-
-
[原创]菜鸟也做注册机
-
发表于:
2010-6-21 16:40
11990
-
一直对算法很头痛,决定好好学习下,做个注册机,从crackme入手,找到crackme2007特辑里第一个crackme,http://bbs.pediy.com/showthread.php?t=11222
具体分析上面帖里很详细了,稍微说下我的分析
00401548 |> \BF BC020000 MOV EDI,2BC
0040154D |. BE 30000000 MOV ESI,30
00401552 |. B8 48000000 MOV EAX,48
00401557 |. 99 CDQ
00401558 |. F7FB IDIV EBX ;ebx里为用户名字符个数
0040155A |. 29C6 SUB ESI,EAX
0040155C |. 8D34B6 LEA ESI,DWORD PTR DS:[ESI+ESI*4]
0040155F |. 29F7 SUB EDI,ESI
00401561 |. 6BFF 6B IMUL EDI,EDI,6B
00401564 |. 81EF 6CCF0000 SUB EDI,0CF6C
0040156A |. 81FF 00230000 CMP EDI,2300
00401570 |. 7F 08 JG SHORT unpacked.0040157A
00401572 |. 81FF 90010000 CMP EDI,190
00401578 |. 7D 04 JGE SHORT unpacked.0040157E
0040157A |> 31C0 XOR EAX,EAX
0040157C |. EB 1A JMP SHORT unpacked.00401598
0040157E |> 8D85 00FFFFFF LEA EAX,DWORD PTR SS:[EBP-100]
00401584 |. 50 PUSH EAX
00401585 |. 53 PUSH EBX
00401586 |. FF75 08 PUSH DWORD PTR SS:[EBP+8]
00401589 |. E8 77FDFFFF CALL unpacked.00401305
00401305 /$ 55 PUSH EBP
00401306 |. 89E5 MOV EBP,ESP
00401308 |. 81EC 2C040000 SUB ESP,42C
。。。。。
004013B4 |. 09C0 OR EAX,EAX
004013B6 |. 0F84 48010000 JE unpacked.00401504
004013BC |. B8 CF110000 MOV EAX,11CF
004013C1 |. 0FB68D E1FCFF>MOVZX ECX,BYTE PTR SS:[EBP-31F] ;ECX取注册码第一个字符
004013C8 |. 99 CDQ
004013C9 |. F7F9 IDIV ECX
004013CB |. 83FA 17 CMP EDX,17 ;被11CF除后的余数必须为17
004013CE |. 74 07 JE SHORT unpacked.004013D7
004013D0 |. 31C0 XOR EAX,EAX
004013D2 |. E9 2D010000 JMP unpacked.00401504
004013D7 |> 31DB XOR EBX,EBX
004013D9 |. EB 0B JMP SHORT unpacked.004013E6
。。。。
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
没看懂
