螢幕擷取程式Ashampoo SnapYa! v1.53
螢幕擷取程式Ashampoo SnapYa! v1.53
軟體名稱:Ashampoo
SnapYa!
整理日期:2003.3.7
最新版本:1.53
檔案大小:3748KB
軟體授權:共享軟體/英文
使用平臺:Win9x/Me/NT/2000/XP
下載地址:
http://xz.onlinedown.net/down/ashampoo_snapya153_se.exe
軟體簡介:
Ashampoo
SnapYa!是個與眾不同的螢幕擷取程式,透過Ctrl鍵跟滑鼠點選所要擷取的部位,就可以完成螢幕擷取,然而,更奇妙的是可以實時加入圖片特效,擷取完成後,還可以利用內建的郵件傳送功能,立即將螢幕擷取圖寄給朋友!
【作者宣告】:本人是個初學者,只是感興趣,沒有其它目的。失誤之處敬請諸位大俠賜教!
【破解工具】:0llydbg_cn
v1.09 TRW2000 V1.22
【過 程】:
這個軟體沒有加殼,但是斷點不好下,試了幾個常用的API都沒有中斷.只好用TRW2000跟到
這裡,然後再用0llydbg繼續跟蹤.
填好:試驗碼 7894561230123456
跟蹤過程如下:
00405750
/. 55 PUSH EBP
00405751
|. 8BEC MOV EBP, ESP
00405753
|. B9 07000000 MOV ECX, 7
00405758 |>
6A 00 /PUSH 0
0040575A |.
6A 00 |PUSH 0
0040575C |.
49 |DEC ECX
0040575D
|.^ 75 F9 \JNZ SHORT SnapYa!.00405758
0040575F
|. 51 PUSH ECX
00405760
|. 53 PUSH EBX
00405761
|. 8BD8 MOV EBX, EAX
00405763
|. 33C0 XOR EAX, EAX
00405765
|. 55 PUSH EBP
00405766
|. 68 E0594000 PUSH SnapYa!.004059E0
0040576B
|. 64:FF30 PUSH DWORD PTR FS:[EAX]
0040576E
|. 64:8920 MOV DWORD PTR FS:[EAX],
ESP
00405771 |. C683 11030000>MOV BYTE PTR DS:[EBX+311],
0
00405778 |. C683 10030000>MOV BYTE PTR DS:[EBX+310],
0
0040577F |. 8D55 FC LEA EDX,
[LOCAL.1]
00405782 |. 8B83 FC020000 MOV EAX, DWORD
PTR DS:[EBX+2FC>
00405788 |. E8 B7BFFFFF CALL
<JMP.&Vcl50.@Controls@TCon>
0040578D |. 8B55 FC
MOV EDX, [LOCAL.1]
00405790 |. B8
F4594000 MOV EAX, SnapYa!.004059F4
00405795 |. E8
C6B9FFFF CALL <JMP.&Vcl50.@System@@LStrP>
0040579A
|. 85C0 TEST EAX, EAX
0040579C
|. 7E 1F JLE SHORT SnapYa!.004057BD
0040579E
|> 8D55 FC /LEA EDX, [LOCAL.1]
004057A1
|. B9 01000000 |MOV ECX, 1
004057A6 |.
92 |XCHG EAX, EDX
004057A7
|. E8 ACB9FFFF |CALL <JMP.&Vcl50.@System@@LStr>
004057AC
|. 8B55 FC |MOV EDX, [LOCAL.1]
004057AF
|. B8 F4594000 |MOV EAX, SnapYa!.004059F4
004057B4
|. E8 A7B9FFFF |CALL <JMP.&Vcl50.@System@@LStr>
004057B9
|. 85C0 |TEST EAX,
EAX
004057BB |.^ 7F E1 \JG
SHORT SnapYa!.0040579E
004057BD |> 8B45 FC
MOV EAX, [LOCAL.1]
; EAX <==SS:[12F2BC]=011909E4,(ASCII "7894561230123456")
004057C0
|. E8 37E9FFFF CALL SnapYa!.004040FC
; 計算註冊碼的地方
004057C5 |. F7D8
NEG EAX
004057C7 |. 1BC0
SBB EAX, EAX
004057C9 |. F7D8
NEG EAX
004057CB |. 84C0
TEST AL, AL
; 關鍵比較
004057CD
|. 75 30 JNZ SHORT SnapYa!.004057FF
; 關鍵跳轉
004057CF |. 6A 00
PUSH 0
004057D1 |. 8D55 F4
LEA EDX, [LOCAL.3]
004057D4 |. B8 A4524000
MOV EAX, SnapYa!.004052A4
004057D9 |. E8 A2B9FFFF
CALL <JMP.&Vcl50.@System@LoadRe>
004057DE |.
8B45 F4 MOV EAX, [LOCAL.3]
; EAX <== SS:[12F2B4]=011909BC,(ASCII
"Sorry,wrong code! Please validate your input and try again!"
004057E1
|. 8D55 F8 LEA EDX, [LOCAL.2]
004057E4
|. E8 1FD9FFFF CALL <JMP.&Ml42ND50.@Ivdictio@T>
004057E9
|. 8B45 F8 MOV EAX, [LOCAL.2]
004057EC
|. 66:8B0D F8594>MOV CX, WORD PTR DS:[4059F8]
004057F3
|. B2 01 MOV DL, 1
004057F5
|. E8 9AC3FFFF CALL <JMP.&Vcl50.@Dialogs@Messa>
004057FA
|. E9 B9010000 JMP SnapYa!.004059B8
================================================================================
CALL SnapYa!.004040FC ; 計算註冊碼的地方
004040FC
/$ 55 PUSH EBP
004040FD
|. 8BEC MOV EBP, ESP
; 計算註冊碼的地方
004040FF |. 83C4
E4 ADD ESP, -1C
00404102 |. 53
PUSH EBX
00404103 |.
56 PUSH ESI
00404104
|. 33D2 XOR EDX, EDX
00404106
|. 8955 EC MOV [LOCAL.5], EDX
00404109
|. 8955 F8 MOV [LOCAL.2], EDX
0040410C
|. 8955 F4 MOV [LOCAL.3], EDX
0040410F
|. 8945 FC MOV [LOCAL.1], EAX
; SS:[12F268]<==011909E4,(ASCII
"7894561230123456")
00404112 |. 8B45 FC
MOV EAX, [LOCAL.1]
; EAX <==SS:[12F2BC]=011909E4,(ASCII "7894561230123456")
00404115
|. E8 1ED0FFFF CALL <JMP.&Vcl50.@System@@LStrA>
0040411A
|. 33C0 XOR EAX, EAX
0040411C
|. 55 PUSH EBP
0040411D
|. 68 54434000 PUSH SnapYa!.00404354
00404122
|. 64:FF30 PUSH DWORD PTR FS:[EAX]
00404125
|. 64:8920 MOV DWORD PTR FS:[EAX],
ESP
00404128 |. C645 F3 00 MOV BYTE
PTR SS:[EBP-D], 0
0040412C |. C645 F1 00 MOV
BYTE PTR SS:[EBP-F], 0
00404130 |. C645 F2 00 MOV
BYTE PTR SS:[EBP-E], 0
00404134 |. 33DB
XOR EBX, EBX
00404136 |. 33C0
XOR EAX, EAX
00404138 |.
A3 84C04000 MOV DWORD PTR DS:[40C084], EAX
0040413D
|. 8D55 EC LEA EDX, [LOCAL.5]
00404140
|. 8B45 FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F2BC]=011909E4,(ASCII
"7894561230123456")
00404143 |. E8 5CD2FFFF CALL
<JMP.&Vcl50.@Sysutils@Ansi>
00404148 |. 8B55
EC MOV EDX, [LOCAL.5]
; EDX <==SS:[12F258]=01190904,(ASCII "7894561230123456")
0040414B
|. 8D45 FC LEA EAX, [LOCAL.1]
; (ASCII "7894561230123456")
的地址
0040414E |. E8 ADCFFFFF CALL <JMP.&Vcl50.@System@@LStrL>
00404153
|. 8B45 FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F258]=01190904,(ASCII
"7894561230123456")
00404156 |. E8 B5CFFFFF CALL
<JMP.&Vcl50.@System@@LStrL>
0040415B |. 83F8
12 CMP EAX, 12
; EAX =12 (註冊碼的長度=18),把試驗碼改為"789456123012345678"繼續
0040415E
|. 0F85 B3010000 JNZ SnapYa!.00404317
00404164 |.
8B45 FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F268]=011909BC,(ASCII
"789456123012345678")
00404167 |. E8 20020000
CALL SnapYa!.0040438C ; 第一次計算的地方
0040416C
|. 8BF0 MOV ESI, EAX
; ESI<==EAX=2A3
(第一次計算的值)
0040416E |. 8D45 F8 LEA
EAX, [LOCAL.2]
00404171 |. 50
PUSH EAX
00404172 |. 0FB7C6
MOVZX EAX, SI
; EAX <==2A3
00404175 |. 8945 E4
MOV [LOCAL.7], EAX
; SS:[12F250]<==2A3
00404178 |. C645 E8 00
MOV BYTE PTR SS:[EBP-18], 0
0040417C |. 8D55
E4 LEA EDX, [LOCAL.7]
; EDX <==0012F250 (第一次計算的值的地址)
0040417F
|. 33C9 XOR ECX, ECX
00404181
|. B8 6C434000 MOV EAX, SnapYa!.0040436C;
format ASCII "%04x"
00404186 |. E8 79D2FFFF
CALL <JMP.&Vcl50.@Sysutils@form>
0040418B
|. 8D45 F4 LEA EAX, [LOCAL.3]
0040418E
|. 50 PUSH EAX
0040418F
|. B9 04000000 MOV ECX, 4
; ECX=4
00404194
|. BA 0F000000 MOV EDX, 0F
; EDX=0F
00404199
|. 8B45 FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F268]=011909BC,(ASCII
"789456123012345678")
0040419C |. E8 AFCFFFFF
CALL <JMP.&Vcl50.@System@@LStrC>
; 取試驗碼的最後四位"5678"
004041A1
|. 8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII
" 2A3")
004041A4 |. E8 67CFFFFF CALL <JMP.&Vcl50.@System@@LStrL>
004041A9
|. 83F8 04 CMP EAX, 4
; EAX=4
004041AC
|. 7D 10 JGE SHORT SnapYa!.004041BE
004041AE
|. 8D45 F8 LEA EAX, [LOCAL.2]
004041B1
|. 8B4D F8 MOV ECX, [LOCAL.2]
004041B4
|. BA 7C434000 MOV EDX, SnapYa!.0040437C
004041B9
|. E8 62CFFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004041BE
|> 8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"2A3")
004041C1
|. E8 4ACFFFFF CALL <JMP.&Vcl50.@System@@LStrL>
004041C6
|. 83F8 04 CMP EAX, 4
004041C9
|. 7D 10 JGE SHORT SnapYa!.004041DB
004041CB
|. 8D45 F8 LEA EAX, [LOCAL.2]
004041CE
|. 8B4D F8 MOV ECX, [LOCAL.2]
004041D1
|. BA 7C434000 MOV EDX, SnapYa!.0040437C
004041D6
|. E8 45CFFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004041DB
|> 8B45 F8 MOV EAX, [LOCAL.2]
004041DE
|. E8 2DCFFFFF CALL <JMP.&Vcl50.@System@@LStrL>
004041E3
|. 83F8 04 CMP EAX, 4
004041E6
|. 7D 10 JGE SHORT SnapYa!.004041F8
004041E8
|. 8D45 F8 LEA EAX, [LOCAL.2]
004041EB
|. 8B4D F8 MOV ECX, [LOCAL.2]
004041EE
|. BA 7C434000 MOV EDX, SnapYa!.0040437C
004041F3
|. E8 28CFFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004041F8
|> 8B45 F8 MOV EAX, [LOCAL.2]
004041FB
|. E8 10CFFFFF CALL <JMP.&Vcl50.@System@@LStrL>
00404200
|. 83F8 04 CMP EAX, 4
00404203
|. 7D 10 JGE SHORT SnapYa!.00404215
00404205
|. 8D45 F8 LEA EAX, [LOCAL.2]
00404208
|. 8B4D F8 MOV ECX, [LOCAL.2]
0040420B
|. BA 7C434000 MOV EDX, SnapYa!.0040437C
00404210
|. E8 0BCFFFFF CALL <JMP.&Vcl50.@System@@LStrC>
00404215
|> 8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"2A3")
00404218
|. 8038 20 CMP BYTE PTR DS:[EAX],
20
0040421B |. 75 0B JNZ
SHORT SnapYa!.00404228
0040421D |. 8D45 F8
LEA EAX, [LOCAL.2]
00404220 |. E8 23CFFFFF
CALL <JMP.&Vcl50.@System@Unique>
00404225 |. C600
30 MOV BYTE PTR DS:[EAX], 30 ; 把得到的值前加0
00404228
|> 8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"02A3")
0040422B
|. 8078 01 20 CMP BYTE PTR DS:[EAX+1],
20
0040422F |. 75 0C JNZ
SHORT SnapYa!.0040423D
00404231 |. 8D45 F8
LEA EAX, [LOCAL.2]
00404234 |. E8 0FCFFFFF
CALL <JMP.&Vcl50.@System@Unique>
00404239 |. C640
01 30 MOV BYTE PTR DS:[EAX+1], 30
0040423D |>
8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"02A3")
00404240
|. 8078 02 20 CMP BYTE PTR DS:[EAX+2],
20
00404244 |. 75 0C JNZ
SHORT SnapYa!.00404252
00404246 |. 8D45 F8
LEA EAX, [LOCAL.2]
00404249 |. E8 FACEFFFF
CALL <JMP.&Vcl50.@System@Unique>
0040424E |. C640
02 30 MOV BYTE PTR DS:[EAX+2], 30
00404252 |>
8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"02A3")
00404255
|. 8078 03 20 CMP BYTE PTR DS:[EAX+3],
20
00404259 |. 75 0C JNZ
SHORT SnapYa!.00404267
0040425B |. 8D45 F8
LEA EAX, [LOCAL.2]
0040425E |. E8 E5CEFFFF
CALL <JMP.&Vcl50.@System@Unique>
00404263 |. C640
03 30 MOV BYTE PTR DS:[EAX+3], 30
00404267 |>
8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=0117F40C,(ASCII"02A3")
0040426A
|. 8B55 F4 MOV EDX, [LOCAL.3]
; EDX <== SS:[12F260]=011876CC,(ASCII
"5678")
0040426D |. E8 BECEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
;
把得到的值與試驗碼的最後四位比較
00404272 |. 75 04
JNZ SHORT SnapYa!.00404278
00404274 |. C645 F3 01
MOV BYTE PTR SS:[EBP-D], 1 ; 標誌
00404278
|> 8D45 F8 LEA EAX, [LOCAL.2]
0040427B
|. 50 PUSH EAX
0040427C
|. B9 03000000 MOV ECX, 3
00404281 |.
BA 01000000 MOV EDX, 1
00404286 |. 8B45
FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F268]=011909BC,(ASCII "789456123012345678")
00404289
|. E8 C2CEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
0040428E
|. 8B45 F8 MOV EAX, [LOCAL.2]
; EAX<==SS:[12F264]=01185298,(ASCII
"789") 試驗碼的前三位
00404291 |. 8B15 68C04000 MOV
EDX, DWORD PTR DS:[40C068]
; EDX<==DS:[40C068]=011883EC,(ASCII
"SNY")
00404297 |. E8 94CEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
;
註冊碼的前三位應該是"SNY"
0040429C |. 75 04
JNZ SHORT SnapYa!.004042A2
0040429E |. C645
F1 01 MOV BYTE PTR SS:[EBP-F], 1 ;
標誌
004042A2 |> 8D45 F8 LEA
EAX, [LOCAL.2]
004042A5 |. 50
PUSH EAX
004042A6 |. B9 01000000
MOV ECX, 1
; ECX=1
004042AB |. BA 06000000
MOV EDX, 6
; EDX=6
004042B0 |. 8B45 FC
MOV EAX, [LOCAL.1]
EAX <==SS:[12F268]=011909BC,(ASCII "789456123012345678")
004042B3
|. E8 98CEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004042B8
|. 8B45 F8 MOV EAX, [LOCAL.2]
004042BB
|. 8B15 6CC04000 MOV EDX, DWORD PTR DS:[40C06C]
004042C1
|. E8 6ACEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
;
比較計算得到的值的第6位=A
004042C6 |. 75 04
JNZ SHORT SnapYa!.004042CC
004042C8 |. C645 F2 01
MOV BYTE PTR SS:[EBP-E], 1 ; 標誌
004042CC
|> 8D45 F8 LEA EAX, [LOCAL.2]
004042CF
|. 50 PUSH EAX
004042D0
|. B9 02000000 MOV ECX, 2
; ECX=2 (檢查的位數)
004042D5 |. BA
04000000 MOV EDX, 4 ;
EDX=4 (檢查的位號)
004042DA |. 8B45 FC
MOV EAX, [LOCAL.1]
;
EAX <==SS:[12F268]=011909BC,(ASCII "789456123012345678")
004042DD
|. E8 6ECEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004042E2
|. 8B45 F8 MOV EAX, [LOCAL.2]
; EAX=SS:[12F264]=0117AC14,(ASCII
"45")
004042E5 |. BA 88434000 MOV
EDX, SnapYa!.00404388
; EDX <==00404388,
ASCII "77"
004042EA |. E8 41CEFFFF CALL
<JMP.&Vcl50.@System@@LStrC>
; 註冊碼的第4,5不應該是77"
004042EF
|. 74 0D JE SHORT
SnapYa!.004042FE
004042F1 |. 8B45 F8 MOV
EAX, [LOCAL.2]
; EAX=SS:[12F264]=0117AC14,(ASCII
"45")
004042F4 |. E8 C3D0FFFF CALL <JMP.&Vcl50.@Sysutils@StrT>
;
註冊碼的第4,5是不是77 <==如果是77就是完全版 (我的錯誤之一,現更正)
004042F9 |.
A3 84C04000 MOV DWORD PTR DS:[40C084], EAX
;
DS:[40C084]<==EAX=2D ('-')
004042FE |> 8B45 F8
MOV EAX, [LOCAL.2]
; EAX=SS:[12F264]=0117AC14,(ASCII "45")
00404301
|. BA 88434000 MOV EDX, SnapYa!.00404388
; EDX <==00404388, ASCII "77"
00404306 |.
E8 25CEFFFF CALL <JMP.&Vcl50.@System@@LStrC>
;
註冊碼的第4,5不是77就是00 <== 如果是00就是30天的限制版 (我的錯誤之二,現更正)
0040430B |.
75 0A JNZ SHORT SnapYa!.00404317
0040430D
|. C705 84C04000>MOV DWORD PTR DS:[40C084], -1
;
標誌 (這是一個失敗的標誌)
00404317 |> 807D F3 01 CMP
BYTE PTR SS:[EBP-D], 1
; SS:[EBP-D]=SS:[12F25F]=01
,(註冊碼的後四位=第一次計算的值的正確標誌)
0040431B |. 75 0E
JNZ SHORT SnapYa!.0040432B
0040431D |. 807D
F2 01 CMP BYTE PTR SS:[EBP-E], 1
;
SS:[EBP-E]=SS:[12F260]=01 ,(註冊碼的第六位是A 的正確標誌)
00404321 |. 75
08 JNZ SHORT SnapYa!.0040432B
00404323
|. 807D F1 01 CMP BYTE PTR SS:[EBP-F],
1
SS:[EBP-F]=SS:[12F261]=01 ,(註冊碼的前三位是"SNY"的正確標誌)
00404327
|. 75 02 JNZ SHORT SnapYa!.0040432B
00404329
|. B3 01 MOV BL, 1
; 應該是註冊碼成功的標誌
0040432B |> F6DB
NEG BL
0040432D |. 1BC0
SBB EAX, EAX
0040432F |.
8BD8 MOV EBX, EAX
00404331
|. 33C0 XOR EAX, EAX
00404333
|. 5A POP EDX
00404334
|. 59 POP ECX
00404335
|. 59 POP ECX
00404336
|. 64:8910 MOV DWORD PTR FS:[EAX],
EDX
00404339 |. 68 5B434000 PUSH SnapYa!.0040435B
0040433E
|> 8D45 EC LEA EAX, [LOCAL.5]
00404341
|. E8 A2CDFFFF CALL <JMP.&Vcl50.@System@@LStrC>
00404346
|. 8D45 F4 LEA EAX, [LOCAL.3]
00404349
|. BA 03000000 MOV EDX, 3
0040434E |.
E8 9DCDFFFF CALL <JMP.&Vcl50.@System@@LStrA>
00404353
\. C3 RETN
==============================================
CALL SnapYa!.0040438C ; 第一次計算的地方
0040438C
/$ 55 PUSH EBP
; 第一次計算的地方
0040438D |. 8BEC
MOV EBP, ESP
0040438F |.
51 PUSH ECX
00404390
|. 53 PUSH EBX
00404391
|. 8945 FC MOV [LOCAL.1], EAX
00404394
|. 8B45 FC MOV EAX, [LOCAL.1]
; EAX <==SS:[12F268]=011909BC,(ASCII
"789456123012345678")
00404397 |. E8 9CCDFFFF
CALL <JMP.&Vcl50.@System@@LStrA>
0040439C |. 33C0
XOR EAX, EAX
0040439E |.
55 PUSH EBP
0040439F
|. 68 DF434000 PUSH SnapYa!.004043DF
004043A4
|. 64:FF30 PUSH DWORD PTR FS:[EAX]
004043A7
|. 64:8920 MOV DWORD PTR FS:[EAX],
ESP
004043AA |. 33C9 XOR
ECX, ECX
004043AC |. B8 01000000 MOV
EAX, 1 ; EAX<==1 指標賦初值
004043B1
|> 8B55 FC /MOV EDX, [LOCAL.1]
; EAX <==SS:[12F268]=011909BC,(ASCII
"789456123012345678")
004043B4 |. 8A5402 FF
|MOV DL, BYTE PTR DS:[EDX+EAX->
; DL <== DS:[011909BC]=37
('7')
004043B8 |. 81E2 FF000000 |AND EDX, 0FF
004043BE
|. 66:03CA |ADD CX, DX
; CX=CX+DX=0+37=37
004043C1 |. 40
|INC EAX
; EAX++
004043C2
|. 83F8 0E |CMP EAX, 0E
; 計算的次數=14-1=13
004043C5 |.^ 75
EA \JNZ SHORT SnapYa!.004043B1
; //這段把試驗碼的前13位的hex值相加==>ECX
004043C7 |. 8BD9
MOV EBX, ECX
; EBX<==ECX=2A3
004043C9
|. 33C0 XOR EAX, EAX
004043CB
|. 5A POP EDX
004043CC
|. 59 POP ECX
004043CD
|. 59 POP ECX
004043CE
|. 64:8910 MOV DWORD PTR FS:[EAX],
EDX
004043D1 |. 68 E6434000 PUSH SnapYa!.004043E6
004043D6
|> 8D45 FC LEA EAX, [LOCAL.1]
; (ASCII "7894561230123456")
的地址
004043D9 |. E8 0ACDFFFF CALL <JMP.&Vcl50.@System@@LStrC>
004043DE
\. C3 RETN
-----------------------------------------------------------------------------
第四,五位如果不是77也不應該是:
40003532
8BC0 MOV EAX,
EAX
40003534 > 53 PUSH
EBX
40003535 56
PUSH ESI
40003536 57
PUSH EDI
40003537 89C6
MOV ESI, EAX
40003539
50 PUSH EAX
4000353A
85C0 TEST EAX,
EAX
4000353C 74 73 JE
SHORT Vcl50.400035B1
4000353E 31C0
XOR EAX, EAX
40003540 31DB
XOR EBX, EBX
40003542
BF CCCCCC0C MOV EDI, 0CCCCCCC
40003547
8A1E MOV BL,
BYTE PTR DS:[ESI]
; BL <== DS:[0117AC14]=34 ('4')
40003549
46 INC ESI
4000354A
80FB 20 CMP BL, 20
4000354D
^ 74 F8 JE SHORT
Vcl50.40003547
4000354F B5 00
MOV CH, 0
; 第四位的條件:
40003551 80FB 2D CMP
BL, 2D ;
2D ('-')
40003554 74 69 JE
SHORT Vcl50.400035BF
40003556 80FB 2B
CMP BL, 2B
40003559 74 66
JE SHORT Vcl50.400035C1
4000355B
80FB 24 CMP BL, 24
4000355E
74 66 JE SHORT
Vcl50.400035C6
40003560 80FB 78 CMP
BL, 78 ;
78 ('x')
40003563 74 61 JE
SHORT Vcl50.400035C6
40003565 80FB 58
CMP BL, 58
; 58 ('X')
40003568 74 5C
JE SHORT Vcl50.400035C6
4000356A
80FB 30 CMP BL, 30
; <==如果是0就不跳,0就正確
4000356D
75 13 JNZ SHORT
Vcl50.40003582
4000356F 8A1E
MOV BL, BYTE PTR DS:[ESI] ; BL =35 ('5')第五位
40003571
46 INC
ESI
40003572 80FB 78 CMP
BL, 78 ; 78 ('x')
40003575
74 4F JE SHORT
Vcl50.400035C6
40003577 80FB 58 CMP
BL, 58 ;
58 ('X')
4000357A 74 4A JE
SHORT Vcl50.400035C6
4000357C 84DB
TEST BL, BL
4000357E
74 20 JE SHORT Vcl50.400035A0
40003580
EB 04 JMP SHORT
Vcl50.40003586
40003582 84DB
TEST BL, BL
40003584 74 34
JE SHORT Vcl50.400035BA
40003586 80EB
30 SUB BL, 30
40003589 80FB
09 CMP BL, 9
4000358C 77
2C JA SHORT Vcl50.400035BA
4000358E
39F8 CMP EAX,
EDI
40003590 77 28 JA
SHORT Vcl50.400035BA
40003592 8D0480
LEA EAX, DWORD PTR DS:[EAX+EAX*4]
40003595
01C0 ADD EAX,
EAX
40003597 01D8 ADD
EAX, EBX
40003599 8A1E
MOV BL, BYTE PTR DS:[ESI]
; BL <== DS:[0117AC15]=35
('5')
4000359B 46 INC
ESI
4000359C 84DB
TEST BL, BL
4000359E ^ 75 E6
JNZ SHORT Vcl50.40003586
400035A0 FECD
DEC CH
400035A2
74 10 JE SHORT Vcl50.400035B4
400035A4
85C0 TEST EAX,
EAX ; EAX=2D ('-')
400035A6
7C 12 JL SHORT
Vcl50.400035BA
400035A8 59
POP ECX
400035A9 31F6
XOR ESI, ESI
400035AB 8932
MOV DWORD PTR DS:[EDX],
ESI
400035AD 5F POP
EDI
400035AE 5E
POP ESI
400035AF 5B
POP EBX
400035B0 C3
RETN
********************************************************************************
註冊碼計算的總結:
條件註冊碼的長度=18位
1.註冊碼的前三位是: SNY
2.註冊碼的第六位是: A
3.註冊碼的第四五位有如下幾種限制情況:
1).如果是:77 <== 就是完全版
2).不能是: X 和: x
3).如果是:00
<== 就是30天限制版
4.註冊碼的第七到第十四位隨便
5.註冊碼的最後四位的計算方法:
1).把前13位的各位hex相加
2).如果不足四位前面加0
一組可以用的註冊碼: SNY77A789456120321
<== 完全版
SNY00A789456120313 <== 30天限制版
fxyang更正於 2003.3.8-12:00
fxyang
2003.3.7
相關文章
- QT擷取螢幕的實現2013-08-06QT
- Android三種方式擷取任意介面螢幕2019-05-13Android
- 在RFT中如何擷取螢幕影像並儲存到檔案中?2010-01-23
- 螢幕取詞核心內幕 (轉)2007-12-03
- 直播平臺軟體開發,完整擷取整個螢幕的截圖方式2022-04-26
- 如何使用 gnome-screenshot 截圖命令來擷取螢幕、視窗或指定區2013-07-26
- JS獲取螢幕大小2013-12-19JS
- javascript獲取螢幕的尺寸2017-04-11JavaScript
- 滑鼠螢幕取詞 原理 (轉)2007-12-07
- 如何用Chrome自帶的截圖功能擷取超過一個螢幕的網頁2018-09-09Chrome網頁
- 小程式獲取當前元素在螢幕中的位置2019-03-12
- javascript獲取移動裝置螢幕尺寸的程式碼2017-03-21JavaScript
- 螢幕控制示例程式2009-06-15
- js獲取網頁螢幕寬高2017-12-01JS網頁
- WebRTC本地分享螢幕,錄製螢幕2021-12-06Web
- 獲取各種螢幕高度寬度(工作)2019-04-02
- javascript如何獲取電腦螢幕的尺寸2017-03-16JavaScript
- Java及Jquery獲取螢幕解析度的實現程式碼2019-12-23JavajQuery
- javascript獲取視窗和螢幕解析度等尺寸程式碼2017-03-22JavaScript
- php字串擷取函式,支援中文擷取2016-11-29PHP字串函式
- js擷取2021-12-01JS
- 擷取ip2013-11-06
- 關於螢幕程式設計(轉)2010-12-08程式設計
- iOS專案開發實戰——使用程式碼獲取螢幕寬高2015-09-25iOS
- android通過MediaProjection獲取螢幕內容2020-12-06AndroidProject
- React Native 之 獲取螢幕解析度2016-12-16React Native
- abap screnn螢幕程式設計,對螢幕中的欄位追加多選search help2010-03-10程式設計
- Aerial for Mac鳥瞰螢幕保護程式2020-11-23Mac
- 金鋒螢幕保護程式2.0破解2015-11-15
- 前端字型擷取2018-12-17前端
- PHP字串擷取2017-08-10PHP字串
- Flutter 中獲取螢幕以及 Widget 的寬高2019-03-08Flutter
- 有道雲詞典--翻譯/螢幕取詞翻譯2020-12-12
- WIN32API:獲取螢幕的解析度2020-10-30Win32API
- 獲取當前螢幕顯示的viewcontroller2016-12-24ViewController
- Android獲取螢幕和控制元件座標2017-04-20Android控制元件
- js獲取div相對螢幕的座標位置2016-08-02JS
- JS 獲取瀏覽器和螢幕寬高資訊2016-08-15JS瀏覽器