmp.&KERNEL32.GetTickCount> ; [GetTickCount
00411ABE .8B55 94 mov edx,dword ptr ss: ;bjigsaw.00524BB0
00411AC1 .2BC2 sub eax,edx
00411AC3 .3D E8030000 cmp eax,0x3E8
00411AC8 .76 0D jbe short bjigsaw.00411AD7
00411ACA .8B0D FCDF4D00 mov ecx,dword ptr ds: ;bjigsaw.004DE7AC
00411AD0 .8B01 mov eax,dword ptr ds:
00411AD2 .E8 ED1C0700 call bjigsaw.004837C4
00411AD7 >66:C745 A8 08>mov word ptr ss:,0x8
00411ADD .BB 01000000 mov ebx,0x1
00411AE2 .E9 93000000 jmp bjigsaw.00411B7A
00411AE7 > /8BFB mov edi,ebx ;
00411AE9 . |57 push edi
00411AEA . |8D45 F8 lea eax,dword ptr ss:
00411AED . |50 push eax
00411AEE . |E8 3DF20B00 call bjigsaw.004D0D30
00411AF3 . |83C4 08 add esp,0x8
00411AF6 . |8D45 F8 lea eax,dword ptr ss:
00411AF9 . |E8 BEF60B00 call bjigsaw.004D11BC
00411AFE . |8B55 F8 mov edx,dword ptr ss: ;新用户名 "abcde "
00411B01 . |03FA add edi,edx
00411B03 . |4F dec edi
00411B04 .0FBE0F movsx ecx,byte ptr ds: ;ecx=依次取新用户名 "abcde "ASC码
00411B07 .8BC1 mov eax,ecx ;eax=ecx
00411B09 .895D 90 mov dword ptr ss:,ebx ;ebx=00000001/2...6...D
00411B0C .C1E0 03 shl eax,0x3 ;eax左移3位
00411B0F .8B55 90 mov edx,dword ptr ss:
00411B12 .2BC1 sub eax,ecx ;eax=eax-ecx
00411B14 .8D4D F8 lea ecx,dword ptr ss:
00411B17 .52 push edx
00411B18 .51 push ecx
00411B19 .03F0 add esi,eax ;esi=esi+eax
00411B1B .E8 10F20B00 call bjigsaw.004D0D30
00411B20 .83C4 08 add esp,0x8
00411B23 .8D45 F8 lea eax,dword ptr ss:
00411B26 .E8 91F60B00 call bjigsaw.004D11BC
00411B2B .8B55 90 mov edx,dword ptr ss:
00411B2E .8B4D F8 mov ecx,dword ptr ss:
00411B31 .03D1 add edx,ecx
00411B33 .4A dec edx
00411B34 .0FBE02 movsx eax,byte ptr ds: ;eax=依次取新用户名 "abcde "ASC码
00411B37 .8BD0 mov edx,eax ;edx=eax
00411B39 .895D 8C mov dword ptr ss:,ebx
00411B3C .C1E2 04 shl edx,0x4 ;edx左移4位
00411B3F .8B4D 8C mov ecx,dword ptr ss:
00411B42 .2BD0 sub edx,eax ;edx=edx-eax
00411B44 .51 push ecx
00411B45 .8D1490 lea edx,dword ptr ds: ;edx=eax+edx*4
00411B48 .8D45 F8 lea eax,dword ptr ss:
00411B4B .50 push eax
00411B4C .03F2 add esi,edx ;esi=esi+edx
00411B4E .E8 DDF10B00 call bjigsaw.004D0D30
00411B53 .83C4 08 add esp,0x8
00411B56 .8D45 F8 lea eax,dword ptr ss:
00411B59 .E8 5EF60B00 call bjigsaw.004D11BC
00411B5E .8B55 8C mov edx,dword ptr ss:
00411B61 .8B4D F8 mov ecx,dword ptr ss:
00411B64 .03D1 add edx,ecx
00411B66 .4A dec edx
00411B67 .0FBE02 movsx eax,byte ptr ds: ;eax=依次取新用户名 "abcde "ASC码
00411B6A .8D1440 lea edx,dword ptr ds: ;edx=eax+eax*2
00411B6D .C1E2 05 shl edx,0x5 ;edx左移5位
00411B70 .2BD0 sub edx,eax ;edx=edx-eax
00411B72 .C1E2 04 shl edx,0x4 ;edx左移4位
00411B75 .03D0 add edx,eax ;edx=edx+eax
00411B77 .03F2 add esi,edx ;esi=esi+edx
00411B79 .43 inc ebx
00411B7A >8D45 F8 lea eax,dword ptr ss:
00411B7D .E8 A6F40B00 call bjigsaw.004D1028
00411B82 .3BD8 cmp ebx,eax ;eax=0000000D
00411B84 .^ 0F8E 5DFFFFFF jle bjigsaw.00411AE7
00411B8A .E8 41FB0B00 call <jmp.&KERNEL32.GetTickCount> ; [GetTickCount
00411B8F .8B55 94 mov edx,dword ptr ss: ;bjigsaw.00524BB0
00411B92 .2BC2 sub eax,edx
00411B94 .3D E8030000 cmp eax,0x3E8
00411B99 .76 0D jbe short bjigsaw.00411BA8
00411B9B .8B0D FCDF4D00 mov ecx,dword ptr ds: ;bjigsaw.004DE7AC
00411BA1 .8B01 mov eax,dword ptr ds:
00411BA3 .E8 1C1C0700 call bjigsaw.004837C4
00411BA8 >66:C745 A8 80>mov word ptr ss:,0x80
00411BAE .BA 4A5A4D00 mov edx,bjigsaw.004D5A4A ;固定字串:"BJ"
00411BB3 .8D45 F0 lea eax,dword ptr ss:
00411BB6 .E8 F9F10B00 call bjigsaw.004D0DB4
00411BBB .FF45 B4 inc dword ptr ss:
00411BBE .33D2 xor edx,edx
00411BC0 .66:C745 A8 08>mov word ptr ss:,0x8
00411BC6 .66:C745 A8 8C>mov word ptr ss:,0x8C
00411BCC .8955 C0 mov dword ptr ss:,edx
00411BCF .8D55 C0 lea edx,dword ptr ss:
00411BD2 .FF45 B4 inc dword ptr ss:
00411BD5 .8BC6 mov eax,esi ;eax=016C0983(23857539)
00411BD7 .E8 A4910A00 call bjigsaw.004BAD80
00411BDC .8D55 C0 lea edx,dword ptr ss:
00411BDF .8D45 F0 lea eax,dword ptr ss:
00411BE2 .E8 15F30B00 call bjigsaw.004D0EFC
00411BE7 .FF4D B4 dec dword ptr ss:
00411BEA .8D45 C0 lea eax,dword ptr ss:
00411BED .BA 02000000 mov edx,0x2
00411BF2 .E8 C1F20B00 call bjigsaw.004D0EB8
00411BF7 .66:C745 A8 98>mov word ptr ss:,0x98
00411BFD .8D55 F0 lea edx,dword ptr ss:
00411C00 .8B45 BC mov eax,dword ptr ss:
00411C03 .E8 E0F20B00 call bjigsaw.004D0EE8
00411C08 .8B45 BC mov eax,dword ptr ss:
00411C0B .BA 02000000 mov edx,0x2
00411C10 .66:C745 A8 A4>mov word ptr ss:,0xA4
00411C16 .50 push eax
00411C17 .8D45 F0 lea eax,dword ptr ss:
00411C1A .FF4D B4 dec dword ptr ss:
00411C1D .E8 96F20B00 call bjigsaw.004D0EB8
00411C22 .FF4D B4 dec dword ptr ss: ;edx现真码
00411C25 .8D45 F4 lea eax,dword ptr ss:
00411C28 .BA 02000000 mov edx,0x2 ;edx=00B0D1D0, (ASCII "BJ23857539")
00411C2D .E8 86F20B00 call bjigsaw.004D0EB8
00411C32 .FF4D B4 dec dword ptr ss:
00411C35 .8D45 F8 lea eax,dword ptr ss:
00411C38 .BA 02000000 mov edx,0x2
00411C3D .E8 76F20B00 call bjigsaw.004D0EB8
00411C42 .58 pop eax ;00B010E8
00411C43 .66:C745 A8 98>mov word ptr ss:,0x98
00411C49 .FF45 B4 inc dword ptr ss:
00411C4C .8B55 98 mov edx,dword ptr ss:
00411C4F .64:8915 00000>mov dword ptr fs:,edx
00411C56 .5F pop edi ;00B010E8
00411C57 .5E pop esi ;00B010E8
00411C58 .5B pop ebx ;00B010E8
00411C59 .8BE5 mov esp,ebp
00411C5B .5D pop ebp ;00B010E8
00411C5C .C3 retn
【算法总结】:以用户名abcde为例
一、比较用户名长度是否大于8,否则补8个空格组成新用户名;二、19位固定字串:awgsJiBtAANrPNYOntA取4位字串双数位ASC码:al=77 ('w')/=73 ('s')/=69 ('i')/=74 ('t')取4位用户名的单数位ASC码:dl=61 ('a')/=63 ('c')/=65 ('e')/=20 (' ')异或:al xor dl=77 61=16/73 63=10/69 65=0C/74 20=54异或结果转十进制的前两位:(ASCII "22")/(ASCII "16")/(ASCII "12")/(ASCII "84")/(如果异或结果小于0则要进行求补)每两位反向后连接:ASCII "22612148"三、用户名ASC码*(2/4/6/8/A/C/E/10/12/14/16/18/1A)*(0/1/2/3/4/5/6/7/8/9/A/B/C)累加1:esi=015908B4+0=015908B4/+188=01590A3C....../0159D408累加2:esi=esi+(用户名ASC码左移3位-用户名ASC码)=0159D408+2A7=0159D6AF......016B42E3+E0=016B43C3 累加3:esi+用户名ASC码+(用户名ASC码左移4位-用户名ASC码)*4=0159D6AF+171D=0159EDCC......016B43C3+7A0=016B4B6累加4:esi=esi+[(用户名ASC码*3)左移5位-用户名ASC码]左移4位+用户名ASC码:=0159EDCC+24051=015C2E1D..../016B4B63+BE20=016C0983结果016C0983转为十进制23857539,与固定字串“BJ”连成注册码。SN=字串BJ + esi= BJ23857539
几组注册码为:User name:abcdeRegistration code:BJ23857539User name:pj2020 Registration code:BJ18687394
注册信息保存在注册表:HKEY_CURRENT_USER\Software\ADCSoft\BJigsaw\UserNameHKEY_CURRENT_USER\Software\ADCSoft\BJigsaw\RegCode
【体会】:一、本程序算法部分比较清晰,没有过多的干扰代码,适合吾等新手练习。二、本程序为益智类型的拼图游戏,适于学生,其原版为英文,附件提供汉化补丁,同时提供注册机和原程序。使用时把汉化补丁解压并覆盖到安装文件夹内。
汉化后:
**** Hidden Message *****
分析的很详细,精华走一个! 感谢楼主分享 不多说 支持{:5_117:} 新手飘过,感谢分享 学习下如何搞算法 学习了,谢谢分享。。{:5_121:} 感谢分享,这是一个学算法的好教程 挖槽,牛得不要不要了。 新手飘过,来学习学习,技术!!!支持楼主!·