EmEditor v3.16破解過程 (9千字)
:0041B09F 668907
mov word ptr [edi], ax
:0041B0A2 46
inc esi
:0041B0A3 47
inc edi
:0041B0A4 47
inc edi
:0041B0A5 83FE04
cmp esi, 00000004
:0041B0A8 7CE3
jl 0041B08D
:0041B0AA 8D45F4
lea eax, dword ptr [ebp-0C]
:0041B0AD 50
push eax
:0041B0AE E8F5FEFFFF call 0041AFA8
------>跟進這個call
:0041B0B3 3BC3
cmp eax, ebx
:0041B0B5 5F
pop edi
:0041B0B6 742A
je 0041B0E2
:0041B0B8 33C9
xor ecx, ecx
:0041B0BA 83F802
cmp eax, 00000002
:0041B0BD 0F95C1
setne cl
:0041B0C0 49
dec ecx
:0041B0C1 6A30
push 00000030
:0041B0C3 83E103
and ecx, 00000003
:0041B0C6 81C154040000 add ecx, 00000454
:0041B0CC 51
push ecx
:0041B0CD E8DCA1FFFF call 004152AE
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B019(C)
|
:0041B0D2 6A02
push 00000002
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B149(U)
|
:0041B0D4 FF7508
push [ebp+08]
* Reference To: USER32.EndDialog, Ord:00BBh
|
:0041B0D7 FF15C0834300 Call dword ptr
[004383C0]
:0041B0DD E998000000 jmp 0041B17A
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B0B6(C)
|
:0041B0E2 C605742E440001 mov byte ptr [00442E74],
01
:0041B0E9 E82EFDFFFF call 0041AE1C
:0041B0EE 8BF0
mov esi, eax
:0041B0F0 3BF3
cmp esi, ebx
:0041B0F2 7509
jne 0041B0FD
:0041B0F4 6A30
push 00000030
:0041B0F6 6861040000 push 00000461
:0041B0FB EB45
jmp 0041B142
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B0F2(C)
|
:0041B0FD 6A02
push 00000002
* Possible StringData Ref from Data Obj ->"EmEditor"
|
:0041B0FF 686CCE4300 push 0043CE6C
:0041B104 8D45D4
lea eax, dword ptr [ebp-2C]
* Possible StringData Ref from Data Obj ->"%s-%d"
|
:0041B107 6818D04300 push 0043D018
:0041B10C 50
push eax
----------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------
* Referenced by a CALL at Addresses:
|:0041B0AE , :0041B22E
|
:0041AFA8 56
push esi
:0041AFA9 8B742408 mov
esi, dword ptr [esp+08]
:0041AFAD 57
push edi
:0041AFAE 6A0A
push 0000000A
:0041AFB0 0FB706
movzx eax, word ptr [esi]
:0041AFB3 99
cdq
:0041AFB4 59
pop ecx
:0041AFB5 F7F9
idiv ecx
:0041AFB7 3DAB000000 cmp eax,
000000AB
------>檢查code1的前三位是否為171
:0041AFBC 7405
je 0041AFC3
------>不跳就死
:0041AFBE 6A01
push 00000001
:0041AFC0 58
pop eax
:0041AFC1 EB15
jmp 0041AFD8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AFBC(C)
|
:0041AFC3 668B7E06 mov
di, word ptr [esi+06]
:0041AFC7 56
push esi
:0041AFC8 E813FFFFFF call 0041AEE0
------>跟進這個call
:0041AFCD 85C0
test eax, eax
:0041AFCF 7507
jne 0041AFD8
------>一跳就完了
:0041AFD1 663B7E06 cmp
di, word ptr [esi+06] ------>esi+06為code4
:0041AFD5 0F95C0
setne al
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AFC1(U), :0041AFCF(C)
|
:0041AFD8 5F
pop edi
:0041AFD9 5E
pop esi
:0041AFDA C20400
ret 0004
----------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------
* Referenced by a CALL at Address:
|:0041AFC8
|
:0041AEE0 56
push esi
:0041AEE1 8B742408 mov
esi, dword ptr [esp+08]
:0041AEE5 668B4602 mov
ax, word ptr [esi+02]
:0041AEE9 6683660600 and word
ptr [esi+06], 0000
:0041AEEE 663D0F27 cmp
ax, 270F
------>檢查code2是否為9999
:0041AEF2 0F87A9000000 ja 0041AFA1
------>大於就跳
:0041AEF8 668B5604 mov
dx, word ptr [esi+04]
:0041AEFC 6681FA0F27 cmp dx,
270F
------>檢查code3是否為9999
:0041AF01 0F879A000000 ja 0041AFA1
------>大於就跳
:0041AF07 6685C0
test ax, ax
:0041AF0A 0F848D000000 je 0041AF9D
:0041AF10 663DAE08 cmp
ax, 08AE
------>檢查code2是否為2222
:0041AF14 0F8483000000 je 0041AF9D
------>等於就跳
:0041AF1A 663D2E16 cmp
ax, 162E
------>檢查code2是否為5678
:0041AF1E 747D
je 0041AF9D
------>等於就跳
:0041AF20 663D1625 cmp
ax, 2516
------>檢查code2是否為9494
:0041AF24 7477
je 0041AF9D
------>等於就跳
:0041AF26 668B0E
mov cx, word ptr [esi]
:0041AF29 6681F9AE06 cmp cx,
06AE
------>檢查code1是否為1710
:0041AF2E 746D
je 0041AF9D
------>等於就跳
:0041AF30 53
push ebx
:0041AF31 55
push ebp
:0041AF32 57
push edi
:0041AF33 6A64
push 00000064
:0041AF35 0FB7C0
movzx eax, ax
:0041AF38 0FB7FA
movzx edi, dx
:0041AF3B 89442418 mov
dword ptr [esp+18], eax
:0041AF3F 8BC7
mov eax, edi
:0041AF41 99
cdq
:0041AF42 5B
pop ebx
:0041AF43 F7FB
idiv ebx
:0041AF45 0FB7C9
movzx ecx, cx
:0041AF48 6A0A
push 0000000A
:0041AF4A 5D
pop ebp
:0041AF4B 6A64
push 00000064
:0041AF4D 8BD8
mov ebx, eax
:0041AF4F 8BC1
mov eax, ecx
:0041AF51 99
cdq
:0041AF52 F7FD
idiv ebp
:0041AF54 8B542418 mov
edx, dword ptr [esp+18]
:0041AF58 03D3
add edx, ebx
:0041AF5A 03C2
add eax, edx
:0041AF5C 03C7
add eax, edi
:0041AF5E 5F
pop edi
:0041AF5F 99
cdq
:0041AF60 F7FF
idiv edi
:0041AF62 8B442414 mov
eax, dword ptr [esp+14]
:0041AF66 6A64
push 00000064
:0041AF68 5B
pop ebx
:0041AF69 6A64
push 00000064
:0041AF6B 5D
pop ebp
:0041AF6C 55
push ebp
:0041AF6D 8B3C9588CE4300 mov edi, dword ptr
[4*edx+0043CE88]
:0041AF74 99
cdq
:0041AF75 6BFF64
imul edi, 00000064
:0041AF78 F7FB
idiv ebx
:0041AF7A 8BD8
mov ebx, eax
:0041AF7C 8BC1
mov eax, ecx
:0041AF7E 99
cdq
:0041AF7F F7FD
idiv ebp
:0041AF81 03CB
add ecx, ebx
:0041AF83 03C1
add eax, ecx
:0041AF85 59
pop ecx
:0041AF86 99
cdq
:0041AF87 F7F9
idiv ecx
:0041AF89 8B049588CE4300 mov eax, dword ptr
[4*edx+0043CE88]
:0041AF90 03F8
add edi, eax
:0041AF92 33C0
xor eax, eax
:0041AF94 66897E06 mov
word ptr [esi+06], di
:0041AF98 5F
pop edi
:0041AF99 5D
pop ebp
:0041AF9A 5B
pop ebx
:0041AF9B EB07
jmp 0041AFA4
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AF0A(C), :0041AF14(C), :0041AF1E(C), :0041AF24(C), :0041AF2E(C)
|
:0041AF9D 6A02
push 00000002
:0041AF9F EB02
jmp 0041AFA3
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AEF2(C), :0041AF01(C)
|
:0041AFA1 6A01
push 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AF9F(U)
|
:0041AFA3 58
pop eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AF9B(U)
|
:0041AFA4 5E
pop esi
:0041AFA5 C20400
ret 0004
conanxu[BCG]
conanxu@eastday.com
http://conanxu.51.net/
相關文章
- myeclipse2017破解過程以及遇到的破解失敗的問題2018-09-13Eclipse
- 凱撒密碼加解密過程與破解原理2024-07-10密碼解密
- 中興ZXV10B860AV2.1-A破解過程2019-02-02
- 9-7 ~ 9-27做論文全過程的反思2020-09-27
- EmEditor 24.4.1 離線註冊分析2024-11-09
- 所見即所得 HTML 編輯器 Froala Editor 3.1.1 破解過程2020-05-25HTML
- EMEDITOR:開啟超大檔案的利器2020-12-22
- WaveMetrics Igor Pro 9 破解下載「WaveMetrics Igor Pro 9 金鑰」2023-11-07Go
- Spring 原始碼(9)Spring Bean的建立過程的前期準備2022-05-07Spring原始碼Bean
- bindService過程2018-09-08
- OAuth 2.0以及它的工作過程工作過程2024-10-21OAuth
- 最新版Axure RP 9原型設計工具 附 Axure RP 9破解啟用教程2024-01-03原型
- 記一次破解某APP的心路歷程2021-03-08APP
- 編譯過程2018-06-23編譯
- promisify 的過程2018-09-25
- https加密過程2024-03-29HTTP加密
- webpack使用過程2019-12-07Web
- Servlet呼叫過程2020-09-27Servlet
- Sprk submit 過程2019-04-23MIT
- iOS main()執行前的過程 + weak 置 nil的過程2018-05-30iOSAI
- 千字分享|自然語言分析NLA2022-05-30
- Oracle儲存過程乾貨(一):儲存過程基礎2024-03-05Oracle儲存過程
- 隨機過程(高斯隨機過程、譜分析、白噪聲)2020-11-01隨機
- SQL 儲存過程裡呼叫另一個儲存過程2021-04-03SQL儲存過程
- UA MATH563 概率論的數學基礎 鞅論初步9 分支過程簡介2020-12-08H5
- HDFS寫過程分析2019-04-01
- html載入過程2019-02-16HTML
- runtime載入過程2019-02-25
- Window 的新增過程2019-03-06
- Service啟動過程2018-09-08
- selenium安裝過程2018-05-28
- Web請求過程2018-05-26Web
- promise實現過程2018-05-19Promise
- zk選舉過程2018-03-20
- SQLSERVER儲存過程2024-05-20SQLServer儲存過程
- 呼叫儲存過程2024-03-16儲存過程
- mysql 儲存過程2024-05-17MySql儲存過程
- SpringBoot啟動過程2024-03-15Spring Boot
- oracle索引核心過程2024-01-17Oracle索引