这是一个自动注册SOHU帐号的小软件,不是收费软件。估计作者是为了此工具被恶意利用,所以必须有注册码才能使用。注册码根据软件提取的机器码计算得到,输入后保持在软件目录下INI文件中。无正确注册码点击开始,跳出消息框:无效的序列号,请向作者申请正确的序列号。但是OD用 BP MESSAGEBOXA下断,程序窗口都跳不出来。开始按钮弹起下断,内存地址出错。
用W32DSM10.10提取的函数列表如下:
ADVAPI32.AdjustTokenPrivileges
ADVAPI32.LookupPrivilegeValueA
ADVAPI32.OpenProcessToken
ADVAPI32.RegCloseKey
ADVAPI32.RegCreateKeyExA
ADVAPI32.RegEnumKeyExA
ADVAPI32.RegOpenKeyExA
ADVAPI32.RegQueryValueExA
ADVAPI32.RegSetValueExA
GDI32.CreateRectRgnIndirect
GDI32.DeleteObject
GDI32.SetMapMode
GDI32.SetViewportExtEx
GDI32.SetViewportOrgEx
GDI32.SetWindowExtEx
GDI32.SetWindowOrgEx
KERNEL32.AllocConsole
KERNEL32.AttachConsole
KERNEL32.CloseHandle
KERNEL32.CompareStringW
KERNEL32.CreateFileA
KERNEL32.CreateFileW
KERNEL32.CreatePipe
KERNEL32.CreateProcessA
KERNEL32.CreateRemoteThread
KERNEL32.CreateThread
KERNEL32.DebugBreak
KERNEL32.DecodePointer
KERNEL32.DeleteCriticalSection
KERNEL32.DeleteFileA
KERNEL32.DuplicateHandle
KERNEL32.EncodePointer
KERNEL32.EnterCriticalSection
KERNEL32.EnumSystemLocalesA
KERNEL32.ExitProcess
KERNEL32.ExitThread
KERNEL32.FatalAppExitA
KERNEL32.FindResourceA
KERNEL32.FlushFileBuffers
KERNEL32.FormatMessageA
KERNEL32.FreeConsole
KERNEL32.FreeEnvironmentStringsW
KERNEL32.FreeLibrary
KERNEL32.FreeResource
KERNEL32.GetACP
KERNEL32.GetCommandLineA
KERNEL32.GetConsoleCP
KERNEL32.GetConsoleMode
KERNEL32.GetConsoleWindow
KERNEL32.GetCPInfo
KERNEL32.GetCurrentDirectoryW
KERNEL32.GetCurrentProcess
KERNEL32.GetCurrentProcessId
KERNEL32.GetCurrentThread
KERNEL32.GetCurrentThreadId
KERNEL32.GetDriveTypeW
KERNEL32.GetEnvironmentStringsW
KERNEL32.GetExitCodeProcess
KERNEL32.GetExitCodeThread
KERNEL32.GetFileAttributesA
KERNEL32.GetFileSize
KERNEL32.GetFileType
KERNEL32.GetFullPathNameA
KERNEL32.GetLastError
KERNEL32.GetLocaleInfoA
KERNEL32.GetLocaleInfoW
KERNEL32.GetModuleFileNameA
KERNEL32.GetModuleFileNameW
KERNEL32.GetModuleHandleA
KERNEL32.GetModuleHandleW
KERNEL32.GetOEMCP
KERNEL32.GetProcAddress
KERNEL32.GetProcessHeap
KERNEL32.GetStartupInfoW
KERNEL32.GetStdHandle
KERNEL32.GetStringTypeW
KERNEL32.GetSystemTimeAsFileTime
KERNEL32.GetTickCount
KERNEL32.GetTimeZoneInformation
KERNEL32.GetUserDefaultLCID
KERNEL32.HeapAlloc
KERNEL32.HeapCreate
KERNEL32.HeapFree
KERNEL32.HeapReAlloc
KERNEL32.HeapSetInformation
KERNEL32.HeapSize
KERNEL32.InitializeCriticalSection
KERNEL32.InitializeCriticalSectionAndSpinCount
KERNEL32.InterlockedDecrement
KERNEL32.InterlockedIncrement
KERNEL32.IsBadReadPtr
KERNEL32.IsBadWritePtr
KERNEL32.IsDebuggerPresent
KERNEL32.IsProcessorFeaturePresent
KERNEL32.IsValidCodePage
KERNEL32.IsValidLocale
KERNEL32.LCMapStringW
KERNEL32.LeaveCriticalSection
KERNEL32.LoadLibraryA
KERNEL32.LoadLibraryW
KERNEL32.LoadResource
KERNEL32.LocalFree
KERNEL32.LockResource
KERNEL32.lstrcpyW
KERNEL32.lstrlenW
KERNEL32.MoveFileA
KERNEL32.MultiByteToWideChar
KERNEL32.OpenProcess
KERNEL32.QueryPerformanceCounter
KERNEL32.RaiseException
KERNEL32.ReadConsoleA
KERNEL32.ReadFile
KERNEL32.ReadProcessMemory
KERNEL32.ResumeThread
KERNEL32.RtlUnwind
KERNEL32.SetConsoleCtrlHandler
KERNEL32.SetConsoleMode
KERNEL32.SetConsoleTitleA
KERNEL32.SetConsoleWindowInfo
KERNEL32.SetEndOfFile
KERNEL32.SetEnvironmentVariableA
KERNEL32.SetFilePointer
KERNEL32.SetHandleCount
KERNEL32.SetLastError
KERNEL32.SetStdHandle
KERNEL32.SetUnhandledExceptionFilter
KERNEL32.SizeofResource
KERNEL32.Sleep
KERNEL32.SuspendThread
KERNEL32.TerminateProcess
KERNEL32.TerminateThread
KERNEL32.TlsAlloc
KERNEL32.TlsFree
KERNEL32.TlsGetValue
KERNEL32.TlsSetValue
KERNEL32.UnhandledExceptionFilter
KERNEL32.VirtualAlloc
KERNEL32.VirtualAllocEx
KERNEL32.VirtualFree
KERNEL32.VirtualFreeEx
KERNEL32.VirtualProtect
KERNEL32.WaitForSingleObject
KERNEL32.WideCharToMultiByte
KERNEL32.WriteConsoleW
KERNEL32.WriteFile
KERNEL32.WriteProcessMemory
ole32.CLSIDFromProgID
ole32.CLSIDFromString
ole32.CoCreateInstance
ole32.CoLockObjectExternal
ole32.CoRegisterClassObject
ole32.CoRevokeClassObject
ole32.CoTaskMemAlloc
ole32.CoTaskMemFree
ole32.CreateBindCtx
ole32.CreateOleAdviseHolder
ole32.MkParseDisplayName
ole32.OleCreate
ole32.OleCreateFromFile
ole32.OleInitialize
ole32.OleRegGetUserType
ole32.OleSetContainedObject
ole32.OleUninitialize
ole32.StringFromCLSID
ole32.StringFromIID
OLEAUT32.DispGetIDsOfNames
OLEAUT32.GetActiveObject
OLEAUT32.LHashValOfNameSys
OLEAUT32.LoadRegTypeLib
OLEAUT32.LoadTypeLibEx
OLEAUT32.SafeArrayAccessData
OLEAUT32.SafeArrayCreate
OLEAUT32.SafeArrayCreateVector
OLEAUT32.SafeArrayDestroy
OLEAUT32.SafeArrayGetDim
OLEAUT32.SafeArrayGetElement
OLEAUT32.SafeArrayPutElement
OLEAUT32.SafeArrayUnaccessData
OLEAUT32.SysAllocStringLen
OLEAUT32.SysFreeString
OLEAUT32.SysStringLen
OLEAUT32.SystemTimeToVariantTime
OLEAUT32.UnRegisterTypeLib
OLEAUT32.VariantChangeType
OLEAUT32.VariantClear
OLEAUT32.VariantCopy
OLEAUT32.VariantCopyInd
OLEAUT32.VariantInit
OLEAUT32.VariantTimeToSystemTime
SHLWAPI.SHDeleteKeyA
USER32.CallWindowProcA
USER32.CreateWindowExA
USER32.DispatchMessageA
USER32.EqualRect
USER32.GetActiveWindow
USER32.GetClientRect
USER32.GetMessageA
USER32.GetSystemMenu
USER32.GetWindowLongA
USER32.GetWindowRect
USER32.IntersectRect
USER32.IsWindow
USER32.IsWindowVisible
USER32.MapWindowPoints
USER32.MessageBoxA
USER32.ModifyMenuA
USER32.OffsetRect
USER32.RegisterClassA
USER32.SetFocus
USER32.SetForegroundWindow
USER32.SetWindowPos
USER32.SetWindowRgn
USER32.ShowWindow
USER32.TranslateMessage
USER32.WinHelpA
USER32.wsprintfA
昨天忙了一天,竟然哪个函数传送注册码都找不出来。这程序,如何获得我们输入的序列号?
0042B910开始,是不是计算序列号的算法代码?
请大大们帮忙指导,释疑指导,先拜谢了!!
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课