神算劉半仙 2003 Build 09.01 演算法簡析
神算劉半仙 2003 Build 09.01 演算法簡析
機器碼:92495650(d)---5835F22(h)
註冊碼:36b3a175da3637
試驗碼:87654321
主檔案ssbx.exe,無殼,delphi程式設計。
:004C850E 8D45FC lea eax, dword ptr [ebp-04]
:004C8511 8D957BFFFFFF lea edx, dword ptr [ebp+FFFFFF7B]
:004C8517 B981000000 mov ecx, 00000081
:004C851C E89BC4F3FF call 004049BC
:004C8521 8D9574FFFFFF lea edx, dword ptr [ebp+FFFFFF74]
:004C8527 8B8328030000 mov eax, dword ptr [ebx+00000328]
:004C852D E84272F7FF call 0043F774
:004C8532 8B8574FFFFFF mov eax, dword ptr [ebp+FFFFFF74] //eax=假碼
:004C8538 50 push eax
:004C8539 8D956CFFFFFF lea edx, dword ptr [ebp+FFFFFF6C]
:004C853F 8B8324030000 mov eax, dword ptr [ebx+00000324]
:004C8545 E82A72F7FF call 0043F774
:004C854A 8B856CFFFFFF mov eax, dword ptr [ebp+FFFFFF6C] //eax=機器碼
:004C8550 E85B0CF4FF call 004091B0
:004C8555 8D9570FFFFFF lea edx, dword ptr [ebp+FFFFFF70]
:004C855B E804FEFFFF call 004C8364 //演算法call
:004C8560 8B9570FFFFFF mov edx, dword ptr [ebp+FFFFFF70]
:004C8566 58 pop eax
:004C8567 E8E4C5F3FF call 00404B50 //關鍵比較,eax假碼,edx真碼
:004C856C 0F858F000000 jne 004C8601 //跳則over
* Possible StringData Ref from Code Obj ->"註冊成功,謝謝你的註冊!"
|
:004C8572 B874864C00 mov eax, 004C8674
:004C8577 E89405F7FF call 00438B10
:004C857C A1A4474D00 mov eax, dword ptr [004D47A4]
:004C8581 8B00 mov eax, dword ptr [eax]
:004C8583 8B80F0020000 mov eax, dword ptr [eax+000002F0]
:004C8589 8B8008020000 mov eax, dword ptr [eax+00000208]
:004C858F BA01000000 mov edx, 00000001
:004C8594 E8138AFDFF call 004A0FAC
* Possible StringData Ref from Code Obj ->"軟體已註冊"
|
:004C8599 BA98864C00 mov edx, 004C8698
:004C859E E86589FDFF call 004A0F08
:004C85A3 8D8568FFFFFF lea eax, dword ptr [ebp+FFFFFF68]
* Possible StringData Ref from Code Obj ->"FGHkey1.sys" //註冊碼存放的檔案
|
:004C85A9 B9AC864C00 mov ecx, 004C86AC
:004C85AE 8B55FC mov edx, dword ptr [ebp-04]
:004C85B1 E8A2C4F3FF call 00404A58
:004C85B6 8B8D68FFFFFF mov ecx, dword ptr [ebp+FFFFFF68]
:004C85BC B201 mov dl, 01
* Possible StringData Ref from Code Obj ->"?F"
|
:004C85BE A1D4274600 mov eax, dword ptr [004627D4]
:004C85C3 E8BCA2F9FF call 00462884
* Possible StringData Ref from Code Obj ->"44134co642ls3058372"
|
:004C85C8 68C4864C00 push 004C86C4
* Possible StringData Ref from Code Obj ->"sepop"
|
:004C85CD B9E0864C00 mov ecx, 004C86E0
* Possible StringData Ref from Code Obj ->"syetup"
|
:004C85D2 BAF0864C00 mov edx, 004C86F0
:004C85D7 8B18 mov ebx, dword ptr [eax]
:004C85D9 FF5304 call [ebx+04]
:004C85DC 8D8564FFFFFF lea eax, dword ptr [ebp+FFFFFF64]
* Possible StringData Ref from Code Obj ->"FGHkey1.sys"
|
:004C85E2 B9AC864C00 mov ecx, 004C86AC
:004C85E7 8B55FC mov edx, dword ptr [ebp-04]
:004C85EA E869C4F3FF call 00404A58
:004C85EF 8B8564FFFFFF mov eax, dword ptr [ebp+FFFFFF64]
:004C85F5 BA03000000 mov edx, 00000003
:004C85FA E8F90DF4FF call 004093F8
:004C85FF EB17 jmp 004C8618
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C856C(C)
|
* Possible StringData Ref from Code Obj ->"註冊碼錯誤,請重新輸入!"
|
:004C8601 B800874C00 mov eax, 004C8700
************************************************************************
* Referenced by a CALL at Address:
|:004C855B
|
:004C8364 55 push ebp
:004C8365 8BEC mov ebp, esp
:004C8367 33C9 xor ecx, ecx
:004C8369 51 push ecx
:004C836A 51 push ecx
:004C836B 51 push ecx
:004C836C 51 push ecx
:004C836D 51 push ecx
:004C836E 51 push ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C82FE(C)
|
:004C836F 53 push ebx
:004C8370 56 push esi
:004C8371 8BF2 mov esi, edx
:004C8373 8BD8 mov ebx, eax //ebx=eax=機器碼的16進位制
:004C8375 33C0 xor eax, eax
:004C8377 55 push ebp
:004C8378 68B0844C00 push 004C84B0
:004C837D 64FF30 push dword ptr fs:[eax]
:004C8380 648920 mov dword ptr fs:[eax], esp
:004C8383 81F38776FBDD xor ebx, DDFB7687 //ebx=機器碼 xor DDFB7687 =D87829A5
:004C8389 8BC3 mov eax, ebx //eax=ebx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C831C(C)
|
:004C838B 33D2 xor edx, edx
:004C838D 52 push edx
:004C838E 50 push eax
:004C838F 8D45FC lea eax, dword ptr [ebp-04]
:004C8392 E8E50DF4FF call 0040917C
:004C8397 8B45FC mov eax, dword ptr [ebp-04] //eax=ebx的10進位制值3631753637
:004C839A 0FB600 movzx eax, byte ptr [eax] //取3631753637的首位字元hex值33送 eax
:004C839D 8B55FC mov edx, dword ptr [ebp-04]
:004C83A0 0FB65201 movzx edx, byte ptr [edx+01] //取3631753637的第二位字元hex值36送edx
:004C83A4 03C2 add eax, edx //eax=eax+edx=69
:004C83A6 B905000000 mov ecx, 00000005 //ecx=5
:004C83AB 99 cdq
:004C83AC F7F9 idiv ecx //eax / ecx
:004C83AE 80C261 add dl, 61 //dl=餘數dl加上61=61
:004C83B1 8855F8 mov byte ptr [ebp-08], dl //字元"a"(0x61)送[ebp-8]
:004C83B4 8B45FC mov eax, dword ptr [ebp-04]
:004C83B7 0FB64002 movzx eax, byte ptr [eax+02] //取3631753637的第三位字元hex值33送eax
:004C83BB 8B55FC mov edx, dword ptr [ebp-04]
:004C83BE 0FB65203 movzx edx, byte ptr [edx+03] //取3631753637的第四位字元hex值31送edx
:004C83C2 03C2 add eax, edx //eax=eax+edx=64
:004C83C4 B905000000 mov ecx, 00000005
:004C83C9 99 cdq
:004C83CA F7F9 idiv ecx
:004C83CC 80C261 add dl, 61 //dl=餘數dl加上61=61
:004C83CF 8855F9 mov byte ptr [ebp-07], dl //字元"a"(0x61)送[ebp-7]
:004C83D2 8B45FC mov eax, dword ptr [ebp-04]
:004C83D5 0FB64004 movzx eax, byte ptr [eax+04] //取3631753637的第五位字元hex值37送eax
:004C83D9 8B55FC mov edx, dword ptr [ebp-04]
:004C83DC 0FB65205 movzx edx, byte ptr [edx+05] //取3631753637的第六位字元hex值35送edx
:004C83E0 03C2 add eax, edx //eax=eax+edx=6C
:004C83E2 B905000000 mov ecx, 00000005
:004C83E7 99 cdq
:004C83E8 F7F9 idiv ecx
:004C83EA 80C261 add dl, 61 //dl=餘數dl加上61=3+1=64
:004C83ED 8855FA mov byte ptr [ebp-06], dl //字元"d"(0x64)送[ebp-6]
:004C83F0 8B45FC mov eax, dword ptr [ebp-04]
:004C83F3 0FB64006 movzx eax, byte ptr [eax+06] //取3631753637的第七位字元hex值33送eax
:004C83F7 8B55FC mov edx, dword ptr [ebp-04]
:004C83FA 0FB65207 movzx edx, byte ptr [edx+07] //取3631753637的第八位字元hex值36送edx
:004C83FE 03C2 add eax, edx //eax=eax+edx=69
:004C8400 8B55FC mov edx, dword ptr [ebp-04]
:004C8403 0FB65208 movzx edx, byte ptr [edx+08] //取3631753637的第九位字元hex值33送edx
:004C8407 03C2 add eax, edx //eax=eax+edx=69+33=9C
:004C8409 B905000000 mov ecx, 00000005
:004C840E 99 cdq
:004C840F F7F9 idiv ecx
:004C8411 80C261 add dl, 61 //dl=餘數dl加上61=1+61=62
:004C8414 8855FB mov byte ptr [ebp-05], dl //字元"b"(0x62)送[ebp-6]
:004C8417 8D45F4 lea eax, dword ptr [ebp-0C]
:004C841A 8A55F8 mov dl, byte ptr [ebp-08] //dl=字元"a"
:004C841D E812C5F3FF call 00404934
:004C8422 8B45F4 mov eax, dword ptr [ebp-0C]
:004C8425 8D55FC lea edx, dword ptr [ebp-04]
:004C8428 B907000000 mov ecx, 00000007 //ecx=7
:004C842D E8BAC8F3FF call 00404CEC //這個call把字元"a"插入到3631753637的第7位
:004C8432 8D45F0 lea eax, dword ptr [ebp-10] //edx=a3637
:004C8435 8A55FB mov dl, byte ptr [ebp-05] //dl=字元"b"
:004C8438 E8F7C4F3FF call 00404934
:004C843D 8B45F0 mov eax, dword ptr [ebp-10]
:004C8440 8D55FC lea edx, dword ptr [ebp-04]
:004C8443 B903000000 mov ecx, 00000003 //ecx=3
:004C8448 E89FC8F3FF call 00404CEC //這個call把字元"b"插入到363175a3637的第3位
:004C844D 8D45EC lea eax, dword ptr [ebp-14] //edx=b3175a3637
:004C8450 8A55F9 mov dl, byte ptr [ebp-07] //dl=字元"a"
:004C8453 E8DCC4F3FF call 00404934
:004C8458 8B45EC mov eax, dword ptr [ebp-14]
:004C845B 8D55FC lea edx, dword ptr [ebp-04]
:004C845E B905000000 mov ecx, 00000005 //ecx=5
:004C8463 E884C8F3FF call 00404CEC //這個call把字元"a"插入到36b3175a3637的第5位
:004C8468 8D45E8 lea eax, dword ptr [ebp-18] //edx=a175a3637
:004C846B 8A55FA mov dl, byte ptr [ebp-06] //dl=字元"d"
:004C846E E8C1C4F3FF call 00404934
:004C8473 8B45E8 mov eax, dword ptr [ebp-18]
:004C8476 8D55FC lea edx, dword ptr [ebp-04]
:004C8479 B909000000 mov ecx, 00000009 //ecx=9
:004C847E E869C8F3FF call 00404CEC //這個call把字元"d"插入到36b3a175a3637的第9位
:004C8483 8BC6 mov eax, esi //edx=da3637
:004C8485 8B55FC mov edx, dword ptr [ebp-04] //edx=36b3a175da3637,真碼啦。
:004C8488 E81BC3F3FF call 004047A8
:004C848D 33C0 xor eax, eax
:004C848F 5A pop edx
:004C8490 59 pop ecx
:004C8491 59 pop ecx
:004C8492 648910 mov dword ptr fs:[eax], edx
:004C8495 68B7844C00 push 004C84B7
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C84B5(U)
|
:004C849A 8D45E8 lea eax, dword ptr [ebp-18]
:004C849D BA04000000 mov edx, 00000004
:004C84A2 E8D1C2F3FF call 00404778
:004C84A7 8D45FC lea eax, dword ptr [ebp-04]
:004C84AA E8A5C2F3FF call 00404754
:004C84AF C3 ret
註冊資訊加密儲存在C:WINDOWSSYSTEM的FGHkey1.sys中,屬性隱藏。
李逍遙
2003.09.09
相關文章
- 網路電視大師 V4.0.0 Build 2003.9.25註冊演算法簡析2015-11-15UI演算法
- 簡單演算法――Windows設定大師
2003 Build 04152015-11-15演算法WindowsUI
- 簡單演算法――Windows設定大師 2003 V2.0 Build
04202015-11-15演算法WindowsUI
- 簡析限流演算法2019-05-20演算法
- ezConverter V1.0.596 Build 2003.04.24
簡體中文版2015-11-15UI
- 漢語寶典 Build 2003.05.282015-11-15UI
- POPMAN時常管家2003版--簡單演算法分析2015-11-15演算法
- MongoDB 簡析2019-05-20MongoDB
- KafkaBroker 簡析2021-02-14Kafka
- KafkaProducer 簡析2021-01-01Kafka
- 演算法與資料結構--簡析紅黑樹2018-09-05演算法資料結構
- 最小樹形圖(朱劉演算法)2020-12-12演算法
- 檔案管理軟體管理大師演算法簡析!(簡單浮點)2015-11-15演算法
- ant 簡述及build.xml2012-04-11UIXML
- 億虎Email郵差 2003c Build 02252015-11-15AIUI
- 手動脫時間提醒助手
Build 2003.12.082015-11-15UI
- ObjC RunLoop簡析2019-02-16OBJOOP
- CGLib 簡析2021-09-11CGLib
- Flux模式簡析2018-09-06UX模式
- 跨域簡析2018-02-09跨域
- 簡析HTTPS2013-11-06HTTP
- RegEditor登錄檔修改器 1.2註冊演算法簡析2015-11-15演算法
- 淺析Buddy演算法2022-07-30演算法
- 中華燈謎 XP 2005 Build 01.20 --簡單演算法分析2015-11-15UI演算法
- 簡單演算法――Modem Spy V3.2 + Build 2002.11.102015-11-15演算法UI
- vuex 原始碼簡析2019-07-13Vue原始碼
- Entitas實現簡析2019-05-31
- ObjC Runtime簡析2019-02-03OBJ
- Flutter渲染流程簡析2018-08-18Flutter
- ObjC block簡析(一)2019-01-24OBJBloC
- JavaScript 模組化簡析2017-01-31JavaScript
- YARN基本介面簡析2017-11-13Yarn
- 【原創】星空視訊俱樂部 V1.75註冊演算法簡析2015-11-15演算法
- 雪花演算法【分散式ID問題】【劉新宇】2019-08-02演算法分散式
- 淺析雜湊演算法2019-03-10演算法
- ObjC中KVO原理簡析2019-03-01OBJ
- 網站改造方向簡析2019-05-11網站
- Flutter啟動流程簡析2019-04-26Flutter