《超級小精靈》Ver 1.00共享版的註冊分析 (15千字)
《超級小精靈》Ver 1.00共享版的註冊分析
軟體簡介:超級小精靈主要是一個時間處理器,它主要具有如下功能:1。整點報時,您可以選擇聲音提醒,也可以選用文字提醒。也可
兩種方式都選用。2。定時提醒,可以按照 每天,每週,任何日期三種方式設定。提醒介面比較漂亮。
3。定時執行任務,
如指定時間播放音樂,執行程式,彈出文字資訊等,可以指定執行任務時的狀態,如最大化,最小化。
4。自帶一個很酷的數字表,有了它,您趕快把WIN98帶的表扔掉吧,這個表可以隨心所欲地選擇您喜愛的顏色,使用方法:在
主控制皮膚上點選 ‘顯示時鐘’選擇框,即可彈出時鐘,用右鍵點選表介面,還可彈出表的控制選單,執行其中的選項即可。
5。保護WINDOWS系統。計劃設定 :對任何您指定的子目錄進行加密,保護您的私人資訊,沒有密碼是無法開啟的。
作者地址:遼寧.鞍山鋼鐵學院計97.1班
作者姓名:鍾四化
郵政編碼:114002
電子信箱:zhongsihua@yeah.net
註冊費用:人民幣10元。(感覺此程式不錯的,請向作者註冊)
軟體下載:http://newhua.infosail.com/down/superspirit.exe
註冊分析:李海濤
分析工具:W32Dasm Ver:8.93版
TRW2000 Ver:1.23版
信箱地址:lihaitao@xaonline.com
一、先用WD32ASM8.93超級中文版進行反彙編,然後查詢,會看到:
:00406150 6689442438 mov word
ptr [esp+38], ax
:00406155 894C2414
mov dword ptr [esp+14], ecx
:00406159 0F84DF010000 je 0040633E
檢驗你輸入的註冊名和註冊碼是否符合要求
:0040615F 8B6B64
mov ebp, dword ptr [ebx+64]
:00406162 394DF8
cmp dword ptr [ebp-08], ecx
:00406165 0F84D3010000 je 0040633E
程式從這跳(或是從上面跳)!!!下去看看吧!!!
:0040616B 83FA06
cmp edx, 00000006
:0040616E 7F1A
jg 0040618A
程式到這不跳!!!笨!!!
:00406170 51
push ecx
* Possible StringData Ref from Data Obj ->" 錯誤提示 "
|
:00406171 68C4474100 push
004147C4
* Possible StringData Ref from Data Obj ->" 使用者名稱不合法 "
|
:00406176 68B0474100 push
004147B0
:0040617B 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:0040617D E8F4690000 Call
0040CB76
:00406182 5F
pop edi
:00406183 5E
pop esi
:00406184 5D
pop ebp
:00406185 5B
pop ebx
:00406186 83C42C
add esp, 0000002C
:00406189 C3
ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040616E(C)
|
:0040618A 33C0
xor eax, eax
:0040618C 8D7AFE
lea edi, dword ptr [edx-02]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004061A6(C)
|
:0040618F 8A140E
mov dl, byte ptr [esi+ecx]
:00406192 2254042C
and dl, byte ptr [esp+eax+2C]
:00406196 3BCF
cmp ecx, edi
:00406198 8854041C
mov byte ptr [esp+eax+1C], dl
:0040619C 7E03
jle 004061A1
:0040619E 49
dec ecx
:0040619F EB01
jmp 004061A2
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040619C(C)
|
:004061A1 41
inc ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040619F(U)
|
:004061A2 40
inc eax
:004061A3 83F80F
cmp eax, 0000000F
:004061A6 7CE7
jl 0040618F
:004061A8 C644242A00 mov [esp+2A],
00
:004061AD 33D2
xor edx, edx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004061F7(C)
|
:004061AF 8A4C141C
mov cl, byte ptr [esp+edx+1C]
:004061B3 0FBEC1
movsx eax, cl
:004061B6 83E830
sub eax, 00000030
:004061B9 790B
jns 004061C6
:004061BB 8A4C141D
mov cl, byte ptr [esp+edx+1D]
:004061BF 2AC8
sub cl, al
:004061C1 80C102
add cl, 02
:004061C4 EB29
jmp 004061EF
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004061B9(C)
|
:004061C6 83F84A
cmp eax, 0000004A
:004061C9 7E08
jle 004061D3
:004061CB 8A4C141D
mov cl, byte ptr [esp+edx+1D]
:004061CF 2AC8
sub cl, al
:004061D1 EB1C
jmp 004061EF
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004061C9(C)
|
:004061D3 83F80A
cmp eax, 0000000A
:004061D6 7C0A
jl 004061E2
:004061D8 83F810
cmp eax, 00000010
:004061DB 7F05
jg 004061E2
:004061DD 80C10A
add cl, 0A
:004061E0 EB0D
jmp 004061EF
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004061D6(C), :004061DB(C)
|
:004061E2 83F82B
cmp eax, 0000002B
:004061E5 7C0C
jl 004061F3
:004061E7 83F830
cmp eax, 00000030
:004061EA 7F07
jg 004061F3
:004061EC 80C114
add cl, 14
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004061C4(U), :004061D1(U), :004061E0(U)
|
:004061EF 884C141C
mov byte ptr [esp+edx+1C], cl
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004061E5(C), :004061EA(C)
|
:004061F3 42
inc edx
:004061F4 83FA0E
cmp edx, 0000000E
:004061F7 7CB6
jl 004061AF
:004061F9 33C0
xor eax, eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00406210(C)
|
:004061FB 0FBE1428
movsx edx, byte ptr [eax+ebp] D EAX+EBP=你輸入的註冊碼
:004061FF 0FBE4C041C movsx
ecx, byte ptr [esp+eax+1C] D ESP+EAX+1C=正確的註冊碼
:00406204 2BD1
sub edx, ecx 依次對比註冊碼
:00406206 0F850E010000 jne 0040631A
此處一跳,死!!!
改:909090909090 (暴力)
:0040620C 40
inc eax
:0040620D 83F80E
cmp eax, 0000000E 對比14位註冊碼
:00406210 7CE9
jl 004061FB
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040631D(C)
|
* Reference To: ADVAPI32.RegOpenKeyExA, Ord:0172h
|
:00406212 8B350CF04000 mov esi, dword
ptr [0040F00C]
:00406218 8D542410
lea edx, dword ptr [esp+10]
:0040621C 52
push edx
:0040621D 6806000200 push
00020006
:00406222 6A00
push 00000000
* Possible StringData Ref from Data Obj ->"Software\Microsoft\Windows"
|
:00406224 6894474100 push
00414794
:00406229 6801000080 push
80000001
:0040622E FFD6
call esi
:00406230 85C0
test eax, eax
:00406232 7410
je 00406244
:00406234 6A00
push 00000000
:00406236 6A00
push 00000000
* Possible StringData Ref from Data Obj ->" 儲存資料失敗! "
|
:00406238 68EC404100 push
004140EC
:0040623D 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:0040623F E832690000 Call
0040CB76
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00406232(C)
|
:00406244 8D442418
lea eax, dword ptr [esp+18]
:00406248 50
push eax
:00406249 6806000200 push
00020006
:0040624E 6A00
push 00000000
* Possible StringData Ref from Data Obj ->"System"
|
:00406250 688C474100 push
0041478C
:00406255 6802000080 push
80000002
:0040625A FFD6
call esi
:0040625C 85C0
test eax, eax
:0040625E 7410
je 00406270
:00406260 6A00
push 00000000
:00406262 6A00
push 00000000
* Possible StringData Ref from Data Obj ->" 儲存資料失敗! "
|
:00406264 68EC404100 push
004140EC
:00406269 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:0040626B E806690000 Call
0040CB76
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040625E(C)
|
:00406270 6A02
push 00000002
* Reference To: MFC42.Ordinal:0337, Ord:0337h
|
:00406272 E805690000 Call
0040CB7C
:00406277 83C404
add esp, 00000004
* Reference To: ADVAPI32.RegSetValueExA, Ord:0186h
|
:0040627A 8B3D10F04000 mov edi, dword
ptr [0040F010]
:00406280 8BF0
mov esi, eax
:00406282 6A02
push 00000002
:00406284 56
push esi
:00406285 C60631
mov byte ptr [esi], 31
:00406288 C6460100
mov [esi+01], 00
:0040628C 8B4C2418
mov ecx, dword ptr [esp+18]
:00406290 6A01
push 00000001
:00406292 6A00
push 00000000
* Possible StringData Ref from Data Obj ->"sos"
|
:00406294 6888474100 push
00414788
:00406299 51
push ecx
:0040629A FFD7
call edi
:0040629C 85C0
test eax, eax
:0040629E 7508
jne 004062A8
:004062A0 C744241401000000 mov [esp+14], 00000001
開始寫入登錄檔註冊成功標記:[HKEY_CURRENT_USER\Software\Microsoft\Windows]
"sos"="1"
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040629E(C)
|
:004062A8 8B542418
mov edx, dword ptr [esp+18]
:004062AC 6A02
push 00000002
:004062AE 56
push esi
:004062AF 6A01
push 00000001
:004062B1 6A00
push 00000000
* Possible StringData Ref from Data Obj ->"xios"
|
:004062B3 6880474100 push
00414780
:004062B8 52
push edx
:004062B9 FFD7
call edi
:004062BB 6A02
push 00000002
:004062BD 56
push esi
:004062BE 8BE8
mov ebp, eax
:004062C0 C60630
mov byte ptr [esi], 30
:004062C3 C6460100
mov [esi+01], 00
:004062C7 8B442418
mov eax, dword ptr [esp+18]
:004062CB 6A01
push 00000001
:004062CD 6A00
push 00000000
* Possible StringData Ref from Data Obj ->"really"
|
:004062CF 6878474100 push
00414778
:004062D4 50
push eax
:004062D5 FFD7
call edi
:004062D7 85ED
test ebp, ebp
:004062D9 7519
jne 004062F4
:004062DB 837C241401 cmp dword
ptr [esp+14], 00000001
:004062E0 7512
jne 004062F4
:004062E2 55
push ebp
* Possible StringData Ref from Data Obj ->" 迴音壁 "
|
:004062E3 686C474100 push
0041476C
* Possible StringData Ref from Data Obj ->" 註冊成功,感謝您選用並且註冊小精靈 "
這就不用說了吧!
|
:004062E8 6844474100 push
00414744
:004062ED 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:004062EF E882680000 Call
0040CB76
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004062D9(C), :004062E0(C)
|
:004062F4 8B13
mov edx, dword ptr [ebx]
:004062F6 8BCB
mov ecx, ebx
:004062F8 FF92CC000000 call dword
ptr [edx+000000CC]
:004062FE 8B442410
mov eax, dword ptr [esp+10]
* Reference To: ADVAPI32.RegCloseKey, Ord:015Bh
|
:00406302 8B3508F04000 mov esi, dword
ptr [0040F008]
:00406308 50
push eax
:00406309 FFD6
call esi
:0040630B 8B4C2418
mov ecx, dword ptr [esp+18]
:0040630F 51
push ecx
:00406310 FFD6
call esi
:00406312 5F
pop edi
:00406313 5E
pop esi
:00406314 5D
pop ebp
:00406315 5B
pop ebx
:00406316 83C42C
add esp, 0000002C
:00406319 C3
ret
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00406206(C)
不祥之跳,趕快上去攔住它!!!
***************
|
:0040631A 83F80E
cmp eax, 0000000E
:0040631D 0F8DEFFEFFFF jnl 00406212
:00406323 6A00
push 00000000
* Possible StringData Ref from Data Obj ->" 錯誤提示 "
|
:00406325 6838474100 push
00414738
* Possible StringData Ref from Data Obj ->" 您輸入了錯誤的註冊碼 "
|
:0040632A 681C474100 push
0041471C
:0040632F 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:00406331 E840680000 Call
0040CB76
:00406336 5F
pop edi
:00406337 5E
pop esi
:00406338 5D
pop ebp
:00406339 5B
pop ebx
:0040633A 83C42C
add esp, 0000002C
:0040633D C3
ret
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00406159(C), :00406165(C)
****************************
|
:0040633E 51
push ecx 跳到這的是笨蛋!!!按要求輸入。別生氣呀!!!
* Possible StringData Ref from Data Obj ->" 錯誤提示 "
|
:0040633F 68C4474100 push
004147C4
* Possible StringData Ref from Data Obj ->" 錯誤,不能輸入空行 "
|
:00406344 6804474100 push
00414704
:00406349 8BCB
mov ecx, ebx
* Reference To: MFC42.Ordinal:1080, Ord:1080h
|
:0040634B E826680000 Call
0040CB76
:00406350 5F
pop edi
:00406351 5E
pop esi
:00406352 5D
pop ebp
:00406353 5B
pop ebx
:00406354 83C42C
add esp, 0000002C
:00406357 C3
ret
總結:
註冊的方法:
一、向作者註冊。
二、註冊名:LIHATIAO註冊碼:RA2zHD2rAAJEAK
三、修改登錄檔:[HKEY_CURRENT_USER\Software\Microsoft\Windows]
"sos"="1"
最後要說的是寫破解過程真的很累,看雪學苑那麼多的教程都是前輩們辛苦整理的,向他們致敬!
LIHAITAO
2001.2.10
相關文章
- 超級小精靈 ver1.0破解 (448字)2001-02-11
- 豪傑大眼睛共享版註冊碼破解 (1千字)2001-07-08
- 優軟精靈畫筆之大天使3.0註冊演算法分析及KeyGen (3千字)2001-11-10演算法
- Photocaster xtra v3.0.3 註冊過程的分析 (15千字)2001-11-22AST
- 破解《推箱子》Ver:1.6(230關) 註冊版 (1千字)2001-04-01
- Cleaner 3.2註冊分析 (18千字)2001-12-09
- 海嘯錄音機Ver2.1註冊演算法分析2015-11-15演算法
- 註冊PSXVIDEO Ver1.12詳細演算法 (14千字)2001-04-11IDE演算法
- 破解 開機小精靈 2.11 (7千字)2001-11-12
- 全面分析 解除安裝精靈v1.20 註冊演算法,僅此祝大家新年快樂! (23千字)2015-11-15演算法
- EZ MP3 Recorder 1.15 註冊演算法分析 (14千字)2015-11-15演算法
- S-DEMO2 註冊分析 (14千字)2002-06-25
- DreamWaver3.0註冊流程分析 (17千字)2001-09-10
- XX解霸3000(共享版)註冊碼破解實錄2015-11-15
- CPUCOOL 5.1000註冊碼分析 (6千字)2001-01-19
- GetRight 4.5b 註冊分析 (33千字)2001-12-09
- FolderView 1.7
註冊演算法分析 (14千字)2015-11-15View演算法
- DataFit V7.0.36註冊過程的分析 (9千字)2001-11-09
- 心理測試小精靈
3.5演算法分析2004-05-30演算法
- 註冊,人人都有一臺超級計算機2011-07-02計算機
- 盜文高手(DownFiles) Ver1.3 註冊演算法2015-11-15演算法
- 給TAE!的小禮物---對DISKdata v3.3.2註冊演算法的分析 (14千字)2001-07-13演算法
- Cute FTP Ver 4.0 build 19 的註冊碼破解
(820字)2001-02-05FTPUI
- 製作自己的記憶體序號產生器--------檔案隱藏精靈註冊碼獲取 (4千字)2015-11-15記憶體
- estiprojm 註冊 (12千字)2001-11-08
- 重新貼過註冊演算法分析 (16千字)2001-10-23演算法
- ffmpeg分析系列之一(註冊該註冊的)2010-11-04
- Konvertor 3.03的註冊碼演算法模組的分析
(7千字)2015-11-15演算法
- 全國電話通 Ver1.09註冊演算法2015-11-15演算法
- 網路精確時鐘 2.25註冊演算法分析2003-07-30演算法
- EffeTech HTTP Sniffer 3.2註冊演算法分析 (5千字)2002-06-24HTTP演算法
- Cute Email Searcher2.2註冊過程分析 (5千字)2001-11-18AI
- 檔案密使2.6註冊碼分析詳解 (11千字)2001-11-30
- Green Tea 2.60註冊碼演算法分析 (3千字)2000-07-17演算法
- 敏思硬碟衛士1.0 (網路版客戶端)的註冊分析(簡單級) (7千字)2001-08-21硬碟客戶端
- Uber的DSP廣告投放,獲超19萬註冊量 | 案例分析2016-09-28
- Quickness 3.1
註冊演算法分析 + 序號產生器原始碼(tc2) (15千字)2003-04-13UI演算法原始碼
- 班門弄斧之暴破網頁特效小精靈 (6千字)2001-10-10網頁特效