【破解作者】 qfejj
【作者邮箱】 qfejj@163.com
【使用工具】 OllyDbgv1.10;PEIDv0.93;MASM32;计算器
【破解平台】 Win9x/NT/2000/XP
【软件名称】 DialogBlocks Version 2.00
【软件大小】 5.19MB
【加壳方式】 无
【下载地址】 http://www.anthemion.co.uk/dialogblocks/DialogBlocks-2.00-Setup.exe
【破解声明】 本人破解无任何商业目的,纯粹兴趣使然
--------------------------------------------------------------------------------
【破解内容】
DialogBlocks For wxWindgets,这个软件可以帮助软件设计者轻松快速地设计出专业的用户界面,更有跨平台的界面支持库,用过的朋友肯定知道它的强大功能,没有用过的朋友可以试试。注册成为正式用户后,解除所有限制的功能。付钱注册还是使用我的注册机注册,随你便,哈哈。(反正我对老外是不会客气的)
这个软件采用用户名--注册码的保护方式,有标准版和个人版之分,注册信息保存在注册表,每次启动读取验证,用户名和注册码没有大小写之分。有个缺点是在内存中会出现完整的明文注册码,还好每次出现的地方都不同,可以对付一下注册机工具生成的内存注册机。软件只用了一个GetWindowText,至于提示注册成功与否的MessageBoxA也是用的同一个,拦截GetWindowText后,只要点击用户界面就会让你中断,MessageBox当然也是没什么用的,调试后你会发现,判断离那里很远。拦截注册表值的读取要等上很久,最快最方便的是查找出错字串来定位(软件作者好像忽略了这个,前面那些保护白做了)。
我的习惯,贴代码前先说一下这个软件的注册过程。
这个软件要完美爆破很简单,只要在0042B8C1处call dialogbl.0042B7A0使al返回值为1即可。对于这个call,如果第一次al返回1,注册成功且为标准版,第二次al返回1,注册成功也为标准版,第三次al返回1,注册成功为个人版。三次返回值都为0则注册失败。
软件由用户名处理后得到注册码后直接比较,没有中间值(这样子对我来说太好了,写注册机不用写逆算部分),具体的处理过程如下:
1. 获取用户名,把所有大写字母都转化为小写,然后在用户名后加上一固定字串,对于这个固定字串是这样子加的:
a.计算标准版注册码所用的字串是"Anthemion Software DialogBlocks",80h
b.另一个计算标准版注册码所用的字串"Anthemion Software DialogBlocks and HelpBlocks",80h
c.计算个人版注册码所用的字串"Anthemion Software DialogBlocks Personal Edition",80h
在用户名第一个字节向后偏移38h的地方加上一个值,这个值(16进制)=用户名长度(包括新加的字串)*8
这里说一点,由a和b生成的注册码注册后同为标准版,就是说一个用户名可以有两个不用的注册码来完成标准版的注册,对于这两个不同的注册码完成的注册,我没看出有什么不同。像这样子处理,在没有用户名的情况下也是可以成功注册的。
2.获取用户名长度(包括加上的字串长),对超出40(16进制64)的部分舍弃。我贴的注册机源码里没有这部分的代码,我想没有哪位喜欢用超过30个字符的ID来注册吧?(如果有,我单独给你写一个好了)
3.通过一函数对处理后的用户名进行一定的计算,得到结果。这个函数体比较庞大,有点吓人,我只有通过代码来说明。
下面看算法相关的代码,怎么跟的具体就不说了。另外,没有注释的地方你大可不看,以节约你宝贵的时间。
;***************处理用户名长度,计算附加值********************************
...
004257DE push ebp ; 具体进来处理
004257DF mov ebp,esp
004257E1 push ebx
004257E2 mov ebx,dword ptr ss:[ebp+10] ; 用户名长度
004257E5 push esi ; esi指向类似于"Anthemion Software DialogBlocks"的字串,视具体版本
004257E6 mov esi,dword ptr ss:[ebp+8] ; 这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
004257E9 push edi
004257EA mov eax,dword ptr ds:[esi+10]
004257ED lea ecx,dword ptr ds:[eax+ebx*8] ; 用户名长度*8+eax,eax=0
004257F0 cmp ecx,eax
004257F2 mov dword ptr ds:[esi+10],ecx ; 保存,这个值在处理用户名的时候要用
004257F5 jnb short dialogbl.004257FA
004257F7 inc dword ptr ds:[esi+14]
004257FA mov ecx,ebx ; ebx=用户名长度
004257FC shr ecx,1D
004257FF add dword ptr ds:[esi+14],ecx ; esi指向的是那个数组0123456789ABCDEFFEDCBA9876543210
00425802 shr eax,3
00425805 and eax,3F
00425808 je short dialogbl.0042583A
0042580A push 40
0042580C lea ecx,dword ptr ds:[eax+esi+18]
00425810 pop edi
00425811 sub edi,eax
00425813 cmp ebx,edi
00425815 jnb short dialogbl.0042581E
00425817 push ebx
00425818 push dword ptr ss:[ebp+C]
0042581B push ecx
0042581C jmp short dialogbl.00425871
0042581E push edi ; /n
0042581F push dword ptr ss:[ebp+C] ; |src
00425822 push ecx ; |dest
00425823 call <jmp.&MSVCRT.memcpy> ; \memcpy
00425828 lea eax,dword ptr ds:[esi+18]
0042582B push eax
0042582C push esi
0042582D call dialogbl.00425901
00425832 add dword ptr ss:[ebp+C],edi
00425835 add esp,14
00425838 sub ebx,edi
0042583A cmp ebx,40 ; 用户名长度和40比较
0042583D jb short dialogbl.00425869 ; 小于40则转去处理
0042583F mov edi,ebx ; 用户名长度要是大于40,右移6
00425841 shr edi,6
00425844 /push 40 ; /n = 40 (64.)
00425846 |lea eax,dword ptr ds:[esi+18] ; |
00425849 |push dword ptr ss:[ebp+C] ; |src
0042584C |push eax ; |dest
0042584D |call <jmp.&MSVCRT.memcpy> ; \memcpy
00425852 |lea eax,dword ptr ds:[esi+18]
00425855 |push eax
00425856 |push esi
00425857 |call dialogbl.00425901
0042585C |add dword ptr ss:[ebp+C],40
00425860 |add esp,14
00425863 |sub ebx,40
00425866 |dec edi
00425867 \jnz short dialogbl.00425844
00425869 push ebx ; /n
0042586A add esi,18 ; |
0042586D push dword ptr ss:[ebp+C] ; |加了字串后的用户名
00425870 push esi ; |地址
00425871 call <jmp.&MSVCRT.memcpy> ; \把加了字串的用户名复制到esi所指地址后
00425876 add esp,0C
00425879 pop edi
0042587A pop esi
0042587B pop ebx
0042587C pop ebp
0042587D retn
...
;************************处理用户名,得到注册码********************
...
0042B631 mov dword ptr ss:[ebp-14],ebx
0042B634 mov edi,dword ptr ss:[ebp-10] ; 用户名
0042B637 lea esi,dword ptr ss:[ebp-27C]
0042B63D mov eax,edi
0042B63F cmp byte ptr ds:[eax],bl
0042B641 je short dialogbl.0042B65C
0042B643 /mov al,byte ptr ds:[edi] ; 具体的处理部分
0042B645 |cmp al,20 ; 看取出的字母(数字)是否是空格
0042B647 |je short dialogbl.0042B657
0042B649 |movsx eax,al ; 用户名ASCII值扩展到eax
0042B64C |push eax ; /c
0042B64D |call dword ptr ds:[<&MSVCRT.tolower>] ; \所有用户名中字母一律转换为小写字母
0042B653 |mov byte ptr ds:[esi],al ; 转换后得到的小写字母ASCII值保存到堆栈
0042B655 |pop ecx
0042B656 |inc esi
0042B657 |inc edi ; 如果前面取得的是空格,则指针移到下一个字母(数字)
0042B658 |cmp byte ptr ds:[edi],bl ; 看用户名是否已经取完
0042B65A \jnz short dialogbl.0042B643 ; 若没取完,回去再取下一个并作小写转换处理
0042B65C push dword ptr ss:[ebp-14] ; /一字串
0042B65F lea eax,dword ptr ss:[ebp-27C] ; |转换为小写字母后的用户名
0042B665 mov byte ptr ds:[esi],bl ; |
0042B667 push eax ; |dest
0042B668 call <jmp.&MSVCRT.strcat> ; \在小写用户名后加上字串“Anthemion Software DialogBlocks”
; 关于这个字串的规则是这样的:
; 用户名后加上字串"Anthemion Software DialogBlocks",80h
; 或者加上"Anthemion Software DialogBlocks and HelpBlocks",80h
; 最后得到的是标准版的注册码
; 用户名后加上字串"Anthemion Software DialogBlocks Personal Edition",80h
; 最后得到的是个人版的注册码
0042B66D mov eax,dword ptr ds:[908840]
0042B672 mov dword ptr ss:[ebp+C],eax
0042B675 lea eax,dword ptr ss:[ebp-7C]
0042B678 mov byte ptr ss:[ebp-4],2
0042B67C push eax
0042B67D call dialogbl.004257B6
0042B682 lea eax,dword ptr ss:[ebp-27C] ; 加了字串后的用户名地址送到eax
0042B688 push eax ; /s
0042B689 call <jmp.&MSVCRT.strlen> ; \取这个加了字串的用户名的长度,eax返回长度
0042B68E push eax
0042B68F lea eax,dword ptr ss:[ebp-27C] ; 加了字串后的用户名地址送到eax
0042B695 push eax
0042B696 lea eax,dword ptr ss:[ebp-7C] ; 这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
0042B699 push eax
0042B69A call dialogbl.004257DE
0042B69F lea eax,dword ptr ss:[ebp-7C] ; 这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
0042B6A2 push eax
0042B6A3 lea eax,dword ptr ss:[ebp-24] ; 将指向下面函数处理的结果
0042B6A6 push eax
0042B6A7 call dialogbl.0042587E ; 处理得到结果,里面有一个处理用户名的关键call,如下面{}中所示:
; 这段代码没有调用任何函数,写注册机的时候可以照搬过来,要改动
; 的地方很少,我最喜欢这样的代码,写注册机的时候太方便了!
{ ;Local Call from 0042B6A7
--------处理用户名的关键代码(一个庞大的函数体)---begin
00425901 push ebp ; 用户名-->标准版注册码的处理过程
00425902 mov ebp,esp
00425904 sub esp,44
00425907 mov eax,dword ptr ss:[ebp+C] ; 堆栈地址指向用户名
0042590A mov ecx,dword ptr ss:[ebp+8] ; 堆栈地址指向数组0123456789ABCDEFFEDCBA987654321
0042590D push ebx
0042590E push esi
0042590F mov esi,dword ptr ds:[eax] ; 取出用户名前4个字母
00425911 mov edx,dword ptr ds:[ecx+C] ; 取出数列中的4位(76543210)
00425914 mov ebx,dword ptr ds:[ecx+4] ; 取出数列中的4位(89ABCDEF)
00425917 push edi
00425918 mov edi,dword ptr ds:[ecx+8] ; 取出数列中的4位(FEDCBA98)
0042591B mov dword ptr ss:[ebp-8],esi ; 用户名前4个字母,作为一个累计性质的值,保存到0012F8C8
0042591E mov esi,edx
00425920 xor esi,edi
00425922 and esi,ebx
00425924 xor esi,edx
00425926 mov edx,dword ptr ds:[ecx] ; 取出数列中的4位(01234567)
00425928 add esi,dword ptr ss:[ebp-8] ; 和前4个用户名ASCII值相加
0042592B lea esi,dword ptr ds:[esi+edx+D76AA478] ; 计算,里面常数写注册机时不用修改
00425932 mov edx,esi
00425934 shr edx,19
00425937 shl esi,7
0042593A or edx,esi
0042593C mov esi,dword ptr ds:[eax+4] ; 向后取用户名4个字母
0042593F mov dword ptr ss:[ebp-1C],esi ; 作为一个累计性质的值,保存
00425942 mov esi,edi
00425944 add edx,ebx
00425946 xor esi,ebx
00425948 and esi,edx
0042594A xor esi,edi
0042594C mov edi,dword ptr ds:[ecx+C]
0042594F add esi,dword ptr ss:[ebp-1C]
00425952 lea edi,dword ptr ds:[edi+esi+E8C7B756]
00425959 mov esi,edi
0042595B shr esi,14
0042595E shl edi,0C
00425961 or esi,edi
00425963 mov edi,dword ptr ds:[eax+8] ; 向后取用户名4个字母
00425966 mov dword ptr ss:[ebp-28],edi ; 作为一个累计性质的值,保存
00425969 mov edi,ebx
0042596B add esi,edx
0042596D xor edi,edx
0042596F and edi,esi
00425971 xor edi,ebx
00425973 add edi,dword ptr ss:[ebp-28]
00425976 mov ebx,edi
00425978 mov edi,dword ptr ds:[ecx+8]
0042597B lea edi,dword ptr ds:[edi+ebx+242070DB]
00425982 mov ebx,edi
00425984 shr ebx,0F
00425987 shl edi,11
0042598A or ebx,edi
0042598C mov edi,dword ptr ds:[eax+C] ; 向后取用户名4个字母
0042598F mov dword ptr ss:[ebp-14],edi ; 作为一个累计性质的值,保存
00425992 mov edi,esi
00425994 add ebx,esi
00425996 xor edi,edx
00425998 and edi,ebx
0042599A mov dword ptr ss:[ebp+C],ebx ; 作为一个累计性质的值,保存
0042599D xor edi,edx
0042599F add edi,dword ptr ss:[ebp-14]
004259A2 mov ebx,edi
004259A4 mov edi,dword ptr ds:[ecx+4]
004259A7 lea edi,dword ptr ds:[edi+ebx+C1BDCEEE]
004259AE mov ebx,edi
004259B0 shl ebx,16
004259B3 shr edi,0A
004259B6 or ebx,edi
004259B8 mov edi,dword ptr ds:[eax+10] ; 向后取用户名4个字母
004259BB add ebx,dword ptr ss:[ebp+C]
004259BE mov dword ptr ss:[ebp-40],edi ; 作为一个累计性质的值,保存
004259C1 mov dword ptr ss:[ebp-4],ebx ; 作为一个累计性质的值,保存
004259C4 mov ebx,esi
004259C6 xor ebx,dword ptr ss:[ebp+C]
004259C9 and ebx,dword ptr ss:[ebp-4]
004259CC xor ebx,esi
004259CE add ebx,edi
004259D0 lea edx,dword ptr ds:[edx+ebx+F57C0FAF]
004259D7 mov edi,edx
004259D9 shr edi,19
004259DC shl edx,7
004259DF mov ebx,dword ptr ss:[ebp+C]
004259E2 or edi,edx
004259E4 add edi,dword ptr ss:[ebp-4]
004259E7 xor ebx,dword ptr ss:[ebp-4]
004259EA mov edx,dword ptr ds:[eax+14]
004259ED and ebx,edi
004259EF mov dword ptr ss:[ebp-2C],edx
004259F2 xor ebx,dword ptr ss:[ebp+C]
004259F5 add ebx,edx
004259F7 lea esi,dword ptr ds:[esi+ebx+4787C62A]
004259FE mov ebx,dword ptr ss:[ebp+C]
00425A01 mov edx,esi
00425A03 shr edx,14
00425A06 shl esi,0C
00425A09 or edx,esi
00425A0B mov esi,dword ptr ds:[eax+18] ; 向后取用户名4个字母
00425A0E mov dword ptr ss:[ebp-20],esi ; 作为一个累计性质的值,保存
00425A11 mov esi,dword ptr ss:[ebp-4]
00425A14 add edx,edi
00425A16 xor esi,edi
00425A18 and esi,edx
00425A1A xor esi,dword ptr ss:[ebp-4]
00425A1D add esi,dword ptr ss:[ebp-20]
00425A20 lea ebx,dword ptr ds:[ebx+esi+A8304613]
00425A27 mov esi,ebx
00425A29 shr esi,0F
00425A2C shl ebx,11
00425A2F or esi,ebx
00425A31 mov ebx,dword ptr ds:[eax+1C]
00425A34 mov dword ptr ss:[ebp-C],ebx
00425A37 mov ebx,edx
00425A39 add esi,edx
00425A3B xor ebx,edi
00425A3D and ebx,esi
00425A3F mov dword ptr ss:[ebp+C],esi
00425A42 mov esi,dword ptr ss:[ebp-4]
00425A45 xor ebx,edi
00425A47 add ebx,dword ptr ss:[ebp-C]
00425A4A lea esi,dword ptr ds:[esi+ebx+FD469501]
00425A51 mov ebx,esi
00425A53 shl ebx,16
00425A56 shr esi,0A
00425A59 or ebx,esi
00425A5B mov esi,dword ptr ds:[eax+20] ; 向后取用户名4个字母
00425A5E add ebx,dword ptr ss:[ebp+C]
00425A61 mov dword ptr ss:[ebp-34],esi ; 作为一个累计性质的值,保存
00425A64 mov dword ptr ss:[ebp-4],ebx
00425A67 mov ebx,edx
00425A69 xor ebx,dword ptr ss:[ebp+C]
00425A6C and ebx,dword ptr ss:[ebp-4]
00425A6F xor ebx,edx
00425A71 add ebx,esi
00425A73 lea edi,dword ptr ds:[edi+ebx+698098D8]
00425A7A mov ebx,dword ptr ss:[ebp+C]
00425A7D xor ebx,dword ptr ss:[ebp-4]
00425A80 mov esi,edi
00425A82 shr esi,19
00425A85 shl edi,7
00425A88 or esi,edi
00425A8A mov edi,dword ptr ds:[eax+24] ; 向后取用户名4个字母
00425A8D add esi,dword ptr ss:[ebp-4]
00425A90 mov dword ptr ss:[ebp-44],edi ; 作为一个累计性质的值,保存
00425A93 and ebx,esi
00425A95 xor ebx,dword ptr ss:[ebp+C]
00425A98 add ebx,edi
00425A9A lea edx,dword ptr ds:[edx+ebx+8B44F7AF]
00425AA1 mov ebx,dword ptr ss:[ebp+C]
00425AA4 mov edi,edx
00425AA6 shr edi,14
00425AA9 shl edx,0C
00425AAC or edi,edx
00425AAE mov edx,dword ptr ds:[eax+28] ; 向后取用户名4个字母
00425AB1 mov dword ptr ss:[ebp-18],edx ; 作为一个累计性质的值,保存
00425AB4 mov edx,dword ptr ss:[ebp-4]
00425AB7 add edi,esi
00425AB9 xor edx,esi
00425ABB and edx,edi
00425ABD xor edx,dword ptr ss:[ebp-4]
00425AC0 add edx,dword ptr ss:[ebp-18]
00425AC3 lea ebx,dword ptr ds:[ebx+edx+FFFF5BB1]
00425ACA mov edx,ebx
00425ACC shr edx,0F
00425ACF shl ebx,11
00425AD2 or edx,ebx
00425AD4 mov ebx,dword ptr ds:[eax+2C] ; 向后取用户名4个字母
00425AD7 mov dword ptr ss:[ebp-24],ebx ; 作为一个累计性质的值,保存
00425ADA mov ebx,edi
00425ADC xor ebx,esi
00425ADE add edx,edi
00425AE0 and ebx,edx
00425AE2 mov dword ptr ss:[ebp+C],edx
00425AE5 mov edx,dword ptr ss:[ebp-4]
00425AE8 xor ebx,esi
00425AEA add ebx,dword ptr ss:[ebp-24]
00425AED lea edx,dword ptr ds:[edx+ebx+895CD7BE]
00425AF4 mov ebx,edx
00425AF6 shl ebx,16
00425AF9 shr edx,0A
00425AFC or ebx,edx
00425AFE mov edx,dword ptr ds:[eax+30] ; 向后取用户名4个字母
00425B01 add ebx,dword ptr ss:[ebp+C]
00425B04 mov dword ptr ss:[ebp-30],edx ; 作为一个累计性质的值,保存
00425B07 mov dword ptr ss:[ebp-4],ebx
00425B0A mov ebx,edi
00425B0C xor ebx,dword ptr ss:[ebp+C]
00425B0F and ebx,dword ptr ss:[ebp-4]
00425B12 xor ebx,edi
00425B14 add ebx,edx
00425B16 lea esi,dword ptr ds:[esi+ebx+6B901122]
00425B1D mov ebx,dword ptr ss:[ebp+C]
00425B20 xor ebx,dword ptr ss:[ebp-4]
00425B23 mov edx,esi
00425B25 shr edx,19
00425B28 shl esi,7
00425B2B or edx,esi
00425B2D mov esi,dword ptr ds:[eax+34] ; 向后取用户名4个字母
00425B30 add edx,dword ptr ss:[ebp-4]
00425B33 mov dword ptr ss:[ebp-3C],esi ; 作为一个累计性质的值,保存
00425B36 and ebx,edx
00425B38 xor ebx,dword ptr ss:[ebp+C]
00425B3B add ebx,esi
00425B3D mov esi,dword ptr ds:[eax+38] ; 向后取用户名4个字母,ds:[eax+38]所指的就是由用户名长度计算得到的值
00425B40 mov dword ptr ss:[ebp-10],esi
00425B43 mov esi,dword ptr ss:[ebp-4]
00425B46 lea edi,dword ptr ds:[edi+ebx+FD987193] ; [下面代码直到ret没有特别的地方,就是计算然后累计
00425B4D xor esi,edx ; 其实这里所有的计算都是通过lea指令来累计的
00425B4F mov ebx,edi ; 这部分的代码写注册机的时候可以照搬,EBP指向的就是
00425B51 mov eax,dword ptr ds:[eax+3C] ; 保存累计结果的地址,写注册机的时候可以设一个变量
00425B54 shr ebx,14 ; 替换。]
00425B57 shl edi,0C
00425B5A or ebx,edi
00425B5C mov edi,dword ptr ss:[ebp+C]
00425B5F add ebx,edx
00425B61 mov dword ptr ss:[ebp-38],eax
00425B64 and esi,ebx
00425B66 mov dword ptr ss:[ebp+8],ebx
00425B69 xor esi,dword ptr ss:[ebp-4]
00425B6C add esi,dword ptr ss:[ebp-10]
00425B6F lea edi,dword ptr ds:[edi+esi+A679438E]
00425B76 mov esi,edi
00425B78 shr esi,0F
00425B7B shl edi,11
00425B7E or esi,edi
00425B80 mov edi,ebx
00425B82 add esi,ebx
00425B84 xor edi,edx
00425B86 and edi,esi
00425B88 xor edi,edx
00425B8A add edi,eax
00425B8C mov eax,dword ptr ss:[ebp-4]
00425B8F lea eax,dword ptr ds:[eax+edi+49B40821]
00425B96 mov edi,eax
00425B98 shl edi,16
00425B9B shr eax,0A
00425B9E or edi,eax
00425BA0 mov eax,esi
00425BA2 add edi,esi
00425BA4 xor eax,edi
00425BA6 and eax,ebx
00425BA8 xor eax,esi
00425BAA add eax,dword ptr ss:[ebp-1C]
00425BAD lea edx,dword ptr ds:[edx+eax+F61E2562]
00425BB4 mov eax,edx
00425BB6 shr eax,1B
00425BB9 shl edx,5
00425BBC or eax,edx
00425BBE mov edx,edi
00425BC0 add eax,edi
00425BC2 xor edx,eax
00425BC4 and edx,esi
00425BC6 xor edx,edi
00425BC8 add edx,dword ptr ss:[ebp-20]
00425BCB lea ebx,dword ptr ds:[ebx+edx+C040B340]
00425BD2 mov edx,ebx
00425BD4 shr edx,17
00425BD7 shl ebx,9
00425BDA or edx,ebx
00425BDC add edx,eax
00425BDE mov dword ptr ss:[ebp+8],edx
00425BE1 xor edx,eax
00425BE3 and edx,edi
00425BE5 mov ebx,dword ptr ss:[ebp+8]
00425BE8 xor edx,eax
00425BEA add edx,dword ptr ss:[ebp-24]
00425BED lea esi,dword ptr ds:[esi+edx+265E5A51]
00425BF4 mov edx,esi
00425BF6 shr edx,12
00425BF9 shl esi,0E
00425BFC or edx,esi
00425BFE mov esi,dword ptr ss:[ebp+8]
00425C01 add edx,dword ptr ss:[ebp+8]
00425C04 xor esi,edx
00425C06 and esi,eax
00425C08 xor esi,dword ptr ss:[ebp+8]
00425C0B add esi,dword ptr ss:[ebp-8]
00425C0E lea edi,dword ptr ds:[edi+esi+E9B6C7AA]
00425C15 mov esi,edi
00425C17 shl esi,14
00425C1A shr edi,0C
00425C1D or esi,edi
00425C1F mov edi,edx
00425C21 add esi,edx
00425C23 xor edi,esi
00425C25 and edi,dword ptr ss:[ebp+8]
00425C28 xor edi,edx
00425C2A add edi,dword ptr ss:[ebp-2C]
00425C2D lea eax,dword ptr ds:[eax+edi+D62F105D]
00425C34 mov edi,eax
00425C36 shr edi,1B
00425C39 shl eax,5
00425C3C or edi,eax
00425C3E mov eax,esi
00425C40 add edi,esi
00425C42 xor eax,edi
00425C44 and eax,edx
00425C46 xor eax,esi
00425C48 add eax,dword ptr ss:[ebp-18]
00425C4B lea ebx,dword ptr ds:[ebx+eax+2441453]
00425C52 mov eax,ebx
00425C54 shr eax,17
00425C57 shl ebx,9
00425C5A or eax,ebx
00425C5C add eax,edi
00425C5E mov dword ptr ss:[ebp+8],eax
00425C61 xor eax,edi
00425C63 and eax,esi
00425C65 xor eax,edi
00425C67 add eax,dword ptr ss:[ebp-38]
00425C6A lea edx,dword ptr ds:[edx+eax+D8A1E681]
00425C71 mov eax,edx
00425C73 shr eax,12
00425C76 shl edx,0E
00425C79 or eax,edx
00425C7B mov edx,dword ptr ss:[ebp+8]
00425C7E add eax,dword ptr ss:[ebp+8]
00425C81 xor edx,eax
00425C83 and edx,edi
00425C85 xor edx,dword ptr ss:[ebp+8]
00425C88 add edx,dword ptr ss:[ebp-40]
00425C8B lea esi,dword ptr ds:[esi+edx+E7D3FBC8]
00425C92 mov edx,esi
00425C94 shl edx,14
00425C97 shr esi,0C
00425C9A or edx,esi
00425C9C mov esi,eax
00425C9E add edx,eax
00425CA0 mov ebx,dword ptr ss:[ebp+8]
00425CA3 xor esi,edx
00425CA5 and esi,dword ptr ss:[ebp+8]
00425CA8 xor esi,eax
00425CAA add esi,dword ptr ss:[ebp-44]
00425CAD lea edi,dword ptr ds:[edi+esi+21E1CDE6]
00425CB4 mov esi,edi
00425CB6 shr esi,1B
00425CB9 shl edi,5
00425CBC or esi,edi
00425CBE mov edi,edx
00425CC0 add esi,edx
00425CC2 xor edi,esi
00425CC4 and edi,eax
00425CC6 xor edi,edx
00425CC8 add edi,dword ptr ss:[ebp-10]
00425CCB lea ebx,dword ptr ds:[ebx+edi+C33707D6]
00425CD2 mov edi,ebx
00425CD4 shr edi,17
00425CD7 shl ebx,9
00425CDA or edi,ebx
00425CDC add edi,esi
00425CDE mov dword ptr ss:[ebp+8],edi
00425CE1 xor edi,esi
00425CE3 and edi,edx
00425CE5 mov ebx,dword ptr ss:[ebp+8]
00425CE8 xor edi,esi
00425CEA add edi,dword ptr ss:[ebp-14]
00425CED lea eax,dword ptr ds:[eax+edi+F4D50D87]
00425CF4 mov edi,eax
00425CF6 shr edi,12
00425CF9 shl eax,0E
00425CFC or edi,eax
00425CFE mov eax,dword ptr ss:[ebp+8]
00425D01 add edi,dword ptr ss:[ebp+8]
00425D04 xor eax,edi
00425D06 and eax,esi
00425D08 xor eax,dword ptr ss:[ebp+8]
00425D0B add eax,dword ptr ss:[ebp-34]
00425D0E lea edx,dword ptr ds:[edx+eax+455A14ED]
00425D15 mov eax,edx
00425D17 shl eax,14
00425D1A shr edx,0C
00425D1D or eax,edx
00425D1F mov edx,edi
00425D21 add eax,edi
00425D23 xor edx,eax
00425D25 and edx,dword ptr ss:[ebp+8]
00425D28 xor edx,edi
00425D2A add edx,dword ptr ss:[ebp-3C]
00425D2D lea esi,dword ptr ds:[esi+edx+A9E3E905]
00425D34 mov edx,esi
00425D36 shr edx,1B
00425D39 shl esi,5
00425D3C or edx,esi
00425D3E mov esi,eax
00425D40 add edx,eax
00425D42 xor esi,edx
00425D44 and esi,edi
00425D46 xor esi,eax
00425D48 add esi,dword ptr ss:[ebp-28]
00425D4B lea ebx,dword ptr ds:[ebx+esi+FCEFA3F8]
00425D52 mov esi,ebx
00425D54 shr esi,17
00425D57 shl ebx,9
00425D5A or esi,ebx
00425D5C add esi,edx
00425D5E mov dword ptr ss:[ebp+8],esi
00425D61 xor esi,edx
00425D63 and esi,eax
00425D65 xor esi,edx
00425D67 add esi,dword ptr ss:[ebp-C]
00425D6A lea edi,dword ptr ds:[edi+esi+676F02D9]
00425D71 mov esi,dword ptr ss:[ebp+8]
00425D74 mov ebx,edi
00425D76 shr ebx,12
00425D79 shl edi,0E
00425D7C or ebx,edi
00425D7E add ebx,esi
00425D80 mov dword ptr ss:[ebp-4],esi
00425D83 xor dword ptr ss:[ebp-4],ebx
00425D86 mov edi,dword ptr ss:[ebp-4]
00425D89 and edi,edx
00425D8B xor edi,esi
00425D8D add edi,dword ptr ss:[ebp-30]
00425D90 lea eax,dword ptr ds:[eax+edi+8D2A4C8A]
00425D97 mov edi,dword ptr ss:[ebp+8]
00425D9A mov esi,eax
00425D9C shl esi,14
00425D9F shr eax,0C
00425DA2 or esi,eax
00425DA4 mov eax,dword ptr ss:[ebp-4]
00425DA7 add esi,ebx
00425DA9 xor eax,esi
00425DAB add eax,dword ptr ss:[ebp-2C]
00425DAE lea edx,dword ptr ds:[edx+eax+FFFA3942]
00425DB5 mov eax,edx
00425DB7 shr eax,1C
00425DBA shl edx,4
00425DBD or eax,edx
00425DBF mov edx,ebx
00425DC1 xor edx,esi
00425DC3 add eax,esi
00425DC5 xor edx,eax
00425DC7 add edx,dword ptr ss:[ebp-34]
00425DCA lea edx,dword ptr ds:[edi+edx+8771F681]
00425DD1 mov edi,edx
00425DD3 shr edi,15
00425DD6 shl edx,0B
00425DD9 or edi,edx
00425DDB add edi,eax
00425DDD mov edx,edi
00425DDF mov dword ptr ss:[ebp-4],edi
00425DE2 xor edx,esi
00425DE4 xor edx,eax
00425DE6 add edx,dword ptr ss:[ebp-24]
00425DE9 lea edx,dword ptr ds:[ebx+edx+6D9D6122]
00425DF0 mov ebx,edx
00425DF2 shr ebx,10
00425DF5 shl edx,10
00425DF8 or ebx,edx
00425DFA add ebx,edi
00425DFC xor dword ptr ss:[ebp-4],ebx
00425DFF mov edx,dword ptr ss:[ebp-4]
00425E02 xor edx,eax
00425E04 add edx,dword ptr ss:[ebp-10]
00425E07 lea esi,dword ptr ds:[esi+edx+FDE5380C]
00425E0E mov edx,esi
00425E10 shl edx,17
00425E13 shr esi,9
00425E16 or edx,esi
00425E18 mov esi,dword ptr ss:[ebp-4]
00425E1B add edx,ebx
00425E1D xor esi,edx
00425E1F add esi,dword ptr ss:[ebp-1C]
00425E22 lea esi,dword ptr ds:[eax+esi+A4BEEA44]
00425E29 mov eax,esi
00425E2B shr eax,1C
00425E2E shl esi,4
00425E31 or eax,esi
00425E33 mov esi,ebx
00425E35 add eax,edx
00425E37 xor esi,edx
00425E39 xor esi,eax
00425E3B add esi,dword ptr ss:[ebp-40]
00425E3E lea edi,dword ptr ds:[edi+esi+4BDECFA9]
00425E45 mov esi,edi
00425E47 shr esi,15
00425E4A shl edi,0B
00425E4D or esi,edi
00425E4F add esi,eax
00425E51 mov edi,esi
00425E53 xor edi,edx
00425E55 xor edi,eax
00425E57 add edi,dword ptr ss:[ebp-C]
00425E5A lea ebx,dword ptr ds:[ebx+edi+F6BB4B60]
00425E61 mov edi,ebx
00425E63 shr edi,10
00425E66 shl ebx,10
00425E69 or edi,ebx
00425E6B mov dword ptr ss:[ebp-4],esi
00425E6E add edi,esi
00425E70 xor dword ptr ss:[ebp-4],edi
00425E73 mov ebx,dword ptr ss:[ebp-4]
00425E76 xor ebx,eax
00425E78 add ebx,dword ptr ss:[ebp-18]
00425E7B lea ebx,dword ptr ds:[edx+ebx+BEBFBC70]
00425E82 mov edx,ebx
00425E84 shl edx,17
00425E87 shr ebx,9
00425E8A or edx,ebx
00425E8C mov ebx,dword ptr ss:[ebp-4]
00425E8F add edx,edi
00425E91 xor ebx,edx
00425E93 add ebx,dword ptr ss:[ebp-3C]
00425E96 lea ebx,dword ptr ds:[eax+ebx+289B7EC6]
00425E9D mov eax,ebx
00425E9F shr eax,1C
00425EA2 shl ebx,4
00425EA5 or eax,ebx
00425EA7 mov ebx,edi
00425EA9 add eax,edx
00425EAB xor ebx,edx
00425EAD xor ebx,eax
00425EAF add ebx,dword ptr ss:[ebp-8]
00425EB2 lea esi,dword ptr ds:[esi+ebx+EAA127FA]
00425EB9 mov ebx,esi
00425EBB shr ebx,15
00425EBE shl esi,0B
00425EC1 or ebx,esi
00425EC3 add ebx,eax
00425EC5 mov esi,ebx
00425EC7 mov dword ptr ss:[ebp-4],ebx
00425ECA xor esi,edx
00425ECC xor esi,eax
00425ECE add esi,dword ptr ss:[ebp-14]
00425ED1 lea edi,dword ptr ds:[edi+esi+D4EF3085]
00425ED8 mov esi,edi
00425EDA shr esi,10
00425EDD shl edi,10
00425EE0 or esi,edi
00425EE2 add esi,ebx
00425EE4 xor dword ptr ss:[ebp-4],esi
00425EE7 mov dword ptr ss:[ebp+C],esi
00425EEA mov edi,dword ptr ss:[ebp-4]
00425EED xor edi,eax
00425EEF add edi,dword ptr ss:[ebp-20]
00425EF2 lea edi,dword ptr ds:[edx+edi+4881D05]
00425EF9 mov edx,edi
00425EFB shl edx,17
00425EFE shr edi,9
00425F01 or edx,edi
00425F03 mov edi,dword ptr ss:[ebp-4]
00425F06 add edx,esi
00425F08 xor edi,edx
00425F0A xor esi,edx
00425F0C add edi,dword ptr ss:[ebp-44]
00425F0F lea edi,dword ptr ds:[eax+edi+D9D4D039]
00425F16 mov eax,edi
00425F18 shr eax,1C
00425F1B shl edi,4
00425F1E or eax,edi
00425F20 add eax,edx
00425F22 xor esi,eax
00425F24 add esi,dword ptr ss:[ebp-30]
00425F27 lea ebx,dword ptr ds:[ebx+esi+E6DB99E5]
00425F2E mov esi,ebx
00425F30 shr esi,15
00425F33 shl ebx,0B
00425F36 or esi,ebx
00425F38 mov ebx,dword ptr ss:[ebp+C]
00425F3B add esi,eax
00425F3D mov edi,esi
00425F3F xor edi,edx
00425F41 xor edi,eax
00425F43 add edi,dword ptr ss:[ebp-38]
00425F46 lea ebx,dword ptr ds:[ebx+edi+1FA27CF8]
00425F4D mov edi,ebx
00425F4F shr edi,10
00425F52 shl ebx,10
00425F55 or edi,ebx
00425F57 mov ebx,esi
00425F59 add edi,esi
00425F5B xor ebx,edi
00425F5D mov dword ptr ss:[ebp+C],edi
00425F60 xor ebx,eax
00425F62 add ebx,dword ptr ss:[ebp-28]
00425F65 lea edx,dword ptr ds:[edx+ebx+C4AC5665]
00425F6C mov ebx,dword ptr ss:[ebp+C]
00425F6F mov edi,edx
00425F71 shl edi,17
00425F74 shr edx,9
00425F77 or edi,edx
00425F79 mov edx,esi
00425F7B add edi,ebx
00425F7D not edx
00425F7F or edx,edi
00425F81 xor edx,ebx
00425F83 add edx,dword ptr ss:[ebp-8]
00425F86 lea eax,dword ptr ds:[eax+edx+F4292244]
00425F8D mov edx,eax
00425F8F shr edx,1A
00425F92 shl eax,6
00425F95 or edx,eax
00425F97 mov eax,ebx
00425F99 add edx,edi
00425F9B not eax
00425F9D or eax,edx
00425F9F xor eax,edi
00425FA1 add eax,dword ptr ss:[ebp-C]
00425FA4 lea esi,dword ptr ds:[esi+eax+432AFF97]
00425FAB mov eax,esi
00425FAD shr eax,16
00425FB0 shl esi,0A
00425FB3 or eax,esi
00425FB5 mov esi,edi
00425FB7 add eax,edx
00425FB9 not esi
00425FBB or esi,eax
00425FBD xor esi,edx
00425FBF add esi,dword ptr ss:[ebp-10]
00425FC2 lea ebx,dword ptr ds:[ebx+esi+AB9423A7]
00425FC9 mov esi,ebx
00425FCB shr esi,11
00425FCE shl ebx,0F
00425FD1 or esi,ebx
00425FD3 mov ebx,edx
00425FD5 add esi,eax
00425FD7 not ebx
00425FD9 or ebx,esi
00425FDB xor ebx,eax
00425FDD add ebx,dword ptr ss:[ebp-2C]
00425FE0 lea edi,dword ptr ds:[edi+ebx+FC93A039]
00425FE7 mov ebx,edi
00425FE9 shl ebx,15
00425FEC shr edi,0B
00425FEF or ebx,edi
00425FF1 mov edi,eax
00425FF3 add ebx,esi
00425FF5 not edi
00425FF7 or edi,ebx
00425FF9 xor edi,esi
00425FFB add edi,dword ptr ss:[ebp-30]
00425FFE lea edi,dword ptr ds:[edx+edi+655B59C3]
00426005 mov edx,edi
00426007 shr edx,1A
0042600A shl edi,6
0042600D or edx,edi
0042600F mov edi,esi
00426011 add edx,ebx
00426013 not edi
00426015 or edi,edx
00426017 xor edi,ebx
00426019 add edi,dword ptr ss:[ebp-14]
0042601C lea edi,dword ptr ds:[eax+edi+8F0CCC92]
00426023 mov eax,edi
00426025 shr eax,16
00426028 shl edi,0A
0042602B or eax,edi
0042602D mov edi,ebx
0042602F add eax,edx
00426031 not edi
00426033 or edi,eax
00426035 xor edi,edx
00426037 add edi,dword ptr ss:[ebp-18]
0042603A lea edi,dword ptr ds:[esi+edi+FFEFF47D]
00426041 mov esi,edi
00426043 shr esi,11
00426046 shl edi,0F
00426049 or esi,edi
0042604B mov edi,edx
0042604D add esi,eax
0042604F not edi
00426051 or edi,esi
00426053 xor edi,eax
00426055 add edi,dword ptr ss:[ebp-1C]
00426058 lea ebx,dword ptr ds:[ebx+edi+85845DD1]
0042605F mov edi,ebx
00426061 shr ebx,0B
00426064 shl edi,15
00426067 or edi,ebx
00426069 mov ebx,eax
0042606B not ebx
0042606D add edi,esi
0042606F or ebx,edi
00426071 xor ebx,esi
00426073 add ebx,dword ptr ss:[ebp-34]
00426076 lea ebx,dword ptr ds:[edx+ebx+6FA87E4F]
0042607D mov edx,ebx
0042607F shl ebx,6
00426082 shr edx,1A
00426085 or edx,ebx
00426087 mov ebx,esi
00426089 add edx,edi
0042608B not ebx
0042608D or ebx,edx
0042608F xor ebx,edi
00426091 add ebx,dword ptr ss:[ebp-38]
00426094 lea ebx,dword ptr ds:[eax+ebx+FE2CE6E0]
0042609B mov eax,ebx
0042609D shr eax,16
004260A0 shl ebx,0A
004260A3 or eax,ebx
004260A5 mov ebx,edi
004260A7 add eax,edx
004260A9 not ebx
004260AB or ebx,eax
004260AD xor ebx,edx
004260AF add ebx,dword ptr ss:[ebp-20]
004260B2 lea ebx,dword ptr ds:[esi+ebx+A3014314]
004260B9 mov esi,ebx
004260BB shr esi,11
004260BE shl ebx,0F
004260C1 or esi,ebx
004260C3 mov ebx,edx
004260C5 add esi,eax
004260C7 not ebx
004260C9 or ebx,esi
004260CB xor ebx,eax
004260CD add ebx,dword ptr ss:[ebp-3C]
004260D0 lea ebx,dword ptr ds:[edi+ebx+4E0811A1]
004260D7 mov edi,ebx
004260D9 shl edi,15
004260DC shr ebx,0B
004260DF or edi,ebx
004260E1 mov ebx,eax
004260E3 add edi,esi
004260E5 not ebx
004260E7 or ebx,edi
004260E9 xor ebx,esi
004260EB add ebx,dword ptr ss:[ebp-40]
004260EE lea ebx,dword ptr ds:[edx+ebx+F7537E82]
004260F5 mov edx,ebx
004260F7 shr edx,1A
004260FA shl ebx,6
004260FD or edx,ebx
004260FF mov ebx,esi
00426101 add edx,edi
00426103 not ebx
00426105 or ebx,edx
00426107 xor ebx,edi
00426109 add ebx,dword ptr ss:[ebp-24]
0042610C lea eax,dword ptr ds:[eax+ebx+BD3AF235]
00426113 mov ebx,eax
00426115 shr ebx,16
00426118 shl eax,0A
0042611B or ebx,eax
0042611D mov eax,edi
0042611F add ebx,edx
00426121 not eax
00426123 or eax,ebx
00426125 xor eax,edx
00426127 add eax,dword ptr ss:[ebp-28]
0042612A lea esi,dword ptr ds:[esi+eax+2AD7D2BB]
00426131 mov eax,esi
00426133 shr eax,11
00426136 shl esi,0F
00426139 or eax,esi
0042613B mov esi,edx
0042613D add eax,ebx
0042613F not esi
00426141 or esi,eax
00426143 xor esi,ebx
00426145 add esi,dword ptr ss:[ebp-44]
00426148 lea edi,dword ptr ds:[edi+esi+EB86D391]
0042614F mov esi,dword ptr ds:[ecx]
00426151 add esi,edx
00426153 mov edx,edi
00426155 shl edx,15
00426158 shr edi,0B ; 上面的一大串代码所作的处理,可以当作黑箱操作看待
0042615B or edx,edi ; 下面是保存结果,写注册机时设个变量替换那些地址就可以了
0042615D mov dword ptr ds:[ecx],esi ; 保存结果
0042615F add edx,dword ptr ds:[ecx+4]
00426162 pop edi
00426163 pop esi
00426164 add edx,eax
00426166 mov dword ptr ds:[ecx+4],edx ; 保存结果
00426169 mov edx,dword ptr ds:[ecx+8]
0042616C add edx,eax
0042616E mov eax,dword ptr ds:[ecx+C]
00426171 add eax,ebx
00426173 mov dword ptr ds:[ecx+8],edx ; 保存结果
00426176 mov dword ptr ds:[ecx+C],eax ; 保存结果
00426179 pop ebx
0042617A leave
0042617B retn
-------------------处理用户名的关键代码--------end
}
0042B6AC add esp,24
0042B6AF xor edi,edi
0042B6B1 lea esi,dword ptr ss:[ebp-24] ; 使esi指向前面处理的结果
0042B6B4 /xor ecx,ecx
0042B6B6 |xor eax,eax
0042B6B8 |/movzx edx,byte ptr ds:[esi+eax] ; 下面这个循环处理前面保存的结果,
0042B6BC ||shl ecx,8
0042B6BF ||add ecx,edx ; 其实整个过程就把数据的高低位换了一下
0042B6C1 ||inc eax
0042B6C2 ||cmp eax,4
0042B6C5 |\jl short dialogbl.0042B6B8
0042B6C7 |mov eax,dword ptr ds:[908840]
0042B6CC |cmp edi,2
0042B6CF |jge short dialogbl.0042B704
0042B6D1 |mov dword ptr ss:[ebp+10],eax
0042B6D4 |push ecx
0042B6D5 |lea eax,dword ptr ss:[ebp+10]
0042B6D8 |push dialogbl.008D87E4 ; ASCII "%08lX-"
0042B6DD |push eax
0042B6DE |mov byte ptr ss:[ebp-4],3
0042B6E2 |call dialogbl.005871A0 ; 这个call设置输出格式,把结果保存到一个地方
0042B6E7 |mov ecx,dword ptr ss:[ebp+10] ; 加了"-"的结果,作为注册码第一段
0042B6EA |add esp,0C
0042B6ED |mov eax,dword ptr ds:[ecx-8] ; 结果的长度,包括"-"
0042B6F0 |push eax
0042B6F1 |push ecx
0042B6F2 |push eax
0042B6F3 |lea ecx,dword ptr ss:[ebp+C]
0042B6F6 |call dialogbl.00585A10
0042B6FB |mov byte ptr ss:[ebp-4],2
0042B6FF |lea ecx,dword ptr ss:[ebp+10]
0042B702 |jmp short dialogbl.0042B735
0042B704 |mov dword ptr ss:[ebp+10],eax
0042B707 |push ecx
0042B708 |lea eax,dword ptr ss:[ebp+10]
0042B70B |push dialogbl.008D87DC ; ASCII "%08lX"
0042B710 |push eax
0042B711 |mov byte ptr ss:[ebp-4],4
0042B715 |call dialogbl.005871A0 ; 这个call设置输出格式,把结果保存到一个地方
0042B71A |mov ecx,dword ptr ss:[ebp+10] ; 加了"-"的结果,作为注册码第二段
0042B71D |add esp,0C
0042B720 |mov eax,dword ptr ds:[ecx-8] ; 结果的长度,包括"-"
0042B723 |push eax
0042B724 |push ecx
0042B725 |push eax
0042B726 |lea ecx,dword ptr ss:[ebp+C]
0042B729 |call dialogbl.00585A10
0042B72E |mov byte ptr ss:[ebp-4],2
0042B732 |lea ecx,dword ptr ss:[ebp+10]
0042B735 |call dialogbl.0040104B
0042B73A |inc edi
0042B73B |add esi,4
0042B73E |cmp edi,3
0042B741 \jl dialogbl.0042B6B4
0042B747 mov eax,dword ptr ss:[ebp+C] ; 调试到这里的时候可以看到计算出的注册码
0042B74A mov edi,dword ptr ss:[ebp+8]
0042B74D cmp dword ptr ds:[eax-8],ebx
0042B750 jnz short dialogbl.0042B75B
0042B752 mov eax,dword ptr ds:[908840]
0042B757 mov dword ptr ds:[edi],eax
0042B759 jmp short dialogbl.0042B769
0042B75B mov dword ptr ds:[edi],eax ; 复制指针
0042B75D mov ecx,dword ptr ds:[eax-C]
...
三种不同版本的注册码(确切的说应该是两种版本三个注册码)的计算都用到了那个庞大的函数,唯一不同的是固定字串和后面对应的值(就是那个通过用户名长度计算得到的),看到这里,我想各位都大致知道该怎么写这个软件的注册机了吧?我自己写了一个注册机,我也贴一个只计算标准版注册码的注册机源码,大家要是有兴趣可以照着源码写一个计算个人版注册码的注册机,要做的只是把固定字串的值按规则替换掉(前面我提到过)。当然也可以写在一起,用radiobutton或是checkbox来区分版本,然后给定不同的的字串,最后调用那个计算函数就可以了,要注意的是存放累计值的变量前后(特别是前面)需要很大的空间,如果不够会造成数据覆盖,计算出错(可以通过修改保存临时结果的地址来解决这个问题,不过这样工作量很大,要改很多地方)。对这个软件只要调试,就会发现明码的,要爆破安我说的也很简单,但是如果你写过了这个软件的注册机,会发现收获很大。好了,废话说道这里,虽然我的文笔不好,但还是希望大家会喜欢。
最后贴个注册机,不当之处请大家指正。
--------------------------------------------------------------------------------
【算法注册机】 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>> Keygen For DialogBlocks Version 2.00 >>>
;>>> author:qfejj >>>
;>>> Email :qfejj@163.com >>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.586
.model flat, stdcall
option casemap :none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
include kernel32.inc
includelib user32.lib
includelib kernel32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
IDD_DLGBOX equ 1000
IDC_NAME equ 1001
IDC_KEY equ 1002
IDC_STC1 equ 1004
IDC_STC2 equ 1005
IDC_GENERATE equ 1006
IDC_ABOUT equ 1007
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proto :HWND,:UINT,:WPARAM,:LPARAM
GetKey proto
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data
szMsgboxText db '-=You are free to do as you wish!=-',0dh
db ' -=Email:qfejj@163.com=-',0
szMsgboxCaption db 'about',0
format1 db '%X-',0
;--参与用户名处理的数据:
szAppendString1 db 'Anthemion Software DialogBlocks',80h,0 ;看这里占了多少字节?
aConvertString db 01h,23h,45h,67h,89h,0ABh,0CDh,0EFh,0FEh,0DCh,0BAh,98h,76h,54h,32h,10h
.data?
hInstance HINSTANCE ?
hDlg HINSTANCE ?
sAppendString dd ?
temp dd 20 dup(?)
aAcumulate dd 20 dup(?) ;它前后需要很大的空间
aNameBuffer db 60 dup(?)
aStdKeyBuffer db 20 dup(?) ;存放标准版注册码初步处理结果
aStdKeyOut db 30 dup(?) ;存放最终标准版注册码
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,IDD_DLGBOX,NULL,addr DlgProc,NULL
invoke ExitProcess,0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM
mov eax,uMsg
.if eax==WM_CLOSE
invoke EndDialog,hWin,0
.elseif eax==WM_INITDIALOG
push hWin
pop hDlg
.elseif eax==WM_COMMAND
mov eax,wParam
.if eax==IDC_GENERATE
invoke RtlZeroMemory,offset aNameBuffer,sizeof aNameBuffer
invoke RtlZeroMemory,offset aStdKeyBuffer,sizeof aStdKeyBuffer
invoke RtlZeroMemory,offset aStdKeyOut,sizeof aStdKeyOut
invoke GetKey
.elseif eax==IDC_ABOUT
invoke MessageBox,hWin,addr szMsgboxText,addr szMsgboxCaption,MB_OK
.endif
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
DlgProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
GetKey proc
;-----------------------
; 在用户名后加上固定字串
;-----------------------
invoke GetDlgItemText,hDlg,IDC_NAME,offset aNameBuffer,sizeof aNameBuffer
invoke GetDlgItem,hDlg,IDC_NAME
invoke GetWindowTextLength,eax
invoke CharLowerBuff,addr aNameBuffer,eax ; 转换成小写
invoke lstrcat,offset aNameBuffer,offset szAppendString1
invoke lstrlen,addr aNameBuffer
sub eax,1 ; 一定要减1
lea ecx,dword ptr[eax*8]
mov sAppendString,ecx
invoke lstrcat,offset [aNameBuffer+38h],offset sAppendString ;自己调试的时候留意一下,看这里为什么要用38h
;-------------------------------
; 处理用户名,得到标准版的注册码
;-------------------------------
mov eax,offset aNameBuffer
mov ecx,offset aConvertString
push ebx
push esi
mov esi,dword ptr [eax] ; 取出用户名前4个字母
mov edx,dword ptr [ecx+0Ch] ; 取出数列中的4位(76543210)
mov ebx,dword ptr [ecx+4] ; 取出数列中的4位(89ABCDEF)
push edi
mov edi,dword ptr [ecx+8] ; 取出数列中的4位(FEDCBA98)
mov dword ptr [aAcumulate-8],esi ; 用户名前4个字母,作为一个累计性质的值,保存到0012F8C8
mov esi,edx
xor esi,edi
and esi,ebx
xor esi,edx
mov edx,dword ptr [ecx] ; 取出数列中的4位(01234567)
add esi,dword ptr [aAcumulate-8] ; 和前4个用户名ASCII值相加
lea esi,dword ptr [esi+edx+0D76AA478h] ; 计算,里面常数写注册机时不用修改
mov edx,esi
shr edx,19h
shl esi,7
or edx,esi
mov esi,dword ptr [eax+4] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-1Ch],esi ; 作为一个累计性质的值,保存
mov esi,edi
add edx,ebx
xor esi,ebx
and esi,edx
xor esi,edi
mov edi,dword ptr [ecx+0Ch]
add esi,dword ptr [aAcumulate-1Ch]
lea edi,dword ptr [edi+esi+0E8C7B756h]
mov esi,edi
shr esi,14h
shl edi,0Ch
or esi,edi
mov edi,dword ptr [eax+8] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-28h],edi ; 作为一个累计性质的值,保存
mov edi,ebx
add esi,edx
xor edi,edx
and edi,esi
xor edi,ebx
add edi,dword ptr [aAcumulate-28h]
mov ebx,edi
mov edi,dword ptr [ecx+8]
lea edi,dword ptr [edi+ebx+242070DBh]
mov ebx,edi
shr ebx,0Fh
shl edi,11h
or ebx,edi
mov edi,dword ptr [eax+0Ch] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-14h],edi ; 作为一个累计性质的值,保存
mov edi,esi
add ebx,esi
xor edi,edx
and edi,ebx
mov dword ptr [aAcumulate+0Ch],ebx ; 作为一个累计性质的值,保存
xor edi,edx
add edi,dword ptr [aAcumulate-14h]
mov ebx,edi
mov edi,dword ptr [ecx+4]
lea edi,dword ptr [edi+ebx+0C1BDCEEEh]
mov ebx,edi
shl ebx,16h
shr edi,0Ah
or ebx,edi
mov edi,dword ptr [eax+10h] ; 向后取用户名4个字母
add ebx,dword ptr [aAcumulate+0Ch]
mov dword ptr [aAcumulate-40h],edi ; 作为一个累计性质的值,保存
mov dword ptr [aAcumulate-4],ebx ; 作为一个累计性质的值,保存
mov ebx,esi
xor ebx,dword ptr [aAcumulate+0Ch]
and ebx,dword ptr [aAcumulate-4]
xor ebx,esi
add ebx,edi
lea edx,dword ptr [edx+ebx+0F57C0FAFh]
mov edi,edx
shr edi,19h
shl edx,7
mov ebx,dword ptr [aAcumulate+0Ch]
or edi,edx
add edi,dword ptr [aAcumulate-4]
xor ebx,dword ptr [aAcumulate-4]
mov edx,dword ptr [eax+14h]
and ebx,edi
mov dword ptr [aAcumulate-2Ch],edx
xor ebx,dword ptr [aAcumulate+0Ch]
add ebx,edx
lea esi,dword ptr [esi+ebx+4787C62Ah]
mov ebx,dword ptr [aAcumulate+0Ch]
mov edx,esi
shr edx,14h
shl esi,0Ch
or edx,esi
mov esi,dword ptr [eax+18h] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-20h],esi ; 作为一个累计性质的值,保存
mov esi,dword ptr [aAcumulate-4]
add edx,edi
xor esi,edi
and esi,edx
xor esi,dword ptr [aAcumulate-4]
add esi,dword ptr [aAcumulate-20h]
lea ebx,dword ptr [ebx+esi+0A8304613h]
mov esi,ebx
shr esi,0Fh
shl ebx,11h
or esi,ebx
mov ebx,dword ptr [eax+1Ch] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-0Ch],ebx ; 作为一个累计性质的值,保存
mov ebx,edx
add esi,edx
xor ebx,edi
and ebx,esi
mov dword ptr [aAcumulate+0Ch],esi
mov esi,dword ptr [aAcumulate-4]
xor ebx,edi
add ebx,dword ptr [aAcumulate-0Ch]
lea esi,dword ptr [esi+ebx+0FD469501h]
mov ebx,esi
shl ebx,16h
shr esi,0Ah
or ebx,esi
mov esi,dword ptr [eax+20h] ; 向后取用户名4个字母
add ebx,dword ptr [aAcumulate+0Ch] ; 作为一个累计性质的值,保存
mov dword ptr [aAcumulate-34h],esi
mov dword ptr [aAcumulate-4],ebx
mov ebx,edx
xor ebx,dword ptr [aAcumulate+0Ch]
and ebx,dword ptr [aAcumulate-4]
xor ebx,edx
add ebx,esi
lea edi,dword ptr [edi+ebx+698098D8h]
mov ebx,dword ptr [aAcumulate+0Ch]
xor ebx,dword ptr [aAcumulate-4]
mov esi,edi
shr esi,19h
shl edi,7
or esi,edi
mov edi,dword ptr [eax+24h] ; 向后取用户名4个字母
add esi,dword ptr [aAcumulate-4]
mov dword ptr [aAcumulate-44h],edi ; 作为一个累计性质的值,保存
and ebx,esi
xor ebx,dword ptr [aAcumulate+0Ch]
add ebx,edi
lea edx,dword ptr [edx+ebx+8B44F7AFh]
mov ebx,dword ptr [aAcumulate+0Ch]
mov edi,edx
shr edi,14h
shl edx,0Ch
or edi,edx
mov edx,dword ptr [eax+28h] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-18h],edx ; 作为一个累计性质的值,保存
mov edx,dword ptr [aAcumulate-4]
add edi,esi
xor edx,esi
and edx,edi
xor edx,dword ptr [aAcumulate-4]
add edx,dword ptr [aAcumulate-18h]
lea ebx,dword ptr [ebx+edx+0FFFF5BB1h]
mov edx,ebx
shr edx,0Fh
shl ebx,11h
or edx,ebx
mov ebx,dword ptr [eax+2C0h]
mov dword ptr [aAcumulate-24h],ebx
mov ebx,edi
xor ebx,esi
add edx,edi
and ebx,edx
mov dword ptr [aAcumulate+0Ch],edx
mov edx,dword ptr [aAcumulate-4]
xor ebx,esi
add ebx,dword ptr [aAcumulate-24h]
lea edx,dword ptr [edx+ebx+895CD7BEh]
mov ebx,edx
shl ebx,16h
shr edx,0Ah
or ebx,edx
mov edx,dword ptr [eax+30h] ; 向后取用户名4个字母
add ebx,dword ptr [aAcumulate+0Ch]
mov dword ptr [aAcumulate-30h],edx ; 作为一个累计性质的值,保存
mov dword ptr [aAcumulate-4],ebx
mov ebx,edi
xor ebx,dword ptr [aAcumulate+0Ch]
and ebx,dword ptr [aAcumulate-4]
xor ebx,edi
add ebx,edx
lea esi,dword ptr [esi+ebx+6B901122h]
mov ebx,dword ptr [aAcumulate+0Ch]
xor ebx,dword ptr [aAcumulate-4]
mov edx,esi
shr edx,19h
shl esi,7
or edx,esi
mov esi,dword ptr [eax+34h] ; 向后取用户名4个字母
add edx,dword ptr [aAcumulate-4]
mov dword ptr [aAcumulate-3Ch],esi ; 作为一个累计性质的值,保存
and ebx,edx
xor ebx,dword ptr [aAcumulate+0Ch]
add ebx,esi
mov esi,dword ptr [eax+38h] ; 向后取用户名4个字母
mov dword ptr [aAcumulate-10h],esi ; 作为一个累计性质的值,保存
mov esi,dword ptr [aAcumulate-4]
lea edi,dword ptr [edi+ebx+0FD987193h]
xor esi,edx
mov ebx,edi
mov eax,dword ptr [eax+3Ch]
shr ebx,14h
shl edi,0Ch
or ebx,edi
mov edi,dword ptr [aAcumulate+0Ch]
add ebx,edx
mov dword ptr [aAcumulate-38h],eax
and esi,ebx
mov dword ptr [aAcumulate+8],ebx
xor esi,dword ptr [aAcumulate-4]
add esi,dword ptr [aAcumulate-10h]
lea edi,dword ptr [edi+esi+0A679438Eh]
mov esi,edi
shr esi,0Fh
shl edi,11h
or esi,edi
mov edi,ebx
add esi,ebx
xor edi,edx
and edi,esi
xor edi,edx
add edi,eax
mov eax,dword ptr [aAcumulate-4]
lea eax,dword ptr [eax+edi+49B40821h]
mov edi,eax
shl edi,16h
shr eax,0Ah
or edi,eax
mov eax,esi
add edi,esi
xor eax,edi
and eax,ebx
xor eax,esi
add eax,dword ptr [aAcumulate-1Ch]
lea edx,dword ptr [edx+eax+0F61E2562h]
mov eax,edx
shr eax,1Bh
shl edx,5
or eax,edx
mov edx,edi
add eax,edi
xor edx,eax
and edx,esi
xor edx,edi
add edx,dword ptr [aAcumulate-20h]
lea ebx,dword ptr [ebx+edx+0C040B340h]
mov edx,ebx
shr edx,17h
shl ebx,9
or edx,ebx
add edx,eax
mov dword ptr [aAcumulate+8],edx
xor edx,eax
and edx,edi
mov ebx,dword ptr [aAcumulate+8]
xor edx,eax
add edx,dword ptr [aAcumulate-24h]
lea esi,dword ptr [esi+edx+265E5A51h]
mov edx,esi
shr edx,12h
shl esi,0Eh
or edx,esi
mov esi,dword ptr [aAcumulate+8]
add edx,dword ptr [aAcumulate+8]
xor esi,edx
and esi,eax
xor esi,dword ptr [aAcumulate+8]
add esi,dword ptr [aAcumulate-8]
lea edi,dword ptr [edi+esi+0E9B6C7AAh]
mov esi,edi
shl esi,14h
shr edi,0Ch
or esi,edi
mov edi,edx
add esi,edx
xor edi,esi
and edi,dword ptr [aAcumulate+8]
xor edi,edx
add edi,dword ptr [aAcumulate-2Ch]
lea eax,dword ptr [eax+edi+0D62F105Dh]
mov edi,eax
shr edi,1Bh
shl eax,5
or edi,eax
mov eax,esi
add edi,esi
xor eax,edi
and eax,edx
xor eax,esi
add eax,dword ptr [aAcumulate-18h]
lea ebx,dword ptr [ebx+eax+2441453h]
mov eax,ebx
shr eax,17h
shl ebx,9
or eax,ebx
add eax,edi
mov dword ptr [aAcumulate+8],eax
xor eax,edi
and eax,esi
xor eax,edi
add eax,dword ptr [aAcumulate-38h]
lea edx,dword ptr [edx+eax+0D8A1E681h]
mov eax,edx
shr eax,12h
shl edx,0Eh
or eax,edx
mov edx,dword ptr [aAcumulate+8]
add eax,dword ptr [aAcumulate+8]
xor edx,eax
and edx,edi
xor edx,dword ptr [aAcumulate+8]
add edx,dword ptr [aAcumulate-40h]
lea esi,dword ptr [esi+edx+0E7D3FBC8h]
mov edx,esi
shl edx,14h
shr esi,0Ch
or edx,esi
mov esi,eax
add edx,eax
mov ebx,dword ptr [aAcumulate+8]
xor esi,edx
and esi,dword ptr [aAcumulate+8]
xor esi,eax
add esi,dword ptr [aAcumulate-44h]
lea edi,dword ptr [edi+esi+21E1CDE6h]
mov esi,edi
shr esi,1Bh
shl edi,5
or esi,edi
mov edi,edx
add esi,edx
xor edi,esi
and edi,eax
xor edi,edx
add edi,dword ptr [aAcumulate-10h]
lea ebx,dword ptr [ebx+edi+0C33707D6h]
mov edi,ebx
shr edi,17h
shl ebx,9
or edi,ebx
add edi,esi
mov dword ptr [aAcumulate+8],edi
xor edi,esi
and edi,edx
mov ebx,dword ptr [aAcumulate+8]
xor edi,esi
add edi,dword ptr [aAcumulate-14h]
lea eax,dword ptr [eax+edi+0F4D50D87h]
mov edi,eax
shr edi,12h
shl eax,0Eh
or edi,eax
mov eax,dword ptr [aAcumulate+8]
add edi,dword ptr [aAcumulate+8]
xor eax,edi
and eax,esi
xor eax,dword ptr [aAcumulate+8]
add eax,dword ptr [aAcumulate-34h]
lea edx,dword ptr [edx+eax+455A14EDh]
mov eax,edx
shl eax,14h
shr edx,0Ch
or eax,edx
mov edx,edi
add eax,edi
xor edx,eax
and edx,dword ptr [aAcumulate+8]
xor edx,edi
add edx,dword ptr [aAcumulate-3Ch]
lea esi,dword ptr [esi+edx+0A9E3E905h]
mov edx,esi
shr edx,1Bh
shl esi,5
or edx,esi
mov esi,eax
add edx,eax
xor esi,edx
and esi,edi
xor esi,eax
add esi,dword ptr [aAcumulate-28h]
lea ebx,dword ptr [ebx+esi+0FCEFA3F8h]
mov esi,ebx
shr esi,17h
shl ebx,9
or esi,ebx
add esi,edx
mov dword ptr [aAcumulate+8],esi
xor esi,edx
and esi,eax
xor esi,edx
add esi,dword ptr [aAcumulate-0Ch]
lea edi,dword ptr [edi+esi+676F02D9h]
mov esi,dword ptr [aAcumulate+8]
mov ebx,edi
shr ebx,12h
shl edi,0Eh
or ebx,edi
add ebx,esi
mov dword ptr [aAcumulate-4],esi
xor dword ptr [aAcumulate-4],ebx
mov edi,dword ptr [aAcumulate-4]
and edi,edx
xor edi,esi
add edi,dword ptr [aAcumulate-30h]
lea eax,dword ptr [eax+edi+8D2A4C8Ah]
mov edi,dword ptr [aAcumulate+8]
mov esi,eax
shl esi,14h
shr eax,0Ch
or esi,eax
mov eax,dword ptr [aAcumulate-4]
add esi,ebx
xor eax,esi
add eax,dword ptr [aAcumulate-2Ch]
lea edx,dword ptr [edx+eax+0FFFA3942h]
mov eax,edx
shr eax,1Ch
shl edx,4
or eax,edx
mov edx,ebx
xor edx,esi
add eax,esi
xor edx,eax
add edx,dword ptr [aAcumulate-34h]
lea edx,dword ptr [edi+edx+8771F681h]
mov edi,edx
shr edi,15h
shl edx,0Bh
or edi,edx
add edi,eax
mov edx,edi
mov dword ptr [aAcumulate-4],edi
xor edx,esi
xor edx,eax
add edx,dword ptr [aAcumulate-24h]
lea edx,dword ptr [ebx+edx+6D9D6122h]
mov ebx,edx
shr ebx,10h
shl edx,10h
or ebx,edx
add ebx,edi
xor dword ptr [aAcumulate-4],ebx
mov edx,dword ptr [aAcumulate-4]
xor edx,eax
add edx,dword ptr [aAcumulate-10h]
lea esi,dword ptr [esi+edx+0FDE5380Ch]
mov edx,esi
shl edx,17h
shr esi,9
or edx,esi
mov esi,dword ptr [aAcumulate-4]
add edx,ebx
xor esi,edx
add esi,dword ptr [aAcumulate-1Ch]
lea esi,dword ptr [eax+esi+0A4BEEA44h]
mov eax,esi
shr eax,1Ch
shl esi,4
or eax,esi
mov esi,ebx
add eax,edx
xor esi,edx
xor esi,eax
add esi,dword ptr [aAcumulate-40h]
lea edi,dword ptr [edi+esi+4BDECFA9h]
mov esi,edi
shr esi,15h
shl edi,0Bh
or esi,edi
add esi,eax
mov edi,esi
xor edi,edx
xor edi,eax
add edi,dword ptr [aAcumulate-0Ch]
lea ebx,dword ptr [ebx+edi+0F6BB4B60h]
mov edi,ebx
shr edi,10h
shl ebx,10h
or edi,ebx
mov dword ptr [aAcumulate-4],esi
add edi,esi
xor dword ptr [aAcumulate-4],edi
mov ebx,dword ptr [aAcumulate-4]
xor ebx,eax
add ebx,dword ptr [aAcumulate-18h]
lea ebx,dword ptr [edx+ebx+0BEBFBC70h]
mov edx,ebx
shl edx,17h
shr ebx,9
or edx,ebx
mov ebx,dword ptr [aAcumulate-4]
add edx,edi
xor ebx,edx
add ebx,dword ptr [aAcumulate-3Ch]
lea ebx,dword ptr [eax+ebx+289B7EC6h]
mov eax,ebx
shr eax,1Ch
shl ebx,4
or eax,ebx
mov ebx,edi
add eax,edx
xor ebx,edx
xor ebx,eax
add ebx,dword ptr [aAcumulate-8]
lea esi,dword ptr [esi+ebx+0EAA127FAh]
mov ebx,esi
shr ebx,15h
shl esi,0Bh
or ebx,esi
add ebx,eax
mov esi,ebx
mov dword ptr [aAcumulate-4],ebx
xor esi,edx
xor esi,eax
add esi,dword ptr [aAcumulate-14h]
lea edi,dword ptr [edi+esi+0D4EF3085h]
mov esi,edi
shr esi,10h
shl edi,10h
or esi,edi
add esi,ebx
xor dword ptr [aAcumulate-4],esi
mov dword ptr [aAcumulate+0Ch],esi
mov edi,dword ptr [aAcumulate-4]
xor edi,eax
add edi,dword ptr [aAcumulate-20h]
lea edi,dword ptr [edx+edi+4881D05h]
mov edx,edi
shl edx,17h
shr edi,9
or edx,edi
mov edi,dword ptr [aAcumulate-4]
add edx,esi
xor edi,edx
xor esi,edx
add edi,dword ptr [aAcumulate-44h]
lea edi,dword ptr [eax+edi+0D9D4D039h]
mov eax,edi
shr eax,1Ch
shl edi,4
or eax,edi
add eax,edx
xor esi,eax
add esi,dword ptr [aAcumulate-30h]
lea ebx,dword ptr [ebx+esi+0E6DB99E5h]
mov esi,ebx
shr esi,15h
shl ebx,0Bh
or esi,ebx
mov ebx,dword ptr [aAcumulate+0Ch]
add esi,eax
mov edi,esi
xor edi,edx
xor edi,eax
add edi,dword ptr [aAcumulate-38h]
lea ebx,dword ptr [ebx+edi+1FA27CF8h]
mov edi,ebx
shr edi,10h
shl ebx,10h
or edi,ebx
mov ebx,esi
add edi,esi
xor ebx,edi
mov dword ptr [aAcumulate+0Ch],edi
xor ebx,eax
add ebx,dword ptr [aAcumulate-28h]
lea edx,dword ptr [edx+ebx+0C4AC5665h]
mov ebx,dword ptr [aAcumulate+0Ch]
mov edi,edx
shl edi,17h
shr edx,9
or edi,edx
mov edx,esi
add edi,ebx
not edx
or edx,edi
xor edx,ebx
add edx,dword ptr [aAcumulate-8]
lea eax,dword ptr [eax+edx+0F4292244h]
mov edx,eax
shr edx,1Ah
shl eax,6
or edx,eax
mov eax,ebx
add edx,edi
not eax
or eax,edx
xor eax,edi
add eax,dword ptr [aAcumulate-0Ch]
lea esi,dword ptr [esi+eax+432AFF97h]
mov eax,esi
shr eax,16h
shl esi,0Ah
or eax,esi
mov esi,edi
add eax,edx
not esi
or esi,eax
xor esi,edx
add esi,dword ptr [aAcumulate-10h]
lea ebx,dword ptr [ebx+esi+0AB9423A7h]
mov esi,ebx
shr esi,11h
shl ebx,0Fh
or esi,ebx
mov ebx,edx
add esi,eax
not ebx
or ebx,esi
xor ebx,eax
add ebx,dword ptr [aAcumulate-2Ch]
lea edi,dword ptr [edi+ebx+0FC93A039h]
mov ebx,edi
shl ebx,15h
shr edi,0Bh
or ebx,edi
mov edi,eax
add ebx,esi
not edi
or edi,ebx
xor edi,esi
add edi,dword ptr [aAcumulate-30h]
lea edi,dword ptr [edx+edi+655B59C3h]
mov edx,edi
shr edx,1Ah
shl edi,6
or edx,edi
mov edi,esi
add edx,ebx
not edi
or edi,edx
xor edi,ebx
add edi,dword ptr [aAcumulate-14h]
lea edi,dword ptr [eax+edi+8F0CCC92h]
mov eax,edi
shr eax,16h
shl edi,0Ah
or eax,edi
mov edi,ebx
add eax,edx
not edi
or edi,eax
xor edi,edx
add edi,dword ptr [aAcumulate-18h]
lea edi,dword ptr [esi+edi+0FFEFF47Dh]
mov esi,edi
shr esi,11h
shl edi,0Fh
or esi,edi
mov edi,edx
add esi,eax
not edi
or edi,esi
xor edi,eax
add edi,dword ptr [aAcumulate-1Ch]
lea ebx,dword ptr [ebx+edi+85845DD1h]
mov edi,ebx
shr ebx,0Bh
shl edi,15h
or edi,ebx
mov ebx,eax
not ebx
add edi,esi
or ebx,edi
xor ebx,esi
add ebx,dword ptr [aAcumulate-34h]
lea ebx,dword ptr [edx+ebx+6FA87E4Fh]
mov edx,ebx
shl ebx,6
shr edx,1Ah
or edx,ebx
mov ebx,esi
add edx,edi
not ebx
or ebx,edx
xor ebx,edi
add ebx,dword ptr [aAcumulate-38h]
lea ebx,dword ptr [eax+ebx+0FE2CE6E0h]
mov eax,ebx
shr eax,16h
shl ebx,0Ah
or eax,ebx
mov ebx,edi
add eax,edx
not ebx
or ebx,eax
xor ebx,edx
add ebx,dword ptr [aAcumulate-20h]
lea ebx,dword ptr [esi+ebx+0A3014314h]
mov esi,ebx
shr esi,11h
shl ebx,0Fh
or esi,ebx
mov ebx,edx
add esi,eax
not ebx
or ebx,esi
xor ebx,eax
add ebx,dword ptr [aAcumulate-3Ch]
lea ebx,dword ptr [edi+ebx+4E0811A1h]
mov edi,ebx
shl edi,15h
shr ebx,0Bh
or edi,ebx
mov ebx,eax
add edi,esi
not ebx
or ebx,edi
xor ebx,esi
add ebx,dword ptr [aAcumulate-40h]
lea ebx,dword ptr [edx+ebx+0F7537E82h]
mov edx,ebx
shr edx,1Ah
shl ebx,6
or edx,ebx
mov ebx,esi
add edx,edi
not ebx
or ebx,edx
xor ebx,edi
add ebx,dword ptr [aAcumulate-24h]
lea eax,dword ptr [eax+ebx+0BD3AF235h]
mov ebx,eax
shr ebx,16h
shl eax,0Ah
or ebx,eax
mov eax,edi
add ebx,edx
not eax
or eax,ebx
xor eax,edx
add eax,dword ptr [aAcumulate-28h]
lea esi,dword ptr [esi+eax+2AD7D2BBh]
mov eax,esi
shr eax,11h
shl esi,0Fh
or eax,esi
mov esi,edx
add eax,ebx
not esi
or esi,eax
xor esi,ebx
add esi,dword ptr [aAcumulate-44h]
lea edi,dword ptr [edi+esi+0EB86D391h]
mov esi,dword ptr [ecx]
add esi,edx
mov edx,edi
shl edx,15h
shr edi,0Bh
or edx,edi
mov dword ptr [aStdKeyBuffer],esi ; 保存结果
add edx,dword ptr [ecx+4]
pop edi
pop esi
add edx,eax
mov dword ptr [aStdKeyBuffer+4],edx ; 保存结果
mov edx,dword ptr [ecx+8]
add edx,eax
mov eax,dword ptr [ecx+0Ch]
add eax,ebx
mov dword ptr [aStdKeyBuffer+8],edx ; 保存结果
mov dword ptr [aStdKeyBuffer+0Ch],eax ; 保存结果
;------------------------------------
xor edi,edi
@1:
xor ecx,ecx
xor eax,eax
@2:
movzx edx,byte ptr[aStdKeyBuffer+eax+edi*4]
shl ecx,8
add ecx,edx
inc eax
cmp eax,4
jl @2 ;小循环结束后,ecx中就是其中一段注册码
invoke wsprintf,addr temp,addr format1,ecx
invoke lstrcat,addr aStdKeyOut,addr temp
inc edi
cmp edi,3
jl @1
mov byte ptr[aStdKeyOut+26],0
invoke SetDlgItemText,hDlg,IDC_KEY,addr aStdKeyOut
leave
ret
GetKey endp
end start
--------------------------------------------------------------------------------
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>>> keygen.rc >>>>>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#define IDD_DLGBOX 1000
#define IDC_GRP1 1003
#define IDC_NAME 1001
#define IDC_KEY 1002
#define IDC_STC1 1004
#define IDC_STC2 1005
#define IDC_GENERATE 1006
#define IDC_ABOUT 1007
IDD_DLGBOX DIALOGEX 4,5,214,78
CAPTION "Keygen For DialogBlocks Version 2.00"
FONT 8,"MS Sans Serif"
STYLE 0x10CA0880
EXSTYLE 0x00000001
BEGIN
CONTROL "",IDC_NAME,"Edit",0x50010000,54,7,142,15,0x00000200
CONTROL "",IDC_KEY,"Edit",0x50010800,54,27,142,15,0x00000200
CONTROL "Name :",IDC_STC1,"Static",0x50000201,14,7,40,15,0x00000000
CONTROL "Key :",IDC_STC2,"Static",0x50000201,14,27,40,15,0x00000000
CONTROL "GENERATE",IDC_GENERATE,"Button",0x50010000,52,55,52,17,0x00000000
CONTROL "ABOUT",IDC_ABOUT,"Button",0x50010000,128,55,52,17,0x00000000
CONTROL "",IDC_GRP1,"Button",0x50000007,10,1,194,46,0x00000000
END
----------------------------------------------------------------------------------
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)