DreamWaver3.0註冊流程分析 (17千字)
DreamWaver3.0註冊流程分析
作者: 夜月
E-mail:luoyi.ly@yeah.net
寫作日期:31th, August 2001
軟體背景資料
執行平臺: Win9X
檔名稱: DreamWaver.exe
程式型別: 網頁製作工具
下載地點: 未知
檔案大小: 不詳
使用的工具
Trw2000 V1.23--Win9X Debugger
Turboc V2.00--KeyGen Compiler1
Masm32 V5.00--KeyGen Compiler2
難易程度
Easy( )
Medium(X) Hard( ) Pro( )
------------------=====Declare=====------------------
未經作者同意,不得修改、引用原文,一切權利保留。
本教程只供教學用,其他一切用途皆被禁止。
------------------=====Begin=====------------------
給三個能用的DreamWaver3.0的註冊碼:
(1) DWW300-71511-95480-68658
(2) WBW300-79525-15490-68658
(3) WLW300-70814-65498-68658
由此可以看出DreamWaver的註冊碼應該滿足以下幾個基本條件:
(Str[]指向註冊碼字串)
(A) strlen(Str)=24
(B) Str[6],Str[12],Str[18]固定為“-”
(C) Str[3]――Str[7]
檢驗得知:如果為“300-7”則生成的是教學班的序列號
如果為“300-0”則生成的是完全版的序列號
(D) Str[0]――Str[2]有三個可選項。程式安裝成功後,每一個字串都可以註冊成功。但在安裝程式
需要輸入序列號時,開頭為“WBW”的序列號不能透過,會被認為是舊版的序列號。
基本條件就是如此。序列號的具體演算法比較複雜。把整段字串分成了5部分(不包括“DWW”,
“WBW”,“WLW”這一串)。具體實施過程如下:
(以第一個號碼:DWW300-71511-95480-68658為例)
NUM1 = atoi(Str[3]――Str[5]) = 300
NUM2 = atoi(Str[7]) = 7
NUM3
= atol(strcat(Str[15],Str[14],Str[21],Str[20],Str[23],Str[19],Str[22]))
= 4568865
NUM4 = atoi(strcat(Str[10],Str[17],Str[16]))
= 108
NUM5 = atoi(strcat(Str[8],Str[9],Str[11],Str[13])) = 1519
這五個號碼中,NUM3無任何限制,只要是7位數的整數就行。NUM4是由一個隨機數查表得來的一個
值,表不大,總共才15個數。也就是說,NUM4總共只有15種選擇。NUM1,NUM2固定。NUM5就是最後
用來校驗的――看根據NUM1,NUM2,NUM3,NUM4四個數算出來的值等不等於NUM5(這段計算真的很復
雜,我用A4的紙打了3張)。
具體演算法表示如下:
(num1=NUM3,num2=NUM4。寫序號產生器時圖方便去了,沒考慮到會給寫這篇文章帶來麻煩)
---------------------------------------Cut From Here------------------------------------------
edx1=num1/100000;edx2=num1/100;edx3=num1/1000000;edx4=num1/10000;
edx5=num2/100;edx6=3;edx7=30;ebx1=num2/10;edi1=num1/10;
ebp1=num1/1000;edx8=edx3+ebp1;
temp=7*(ebp1+num2)+3*(3*(edx1+ebx1+7)+edi1+edx2)+edx7+edx6+edx5+edx4+edx3+num1;
num[0]=(int) (temp-(temp/10)*10)+0x30;
temp=7*edi1+3*(edx8+3*num2+ebx1)+edx7+edx6+edx5+edx4+edx2+edx1+7+num1;
num[1]=(int) (temp-(temp/10)*10)+0x30;
temp=7*edx8+3*(3*ebx1+edx5+edx7+edx2)+edx6+edx4+edi1+edx1+num1+7+num2;
num[2]=(int) (temp-(temp/10)*10)+0x30;
temp=7*(edx6+edx2+ebx1)+3*(edx4+3*(edx7+num1)+edx3+edi1)+edx5+ebp1+edx1+7+num2;
num[3]=(int) (temp-(temp/10)*10)+0x30;
------------------------------------------Cut
End---------------------------------------------
有了這個核心演算法,相信用Tc2.0作序號產生器,應該是很簡單的事情了吧?
------------------=====KeyGen1(C)=====------------------
Tc2.0版序號產生器原碼(dw_keygen.exe):
---------------------------------------Cut
From Here------------------------------------------
main()
{
void
geneax(unsigned long num1,int num2,char *num);
unsigned long a;
int
b,c;
int table[15]={0x51,0x5c,0x6a,0x102,0x10b,0xb6,0xbb,0xc5,0xc0,
0xa2,0xa8,0x52,0x54,0x5d,0x6d};
char
sn[26]={"DWW300-7"};
char num1[7],num2[3],num3[4];
seed1: printf("Please
Input Seed1:\n");
scanf("%lu",&a);
if (a<1000000||a>=0x949d5b)
{
printf("Seed1 Must Be [1000000,9739612]");
goto seed1;
}
seed2: printf("Please
Input Seed2 (0--14 but 1,7,8):\n");
scanf("%d",&b);
if (b<0 ||
b==1 || b==7 || b==8 || b>14)
{
printf("Seed2
Muse Be 0--14 But 1,7,8!\n");
goto seed2;
}
if (b==5 || b==6 || b==7 || b==8) {sn[0]='W';sn[1]='B';}
if (b==9 || b==10) {sn[0]='W';sn[1]='L'; }
b=table[b];
b+=27;
geneax(a,b,num3);
ultoa(a,num1,10);itoa(b,num2,10);
sn[8]=num3[0];sn[9]=num3[1];sn[10]=num2[0];sn[11]=num3[2];
sn[12]='-';sn[13]=num3[3];sn[14]=num1[1];sn[15]=num1[0];
sn[16]=num2[2];sn[17]=num2[1];sn[18]='-';sn[19]=num1[5];
sn[20]=num1[3];sn[21]=num1[2];sn[22]=num1[6];sn[23]=num1[4];
printf("SN
CODE IS:\n");
printf("%s",sn);
}
void geneax(unsigned long
num1,int num2,char *num)
{
unsigned long temp,edx1,edx2,edx3,edx4,edx5,edx6,edx7,edx8,
ebx1,edi1,ebp1;
edx1=num1/100000;edx2=num1/100;edx3=num1/1000000;edx4=num1/10000;
edx5=num2/100;edx6=3;edx7=30;ebx1=num2/10;edi1=num1/10;
ebp1=num1/1000;edx8=edx3+ebp1;
temp=7*(ebp1+num2)+3*(3*(edx1+ebx1+7)+edi1+edx2)+edx7+edx6+edx5+edx4+edx3+num1;
num[0]=(int) (temp-(temp/10)*10)+0x30;
temp=7*edi1+3*(edx8+3*num2+ebx1)+edx7+edx6+edx5+edx4+edx2+edx1+7+num1;
num[1]=(int) (temp-(temp/10)*10)+0x30;
temp=7*edx8+3*(3*ebx1+edx5+edx7+edx2)+edx6+edx4+edi1+edx1+num1+7+num2;
num[2]=(int) (temp-(temp/10)*10)+0x30;
temp=7*(edx6+edx2+ebx1)+3*(edx4+3*(edx7+num1)+edx3+edi1)+edx5+ebp1+edx1+7+num2;
num[3]=(int) (temp-(temp/10)*10)+0x30;
}
------------------------------------------Cut
End---------------------------------------------
------------------=====KeyGen1(ASM)=====------------------
說實話,對這個程式而言,用Tc2.0寫序號產生器實在是很累人。那段核心演算法很長也很複雜。針對演算法
的特點,我建議大家用Masm32寫序號產生器,那樣比較方便――只要直接把在Trw2000中“U”下來的程式碼貼上到
原始檔中就行了,需要改動的地方不多。
下面就是Masm32V5版的序號產生器原始碼:
Masm32版序號產生器原始碼(dw_keygen.exe):
---------------------------------------Cut From Here------------------------------------------
.386
.model
flat,stdcall
option casemap:none
include
windows.inc
include user32.inc
include kernel32.inc
include
comctl32.inc
include comdlg32.inc
include masm32.inc
includelib
masm32.lib
includelib user32.lib
includelib
kernel32.lib
includelib comctl32.lib
includelib comdlg32.lib
DLG_MAIN
equ 100
IDGEN equ
10
Edit1 equ 11
Edit2 equ 12
_ProcDlgMain PROTO :DWORD,:DWORD,:DWORD,:DWORD
_Math PROTO :DWORD,:DWORD,:DWORD
.data?
EDX1
DD ?
EDX2
DD ?
EDX3 DD
?
EDX4 DD
?
EDX5 DD
?
EDX6 DD ?
EDX7 DD ?
EDX8 DD ?
EAX1
DD ?
EBP1
DD ?
EDI1
DD ?
EBX1
DD ?
.data
szMess db "Seed Must
Be [1000000,9000000]!",0
szCaption db
"Error!"
hInstance dd ?
Number
dd ?
Num1
db 7 dup(?),0
Num2
db 4 dup(?),0
snString1
db 4 dup(?),0
snString2
db 5 dup(?),0
snString3
db 5 dup(?),0
snString
db "DWW300-7%s-%s-%s",0
sn
db 24 dup(?),0
ddEbp
dd ?
.code
_Math
proc N1,N2,N3 ;這個過程就是貼上過來的,很長吧?
MOV
ECX,N1
MOV
EAX,14F8B589H
IMUL ECX
SAR EDX,0DH
MOV
EAX,EDX
PUSH EBX
SHR EAX,1FH
PUSH
EBP
ADD EDX,EAX
PUSH ESI
MOV
ESI,N3
MOV
EAX,66666667H
MOV
EDX1,EDX
IMUL ESI
SAR EDX,02H
MOV
EAX,EDX
PUSH EDI
SHR EAX,1FH
ADD
EDX,EAX
MOV EAX,51EB851FH
MOV EBX,EDX
IMUL ECX
SAR
EDX,05H
MOV EAX,EDX
MOV EBX1,EBX
SHR EAX,1FH
ADD
EDX,EAX
MOV EAX,66666667H
MOV EDX2,EDX
IMUL ECX
SAR
EDX,02H
MOV EAX,EDX
SHR EAX,1FH
ADD EDX,EAX
MOV
EAX,10624DD3H
MOV
EDI,EDX
IMUL ECX
SAR EDX,06H
MOV
EAX,EDX
MOV EDI1,EDI
SHR EAX,1FH
ADD EDX,EAX
MOV
EAX,431BDE83H
MOV
EBP,EDX
IMUL ECX
SAR EDX,12H
MOV
EAX,EDX
MOV EBP1,EBP
SHR EAX,1FH
ADD EDX,EAX
MOV
EAX,68DB8BADH
MOV
EDX3,EDX
IMUL ECX
SAR EDX,0CH
MOV
EAX,EDX
SHR EAX,1FH
ADD EDX,EAX
MOV EAX,51EB851FH
MOV
EDX4,EDX
IMUL ESI
SAR EDX,05H
MOV
EAX,EDX
SHR EAX,1FH
ADD EDX,EAX
MOV EAX,51EB851FH
MOV
EDX5,EDX
MOV
EDX,300
IMUL EDX
SAR EDX,05H
MOV
EAX,EDX
SHR EAX,1FH
ADD EDX,EAX
MOV EAX,66666667H
MOV
EDX6,EDX
MOV
EDX,300
IMUL EDX
SAR EDX,02H
MOV
EAX,EDX
SHR EAX,1FH
ADD EDX,EAX
MOV EDX7,EDX
MOV
EDX,EDX3
ADD
EDX,EBP
MOV EAX,EDX1
MOV EDX8,EDX
MOV EDX,7H
ADD EAX,EBX
ADD
EAX,EDX
ADD EBP,ESI
LEA EDX,[EDI+EAX*2]
ADD EAX,EDX
MOV
EDX,EDX2
ADD
EAX,EDX
MOV EDX,EDX7
MOV EAX1,EAX
ADD
EDX,EAX
LEA EAX,[EBP*8+00]
SUB EAX,EBP
MOV EBP,EAX1
LEA
EDX,[EDX+EBP*2]
MOV
EBP,EDX5
ADD EAX,EDX
MOV EDX,EDX6
ADD EAX,EDX
MOV
EDX,EDX4
ADD
EAX,EBP
MOV EBP,EDX3
ADD EAX,EDX
ADD
EAX,EBP
MOV
EBP,0AH
ADD
EAX,ECX
CDQ
IDIV EBP
MOV
EAX,EDX8
LEA
EAX,[EAX+ESI*2]
LEA EBP,[EDX+EDX*4]
MOV EDX,ESI
ADD EDX,EAX
MOV
EAX,EDX7
ADD
EDX,EBX
LEA EBX,[EDX+EAX]
LEA EAX,[EDI*8+00]
SUB EAX,EDI
MOV
EDI,EDX5
LEA
EDX,[EBX+EDX*2]
MOV EBX,EDX6
ADD EAX,EDX
MOV EDX,EDX4
ADD
EAX,EBX
MOV EBX,0AH
ADD EAX,EDI
MOV EDI,EDX2
ADD
EAX,EDX
MOV EDX,EDX1
ADD EAX,EDI
ADD EAX,EDX
MOV
EDX,7H
ADD EAX,ECX
ADD EAX,EDX
CDQ
IDIV
EBX
LEA EAX,[EDX+EBP*2]
MOV EDX,EBX1
LEA EBX,[EAX+EAX*4]
MOV
EAX,EDX7
LEA
EAX,[EAX+EDX*2]
ADD EDX,EAX
MOV EAX,EDX5
ADD EDX,EAX
MOV
EAX,EDX6
ADD
EDX,EDI
MOV EDI,EDX8
LEA EBP,[EDX+EAX]
LEA
EAX,[EDI*8+00]
SUB
EAX,EDI
MOV EDI,EDI1
LEA EDX,[EBP+EDX*2+00]
MOV EBP,EDX4
ADD
EAX,EDX
ADD EAX,EBP
ADD EAX,EDI
MOV EDI,EDX1
ADD
EAX,EDI
ADD EAX,ECX
MOV EDX,7
MOV EBP,0AH
ADD
EAX,EDX
ADD EAX,ESI
CDQ
IDIV
EBP
MOV EBP,EDX3
LEA EAX,[EDX+EBX*2]
MOV EDX,EDX4
LEA
EBX,[EAX+EAX*4]
MOV
EAX,EDX7
ADD ECX,EAX
LEA EAX,[EDX+ECX*2]
MOV EDX,EDI1
ADD
ECX,EAX
MOV EAX,EDX6
ADD ECX,EBP
ADD ECX,EDX
MOV
EDX,EDX5
LEA
EBP,[ECX+EDX]
MOV EDX,EDX2
ADD EDX,EAX
MOV EAX,EBX1
ADD
EDX,EAX
LEA ECX,[EBP+ECX*2+00]
LEA EAX,[EDX*8+00]
SUB EAX,EDX
MOV
EDX,7
ADD EAX,ECX
MOV ECX,EBP1
ADD EAX,ECX
MOV
ECX,0AH
ADD EAX,EDI
POP EDI
ADD EAX,EDX
ADD
EAX,ESI
POP ESI
CDQ
IDIV
ECX
POP EBP
LEA EAX,[EDX+EBX*2]
POP EBX
RET
_Math endp
_ProcDlgMain proc uses ebx edi
esi edx ecx,hWnd:DWORD,wMsg:DWORD,wParam:DWORD,lParam:DWORD
mov eax,wMsg
.if
eax==WM_CLOSE
invoke EndDialog,hWnd,NULL
.elseif eax==WM_COMMAND
mov eax,wParam
and eax,0ffffh
.if
eax==IDGEN
invoke GetDlgItemText, hWnd,Edit1,offset Num1,8
invoke atodw,offset Num1
.if eax<1000000 || eax>9000000
invoke MessageBox,hWnd,offset szMess,offset
szCaption,MB_ICONSTOP
ret
.endif
mov ecx,eax
mov eax,7
mov
edx,108
invoke _Math,ecx,eax,edx
mov
Number,eax
invoke dwtoa,Number,offset Num2
mov
al,[Num1]
mov [snString2+2],al
mov
al,[Num1+1]
mov [snString2+1],al
mov
al,[Num1+2]
mov [snString3+2],al
mov
al,[Num1+3]
mov [snString3+1],al
mov
al,[Num1+4]
mov [snString3+4],al
mov
al,[Num1+5]
mov [snString3],al
mov
al,[Num1+6]
mov [snString3+3],al
mov
al,[Num2]
mov [snString1],al
mov
al,[Num2+1]
mov [snString1+1],al
mov
al,[Num2+2]
mov [snString1+3],al
mov
al,[Num2+3]
mov [snString2],al
mov
[snString1+2],'1'
mov [snString2+3],'8'
mov
[snString2+4],'0'
invoke wsprintf,offset sn,offset snString,offset
snString1,offset snString2,offset snString3
invoke SetDlgItemText,hWnd,Edit2,offset
sn
mov eax,FALSE
ret
.elseif eax==IDCLOSE
invoke EndDialog,hWnd,NULL
.endif
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_ProcDlgMain endp
start:
invoke InitCommonControls
invoke
GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset
_ProcDlgMain,0
invoke ExitProcess,NULL
end start
end
------------------------------------------Cut
End---------------------------------------------
資原始檔原始碼(rsrc.rc):
---------------------------------------Cut From Here------------------------------------------
#include <Resource.h>
#define
IDGEN 10
#define
DLG_MAIN 100
#define
EDIT1 11
#define
EDIT2 12
DLG_MAIN DIALOGEX
100,150,250,60
STYLE DS_MODALFRAME|WS_POPUP|WS_VISIBLE|WS_CAPTION|WS_SYSMENU|WS_THICKFRAME
CAPTION "DreamWaver3.0 sn-generater
By robotow"
FONT 9,"宋體"
BEGIN
CONTROL "SEED:",-1,"Static",SS_LEFT,10,13,40,17
CONTROL "SN:" ,-2,"Static",SS_CENTER,10,40,20,17
CONTROL "" ,11,"Edit",ES_LEFT,30,13,150,10
CONTROL "" ,12,"Edit",ES_LEFT,30,40,150,10
CONTROL "GENERATE",IDGEN,"BUTTON",BS_PUSHBUTTON,200,11,40,15
CONTROL "EXIT",IDCLOSE,"BUTTON",BS_PUSHBUTTON,200,36,41,14
END
-------------------------------------------Cut End---------------------------------------------
批處理編譯檔案(makefile.bat):
---------------------------------------Cut
From Here------------------------------------------
@echo off
set include=d:\masm32\include
set lib=d:\masm32\lib
set path=d:\masm32\bin
if not exist
rsrc.rc goto over1
d:\masm32\bin\rc /v rsrc.rc
d:\masm32\bin\cvtres
/machine:ix86 rsrc.res
:over1
if exist dw_keygen.obj del dw_keygen.obj
if exist dw_keygen.exe del dw_keygen.exe
d:\masm32\bin\ml /c /coff
dw_keygen.asm
if errorlevel 1 goto errasm
if not exist rsrc.obj
goto nores
d:\masm32\bin\Link /SUBSYSTEM:WINDOWS dw_keygen.obj rsrc.obj
if errorlevel 1 goto errlink
goto TheEnd
:nores
d:\masm32\bin\Link /SUBSYSTEM:WINDOWS dw_keygen.obj
if errorlevel 1
goto errlink
goto TheEnd
:errlink
echo _
echo Lin
相關文章
- ClockWise 3.22e註冊碼演算法分析 - OCG (17千字)2002-04-10演算法
- Cleaner 3.2註冊分析 (18千字)2001-12-09
- nacos註冊中心原始碼流程分析2020-12-23原始碼
- IJCNN註冊流程2020-05-11CNN
- S-DEMO2 註冊分析 (14千字)2002-06-25
- Nacos(一)原始碼分析Nacos註冊示例流程2020-12-26原始碼
- E族百變桌面7.2註冊流程分析2015-11-15
- containerd 原始碼分析:啟動註冊流程2024-05-21AI原始碼
- CPUCOOL 5.1000註冊碼分析 (6千字)2001-01-19
- GetRight 4.5b 註冊分析 (33千字)2001-12-09
- FolderView 1.7
註冊演算法分析 (14千字)2015-11-15View演算法
- 柬埔寨公司註冊流程2021-11-24
- estiprojm 註冊 (12千字)2001-11-08
- 重新貼過註冊演算法分析 (16千字)2001-10-23演算法
- Chatgpt註冊全流程教程2022-12-07ChatGPT
- 微信小程式註冊流程2018-04-23微信小程式
- Camera subdev註冊流程2024-03-29dev
- 小程式生命週期分析與註冊流程回撥2019-03-04
- EffeTech HTTP Sniffer 3.2註冊演算法分析 (5千字)2002-06-24HTTP演算法
- DataFit V7.0.36註冊過程的分析 (9千字)2001-11-09
- Cute Email Searcher2.2註冊過程分析 (5千字)2001-11-18AI
- 檔案密使2.6註冊碼分析詳解 (11千字)2001-11-30
- Green Tea 2.60註冊碼演算法分析 (3千字)2000-07-17演算法
- spring-IOC容器原始碼分析(二)BeanDefinition註冊流程2018-11-19Spring原始碼Bean
- Nacos(二)原始碼分析Nacos服務端註冊示例流程2021-01-18原始碼服務端
- SuperCleaner 2.31註冊碼演算法分析 - OCG (13千字)2002-04-02演算法
- Registry Crawler 4.0註冊碼演算法分析 - OCG
(20千字)2002-04-07演算法
- 空檔接龍助手2.01註冊碼分析。 (6千字)2003-01-13
- UltraEdit-32
10註冊碼演算法分析 (19千字)2003-05-17演算法
- getPassword2.3註冊碼計算分析過程 (3千字)2001-11-07
- Photocaster xtra v3.0.3 註冊過程的分析 (15千字)2001-11-22AST
- 完美解除安裝6.0註冊演算法分析 (2千字)2002-02-27演算法
- Directory Scanner v1.5 註冊演算法分析 (6千字)2015-11-15演算法
- MouseStar V3.01註冊演算法分析 (18千字)2015-11-15演算法
- **********.exe註冊碼演算法分析--高手莫笑 (31千字)2015-11-15演算法
- ffmpeg分析系列之一(註冊該註冊的)2010-11-04
- 5G核心網之UE初始註冊關鍵流程分析2024-11-02
- Screen Demo Maker
V3.0註冊演算法分析 (8千字)2002-09-10演算法