160个CrackMe[31 cracking4all.2]算法分析+注册机源码
160个CrackMe算法分析+注册机源码学习分析算法以及Delphi内联汇编编写注册机
00455535|.8B43 08 mov eax,dword ptr ds: ;ds:=00964D14, (ASCII "Form1")
00455538|.E8 27E5FAFF call fireworx.00403A64
0045553D|.85C0 test eax,eax ;字符串长度=5
0045553F|.0F8C 1B010000 jl fireworx.00455660
00455545|.40 inc eax ;长度+1
00455546|.8945 E8 mov ,eax ;下面循环处理的次数=6
00455549|.33FF xor edi,edi
0045554B|>8BF7 /mov esi,edi
0045554D|.C1EE 0E |shr esi,0xE
00455550|.33F7 |xor esi,edi
00455552|.81C6 A0212F00 |add esi,0x2F21A0 ;ESI循环6次,取值分别是0,1,2,3,4,5
00455558|.81C6 CE950700 |add esi,0x795CE
0045555E|.8D55 F8 |lea edx,
00455561|.8BC6 |mov eax,esi ;ESI=0时 用于处理的初始esi=0036B76E 10进制 3585902注册码数据1
00455563|.E8 0021FBFF |call fireworx.00407668
00455568|.8BC6 |mov eax,esi
0045556A|.B9 49000000 |mov ecx,0x49
0045556F|.99 |cdq
00455570|.F7F9 |idiv ecx
00455572 2D BA0B0000 |sub eax,0xBBA
00455577|.8945 EC |mov ,eax ;注册码数据2eax=0000B427 10进制 46119
0045557A|.8D55 F4 |lea edx,
0045557D|.8B45 EC |mov eax,
00455580|.E8 E320FBFF |call fireworx.00407668
00455585|.8BC6 |mov eax,esi ;用于处理的初始esi=0036B76E
00455587|.B9 30010000 |mov ecx,0x130
0045558C|.99 |cdq
0045558D|.F7F9 |idiv ecx
0045558F|.C1E0 02 |shl eax,0x2 ;eax=00002E13
00455592|.8D0480 |lea eax,dword ptr ds: ;EAX=EAX*5=B84C*5=3997c
00455595|.3345 EC |xor eax, ;堆栈 ss:=0000B427EAX=3997C
00455598|.05 0F010000 |add eax,0x10F ;eax=00032D5B 10进制208219 +0x10f
0045559D|.83E8 00 |sub eax,0x0 ;EAX=32E6A10进制 208490 注册码数据3
004555A0|.8BF0 |mov esi,eax
004555A2|.8D55 F0 |lea edx,
004555A5|.8BC6 |mov eax,esi
004555A7|.E8 BC20FBFF |call fireworx.00407668
004555AC|.8D55 E4 |lea edx,
004555AF|.8B83 CC020000 |mov eax,dword ptr ds:
004555B5|.E8 EADFFCFF |call fireworx.004235A4
004555BA|.8B45 E4 |mov eax,
004555BD|.50 |push eax
004555BE|.8D55 DC |lea edx,
004555C1|.8B83 D8020000 |mov eax,dword ptr ds:
004555C7|.E8 D8DFFCFF |call fireworx.004235A4
004555CC|.FF75 DC |push ;固定字符串(ASCII "VL -")
004555CF|.68 A0564500 |push fireworx.004556A0 ;固定字符串 " -"
004555D4|.FF75 F8 |push ;处理结果1 (ASCII "3585902")
004555D7|.68 AC564500 |push fireworx.004556AC ;固定字符串".."
004555DC|.FF75 F4 |push ;堆栈 ss:=0096664C, (ASCII "46119")
004555DF|.68 B8564500 |push fireworx.004556B8 ;固定字符串".-"
004555E4|.FF75 F0 |push ;堆栈 ss:=00966660, (ASCII "208490")
004555E7|.68 C4564500 |push fireworx.004556C4 ;固定字符串"."
004555EC|.8D45 E0 |lea eax,
004555EF|.BA 08000000 |mov edx,0x8
004555F4|.E8 2BE5FAFF |call fireworx.00403B24
004555F9|.8B55 E0 |mov edx, ;连接后的结果就是注册码 (ASCII "VL - -3585902..46119.-208490.")
注册机源码
procedure TForm1.Button1Click(Sender: TObject);
var
a,a1,a2,a3:integer;
begin
randomize;
a:=random(6);
asm
pushad
mov esi,a
add esi,$2f21a0
add esi,$795ce
mov a1,esi
mov eax,esi
mov ecx,$49
cdq
idiv ecx
sub eax,$bba
mov a2,eax
mov esi,a1
mov eax,esi
mov ecx,$130
cdq
idiv ecx
lea eax,dword ptr ds:
shl eax,2
xor eax,a2
add eax,$10f
mov a3,eax
popad
end;
Edit1.Text:='VL - -'+inttostr(a1)+'..'+inttostr(a2)+'.-'+inttostr(a3)+'.';
end;
学习了,谢谢楼主!
感谢楼主分享
160个Cm我能玩转的好少
感谢楼主分享新技能!努力学习ing! 真是太感谢了 感谢楼主分享 感谢!马上就试试! 感谢分享,有备无患
页:
[1]
2