首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. 付费问答
    3. 发新帖
[旧帖] 请把下面的反向个C++源代码,学学看看, 0.00雪花
发表于: 2010-1-16 22:31 7943

[旧帖] 请把下面的反向个C++源代码,学学看看, 0.00雪花

破解不好 活跃值
2010-1-16 22:31
7943
请把下面的反向个C++源代码,学学看看,

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
00401000 > $  68 3C204000   PUSH KEYGEN.0040203C                     ; /Buffer = KEYGEN.0040203C
00401005   .  68 00010000   PUSH 100                                 ; |BufSize = 100 (256.)
0040100A   .  E8 35060000   CALL <JMP.&KERNEL32.GetCurrentDirectoryA>; \GetCurrentDirectoryA
0040100F   .  85C0          TEST EAX,EAX
00401011   .  0F84 64020000 JE KEYGEN.0040127B
00401017   .  80B8 3C204000>CMP BYTE PTR DS:[EAX+40203C],5C
0040101E   .  74 08         JE SHORT KEYGEN.00401028
00401020   .  C680 3C204000>MOV BYTE PTR DS:[EAX+40203C],5C
00401027   .  40            INC EAX
00401028   >  8D80 3C204000 LEA EAX,DWORD PTR DS:[EAX+40203C]
0040102E   .  68 08234000   PUSH KEYGEN.00402308                     ; /String2 = "CODES.INI"
00401033   .  50            PUSH EAX                                 ; |String1
00401034   .  E8 FF050000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
00401039   .  C705 00204000>MOV DWORD PTR DS:[402000],KEYGEN.0040231>;  ASCII "2 (UNABLE TO READ|WRITE .INI FILE (codes.ini))"
00401043   .  68 3C204000   PUSH KEYGEN.0040203C                     ; /IniFileName = ""
00401048   .  6A 09         PUSH 9                                   ; |BufSize = 9
0040104A   .  68 83214000   PUSH KEYGEN.00402183                     ; |ReturnBuffer = KEYGEN.00402183
0040104F   .  68 4A214000   PUSH KEYGEN.0040214A                     ; |Default = ""
00401054   .  68 48214000   PUSH KEYGEN.00402148                     ; |Key = "0"
00401059   .  68 3C214000   PUSH KEYGEN.0040213C                     ; |Section = "PCID"
0040105E   .  E8 C9050000   CALL <JMP.&KERNEL32.GetPrivateProfileStr>; \GetPrivateProfileStringA
00401063   .  85C0          TEST EAX,EAX
00401065   .  0F84 10020000 JE KEYGEN.0040127B
0040106B   .  68 3C204000   PUSH KEYGEN.0040203C                     ; /IniFileName = ""
00401070   .  6A 10         PUSH 10                                  ; |BufSize = 10 (16.)
00401072   .  68 67214000   PUSH KEYGEN.00402167                     ; |ReturnBuffer = KEYGEN.00402167
00401077   .  68 4A214000   PUSH KEYGEN.0040214A                     ; |Default = ""
0040107C   .  68 48214000   PUSH KEYGEN.00402148                     ; |Key = "0"
00401081   .  68 41214000   PUSH KEYGEN.00402141                     ; |Section = "EXPIRE"
00401086   .  E8 A1050000   CALL <JMP.&KERNEL32.GetPrivateProfileStr>; \GetPrivateProfileStringA
0040108B   .  85C0          TEST EAX,EAX
0040108D   .  0F84 E8010000 JE KEYGEN.0040127B
00401093   .  C705 00204000>MOV DWORD PTR DS:[402000],KEYGEN.0040234>;  ASCII "3 (INCORRECT DATE IN codes.ini PLEASE CHECK IT!)"
0040109D   .  83F8 08       CMP EAX,8
004010A0   .  0F85 D5010000 JNZ KEYGEN.0040127B
004010A6   .  BE 67214000   MOV ESI,KEYGEN.00402167
004010AB   .  0FB706        MOVZX EAX,WORD PTR DS:[ESI]
004010AE   .  C1E0 10       SHL EAX,10
004010B1   .  66:0B46 03    OR AX,WORD PTR DS:[ESI+3]
004010B5   .  A3 F8224000   MOV DWORD PTR DS:[4022F8],EAX
004010BA   .  0FB746 06     MOVZX EAX,WORD PTR DS:[ESI+6]
004010BE   .  66:A3 FE22400>MOV WORD PTR DS:[4022FE],AX
004010C4   .  68 F2224000   PUSH KEYGEN.004022F2                     ; /Arg2 = 004022F2
004010C9   .  56            PUSH ESI                                 ; |Arg1 => 00402167
004010CA   .  E8 88040000   CALL KEYGEN.00401557                     ; \KEYGEN.00401557
004010CF   .  803D F2224000>CMP BYTE PTR DS:[4022F2],0
004010D6   .  0F84 9F010000 JE KEYGEN.0040127B
004010DC   .  803D F2224000>CMP BYTE PTR DS:[4022F2],1F
004010E3   .  0F87 92010000 JA KEYGEN.0040127B
004010E9   .  83C6 03       ADD ESI,3
004010EC   .  68 F4224000   PUSH KEYGEN.004022F4                     ; /Arg2 = 004022F4
004010F1   .  56            PUSH ESI                                 ; |Arg1
004010F2   .  E8 60040000   CALL KEYGEN.00401557                     ; \KEYGEN.00401557
004010F7   .  803D F4224000>CMP BYTE PTR DS:[4022F4],0
004010FE   .  0F84 77010000 JE KEYGEN.0040127B
00401104   .  803D F4224000>CMP BYTE PTR DS:[4022F4],0C
0040110B   .  0F87 6A010000 JA KEYGEN.0040127B
00401111   .  83C6 03       ADD ESI,3
00401114   .  68 F6224000   PUSH KEYGEN.004022F6                     ; /Arg2 = 004022F6
00401119   .  56            PUSH ESI                                 ; |Arg1
0040111A   .  E8 38040000   CALL KEYGEN.00401557                     ; \KEYGEN.00401557
0040111F   .  803D F6224000>CMP BYTE PTR DS:[4022F6],0
00401126   .  74 05         JE SHORT KEYGEN.0040112D
00401128   .  E8 62040000   CALL KEYGEN.0040158F
0040112D   >  BE 18204000   MOV ESI,KEYGEN.00402018
00401132   .  6A 03         PUSH 3                                   ; /Arg3 = 00000003
00401134   .  56            PUSH ESI                                 ; |Arg2 => 00402018
00401135   .  56            PUSH ESI                                 ; |Arg1 => 00402018
00401136   .  E8 D9030000   CALL KEYGEN.00401514                     ; \KEYGEN.00401514
0040113B   .  C705 00204000>MOV DWORD PTR DS:[402000],KEYGEN.0040231>;  ASCII "2 (UNABLE TO READ|WRITE .INI FILE (codes.ini))"
00401145   .  B9 08000000   MOV ECX,8
0040114A   >  51            PUSH ECX
0040114B   .  83F9 05       CMP ECX,5
0040114E   .  77 18         JA SHORT KEYGEN.00401168
00401150   .  68 D4214000   PUSH KEYGEN.004021D4                     ; /String2 = "INSITE_TOOLLEVEL_LICENSE"
00401155   .  68 8C214000   PUSH KEYGEN.0040218C                     ; |String1 = KEYGEN.0040218C
0040115A   .  E8 D9040000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
0040115F   .  C605 09224000>MOV BYTE PTR DS:[402209],1A
00401166   .  EB 16         JMP SHORT KEYGEN.0040117E
00401168   >  68 EE214000   PUSH KEYGEN.004021EE                     ; /String2 = "INSITE_USAGECOUNT_LICENSE"
0040116D   .  68 8C214000   PUSH KEYGEN.0040218C                     ; |String1 = KEYGEN.0040218C
00401172   .  E8 C1040000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
00401177   .  C605 09224000>MOV BYTE PTR DS:[402209],1B
0040117E   >  59            POP ECX
0040117F   .  51            PUSH ECX
00401180   .  0FB681 A02240>MOVZX EAX,BYTE PTR DS:[ECX+4022A0]
00401187   .  A2 03234000   MOV BYTE PTR DS:[402303],AL
0040118C   .  51            PUSH ECX                                 ; /Arg1
0040118D   .  E8 11010000   CALL KEYGEN.004012A3                     ; \KEYGEN.004012A3
00401192   .  E8 EE010000   CALL KEYGEN.00401385
00401197   .  6A 06         PUSH 6                                   ; /Arg3 = 00000006
00401199   .  68 2C204000   PUSH KEYGEN.0040202C                     ; |Arg2 = 0040202C
0040119E   .  68 24204000   PUSH KEYGEN.00402024                     ; |Arg1 = 00402024
004011A3   .  E8 31030000   CALL KEYGEN.004014D9                     ; \KEYGEN.004014D9
004011A8   .  BE 2C204000   MOV ESI,KEYGEN.0040202C
004011AD   .  BF 08204000   MOV EDI,KEYGEN.00402008                  ;  ASCII "----------------"
004011B2   .  B9 04000000   MOV ECX,4
004011B7   >  51            PUSH ECX
004011B8   .  B9 03000000   MOV ECX,3
004011BD   .  F2:A4         REPNE MOVS BYTE PTR ES:[EDI],BYTE PTR DS>
004011BF   .  47            INC EDI
004011C0   .  59            POP ECX
004011C1   .^ E2 F4         LOOPD SHORT KEYGEN.004011B7
004011C3   .  59            POP ECX
004011C4   .  51            PUSH ECX
004011C5   .  0FB681 5D2140>MOVZX EAX,BYTE PTR DS:[ECX+40215D]
004011CC   .  A2 5C214000   MOV BYTE PTR DS:[40215C],AL
004011D1   .  803D 09224000>CMP BYTE PTR DS:[402209],1B
004011D8   .  74 10         JE SHORT KEYGEN.004011EA
004011DA   .  A2 06204000   MOV BYTE PTR DS:[402006],AL
004011DF   .  66:C705 04204>MOV WORD PTR DS:[402004],3030
004011E8   .  EB 0E         JMP SHORT KEYGEN.004011F8
004011EA   >  A2 04204000   MOV BYTE PTR DS:[402004],AL
004011EF   .  66:C705 05204>MOV WORD PTR DS:[402005],5353
004011F8   >  833D 04234000>CMP DWORD PTR DS:[402304],1
004011FF   .  75 10         JNZ SHORT KEYGEN.00401211
00401201   .  66:C705 18204>MOV WORD PTR DS:[402018],3030
0040120A   .  C605 1A204000>MOV BYTE PTR DS:[40201A],30
00401211   >  68 3C204000   PUSH KEYGEN.0040203C                     ; /FileName = ""
00401216   .  68 04204000   PUSH KEYGEN.00402004                     ; |String = "--------------------"
0040121B   .  68 5C214000   PUSH KEYGEN.0040215C                     ; |Key = "0"
00401220   .  A1 04234000   MOV EAX,DWORD PTR DS:[402304]            ; |
00401225   .  8B0485 912240>MOV EAX,DWORD PTR DS:[EAX*4+402291]      ; |
0040122C   .  50            PUSH EAX                                 ; |Section
0040122D   .  E8 00040000   CALL <JMP.&KERNEL32.WritePrivateProfileS>; \WritePrivateProfileStringA
00401232   .  59            POP ECX
00401233   .  85C0          TEST EAX,EAX
00401235   .  74 44         JE SHORT KEYGEN.0040127B
00401237   .  E2 02         LOOPD SHORT KEYGEN.0040123B
00401239   .  EB 05         JMP SHORT KEYGEN.00401240
0040123B   >^ E9 0AFFFFFF   JMP KEYGEN.0040114A
00401240   >  C705 04234000>MOV DWORD PTR DS:[402304],1
0040124A   .  803D 02234000>CMP BYTE PTR DS:[402302],1
00401251   .  C605 02234000>MOV BYTE PTR DS:[402302],1
00401258   .  B9 05000000   MOV ECX,5
0040125D   .^ 0F85 E7FEFFFF JNZ KEYGEN.0040114A
00401263   .  90            NOP
00401264   .  90            NOP
00401265   .  90            NOP
00401266   .  90            NOP
00401267   .  90            NOP
00401268   .  90            NOP
00401269   .  90            NOP
0040126A   .  90            NOP
0040126B   .  90            NOP
0040126C   .  90            NOP
0040126D   .  90            NOP
0040126E   .  90            NOP
0040126F   .  90            NOP
00401270   .  90            NOP
00401271   .  90            NOP
00401272   .  90            NOP
00401273   .  90            NOP
00401274   .  90            NOP
00401275   .  90            NOP
00401276   .  E9 A4030000   JMP KEYGEN.0040161F
0040127B   >  A1 00204000   MOV EAX,DWORD PTR DS:[402000]
00401280   .  50            PUSH EAX                                 ; /String2 => NULL
00401281   .  68 14244000   PUSH KEYGEN.00402414                     ; |String1 = KEYGEN.00402414
00401286   .  E8 AD030000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
0040128B   .  90            NOP
0040128C   .  90            NOP
0040128D   .  90            NOP
0040128E   .  90            NOP
0040128F   .  90            NOP
00401290   .  90            NOP
00401291   .  90            NOP
00401292   .  90            NOP
00401293   .  90            NOP
00401294   .  90            NOP
00401295   .  90            NOP
00401296   .  90            NOP
00401297   .  90            NOP
00401298   .  90            NOP
00401299   .  90            NOP
0040129A   .  90            NOP
0040129B   .  90            NOP
0040129C   .  90            NOP
0040129D   .  90            NOP
0040129E   .  E9 7C030000   JMP KEYGEN.0040161F
004012A3  /$  C8 000000     ENTER 0,0
004012A7  |.  53            PUSH EBX
004012A8  |.  FC            CLD
004012A9  |.  8B5D 08       MOV EBX,DWORD PTR SS:[EBP+8]
004012AC  |.  8B0C9D 6D2240>MOV ECX,DWORD PTR DS:[EBX*4+40226D]
004012B3  |.  0FB605 092240>MOVZX EAX,BYTE PTR DS:[402209]
004012BA  |.  8D80 8C214000 LEA EAX,DWORD PTR DS:[EAX+40218C]
004012C0  |.  51            PUSH ECX                                 ; /String2
004012C1  |.  50            PUSH EAX                                 ; |String1
004012C2  |.  E8 71030000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
004012C7  |.  0FB68B 982240>MOVZX ECX,BYTE PTR DS:[EBX+402298]
004012CE  |.  03C1          ADD EAX,ECX
004012D0  |.  803D 09224000>CMP BYTE PTR DS:[402209],1B
004012D7  |.  75 32         JNZ SHORT KEYGEN.0040130B
004012D9  |.  833D 04234000>CMP DWORD PTR DS:[402304],1
004012E0  |.  75 0F         JNZ SHORT KEYGEN.004012F1
004012E2  |.  C700 30313031 MOV DWORD PTR DS:[EAX],31303130
004012E8  |.  C740 04 32303>MOV DWORD PTR DS:[EAX+4],30303032
004012EF  |.  EB 0C         JMP SHORT KEYGEN.004012FD
004012F1  |>  B9 F8224000   MOV ECX,KEYGEN.004022F8
004012F6  |.  51            PUSH ECX                                 ; /String2 => ""
004012F7  |.  50            PUSH EAX                                 ; |String1
004012F8  |.  E8 3B030000   CALL <JMP.&KERNEL32.lstrcpyA>            ; \lstrcpyA
004012FD  |>  83C0 08       ADD EAX,8
00401300  |.  66:C700 5332  MOV WORD PTR DS:[EAX],3253
00401305  |.  40            INC EAX
00401306  |.  40            INC EAX
00401307  |.  C600 53       MOV BYTE PTR DS:[EAX],53
0040130A  |.  40            INC EAX
0040130B  |>  B9 01000000   MOV ECX,1
00401310  |.  833D 04234000>CMP DWORD PTR DS:[402304],1
00401317  |.  74 07         JE SHORT KEYGEN.00401320
00401319  |.  0FB60D F22240>MOVZX ECX,BYTE PTR DS:[4022F2]
00401320  |>  8808          MOV BYTE PTR DS:[EAX],CL
00401322  |.  40            INC EAX
00401323  |.  33C9          XOR ECX,ECX
00401325  |.  833D 04234000>CMP DWORD PTR DS:[402304],1
0040132C  |.  75 10         JNZ SHORT KEYGEN.0040133E
0040132E  |.  803D 09224000>CMP BYTE PTR DS:[402209],1B
00401335  |.  75 11         JNZ SHORT KEYGEN.00401348
00401337  |.  B9 64000000   MOV ECX,64
0040133C  |.  EB 0A         JMP SHORT KEYGEN.00401348
0040133E  |>  0FB60D F62240>MOVZX ECX,BYTE PTR DS:[4022F6]
00401345  |.  83C1 64       ADD ECX,64
00401348  |>  8808          MOV BYTE PTR DS:[EAX],CL
0040134A  |.  40            INC EAX
0040134B  |.  B9 01000000   MOV ECX,1
00401350  |.  833D 04234000>CMP DWORD PTR DS:[402304],1
00401357  |.  74 07         JE SHORT KEYGEN.00401360
00401359  |.  0FB60D F42240>MOVZX ECX,BYTE PTR DS:[4022F4]
00401360  |>  8B0C8D B12240>MOV ECX,DWORD PTR DS:[ECX*4+4022B1]
00401367  |.  8908          MOV DWORD PTR DS:[EAX],ECX
00401369  |.  83C0 03       ADD EAX,3
0040136C  |.  C700 87C5D073 MOV DWORD PTR DS:[EAX],73D0C587
00401372  |.  C740 04 00000>MOV DWORD PTR DS:[EAX+4],0
00401379  |.  C740 08 00000>MOV DWORD PTR DS:[EAX+8],0
00401380  |.  5B            POP EBX
00401381  |.  C9            LEAVE
00401382  \.  C2 0400       RETN 4
00401385  /$  C8 040000     ENTER 4,0
00401389  |.  C705 24204000>MOV DWORD PTR DS:[402024],0
00401393  |.  C705 28204000>MOV DWORD PTR DS:[402028],0
0040139D  |.  C645 FC 00    MOV BYTE PTR SS:[EBP-4],0
004013A1  |.  0FB60D 032340>MOVZX ECX,BYTE PTR DS:[402303]
004013A8  |>  51            /PUSH ECX
004013A9  |.  0FB645 FC     |MOVZX EAX,BYTE PTR SS:[EBP-4]
004013AD  |.  40            |INC EAX
004013AE  |.  8D34C5 7E2140>|LEA ESI,DWORD PTR DS:[EAX*8+40217E]
004013B5  |.  B9 08000000   |MOV ECX,8
004013BA  |.  FD            |STD
004013BB  |>  AC            |/LODS BYTE PTR DS:[ESI]
004013BC  |.  3081 23204000 ||XOR BYTE PTR DS:[ECX+402023],AL
004013C2  |.^ E2 F7         |\LOOPD SHORT KEYGEN.004013BB
004013C4  |.  FC            |CLD
004013C5  |.  807D FC 00    |CMP BYTE PTR SS:[EBP-4],0
004013C9  |.  75 16         |JNZ SHORT KEYGEN.004013E1
004013CB  |.  B8 16F312D9   |MOV EAX,D912F316
004013D0  |.  3105 24204000 |XOR DWORD PTR DS:[402024],EAX
004013D6  |.  B8 815991FD   |MOV EAX,FD915981
004013DB  |.  3105 28204000 |XOR DWORD PTR DS:[402028],EAX
004013E1  |>  FE45 FC       |INC BYTE PTR SS:[EBP-4]                 ; |
004013E4  |.  E8 54000000   |CALL KEYGEN.0040143D                    ; \KEYGEN.0040143D
004013E9  |.  59            |POP ECX
004013EA  |.^ E2 BC         \LOOPD SHORT KEYGEN.004013A8
004013EC  |.  0FB605 2B2040>MOVZX EAX,BYTE PTR DS:[40202B]
004013F3  |.  50            PUSH EAX                                 ; /Arg1
004013F4  |.  E8 24000000   CALL KEYGEN.0040141D                     ; \KEYGEN.0040141D
004013F9  |.  0005 24204000 ADD BYTE PTR DS:[402024],AL
004013FF  |.  0FB605 2A2040>MOVZX EAX,BYTE PTR DS:[40202A]
00401406  |.  50            PUSH EAX                                 ; /Arg1
00401407  |.  E8 11000000   CALL KEYGEN.0040141D                     ; \KEYGEN.0040141D
0040140C  |.  0005 25204000 ADD BYTE PTR DS:[402025],AL
00401412  |.  66:C705 2A204>MOV WORD PTR DS:[40202A],0
0040141B  |.  C9            LEAVE
0040141C  \.  C3            RETN
0040141D  /$  C8 000000     ENTER 0,0
00401421  |.  33C0          XOR EAX,EAX
00401423  |.  33D2          XOR EDX,EDX
00401425  |.  0FB65D 08     MOVZX EBX,BYTE PTR SS:[EBP+8]
00401429  |.  B9 08000000   MOV ECX,8
0040142E  |.  51            PUSH ECX
0040142F  |.  F8            CLC
00401430  |>  0FA3D3        BT EBX,EDX
00401433  |.  D1D0          RCL EAX,1
00401435  |.  42            INC EDX
00401436  |.^ E2 F8         LOOPD SHORT KEYGEN.00401430
00401438  |.  F8            CLC
00401439  |.  C9            LEAVE
0040143A  \.  C2 0400       RETN 4
0040143D  /$  C8 100000     ENTER 10,0
00401441  |.  56            PUSH ESI
00401442  |.  FC            CLD
00401443  |.  BE 24204000   MOV ESI,KEYGEN.00402024
00401448  |.  33C0          XOR EAX,EAX
0040144A  |.  AC            LODS BYTE PTR DS:[ESI]
0040144B  |.  8845 FC       MOV BYTE PTR SS:[EBP-4],AL
0040144E  |.  AC            LODS BYTE PTR DS:[ESI]
0040144F  |.  8845 F8       MOV BYTE PTR SS:[EBP-8],AL
00401452  |.  AC            LODS BYTE PTR DS:[ESI]
00401453  |.  8845 F4       MOV BYTE PTR SS:[EBP-C],AL
00401456  |.  AC            LODS BYTE PTR DS:[ESI]
00401457  |.  8845 F0       MOV BYTE PTR SS:[EBP-10],AL
0040145A  |.  0FB605 282040>MOVZX EAX,BYTE PTR DS:[402028]
00401461  |.  0205 2B204000 ADD AL,BYTE PTR DS:[40202B]
00401467  |.  A2 24204000   MOV BYTE PTR DS:[402024],AL
0040146C  |.  0FB605 292040>MOVZX EAX,BYTE PTR DS:[402029]
00401473  |.  0245 F0       ADD AL,BYTE PTR SS:[EBP-10]
00401476  |.  A2 25204000   MOV BYTE PTR DS:[402025],AL
0040147B  |.  0FB605 282040>MOVZX EAX,BYTE PTR DS:[402028]
00401482  |.  0245 F4       ADD AL,BYTE PTR SS:[EBP-C]
00401485  |.  F6D0          NOT AL
00401487  |.  A2 26204000   MOV BYTE PTR DS:[402026],AL
0040148C  |.  0FB605 292040>MOVZX EAX,BYTE PTR DS:[402029]
00401493  |.  0245 FC       ADD AL,BYTE PTR SS:[EBP-4]
00401496  |.  A2 27204000   MOV BYTE PTR DS:[402027],AL
0040149B  |.  0FB605 2A2040>MOVZX EAX,BYTE PTR DS:[40202A]
004014A2  |.  0245 F0       ADD AL,BYTE PTR SS:[EBP-10]
004014A5  |.  A2 28204000   MOV BYTE PTR DS:[402028],AL
004014AA  |.  0FB605 2A2040>MOVZX EAX,BYTE PTR DS:[40202A]
004014B1  |.  0245 F8       ADD AL,BYTE PTR SS:[EBP-8]
004014B4  |.  F6D0          NOT AL
004014B6  |.  A2 29204000   MOV BYTE PTR DS:[402029],AL
004014BB  |.  0FB605 2B2040>MOVZX EAX,BYTE PTR DS:[40202B]
004014C2  |.  0245 FC       ADD AL,BYTE PTR SS:[EBP-4]
004014C5  |.  A2 2A204000   MOV BYTE PTR DS:[40202A],AL
004014CA  |.  0FB645 F8     MOVZX EAX,BYTE PTR SS:[EBP-8]
004014CE  |.  0245 F4       ADD AL,BYTE PTR SS:[EBP-C]
004014D1  |.  A2 2B204000   MOV BYTE PTR DS:[40202B],AL
004014D6  |.  5E            POP ESI
004014D7  |.  C9            LEAVE
004014D8  \.  C3            RETN
004014D9  /$  C8 000000     ENTER 0,0
004014DD  |.  FC            CLD
004014DE  |.  33C0          XOR EAX,EAX
004014E0  |.  8B75 08       MOV ESI,DWORD PTR SS:[EBP+8]
004014E3  |.  8B7D 0C       MOV EDI,DWORD PTR SS:[EBP+C]
004014E6  |.  8B4D 10       MOV ECX,DWORD PTR SS:[EBP+10]
004014E9  |>  AC            /LODS BYTE PTR DS:[ESI]
004014EA  |.  51            |PUSH ECX
004014EB  |.  B9 02000000   |MOV ECX,2
004014F0  |.  8AD0          |MOV DL,AL
004014F2  |.  C0E8 04       |SHR AL,4
004014F5  |>  3C 0A         |/CMP AL,0A
004014F7  |.  73 04         ||JNB SHORT KEYGEN.004014FD
004014F9  |.  04 30         ||ADD AL,30
004014FB  |.  EB 06         ||JMP SHORT KEYGEN.00401503
004014FD  |>  3C 10         ||CMP AL,10
004014FF  |.  73 02         ||JNB SHORT KEYGEN.00401503
00401501  |.  04 37         ||ADD AL,37
00401503  |>  AA            ||STOS BYTE PTR ES:[EDI]
00401504  |.  8AC2          ||MOV AL,DL
00401506  |.  24 0F         ||AND AL,0F
00401508  |.^ E2 EB         |\LOOPD SHORT KEYGEN.004014F5
0040150A  |.  59            |POP ECX
0040150B  |.^ E2 DC         \LOOPD SHORT KEYGEN.004014E9
0040150D  |.  C607 00       MOV BYTE PTR DS:[EDI],0
00401510  |.  C9            LEAVE
00401511  \.  C2 0C00       RETN 0C
00401514  /$  C8 000000     ENTER 0,0
00401518  |.  FC            CLD
00401519  |.  33C0          XOR EAX,EAX
0040151B  |.  8B75 08       MOV ESI,DWORD PTR SS:[EBP+8]
0040151E  |.  8B7D 0C       MOV EDI,DWORD PTR SS:[EBP+C]
00401521  |.  8B4D 10       MOV ECX,DWORD PTR SS:[EBP+10]
00401524  |>  AC            /LODS BYTE PTR DS:[ESI]
00401525  |.  83F8 00       |CMP EAX,0
00401528  |.  72 0A         |JB SHORT KEYGEN.00401534
0040152A  |.  83F8 09       |CMP EAX,9
0040152D  |.  77 05         |JA SHORT KEYGEN.00401534
0040152F  |.  83C0 30       |ADD EAX,30
00401532  |.  EB 1C         |JMP SHORT KEYGEN.00401550
00401534  |>  83F8 0A       |CMP EAX,0A                              ;  Switch (cases A..23)
00401537  |.  72 0A         |JB SHORT KEYGEN.00401543
00401539  |.  83F8 23       |CMP EAX,23
0040153C  |.  77 05         |JA SHORT KEYGEN.00401543
0040153E  |.  83C0 37       |ADD EAX,37
00401541  |.  EB 0D         |JMP SHORT KEYGEN.00401550
00401543  |>  83F8 24       |CMP EAX,24                              ;  Switch (cases 24..3D)
00401546  |.  72 08         |JB SHORT KEYGEN.00401550
00401548  |.  83F8 3D       |CMP EAX,3D
0040154B  |.  77 03         |JA SHORT KEYGEN.00401550
0040154D  |.  83C0 3D       |ADD EAX,3D                              ;  Cases 24 ('$'),25 ('%'),26 ('&'),27 ('''),28 ('('),29 (')'),2A ('*'),2B ('+'),2C (','),2D ('-'),2E ('.'),2F ('/'),30 ('0'),31 ('1'),32 ('2'),33 ('3'),34 ('4'),35 ('5'),36 ('6'),37 ('7')... of switch 00401543
00401550  |>  AA            |STOS BYTE PTR ES:[EDI]                  ;  Default case of switch 00401543
00401551  |.^ E2 D1         \LOOPD SHORT KEYGEN.00401524
00401553  |.  C9            LEAVE
00401554  \.  C2 0C00       RETN 0C
00401557  /$  C8 000000     ENTER 0,0
0040155B  |.  50            PUSH EAX
0040155C  |.  53            PUSH EBX
0040155D  |.  56            PUSH ESI
0040155E  |.  B9 02000000   MOV ECX,2
00401563  |.  33DB          XOR EBX,EBX
00401565  |.  8B75 08       MOV ESI,DWORD PTR SS:[EBP+8]
00401568  |.  8B7D 0C       MOV EDI,DWORD PTR SS:[EBP+C]
0040156B  |.  C607 00       MOV BYTE PTR DS:[EDI],0
0040156E  |>  AC            /LODS BYTE PTR DS:[ESI]
0040156F  |.  3C 30         |CMP AL,30
00401571  |.  7C 06         |JL SHORT KEYGEN.00401579
00401573  |.  3C 39         |CMP AL,39
00401575  |.  77 02         |JA SHORT KEYGEN.00401579
00401577  |.  2C 30         |SUB AL,30
00401579  |>  93            |XCHG EAX,EBX
0040157A  |.  BA 0A000000   |MOV EDX,0A
0040157F  |.  F7E2          |MUL EDX
00401581  |.  03D8          |ADD EBX,EAX
00401583  |.^ E2 E9         \LOOPD SHORT KEYGEN.0040156E
00401585  |.  8BC3          MOV EAX,EBX
00401587  |.  AA            STOS BYTE PTR ES:[EDI]
00401588  |.  5E            POP ESI
00401589  |.  5B            POP EBX
0040158A  |.  58            POP EAX
0040158B  |.  C9            LEAVE
0040158C  \.  C2 0800       RETN 8
0040158F  /$  C8 040000     ENTER 4,0
00401593  |.  C745 FC 00000>MOV DWORD PTR SS:[EBP-4],0
0040159A  |.  0FB605 F62240>MOVZX EAX,BYTE PTR DS:[4022F6]
004015A1  |.  8BC8          MOV ECX,EAX
004015A3  |.  05 D0070000   ADD EAX,7D0
004015A8  |.  50            PUSH EAX
004015A9  |.  48            DEC EAX
004015AA  |>  50            /PUSH EAX
004015AB  |.  BB 04000000   |MOV EBX,4
004015B0  |.  33D2          |XOR EDX,EDX
004015B2  |.  F7F3          |DIV EBX
004015B4  |.  85D2          |TEST EDX,EDX
004015B6  |.  75 03         |JNZ SHORT KEYGEN.004015BB
004015B8  |.  FF45 FC       |INC DWORD PTR SS:[EBP-4]
004015BB  |>  8145 FC 6D010>|ADD DWORD PTR SS:[EBP-4],16D
004015C2  |.  58            |POP EAX
004015C3  |.  48            |DEC EAX
004015C4  |.^ E2 E4         \LOOPD SHORT KEYGEN.004015AA
004015C6  |.  58            POP EAX
004015C7  |.  BB 04000000   MOV EBX,4
004015CC  |.  33D2          XOR EDX,EDX
004015CE  |.  F7F3          DIV EBX
004015D0  |.  85D2          TEST EDX,EDX
004015D2  |.  75 07         JNZ SHORT KEYGEN.004015DB
004015D4  |.  C605 E6224000>MOV BYTE PTR DS:[4022E6],1D
004015DB  |>  33C0          XOR EAX,EAX
004015DD  |.  0FB70D F42240>MOVZX ECX,WORD PTR DS:[4022F4]
004015E4  |.  49            DEC ECX
004015E5  |.  85C9          TEST ECX,ECX
004015E7  |.  74 0B         JE SHORT KEYGEN.004015F4
004015E9  |>  0FB699 E52240>/MOVZX EBX,BYTE PTR DS:[ECX+4022E5]
004015F0  |.  03C3          |ADD EAX,EBX
004015F2  |.^ E2 F5         \LOOPD SHORT KEYGEN.004015E9
004015F4  |>  0FB71D F22240>MOVZX EBX,WORD PTR DS:[4022F2]
004015FB  |.  4B            DEC EBX
004015FC  |.  03C3          ADD EAX,EBX
004015FE  |.  0345 FC       ADD EAX,DWORD PTR SS:[EBP-4]
00401601  |.  BF 18204000   MOV EDI,KEYGEN.00402018
00401606  |.  B9 03000000   MOV ECX,3
0040160B  |.  FC            CLD
0040160C  |>  8B1C8D A52240>/MOV EBX,DWORD PTR DS:[ECX*4+4022A5]
00401613  |.  33D2          |XOR EDX,EDX
00401615  |.  F7F3          |DIV EBX
00401617  |.  AA            |STOS BYTE PTR ES:[EDI]
00401618  |.  8BC2          |MOV EAX,EDX
0040161A  |.^ E2 F0         \LOOPD SHORT KEYGEN.0040160C
0040161C  |.  F8            CLC
0040161D  |.  C9            LEAVE
0040161E  \.  C3            RETN
0040161F   >  6A 00         PUSH 0                                   ; /ExitCode = 0
00401621   .  E8 24000000   CALL <JMP.&KERNEL32.ExitProcess>         ; \ExitProcess
00401626   .- FF25 60304000 JMP DWORD PTR DS:[<&USER32.MessageBoxA>] ;  USER32.MessageBoxA
0040162C   $- FF25 68304000 JMP DWORD PTR DS:[<&KERNEL32.GetPrivateP>;  kernel32.GetPrivateProfileStringA
00401632   $- FF25 6C304000 JMP DWORD PTR DS:[<&KERNEL32.WritePrivat>;  kernel32.WritePrivateProfileStringA
00401638   $- FF25 70304000 JMP DWORD PTR DS:[<&KERNEL32.lstrcpyA>]  ;  kernel32.lstrcpyA
0040163E   .- FF25 74304000 JMP DWORD PTR DS:[<&KERNEL32.lstrlenA>]  ;  kernel32.lstrlenA
00401644   $- FF25 78304000 JMP DWORD PTR DS:[<&KERNEL32.GetCurrentD>;  kernel32.GetCurrentDirectoryA
0040164A   .- FF25 7C304000 JMP DWORD PTR DS:[<&KERNEL32.ExitProcess>;  kernel32.ExitProcess

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

上传的附件:
收藏
免费
支持
分享
最新回复 (20)
watchman
雪    币: 17
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
老大,工作量也太大了吧。。。
2010-1-16 22:33
0
破解不好
雪    币: 202
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
3
呵呵,这里高手多啊,就看高手想不想玩了。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
/* This file has been generated by the Hex-Rays decompiler.
   Copyright (c) 2009 Hex-Rays <info@hex-rays.com>
 
   Detected compiler: Visual C++
*/
 
#include <windows.h>
//#include <defs.h>
 
 
//-------------------------------------------------------------------------
// Data declarations
 
extern LPCSTR lpString2; // idb
extern char String[]; // idb
extern char byte_402006; // weak
extern char asc_402008[17]; // weak
extern char byte_40201A; // weak
extern char byte_402023[]; // weak
extern int dword_402024; // weak
extern int dword_402028; // weak
extern _UNKNOWN unk_40202C; // weak
extern CHAR Buffer; // idb
extern char AppName[]; // idb
extern char aExpire[]; // idb
extern char KeyName[]; // idb
extern const CHAR byte_40215C; // idb
extern char byte_40215D[]; // weak
extern char byte_402167[24]; // idb
extern char ReturnedString[9]; // idb
extern char String1[]; // idb
extern char aInsite_toollev[24]; // idb
extern char aInsite_usageco[25]; // idb
extern char byte_402209; // weak
extern LPCSTR dword_40226D; // idb
extern LPCSTR lpAppName; // idb
extern char byte_402298[]; // weak
extern char byte_4022A0[]; // weak
extern int dword_4022A5[]; // weak
extern int dword_4022B1[]; // weak
extern char byte_4022E5[]; // weak
extern char byte_4022E6; // weak
extern __int16 word_4022F2; // weak
extern __int16 word_4022F4; // weak
extern char byte_4022F6; // weak
extern char dword_4022F8[]; // idb
extern __int16 word_4022FE; // weak
extern char byte_402302; // weak
extern char byte_402303; // weak
extern int dword_402304; // weak
extern char String2[]; // idb
extern char a2UnableToReadW[47]; // weak
extern char a3IncorrectDate[49]; // weak
extern char asc_402414[]; // idb
 
//-------------------------------------------------------------------------
// Function declarations
 
void __cdecl start();
int __stdcall sub_4012A3(int a1);
__int64 __cdecl sub_401385();
__int64 __stdcall sub_40141D(unsigned __int8 a1);
char __cdecl sub_40143D();
unsigned __int8 __stdcall sub_4014D9(int a1, int a2, int a3);
char __stdcall sub_401514(int a1, int a2, int a3);
// int __userpurge sub_401557<eax>(int a1<eax>, int a2, int a3);
unsigned int __cdecl sub_40158F();
// DWORD __stdcall GetPrivateProfileStringA(LPCSTR lpAppName, LPCSTR lpKeyName, LPCSTR lpDefault, LPSTR lpReturnedString, DWORD nSize, LPCSTR lpFileName);
// BOOL __stdcall WritePrivateProfileStringA(LPCSTR lpAppName, LPCSTR lpKeyName, LPCSTR lpString, LPCSTR lpFileName);
// LPSTR __stdcall lstrcpyA(LPSTR lpString1, LPCSTR lpString2);
// DWORD __stdcall GetCurrentDirectoryA(DWORD nBufferLength, LPSTR lpBuffer);
// void __stdcall ExitProcess(UINT uExitCode);
 
 
//----- (00401000) --------------------------------------------------------
void __cdecl start()
{
  DWORD v0; // eax@1
  DWORD v1; // eax@5
  int v2; // eax@7
  int v3; // eax@7
  int v4; // eax@9
  int v5; // ecx@13
  signed int v6; // ecx@17
  void *v7; // edi@17
  const void *v8; // esi@17
  signed int v9; // ST10_4@18
  char v10; // al@19
  char v11; // zf@28
  int v12; // [sp-4h] [bp-4h]@14
 
  v0 = GetCurrentDirectoryA(0x100u, &Buffer);
  if ( v0 )
  {
    if ( *(&Buffer + v0) != 92 )
      *(&Buffer + v0++) = 92;
    lstrcpyA(&Buffer + v0, "CODES.INI");
    lpString2 = "2 (UNABLE TO READ|WRITE .INI FILE (codes.ini))";
    if ( GetPrivateProfileStringA("PCID", L"0", &KeyName[2], ReturnedString, 9u, &Buffer) )
    {
      v1 = GetPrivateProfileStringA("EXPIRE", L"0", &KeyName[2], byte_402167, 0x10u, &Buffer);
      if ( v1 )
      {
        lpString2 = "3 (INCORRECT DATE IN codes.ini PLEASE CHECK IT!)";
        if ( v1 == 8 )
        {
          v3 = *(unsigned __int16 *)byte_402167 << 16;
          LOWORD(v3) = *(_WORD *)&byte_402167[3];
          *(_DWORD *)dword_4022F8 = v3;
          word_4022FE = *(_WORD *)&byte_402167[6];
          v2 = sub_401557((unsigned __int16)word_4022FE, (int)byte_402167, (int)&word_4022F2);
          if ( (_BYTE)word_4022F2 )
          {
            if ( (_BYTE)word_4022F2 <= 0x1Fu )
            {
              v4 = sub_401557(v2, (int)&byte_402167[3], (int)&word_4022F4);
              if ( (_BYTE)word_4022F4 )
              {
                if ( (_BYTE)word_4022F4 <= 0xCu )
                {
                  sub_401557(v4, (int)&byte_402167[6], (int)&byte_4022F6);
                  if ( byte_4022F6 )
                    sub_40158F();
                  sub_401514((int)&asc_402008[16], (int)&asc_402008[16], 3);
                  lpString2 = "2 (UNABLE TO READ|WRITE .INI FILE (codes.ini))";
                  v5 = 8;
                  while ( 1 )
                  {
                    v12 = v5;
                    if ( (unsigned int)v5 > 5 )
                    {
                      lstrcpyA(String1, "INSITE_USAGECOUNT_LICENSE");
                      byte_402209 = 27;
                    }
                    else
                    {
                      lstrcpyA(String1, "INSITE_TOOLLEVEL_LICENSE");
                      byte_402209 = 26;
                    }
                    byte_402303 = byte_4022A0[v12];
                    sub_4012A3(v12);
                    sub_401385();
                    sub_4014D9((int)&dword_402024, (int)&unk_40202C, 6);
                    v8 = &unk_40202C;
                    v7 = "----------------";
                    v6 = 4;
                    do
                    {
                      v9 = v6;
                      memcpy(v7, v8, 3u);
                      v8 = (char *)v8 + 3;
                      v7 = (char *)v7 + 4;
                      --v6;
                    }
                    while ( v9 != 1 );
                    v10 = byte_40215D[v12];
                    byte_40215C = byte_40215D[v12];
                    if ( byte_402209 == 27 )
                    {
                      String[0] = v10;
                      *(_WORD *)&String[1] = 21331;
                    }
                    else
                    {
                      byte_402006 = v10;
                      *(_WORD *)String = 12336;
                    }
                    if ( dword_402304 == 1 )
                    {
                      *(_WORD *)&asc_402008[16] = 12336;
                      byte_40201A = 48;
                    }
                    if ( !WritePrivateProfileStringA((&lpAppName)[4 * dword_402304], &byte_40215C, String, &Buffer) )
                      break;
                    v5 = v12 - 1;
                    if ( v12 == 1 )
                    {
                      dword_402304 = 1;
                      v11 = byte_402302 == 1;
                      byte_402302 = 1;
                      v5 = 5;
                      if ( v11 )
                        goto LABEL_31;
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  }
  lstrcpyA("                                                  ", lpString2);
LABEL_31:
  ExitProcess(0);
}
// 402006: using guessed type char byte_402006;
// 40201A: using guessed type char byte_40201A;
// 402024: using guessed type int dword_402024;
// 402209: using guessed type char byte_402209;
// 4022F2: using guessed type __int16 word_4022F2;
// 4022F4: using guessed type __int16 word_4022F4;
// 4022F6: using guessed type char byte_4022F6;
// 4022FE: using guessed type __int16 word_4022FE;
// 402302: using guessed type char byte_402302;
// 402303: using guessed type char byte_402303;
// 402304: using guessed type int dword_402304;
 
//----- (004012A3) --------------------------------------------------------
int __stdcall sub_4012A3(int a1)
{
  LPSTR v1; // eax@1
  int v2; // eax@5
  char v3; // cl@6
  int v4; // eax@8
  int v5; // ecx@8
  int v6; // eax@12
  signed int v7; // ecx@12
  int result; // eax@14
 
  v1 = &lstrcpyA(&String1[(unsigned __int8)byte_402209], (&dword_40226D)[4 * a1])[(unsigned __int8)byte_402298[a1]];
  if ( byte_402209 == 27 )
  {
    if ( dword_402304 == 1 )
    {
      *(_DWORD *)v1 = 825241904;
      *((_DWORD *)v1 + 1) = 808464434;
    }
    else
    {
      v1 = lstrcpyA(v1, dword_4022F8);
    }
    v2 = (int)(v1 + 8);
    *(_WORD *)v2 = 12883;
    v2 += 2;
    *(_BYTE *)v2 = 83;
    v1 = (LPSTR)(v2 + 1);
  }
  v3 = 1;
  if ( dword_402304 != 1 )
    v3 = word_4022F2;
  *v1 = v3;
  v4 = (int)(v1 + 1);
  LOBYTE(v5) = 0;
  if ( dword_402304 == 1 )
  {
    if ( byte_402209 == 27 )
      LOBYTE(v5) = 100;
  }
  else
  {
    v5 = (unsigned __int8)byte_4022F6 + 100;
  }
  *(_BYTE *)v4 = v5;
  v6 = v4 + 1;
  v7 = 1;
  if ( dword_402304 != 1 )
    v7 = (unsigned __int8)word_4022F4;
  *(_DWORD *)v6 = dword_4022B1[v7];
  result = v6 + 3;
  *(_DWORD *)result = 1943061895;
  *(_DWORD *)(result + 4) = 0;
  *(_DWORD *)(result + 8) = 0;
  return result;
}
// 402209: using guessed type char byte_402209;
// 4022B1: using guessed type int dword_4022B1[];
// 4022F2: using guessed type __int16 word_4022F2;
// 4022F4: using guessed type __int16 word_4022F4;
// 4022F6: using guessed type char byte_4022F6;
// 402304: using guessed type int dword_402304;
 
//----- (00401385) --------------------------------------------------------
__int64 __cdecl sub_401385()
{
  int v0; // ecx@1
  signed int v1; // ecx@2
  int v2; // esi@2
  char v3; // al@3
  __int64 result; // qax@7
  int v5; // [sp-4h] [bp-8h]@2
  unsigned __int8 v6; // [sp+0h] [bp-4h]@1
 
  dword_402024 = 0;
  dword_402028 = 0;
  v6 = 0;
  v0 = (unsigned __int8)byte_402303;
  do
  {
    v5 = v0;
    v2 = 8 * (v6 + 1) + 4202878;
    v1 = 8;
    do
    {
      v3 = *(_BYTE *)v2++;
      byte_402023[v1] ^= v3;
      --v1;
    }
    while ( v1 );
    if ( !v6 )
    {
      dword_402024 ^= 0xD912F316u;
      dword_402028 ^= 0xFD915981u;
    }
    ++v6;
    sub_40143D();
    v0 = v5 - 1;
  }
  while ( v5 != 1 );
  LOBYTE(dword_402024) = sub_40141D(BYTE3(dword_402028)) + dword_402024;
  result = sub_40141D(BYTE2(dword_402028));
  BYTE1(dword_402024) += result;
  HIWORD(dword_402028) = 0;
  return result;
}
// 402024: using guessed type int dword_402024;
// 402028: using guessed type int dword_402028;
// 402303: using guessed type char byte_402303;
 
//----- (0040141D) --------------------------------------------------------
__int64 __stdcall sub_40141D(unsigned __int8 a1)
{
  __int64 result; // qax@1
  signed int v2; // ecx@1
 
  result = 0i64;
  _EBX = a1;
  v2 = 8;
  do
  {
    __asm { bt      ebx, edx }
    LODWORD(result) = __RCL__(result, _CF);
    result += 4294967296i64;
    --v2;
  }
  while ( v2 );
  return result;
}
 
//----- (0040143D) --------------------------------------------------------
char __cdecl sub_40143D()
{
  char result; // al@1
  char v1; // ST10_1@1
  char v2; // ST0C_1@1
  char v3; // ST08_1@1
  char v4; // ST04_1@1
 
  v1 = dword_402024;
  v2 = BYTE1(dword_402024);
  v3 = BYTE2(dword_402024);
  v4 = BYTE3(dword_402024);
  LOBYTE(dword_402024) = BYTE3(dword_402028) + dword_402028;
  BYTE1(dword_402024) = v4 + BYTE1(dword_402028);
  BYTE2(dword_402024) = ~(v3 + dword_402028);
  BYTE3(dword_402024) = v1 + BYTE1(dword_402028);
  LOBYTE(dword_402028) = v4 + BYTE2(dword_402028);
  BYTE1(dword_402028) = ~(v2 + BYTE2(dword_402028));
  BYTE2(dword_402028) = v1 + BYTE3(dword_402028);
  result = v3 + v2;
  BYTE3(dword_402028) = v3 + v2;
  return result;
}
// 402024: using guessed type int dword_402024;
// 402028: using guessed type int dword_402028;
 
//----- (004014D9) --------------------------------------------------------
unsigned __int8 __stdcall sub_4014D9(int a1, int a2, int a3)
{
  int v3; // ecx@1
  int v4; // edi@1
  int v5; // esi@1
  unsigned __int8 v6; // al@2
  unsigned __int8 result; // al@2
  unsigned __int8 v8; // dl@2
  signed int v9; // ecx@2
  int v10; // [sp-4h] [bp-4h]@2
 
  v5 = a1;
  v4 = a2;
  v3 = a3;
  do
  {
    v6 = *(_BYTE *)v5++;
    v10 = v3;
    v9 = 2;
    v8 = v6;
    result = v6 >> 4;
    do
    {
      if ( result >= 0xAu )
      {
        if ( result < 0x10u )
          result += 55;
      }
      else
      {
        result += 48;
      }
      *(_BYTE *)v4++ = result;
      result = v8 & 0xF;
      --v9;
    }
    while ( v9 );
    v3 = v10 - 1;
  }
  while ( v10 != 1 );
  *(_BYTE *)v4 = 0;
  return result;
}
 
//----- (00401514) --------------------------------------------------------
char __stdcall sub_401514(int a1, int a2, int a3)
{
  unsigned int v3; // eax@1
  int v4; // ecx@1
  int v5; // edi@1
  int v6; // esi@1
 
  v3 = 0;
  v6 = a1;
  v5 = a2;
  v4 = a3;
  do
  {
    LOBYTE(v3) = *(_BYTE *)v6++;
    if ( v3 > 9 )
    {
      if ( v3 < 0xA || v3 > 0x23 )
      {
        if ( v3 >= 0x24 )
        {
          if ( v3 <= 0x3D )
            v3 += 61;
        }
      }
      else
      {
        v3 += 55;
      }
    }
    else
    {
      v3 += 48;
    }
    *(_BYTE *)v5++ = v3;
    --v4;
  }
  while ( v4 );
  return v3;
}
 
//----- (00401557) --------------------------------------------------------
int __userpurge sub_401557<eax>(int a1<eax>, int a2, int a3)
{
  signed int v3; // ecx@1
  int v4; // ebx@1
  int v5; // esi@1
  int v6; // et0@5
  int v8; // ST08_4@6
 
  v3 = 2;
  v4 = 0;
  v5 = a2;
  *(_BYTE *)a3 = 0;
  do
  {
    LOBYTE(a1) = *(_BYTE *)v5++;
    if ( (_BYTE)a1 >= 48 )
    {
      if ( (_BYTE)a1 <= 0x39u )
        LOBYTE(a1) = a1 - 48;
    }
    v6 = a1;
    a1 = 10 * v4;
    v4 = 10 * v4 + v6;
    --v3;
  }
  while ( v3 );
  *(_BYTE *)a3 = v4;
  return v8;
}
 
//----- (0040158F) --------------------------------------------------------
unsigned int __cdecl sub_40158F()
{
  unsigned int v0; // eax@1
  int v1; // ecx@1
  int v2; // eax@7
  int v3; // ecx@7
  unsigned int result; // eax@9
  signed int v5; // ecx@9
  signed int v6; // edi@9
  unsigned int v7; // ebx@10
  int v8; // [sp+0h] [bp-4h]@1
 
  v8 = 0;
  v1 = (unsigned __int8)byte_4022F6;
  v0 = (unsigned __int8)byte_4022F6 + 1999;
  do
  {
    if ( !(v0 % 4) )
      ++v8;
    v8 += 365;
    --v0;
    --v1;
  }
  while ( v1 );
  if ( !(((unsigned int)(unsigned __int8)byte_4022F6 + 2000) % 4) )
    byte_4022E6 = 29;
  v2 = 0;
  v3 = (unsigned __int16)word_4022F4 - 1;
  if ( (unsigned __int16)word_4022F4 != 1 )
  {
    do
      v2 += (unsigned __int8)byte_4022E5[v3--];
    while ( v3 );
  }
  result = v8 + (unsigned __int16)word_4022F2 - 1 + v2;
  v6 = 4202520;
  v5 = 3;
  do
  {
    v7 = dword_4022A5[v5];
    *(_BYTE *)v6++ = result / v7;
    result %= v7;
    --v5;
  }
  while ( v5 );
  return result;
}
// 4022A5: using guessed type int dword_4022A5[];
// 4022E6: using guessed type char byte_4022E6;
// 4022F2: using guessed type __int16 word_4022F2;
// 4022F4: using guessed type __int16 word_4022F4;
// 4022F6: using guessed type char byte_4022F6;
 
// ALL OK, 9 function(s) have been successfully decompiled
2010-1-16 22:41
0
破解不好
雪    币: 202
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4
该软件是Flexlm保护的,我跟出SEED是:

03A4B828  00000066  f...
03A4B82C  0055007C  |.U.
03A4B830  72F6C35B---------job+08
03A4B834  32FD906A---------job+0c
03A4B838  23376EED---------job+10
03A4B83C  00000000  ....
03A4B840  00000000  ....

0A3EECE4  00000004
0A3EECE8  1A828121------ data[0]
0A3EECEC  3E012BB6------ data[0]
0A3EECF0  C444EFFC  D
0A3EECF4  84FCC5EA  昱鼊
0A3EECF8  83328001  €2
0A3EECFC  C1300740  @0
0A3EED00  00000000  ....

seed1:d912f316
seed2:fd915981

下面是我做的无限授权文件,不是用的注册码。呵呵,也能用。不过我的这个授权是不限电脑的。

1
2
3
4
5
6
7
8
9
10
11
<LicenseFile Version="70300226">
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="CA715CA8DC82" IsValid="" ID="{27AF75ED-20D9-11D1-B1CE-00805FC1270E}" Data="[Basic]RSGNR" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="1"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="3A823EA8784A" IsValid="" ID="{94B65A8A-2016-41E4-BF27-0F8B0815A2C2}" Data="[Lite]RSGNR|OBDRSGNR" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="F84D48D2706F" IsValid="" ID="{D272DBD7-6452-41B6-8CFF-A368799CCF78}" Data="[Lite]RSGNR|OBDRSGNR|OBD" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="BA04C1FD7429" IsValid="" ID="{7809FD4F-7979-4EE9-B65E-804506281225}" Data="[Lite]" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="E25070CDAFC3" IsValid="" ID="{3E5C0E86-1BDA-4EC6-B71A-9BFBF1C41942}" Data="[Lite]PreProdSupp|NProdSupp|NOBDRSGR|NOBD" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="5EA7001E5A7C" IsValid="" ID="{0E0EBCFB-155C-412C-BB5C-36AF00552664}" Data="[Lite]RSGNR" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="4CF80BA7424A" IsValid="" ID="{32D4EFFB-A380-4969-8AD3-6B32F313AA3D}" Data="[Pro]RSGNR|NoAutomotive" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="36CB7EC4AC89" IsValid="" ID="{E4D40BE9-5DF4-435F-90E7-41EA38A22E00}" Data="[Pro]RSGNR" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
    <GenericLicense Expiration="permanent" Name="INSITE_ToolLevel_License" VendorDaemon="cummins" Key="F1DB7A53B7FE" IsValid="" ID="{5C3CD507-3388-42D9-856D-0FAE58710CE9}" Data="[Pro]RSGNR|PreProdSupp|NProdSupp" Version="1.000" Count="uncounted" HostID="ANY" IsExpDlgDisp="0"/>
</LicenseFile>
2010-1-16 22:49
0
yangchao忽忽
雪    币: 125
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5
嗯 工作量大 顶了
2010-1-17 00:02
0
newskrq
雪    币: 206
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6
刚准备来学习,就看见好多不懂的知识
2010-1-17 10:03
0
破解不好
雪    币: 202
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
7
高手上啊,呵呵
2010-1-17 22:06
0
收破烂的
雪    币: 96
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
8
要是短点我还可以,太长了。。。。
2010-1-18 09:53
0
北极狐狸
雪    币: 2368
活跃值: (81)
能力值: (RANK:300 )
在线值:
发帖
回帖
粉丝
私信
9
高手一般都不玩,都忙着养家....呵呵。
楼主自己可以翻译出来。
如果做得通俗易懂。适合学习。为大家奉献一把
2010-1-18 14:20
0
fanshuhua
雪    币: 42
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
10
逆向啊,顶下LZ,体力活啊
2010-1-19 01:19
0
二毛
雪    币: 143
活跃值: (17)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
11
如果是看几眼就能出结果的,估计一堆人帮你,如果要花几个小时来弄的。他们又不傻。。没人那么闲的
2010-1-19 12:29
0
qml
雪    币: 3
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
qml
12
看不懂- -!。还要学习啊
2010-1-20 10:26
0
破解不好
雪    币: 202
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
13
还没有高手搞定啊,呵呵。
我在第三贴再给出信息,多看看吧。
2010-1-28 14:49
0
kkmylove
雪    币: 338
活跃值: (103)
能力值: ( LV7,RANK:110 )
在线值:
发帖
回帖
粉丝
私信
14
高手都很忙的
2010-1-29 11:28
0
ttthhh
雪    币: 56
活跃值: (276)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
15
才10kx确实没人玩啊!
2010-1-31 22:59
0
ikeart
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
16
都看着眼花了.真的很费劲.
2010-1-31 23:05
0
sinondo
雪    币: 3
活跃值: (20)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
17
才在学基础,不敢玩。
2010-1-31 23:21
0
星空泪
雪    币: 1
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
18
说得是
2010-1-31 23:51
0
phoenixson
雪    币: 174
活跃值: (77)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
19
看来还是满强大的。
2010-9-14 15:46
0
mingxilove
雪    币: 101
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
20
同意,楼主做出来给大家呀
2010-9-14 23:46
0
骆铭
雪    币: 31
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
21
头晕啊。。。
2010-9-15 01:05
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回

账号登录
验证码登录

忘记密码?
没有账号?立即免费注册
我已同意 《看雪服务条款》 《看雪课程免责声明》 《看雪隐私政策》