-
-
[求助]加密算法分析
-
发表于: 2013-4-9 01:11 4795
-
这是一个用Delphi编译的软件程序,已脱壳,软件安装后自动生成机器码,用户输入注册码与机器码比较后,相等则注册成功。
以下是用DEDE反汇编得出的代码,代码中地址005703C0-005703FB这一段是点击“注册”鍵的事件响应代码。小弟不懂算法,求各位大师及行家帮助进行算法分析,敬请注释详细一点,以便学习理解,因本人实在太菜,多多包涵。附件中复制了部分CALL的代码,供参考。
点击“注册”鍵后跳到以下代码:
005703C0 53 push ebx
005703C1 8BD8 mov ebx, eax
005703C3 A1340A5800 mov eax, dword ptr [$00580A34]
005703C8 83B80801000000 cmp dword ptr [eax+$0108], +$00
005703CF 7E12 jle 005703E3
005703D1 BA04045700 mov edx, $00570404
005703D6 8B8310030000 mov eax, [ebx+$0310]
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
005703DC E863DBEDFF call 0044DF44
005703E1 EB10 jmp 005703F3
005703E3 BA14045700 mov edx, $00570414
005703E8 8B8310030000 mov eax, [ebx+$0310]
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
005703EE E851DBEDFF call 0044DF44
005703F3 8BC3 mov eax, ebx
* Reference to: Forms.TCustomForm.Close(TCustomForm);
|
005703F5 E8A6A6EFFF call 0046AAA0
005703FA 5B pop ebx
005703FB C3 ret
--------------------------------------------------------------------
call 0044DF44 (以下代码)
0044DF44 55 push ebp
0044DF45 8BEC mov ebp, esp
0044DF47 6A00 push $00
0044DF49 53 push ebx
0044DF4A 56 push esi
0044DF4B 8BF2 mov esi, edx
0044DF4D 8BD8 mov ebx, eax
0044DF4F 33C0 xor eax, eax
0044DF51 55 push ebp
0044DF52 6899DF4400 push $0044DF99
***** TRY
|
0044DF57 64FF30 push dword ptr fs:[eax]
0044DF5A 648920 mov fs:[eax], esp
0044DF5D 8D55FC lea edx, [ebp-$04]
0044DF60 8BC3 mov eax, ebx
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0044DF62 E8ADFFFFFF call 0044DF14
0044DF67 8B45FC mov eax, [ebp-$04]
0044DF6A 8BD6 mov edx, esi
* Reference to: System.@LStrCmp;
|
0044DF6C E80B71FBFF call 0040507C
0044DF71 7410 jz 0044DF83
0044DF73 8BC6 mov eax, esi
* Reference to: System.@LStrToPChar(String):PAnsiChar;
|
0044DF75 E8B671FBFF call 00405130
0044DF7A 8BD0 mov edx, eax
0044DF7C 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetTextBuf(TControl;PChar);
|
0044DF7E E86DFFFFFF call 0044DEF0
0044DF83 33C0 xor eax, eax
0044DF85 5A pop edx
0044DF86 59 pop ecx
0044DF87 59 pop ecx
0044DF88 648910 mov fs:[eax], edx
****** FINALLY
|
0044DF8B 68A0DF4400 push $0044DFA0
0044DF90 8D45FC lea eax, [ebp-$04]
* Reference to: System.@LStrClr(void;void);
|
0044DF93 E8E86CFBFF call 00404C80
0044DF98 C3 ret
* Reference to: System.@HandleFinally;
|
0044DF99 E96A66FBFF jmp 00404608
0044DF9E EBF0 jmp 0044DF90
****** END
|
0044DFA0 5E pop esi
0044DFA1 5B pop ebx
0044DFA2 59 pop ecx
0044DFA3 5D pop ebp
0044DFA4 C3 ret
附上部分CALL段代码。
以下是用DEDE反汇编得出的代码,代码中地址005703C0-005703FB这一段是点击“注册”鍵的事件响应代码。小弟不懂算法,求各位大师及行家帮助进行算法分析,敬请注释详细一点,以便学习理解,因本人实在太菜,多多包涵。附件中复制了部分CALL的代码,供参考。
点击“注册”鍵后跳到以下代码:
005703C0 53 push ebx
005703C1 8BD8 mov ebx, eax
005703C3 A1340A5800 mov eax, dword ptr [$00580A34]
005703C8 83B80801000000 cmp dword ptr [eax+$0108], +$00
005703CF 7E12 jle 005703E3
005703D1 BA04045700 mov edx, $00570404
005703D6 8B8310030000 mov eax, [ebx+$0310]
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
005703DC E863DBEDFF call 0044DF44
005703E1 EB10 jmp 005703F3
005703E3 BA14045700 mov edx, $00570414
005703E8 8B8310030000 mov eax, [ebx+$0310]
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
005703EE E851DBEDFF call 0044DF44
005703F3 8BC3 mov eax, ebx
* Reference to: Forms.TCustomForm.Close(TCustomForm);
|
005703F5 E8A6A6EFFF call 0046AAA0
005703FA 5B pop ebx
005703FB C3 ret
--------------------------------------------------------------------
call 0044DF44 (以下代码)
0044DF44 55 push ebp
0044DF45 8BEC mov ebp, esp
0044DF47 6A00 push $00
0044DF49 53 push ebx
0044DF4A 56 push esi
0044DF4B 8BF2 mov esi, edx
0044DF4D 8BD8 mov ebx, eax
0044DF4F 33C0 xor eax, eax
0044DF51 55 push ebp
0044DF52 6899DF4400 push $0044DF99
***** TRY
|
0044DF57 64FF30 push dword ptr fs:[eax]
0044DF5A 648920 mov fs:[eax], esp
0044DF5D 8D55FC lea edx, [ebp-$04]
0044DF60 8BC3 mov eax, ebx
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0044DF62 E8ADFFFFFF call 0044DF14
0044DF67 8B45FC mov eax, [ebp-$04]
0044DF6A 8BD6 mov edx, esi
* Reference to: System.@LStrCmp;
|
0044DF6C E80B71FBFF call 0040507C
0044DF71 7410 jz 0044DF83
0044DF73 8BC6 mov eax, esi
* Reference to: System.@LStrToPChar(String):PAnsiChar;
|
0044DF75 E8B671FBFF call 00405130
0044DF7A 8BD0 mov edx, eax
0044DF7C 8BC3 mov eax, ebx
* Reference to: Controls.TControl.SetTextBuf(TControl;PChar);
|
0044DF7E E86DFFFFFF call 0044DEF0
0044DF83 33C0 xor eax, eax
0044DF85 5A pop edx
0044DF86 59 pop ecx
0044DF87 59 pop ecx
0044DF88 648910 mov fs:[eax], edx
****** FINALLY
|
0044DF8B 68A0DF4400 push $0044DFA0
0044DF90 8D45FC lea eax, [ebp-$04]
* Reference to: System.@LStrClr(void;void);
|
0044DF93 E8E86CFBFF call 00404C80
0044DF98 C3 ret
* Reference to: System.@HandleFinally;
|
0044DF99 E96A66FBFF jmp 00404608
0044DF9E EBF0 jmp 0044DF90
****** END
|
0044DFA0 5E pop esi
0044DFA1 5B pop ebx
0044DFA2 59 pop ecx
0044DFA3 5D pop ebp
0044DFA4 C3 ret
附上部分CALL段代码。
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
赞赏
他的文章
- [悬赏]请教,程序2错在哪里 2579
- [求助]加密算法分析 4796
- 求助:怎样通过正确的注册码求出算法K值 3798
- 求助:分析这段代码 4307
看原图
赞赏
雪币:
留言: