簡單演算法――Windows設定大師 2003 Build 0415
下載頁面:
http://www.skycn.net/soft/11596.html
軟體大小:
693 KB
軟體語言: 簡體中文
軟體類別: 國產軟體 / 共享版 / 系統設定
應用平臺: Win9x/NT/2000/XP
加入時間:
2003-04-03 16:03:55
下載次數: 226
推薦等級: ***
【軟體簡介】:1、Windows高階設定:在這個設定裡,您可以系統進行一系列設定,包括禁止登錄檔執行、禁止按取消鍵登入系統等等……2、開始選單和控制皮膚設定:在這個設定裡,您可以對開始選單和控制皮膚進行一系列設定……3、IE高階設定:在這個設定裡,您可以IE進行一系列設定,包括隱藏部分選項、修改IE標題等等……4、其它高階設定:在這個設定裡,您可以清除系統垃圾、隱藏驅動器等等……5、其它功能正在擴充中……
【軟體限制】:20次試用。
【作者宣告】:初學Crack,只是感興趣,沒有其它目的。失誤之處敬請諸位大俠賜教!
【破解工具】:TRW2000娃娃修改版、Ollydbg1.09、PEiD、PE-scan、W32Dasm 10修改版
―――――――――――――――――――――――――――――――――
【過 程】:
Windows設定大師2003.exe
是 PECompact殼。用PE-scan脫之。414K->1.23M。Delphi編寫。
申請號:14215752
姓
名:fly
公 司:【OCN】 不參與運算
試煉碼:13572468
反彙編,檢視出錯提示,很容易就找到下面的核心了。
―――――――――――――――――――――――――――――――――
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004AAE09(C)
|
:004AAE7D
6964617465640053 imul esp, dword ptr [ecx+74], 53006465
:004AAE85
8BD8 mov
ebx, eax
:004AAE87 8BC3
mov eax, ebx
:004AAE89 E876ABFFFF
call 004A5A04
====>關鍵CALL!進入!
:004AAE8E
84C0 test
al, al
:004AAE90 7409
je 004AAE9B
====>跳則OVER!
:004AAE92
8BC3 mov
eax, ebx
:004AAE94 E877AAFFFF call
004A5910
:004AAE99 5B
pop ebx
:004AAE9A C3
ret
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004AAE90(C)
|
:004AAE9B
6A00 push
00000000
* Possible
StringData Ref from Code Obj ->"請與作者聯絡註冊!"
|
:004AAE9D B9B8AE4A00
mov ecx, 004AAEB8
*
Possible StringData Ref from Code Obj ->"對不起!您輸入的註冊碼不正確,無法完成註冊"
====>BAD BOY!
:004AAEA2 BACCAE4A00 mov
edx, 004AAECC
:004AAEA7 A110DC4A00
mov eax, dword ptr [004ADC10]
:004AAEAC 8B00
mov eax, dword ptr [eax]
:004AAEAE
E86D29FDFF call 0047D820
:004AAEB3
5B pop
ebx
:004AAEB4 C3
ret
*
Referenced by a CALL at Address:
|:004AAE94
|
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A58A5(C)
|
:004A5910
53 push
ebx
:004A5911 B201
mov dl, 01
:004A5913 A1D4644300
mov eax, dword ptr [004364D4]
:004A5918 E8B70CF9FF
call 004365D4
:004A591D 8BD8
mov ebx, eax
:004A591F
BA03000080 mov edx, 80000003
:004A5924
8BC3 mov
eax, ebx
:004A5926 E8490DF9FF call
00436674
:004A592B B101
mov cl, 01
*
Possible StringData Ref from Code Obj ->".DEFAULT\Software\xt-studio\windows\exe"
====>儲存註冊資訊
:004A592D
BA88594A00 mov edx, 004A5988
:004A5932
8BC3 mov
eax, ebx
:004A5934 E87B0EF9FF call
004367B4
:004A5939 8B0D54F14A00 mov
ecx, dword ptr [004AF154]
*
Possible StringData Ref from Code Obj ->"Name"
|
:004A593F BAB8594A00
mov edx, 004A59B8
:004A5944 8BC3
mov eax, ebx
:004A5946 E8DD11F9FF
call 00436B28
:004A594B 8B0D58F14A00
mov ecx, dword ptr [004AF158]
*
Possible StringData Ref from Code Obj ->"Pass"
|
:004A5951 BAC8594A00
mov edx, 004A59C8
:004A5956 8BC3
mov eax, ebx
:004A5958 E86F12F9FF
call 00436BCC
:004A595D 8BC3
mov eax, ebx
:004A595F
E800DAF5FF call 00403364
:004A5964
6A00 push
00000000
* Possible
StringData Ref from Code Obj ->"謝謝您註冊本軟體"
====>呵呵,勝利女神!
:004A5966
B9D0594A00 mov ecx, 004A59D0
*
Possible StringData Ref from Code Obj ->"請您重新啟動程式以驗證註冊碼!"
|
:004A596B BAE4594A00
mov edx, 004A59E4
:004A5970 A110DC4A00
mov eax, dword ptr [004ADC10]
:004A5975 8B00
mov eax, dword ptr
[eax]
:004A5977 E8A47EFDFF call
0047D820
:004A597C 5B
pop ebx
:004A597D C3
ret
―――――――――――――――――――――――――――――――――
進入關鍵CALL:4AAE89
call 004A5A04
*
Referenced by a CALL at Address:
|:004AAE89
|
:004A5A04 55
push ebp
:004A5A05
8BEC mov
ebp, esp
:004A5A07 B905000000 mov
ecx, 00000005
* Referenced
by a (U)nconditional or (C)onditional Jump at Address:
|:004A5A11(C)
|
:004A5A0C
6A00 push
00000000
:004A5A0E 6A00
push 00000000
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A599A(C)
|
:004A5A10
49 dec
ecx
:004A5A11 75F9
jne 004A5A0C
:004A5A13 51
push ecx
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A59AD(C)
|
:004A5A14
53 push
ebx
:004A5A15 56
push esi
:004A5A16 57
push edi
:004A5A17 8945FC
mov dword ptr [ebp-04], eax
:004A5A1A
33C0 xor
eax, eax
:004A5A1C 55
push ebp
:004A5A1D 685F5B4A00
push 004A5B5F
:004A5A22 64FF30
push dword ptr fs:[eax]
:004A5A25 648920
mov dword ptr fs:[eax],
esp
:004A5A28 33DB
xor ebx, ebx
:004A5A2A 8D55F4
lea edx, dword ptr [ebp-0C]
:004A5A2D 8B45FC
mov eax, dword ptr [ebp-04]
:004A5A30
8B80D8040000 mov eax, dword ptr [eax+000004D8]
:004A5A36
E84574FBFF call 0045CE80
:004A5A3B
8B45F4 mov eax,
dword ptr [ebp-0C]
====>EAX=[ebp-0C]=fly
:004A5A3E
E815EAF5FF call 00404458
====>取位數 EAX=3
:004A5A43
8BF8 mov
edi, eax
:004A5A45 6A00
push 00000000
:004A5A47 6800040000
push 00000400
:004A5A4C B003
mov al, 03
:004A5A4E E8AD32F6FF
call 00408D00
:004A5A53 E864F5F5FF
call 00404FBC
:004A5A58 8BC8
mov ecx,
eax
:004A5A5A BE01000000 mov
esi, 00000001
:004A5A5F 8D0431
lea eax, dword ptr [ecx+esi]
:004A5A62 99
cdq
:004A5A63 33C2
xor eax, edx
:004A5A65
2BC2 sub
eax, edx
:004A5A67 054747A000 add
eax, 00A04747
:004A5A6C 8BF0
mov esi, eax
:004A5A6E 8D45E0
lea eax, dword ptr [ebp-20]
:004A5A71 50
push
eax
:004A5A72 8D55DC
lea edx, dword ptr [ebp-24]
:004A5A75 8BC6
mov eax, esi
:004A5A77 E8702BF6FF
call 004085EC
:004A5A7C 8B45DC
mov eax, dword ptr
[ebp-24]
:004A5A7F B908000000 mov
ecx, 00000008
:004A5A84 BA01000000
mov edx, 00000001
:004A5A89 E82AECF5FF
call 004046B8
:004A5A8E 8B45E0
mov eax, dword ptr [ebp-20]
====>EAX=14215752 申請號
:004A5A91
E8922CF6FF call 00408728
:004A5A96
8945E8 mov dword
ptr [ebp-18], eax
====>EAX=00D8EA48(H)=14215752(D)
:004A5A99 8D45F0 lea eax, dword ptr [ebp-10]
*
Possible StringData Ref from Code Obj ->"-MK5609ZW"
|
:004A5A9C BA785B4A00
mov edx, 004A5B78
====>EDX=-MK5609ZW
:004A5AA1
E88AE7F5FF call 00404230
:004A5AA6
8B45F0 mov eax,
dword ptr [ebp-10]
====>EAX=-MK5609ZW
:004A5AA9
E8AAE9F5FF call 00404458
====>取-MK5609ZW的位數
:004A5AAE
8945E4 mov dword
ptr [ebp-1C], eax
====>EAX=9
:004A5AB1
8BF7 mov
esi, edi
:004A5AB3 85F6
test esi, esi
:004A5AB5 7E3E
jle 004A5AF5
:004A5AB7 C745EC01000000
mov [ebp-14], 00000001
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A5AF3(C)
|
:004A5ABE
8D45D8 lea eax,
dword ptr [ebp-28]
:004A5AC1 50
push eax
:004A5AC2 B901000000
mov ecx, 00000001
:004A5AC7 8B55EC
mov edx, dword ptr [ebp-14]
:004A5ACA
8B45F4 mov eax,
dword ptr [ebp-0C]
====>EAX=[ebp-0C]=fly
:004A5ACD
E8E6EBF5FF call 004046B8
:004A5AD2
8B45D8 mov eax,
dword ptr [ebp-28]
:004A5AD5 E87EEBF5FF
call 00404658
:004A5ADA 8A00
mov al, byte ptr [eax]
1、
====>AL=66
2、 ====>AL=6C
3、
====>AL=79
:004A5ADC
25FF000000 and eax, 000000FF
:004A5AE1
03D8 add
ebx, eax
1、 ====>EBX=00000000 + 66=00000066
2、 ====>EBX=042EB57D + 6C=042EB5E9
3、 ====>EBX=085D6B00
+ 79=085D6B79
:004A5AE3
81C3C6CA5503 add ebx, 0355CAC6
1、 ====>EBX=00000066 + 0355CAC6=0355CB2C
2、
====>EBX=042EB5E9 + 0355CAC6=078480AF
3、 ====>EBX=085D6B79
+ 0355CAC6=0BB3363F
:004A5AE9
035DE8 add ebx,
dword ptr [ebp-18]
1、 ====>EBX=0355CB2C + 00D8EA48=042EB574
2、 ====>EBX=078480AF + 00D8EA48=085D6AF7
3、
====>EBX=0BB3363F + 00D8EA48=0C8C2087
:004A5AEC
035DE4 add ebx,
dword ptr [ebp-1C]
1、 ====>EBX=042EB574 + 9=042EB57D
2、 ====>EBX=085D6AF7 + 9=085D6B00
3、
====>EBX=0C8C2087 + 9=0C8C2090
呵呵,0C8C2090的10進位制值就是我的註冊碼了!
:004A5AEF
FF45EC inc [ebp-14]
:004A5AF2
4E dec
esi
====>ESI 依次減1
:004A5AF3
75C9 jne
004A5ABE
====>迴圈使用者名稱位數次
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A5AB5(C)
|
:004A5AF5
8D55D4 lea edx,
dword ptr [ebp-2C]
:004A5AF8 8B45FC
mov eax, dword ptr [ebp-04]
:004A5AFB 8B80E0040000
mov eax, dword ptr [eax+000004E0]
====>EAX=00CD45A0
:004A5B01
E87A73FBFF call 0045CE80
:004A5B06
8B45D4 mov eax,
dword ptr [ebp-2C]
====>EAX=13572468
:004A5B09
E81A2CF6FF call 00408728
====>把13572468(D)轉換成16進位制值EAX=00CF1974(H)
:004A5B0E
3BD8 cmp
ebx, eax
====>EBX=0C8C2090(H)=210509968(D)
註冊碼!
====>EAX=00CF1974(H)=13572468
(D) 試煉碼
呵呵,比較註冊碼了。如果相等就OK了!所以我的註冊碼就是EBX裡的10進位制值!
:004A5B10
7519 jne
004A5B2B
====>跳則OVER!
:004A5B12
C645FB01 mov [ebp-05],
01
====>置1則OK!
:004A5B16
B854F14A00 mov eax, 004AF154
:004A5B1B
8B55F4 mov edx,
dword ptr [ebp-0C]
:004A5B1E E8C9E6F5FF
call 004041EC
:004A5B23 891D58F14A00
mov dword ptr [004AF158], ebx
:004A5B29 EB04
jmp 004A5B2F
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A5B10(C)
|
:004A5B2B
C645FB00 mov [ebp-05],
00
====>清0則OVER!
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A5B29(U)
|
:004A5B2F
33C0 xor
eax, eax
:004A5B31 5A
pop edx
:004A5B32 59
pop ecx
:004A5B33 59
pop ecx
:004A5B34
648910 mov dword
ptr fs:[eax], edx
:004A5B37 68665B4A00
push 004A5B66
*
Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004A5B64(U)
|
:004A5B3C
8D45D4 lea eax,
dword ptr [ebp-2C]
:004A5B3F E854E6F5FF
call 00404198
:004A5B44 8D45D8
lea eax, dword ptr [ebp-28]
:004A5B47 BA03000000
mov edx, 00000003
:004A5B4C
E86BE6F5FF call 004041BC
:004A5B51
8D45F0 lea eax,
dword ptr [ebp-10]
:004A5B54 BA02000000
mov edx, 00000002
:004A5B59 E85EE6F5FF
call 004041BC
:004A5B5E C3
ret
:004A5B5F
E994DFF5FF jmp 00403AF8
:004A5B64
EBD6 jmp
004A5B3C
:004A5B66 8A45FB
mov al, byte ptr [ebp-05]
====>標誌位
值入 AL
:004A5B69 5F
pop edi
:004A5B6A
5E pop
esi
:004A5B6B 5B
pop ebx
:004A5B6C 8BE5
mov esp, ebp
:004A5B6E 5D
pop ebp
:004A5B6F C3
ret
―――――――――――――――――――――――――――――――――
【算
法 總 結】:
姓名字元的HEX值累加,再加(0355CAC6+申請號+9)*
姓名的位數
―――――――――――――――――――――――――――――――――
【KeyMake之記憶體序號產生器】:
中斷地址:4A5B0E
中斷次數:1
第一位元組:3B
指令長度:2
暫存器方式:EBX
十進位制
―――――――――――――――――――――――――――――――――
【註冊資訊儲存】:
REGEDIT4
[HKEY_USERS\.DEFAULT\Software\xt-studio\windows\exe]
"Name"="fly"
"Pass"=dword:0c8c2090
―――――――――――――――――――――――――――――――――
【整 理】:
申請號:14215752
姓
名:fly
公 司:【OCN】
授權碼:210509968
―――――――――――――――――――――――――――――――――
Cracked By 巢水工作坊――fly【OCN】
2003-4-6 15:20
相關文章
- 簡單演算法――Windows設定大師 2003 V2.0 Build
04202015-11-15演算法WindowsUI
- 網路電視大師 V4.0.0 Build 2003.9.25註冊演算法簡析2015-11-15UI演算法
- 簡單演算法――熱鍵大師1.132003-03-06演算法
- 神算劉半仙 2003 Build 09.01 演算法簡析2015-11-15UI演算法
- 設定32位的windows2003使用大記憶體 大於1.72011-04-12Windows記憶體
- [原創]簡單演算法――函式影像大師V
4.52015-11-15演算法函式
- 檔案管理軟體管理大師演算法簡析!(簡單浮點)2015-11-15演算法
- windows2003伺服器優化設定2017-11-16Windows伺服器優化
- POPMAN時常管家2003版--簡單演算法分析2015-11-15演算法
- windows2003的一些設定之二2007-04-21Windows
- iOS打包簡單修改build號2024-08-23iOSUI
- 危險的預設設定 防止Windows2003洩密(轉)2007-08-16Windows
- mac簡單設定(一)--homebrew2015-05-12Mac
- oracle審計簡單設定2014-08-27Oracle
- 設定32位的windows 2003 中oracle SGA記憶體使用大於1.7的方法--PAE2015-06-29WindowsOracle記憶體
- ezConverter V1.0.596 Build 2003.04.24
簡體中文版2015-11-15UI
- 大齡程式設計師書單2019-06-03程式設計師
- 蘋果手機怎麼設定簡訊黑名單?iPhone XR/XS Max簡訊黑名單設定教程2019-01-08蘋果iPhone
- 中華燈謎 XP 2005 Build 01.20 --簡單演算法分析2015-11-15UI演算法
- 簡單演算法――Modem Spy V3.2 + Build 2002.11.102015-11-15演算法UI
- 設定XMLHttpRequest超時簡單介紹2017-02-10XMLHTTP
- 漢語寶典 Build 2003.05.282015-11-15UI
- 萬彩腦圖大師教程 | 前景設定2019-04-10
- Win2003 安全設定大全2019-05-17
- 簡單設定blog的樣式CSS2017-11-16CSS
- 簡單演算法2024-08-09演算法
- windows 20032011-09-27Windows
- 簡單演算法――ChinaRen校友錄伴侶(v2.01 build 20807)2015-11-15演算法UI
- 大話設計模式:簡單工廠模式2016-07-16設計模式
- 【大話設計模式】——簡單工廠模式2014-05-22設計模式
- 好程式設計師分享WebService的簡單使用2019-06-21程式設計師Web
- Word2003文字底色設定方法2016-11-21
- css設定中文字型簡單介紹2017-04-09CSS
- js設定元素background-position簡單介紹2017-04-08JS
- 利用css設定列印頁面簡單介紹2017-02-28CSS
- 簡單排序演算法2020-11-27排序演算法
- windows tomcat 簡單部署2019-04-01WindowsTomcat
- Windows Terminal 簡單美化2023-11-24Windows