在一个软件追注册码的过程中发现了这个问题,弄不明白,希望各位帮忙解决。
00557444 /$ 55 push ebp
00557445 |. 8BEC mov ebp, esp
00557447 |. 81C4 F0FDFFFF add esp, -210
0055744D |. 53 push ebx
0055744E |. 33D2 xor edx, edx
00557450 |. 8955 FC mov dword ptr ss:[ebp-4], edx
00557453 |. 8995 F0FDFFFF mov dword ptr ss:[ebp-210], edx
00557459 |. 8995 F8FDFFFF mov dword ptr ss:[ebp-208], edx
0055745F |. 8995 F4FDFFFF mov dword ptr ss:[ebp-20C], edx
00557465 |. 8BD8 mov ebx, eax
00557467 |. 33C0 xor eax, eax
00557469 |. 55 push ebp
0055746A |. 68 27755500 push ExamBibl.00557527
0055746F |. 64:FF30 push dword ptr fs:[eax]
00557472 |. 64:8920 mov dword ptr fs:[eax], esp
00557475 |. 8D85 F8FDFFFF lea eax, dword ptr ss:[ebp-208]
0055747B |. E8 B4000000 call ExamBibl.00557534
00557480 |. 8D85 F8FDFFFF lea eax, dword ptr ss:[ebp-208]
00557486 |. 50 push eax
00557487 |. 8D85 F4FDFFFF lea eax, dword ptr ss:[ebp-20C]
0055748D |. 8B15 70A35D00 mov edx, dword ptr ds:[5DA370]
00557493 |. 81C2 04010000 add edx, 104
00557499 |. E8 AEE4EAFF call ExamBibl.0040594C
0055749E |. 8B95 F4FDFFFF mov edx, dword ptr ss:[ebp-20C]
005574A4 |. 58 pop eax
005574A5 |. E8 0AE5EAFF call ExamBibl.004059B4
005574AA |. 8B95 F8FDFFFF mov edx, dword ptr ss:[ebp-208]
005574B0 |. 8D85 FCFDFFFF lea eax, dword ptr ss:[ebp-204]
005574B6 |. B9 FF000000 mov ecx, 0FF
005574BB |. E8 C4E4EAFF call ExamBibl.00405984
005574C0 |. 8D85 FCFDFFFF lea eax, dword ptr ss:[ebp-204]
005574C6 |. 8D95 FCFEFFFF lea edx, dword ptr ss:[ebp-104]
005574CC |. E8 97180000 call ExamBibl.00558D68------------------- 在这里开始出现机器码:570949908805 共12位数字
005574D1 |. 8D95 FCFEFFFF lea edx, dword ptr ss:[ebp-104]
005574D7 |. 8D45 FC lea eax, dword ptr ss:[ebp-4]
005574DA |. E8 6DE4EAFF call ExamBibl.0040594C
005574DF |. 8B45 FC mov eax, dword ptr ss:[ebp-4]
005574E2 |. 50 push eax
005574E3 |. 8D85 F0FDFFFF lea eax, dword ptr ss:[ebp-210]
005574E9 |. BA 54905D00 mov edx, ExamBibl.005D9054
005574EE |. E8 59E4EAFF call ExamBibl.0040594C
005574F3 |. 8B8D F0FDFFFF mov ecx, dword ptr ss:[ebp-210]
005574F9 |. 8BC3 mov eax, ebx
005574FB |. 5A pop edx
005574FC |. E8 FFE4EAFF call ExamBibl.00405A00
00557501 |. 33C0 xor eax, eax
00557503 |. 5A pop edx
00557504 |. 59 pop ecx
00557505 |. 59 pop ecx
00557506 |. 64:8910 mov dword ptr fs:[eax], edx
00557509 |. 68 2E755500 push ExamBibl.0055752E
0055750E |> 8D85 F0FDFFFF lea eax, dword ptr ss:[ebp-210]
00557514 |. BA 03000000 mov edx, 3
00557519 |. E8 DEE1EAFF call ExamBibl.004056FC
0055751E |. 8D45 FC lea eax, dword ptr ss:[ebp-4]
00557521 |. E8 B2E1EAFF call ExamBibl.004056D8
00557526 \. C3 retn
00557527 .^ E9 7CD9EAFF jmp ExamBibl.00404EA8
0055752C .^ EB E0 jmp short ExamBibl.0055750E
0055752E . 5B pop ebx
0055752F . 8BE5 mov esp, ebp
00557531 . 5D pop ebp------------------------到这里发现注册码
后多了位数字1: 变成了5709499088051,共13位
00557532 . C3 retn
在这里00557521 |. E8 B2E1EAFF call ExamBibl.004056D8 按F7 跟进如下
04056D8 /$ 8B10 mov edx, dword ptr ds:[eax]--- 机器码:570949908805
004056DA |. 85D2 test edx, edx
004056DC |. 74 1C je short ExamBibl.004056FA
004056DE |. C700 00000000 mov dword ptr ds:[eax], 0
004056E4 |. 8B4A F8 mov ecx, dword ptr ds:[edx-8]
004056E7 |. 49 dec ecx
004056E8 |. 7C 10 jl short ExamBibl.004056FA
004056EA |. F0:FF4A F8 lock dec dword ptr ds:[edx-8]
004056EE |. 75 0A jnz short ExamBibl.004056FA
004056F0 |. 50 push eax
004056F1 |. 8D42 F8 lea eax, dword ptr ds:[edx-8]
004056F4 |. E8 0FD9FFFF call ExamBibl.00403008
004056F9 |. 58 pop eax
004056FA \> C3 retn
004056FB 90 nop
004056FC /$ 53 push ebx
004056FD |. 56 push esi
004056FE |. 89C3 mov ebx, eax
00405700 |. 89D6 mov esi, edx
00405702 |> 8B13 /mov edx, dword ptr ds:[ebx]
00405704 |. 85D2 |test edx, edx
00405706 |. 74 1A |je short ExamBibl.00405722
00405708 |. C703 00000000 |mov dword ptr ds:[ebx], 0
0040570E |. 8B4A F8 |mov ecx, dword ptr ds:[edx-8]
00405711 |. 49 |dec ecx
00405712 |. 7C 0E |jl short ExamBibl.00405722
00405714 |. F0:FF4A F8 |lock dec dword ptr ds:[edx-8]
00405718 |. 75 08 |jnz short ExamBibl.00405722
0040571A |. 8D42 F8 |lea eax, dword ptr ds:[edx-8]
0040571D |. E8 E6D8FFFF |call ExamBibl.00403008
00405722 |> 83C3 04 |add ebx, 4
00405725 |. 4E |dec esi
00405726 |.^ 75 DA \jnz short ExamBibl.00405702
00405728 |. 5E pop esi
00405729 |. 5B pop ebx
0040572A \. C3 retn
在以上的这段代码是机器码后加一位数字1的运算吗,假如是的话,怎么样改这段代码才能使机器码后加的数字是2而不是1呢,也就是使原来机器570949908805变成5709499088052,而不是变成5709499088051呢,请各位帮忙解决,谢谢。
[课程]FART 脱壳王!加量不加价!FART作者讲授!