-
-
[原创]菜鸟 学注册机编写之 “sha1”
-
发表于: 2015-1-31 11:30
-
测试环境
系统: xp sp3
调试器 :od 1.10
高手莫要见笑,仅供小菜玩乐,有不对或不足的地方还请多多指教,不胜感激!
1. 首先运行程序随便输入用户与注册码如下图所示:
2.将程序载入OD, 下MessageBoxA函数断点, F9运行程序, 程序运行后随便输入用户名与注册码,点"OK"后断下,F8一直走,就会返回到如下的代码,我们在函数开头下好断点。(或者直接搜索字符串 "Thank you for registration!",也能快速定位到这里)
0041B190 55 push ebp 0041B191 8BEC mov ebp,esp 0041B193 6A FF push -0x1 0041B195 68 9B555900 push dvdiphon.0059559B 0041B19A 64:A1 00000000 mov eax,dword ptr fs:[0] 0041B1A0 50 push eax 0041B1A1 81EC 98010000 sub esp,0x198 0041B1A7 A1 F8E66000 mov eax,dword ptr ds:[0x60E6F8] 0041B1AC 33C5 xor eax,ebp 0041B1AE 8985 68FFFFFF mov dword ptr ss:[ebp-0x98],eax 0041B1B4 50 push eax 0041B1B5 8D45 F4 lea eax,dword ptr ss:[ebp-0xC] 0041B1B8 64:A3 00000000 mov dword ptr fs:[0],eax 0041B1BE 898D 60FEFFFF mov dword ptr ss:[ebp-0x1A0],ecx 0041B1C4 C745 F0 0000000>mov dword ptr ss:[ebp-0x10],0x0 0041B1CB 6A 00 push 0x0 0041B1CD 8D8D 6CFFFFFF lea ecx,dword ptr ss:[ebp-0x94] 0041B1D3 E8 38B1FEFF call dvdiphon.00406310 0041B1D8 C745 FC 0000000>mov dword ptr ss:[ebp-0x4],0x0 0041B1DF 8D8D 6CFFFFFF lea ecx,dword ptr ss:[ebp-0x94] 0041B1E5 E8 04570400 call dvdiphon.004608EE 0041B1EA 8945 F0 mov dword ptr ss:[ebp-0x10],eax 0041B1ED 837D F0 01 cmp dword ptr ss:[ebp-0x10],0x1 0041B1F1 0F85 F6000000 jnz dvdiphon.0041B2ED 0041B1F7 8D8D 6CFFFFFF lea ecx,dword ptr ss:[ebp-0x94] 0041B1FD E8 9ED6FFFF call dvdiphon.004188A0 0041B202 50 push eax 0041B203 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B209 81C1 CCDC0200 add ecx,0x2DCCC 0041B20F E8 7C90FEFF call dvdiphon.00404290 0041B214 8D8D 6CFFFFFF lea ecx,dword ptr ss:[ebp-0x94] 0041B21A E8 A1D6FFFF call dvdiphon.004188C0 0041B21F 50 push eax 0041B220 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B226 81C1 D0DC0200 add ecx,0x2DCD0 0041B22C E8 5F90FEFF call dvdiphon.00404290 0041B231 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B237 81C1 D0DC0200 add ecx,0x2DCD0 0041B23D E8 3E470200 call dvdiphon.0043F980 ; 注册码 0041B242 50 push eax 0041B243 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B249 81C1 CCDC0200 add ecx,0x2DCCC 0041B24F E8 2C470200 call dvdiphon.0043F980 ; 用户名 0041B254 50 push eax 0041B255 E8 C6FCFFFF call dvdiphon.0041AF20 0041B25A 83C4 08 add esp,0x8 0041B25D 8B85 60FEFFFF mov eax,dword ptr ss:[ebp-0x1A0] 0041B263 C780 D4DC0200 0>mov dword ptr ds:[eax+0x2DCD4],0x1 0041B26D 68 00010000 push 0x100 0041B272 6A 00 push 0x0 0041B274 8D8D 64FEFFFF lea ecx,dword ptr ss:[ebp-0x19C] 0041B27A 51 push ecx 0041B27B E8 F00B1500 call dvdiphon.0056BE70 0041B280 83C4 0C add esp,0xC 0041B283 B9 481E6200 mov ecx,dvdiphon.00621E48 ; tK^ 0041B288 E8 63BBFFFF call dvdiphon.00416DF0 0041B28D 8985 5CFEFFFF mov dword ptr ss:[ebp-0x1A4],eax 0041B293 8B95 5CFEFFFF mov edx,dword ptr ss:[ebp-0x1A4] 0041B299 8B02 mov eax,dword ptr ds:[edx] 0041B29B 8B8D 5CFEFFFF mov ecx,dword ptr ss:[ebp-0x1A4] 0041B2A1 8B50 18 mov edx,dword ptr ds:[eax+0x18] 0041B2A4 FFD2 call edx 0041B2A6 8BC8 mov ecx,eax 0041B2A8 E8 E398FFFF call dvdiphon.00414B90 0041B2AD 50 push eax 0041B2AE 68 988C5D00 push dvdiphon.005D8C98 ; Thank you for registration!\r\n%s will verify\r\nthe registration information after you restart it. 0041B2B3 68 FF000000 push 0xFF 0041B2B8 8D85 64FEFFFF lea eax,dword ptr ss:[ebp-0x19C] 0041B2BE 50 push eax 0041B2BF E8 A9FB1400 call dvdiphon.0056AE6D 0041B2C4 83C4 10 add esp,0x10 0041B2C7 6A 00 push 0x0 0041B2C9 8D8D 64FEFFFF lea ecx,dword ptr ss:[ebp-0x19C] 0041B2CF 51 push ecx 0041B2D0 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B2D6 81C1 F8030000 add ecx,0x3F8 0041B2DC 8B95 60FEFFFF mov edx,dword ptr ss:[ebp-0x1A0] 0041B2E2 8B82 F8030000 mov eax,dword ptr ds:[edx+0x3F8] 0041B2E8 8B50 28 mov edx,dword ptr ds:[eax+0x28] 0041B2EB FFD2 call edx 0041B2ED C745 FC FFFFFFF>mov dword ptr ss:[ebp-0x4],-0x1 0041B2F4 8D8D 6CFFFFFF lea ecx,dword ptr ss:[ebp-0x94] 0041B2FA E8 D1B0FEFF call dvdiphon.004063D0 0041B2FF 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC] 0041B302 64:890D 0000000>mov dword ptr fs:[0],ecx 0041B309 59 pop ecx 0041B30A 8B8D 68FFFFFF mov ecx,dword ptr ss:[ebp-0x98] 0041B310 33CD xor ecx,ebp 0041B312 E8 F4E31400 call dvdiphon.0056970B 0041B317 8BE5 mov esp,ebp 0041B319 5D pop ebp 0041B31A C3 retn
0041B23D E8 3E470200 call dvdiphon.0043F980 ; 注册码 0041B242 50 push eax 0041B243 8B8D 60FEFFFF mov ecx,dword ptr ss:[ebp-0x1A0] 0041B249 81C1 CCDC0200 add ecx,0x2DCCC 0041B24F E8 2C470200 call dvdiphon.0043F980 ; 用户名
0041B0C4 83C4 0C add esp,0xC 0041B0C7 8D8D 54FFFFFF lea ecx,dword ptr ss:[ebp-0xAC] 0041B0CD 898D 50FFFFFF mov dword ptr ss:[ebp-0xB0],ecx 0041B0D3 8B95 50FFFFFF mov edx,dword ptr ss:[ebp-0xB0] 0041B0D9 0FBE02 movsx eax,byte ptr ds:[edx] 0041B0DC 85C0 test eax,eax 0041B0DE 74 25 je short dvdiphon.0041B105 0041B0E0 8B8D 50FFFFFF mov ecx,dword ptr ss:[ebp-0xB0] ; 加密注册码 0041B0E6 0FBE11 movsx edx,byte ptr ds:[ecx] 0041B0E9 83EA 19 sub edx,0x19 ; 减0x19 0041B0EC 8B85 50FFFFFF mov eax,dword ptr ss:[ebp-0xB0] 0041B0F2 8810 mov byte ptr ds:[eax],dl ; 存放减后的值 0041B0F4 8B8D 50FFFFFF mov ecx,dword ptr ss:[ebp-0xB0] 0041B0FA 83C1 01 add ecx,0x1 0041B0FD 898D 50FFFFFF mov dword ptr ss:[ebp-0xB0],ecx 0041B103 ^ EB CE jmp short dvdiphon.0041B0D3 0041B105 33D2 xor edx,edx 0041B107 ^ 75 BE jnz short dvdiphon.0041B0C7 0041B109 B9 481E6200 mov ecx,dvdiphon.00621E48 ; tK^
0012F8B0 004402B9 /CALL 到 RegSetValueExA 来自 dvdiphon.004402B3 0012F8B4 00000166 |hKey = 0x166 0012F8B8 00F979F8 |ValueName = "1" 0012F8BC 00000000 |Reserved = 0x0 0012F8C0 00000003 |ValueType = REG_BINARY 0012F8C4 0012F920 |Buffer = 0012F920 0012F8C8 00000027 \BufSize = 27 (39.)
0012FA34 0044005F /CALL 到 RegCreateKeyExA 来自 dvdiphon.00440059
0012FA38 80000000 |hKey = HKEY_CLASSES_ROOT
0012FA3C 00E67300 |Subkey = "CLSID\{D2D219BC-BCE8-4249-8636-DE8BEFCD28C3}\ProgID"
0012FA40 00000000 |Reserved = 0x0
0012FA44 00000000 |Class = NULL
0012FA48 00000000 |Options = REG_OPTION_NON_VOLATILE
0012FA4C 0002003F |Access = KEY_QUERY_VALUE|KEY_SET_VALUE|KEY_CREATE_SUB_KEY|KEY_ENUMERATE_SUB_KEYS|KEY_NOTIFY|KEY_CREATE_LINK|20000
0012FA50 00000000 |pSecurity = NULL
0012FA54 0012FB94 |pHandle = 0012FB94
0012FA58 0012FA68 \pDisposition = 0012FA68
0012FA5C 00440309 /CALL 到 RegQueryValueExA 来自 dvdiphon.00440303 0012FA60 000000A6 |hKey = 0xA6 0012FA64 00E67350 |ValueName = "1" 0012FA68 00000000 |Reserved = NULL 0012FA6C 0012FA8C |pValueType = 0012FA8C 0012FA70 00000000 |Buffer = NULL 0012FA74 0012FA88 \pBufSize = 0012FA88
0012FA5C 0044035D /CALL 到 RegQueryValueExA 来自 dvdiphon.00440357 0012FA60 000000A6 |hKey = 0xA6 0012FA64 00E67350 |ValueName = "1" 0012FA68 00000000 |Reserved = NULL 0012FA6C 00000000 |pValueType = NULL 0012FA70 00E67360 |Buffer = 00E67360 0012FA74 0012FA88 \pBufSize = 0012FA88
00417F2D /0F84 70020000 je dvdiphon.004181A3 00417F33 |C785 6CFFFFFF 0000000>mov dword ptr ss:[ebp-0x94],0x0 00417F3D |8D4D 84 lea ecx,dword ptr ss:[ebp-0x7C] 00417F40 |898D B0FEFFFF mov dword ptr ss:[ebp-0x150],ecx 00417F46 |8B95 B0FEFFFF mov edx,dword ptr ss:[ebp-0x150] 00417F4C |0FBE02 movsx eax,byte ptr ds:[edx] 00417F4F |85C0 test eax,eax ;判断是否为空 00417F51 |74 25 je short dvdiphon.00417F78 00417F53 |8B8D B0FEFFFF mov ecx,dword ptr ss:[ebp-0x150] 00417F59 |0FBE11 movsx edx,byte ptr ds:[ecx] ; 获得加密后的注册码1字节 00417F5C |83C2 19 add edx,0x19 ; 解密注册码(加上0x19) 00417F5F |8B85 B0FEFFFF mov eax,dword ptr ss:[ebp-0x150] 00417F65 |8810 mov byte ptr ds:[eax],dl ; 存放 00417F67 |8B8D B0FEFFFF mov ecx,dword ptr ss:[ebp-0x150] 00417F6D |83C1 01 add ecx,0x1 00417F70 |898D B0FEFFFF mov dword ptr ss:[ebp-0x150],ecx 00417F76 ^|EB CE jmp short dvdiphon.00417F46 00417F78 |33D2 xor edx,edx ; 完成 00417F7A ^|75 C1 jnz short dvdiphon.00417F3D
00418079 E8 B2FAFFFF call dvdiphon.00417B30 ; 将长度为0x27的注册码 分成2组
00417B30 55 push ebp 00417B31 8BEC mov ebp,esp 00417B33 83EC 10 sub esp,0x10 00417B36 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 00417B3D C745 F8 00000000 mov dword ptr ss:[ebp-0x8],0x0 00417B44 C745 F0 00000000 mov dword ptr ss:[ebp-0x10],0x0 00417B4B C745 F4 00000000 mov dword ptr ss:[ebp-0xC],0x0 00417B52 837D 0C 27 cmp dword ptr ss:[ebp+0xC],0x27 ;判断注册码长度是否为0x27 00417B56 74 07 je short dvdiphon.00417B5F 00417B58 33C0 xor eax,eax 00417B5A E9 E8020000 jmp dvdiphon.00417E47 00417B5F C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 00417B66 EB 1B jmp short dvdiphon.00417B83 00417B68 8B45 FC mov eax,dword ptr ss:[ebp-0x4] 00417B6B 83C0 01 add eax,0x1 ; 计数加1 00417B6E 8945 FC mov dword ptr ss:[ebp-0x4],eax 00417B71 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] 00417B74 83C1 01 add ecx,0x1 ; 计数加1 00417B77 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417B7A 8B55 F0 mov edx,dword ptr ss:[ebp-0x10] 00417B7D 83C2 01 add edx,0x1 ; 计数加1 00417B80 8955 F0 mov dword ptr ss:[ebp-0x10],edx 00417B83 837D FC 03 cmp dword ptr ss:[ebp-0x4],0x3 ; 判断计数是否大于等于3 00417B87 7D 12 jge short dvdiphon.00417B9B 00417B89 8B45 10 mov eax,dword ptr ss:[ebp+0x10] ; 存放第1组注册码首地址 00417B8C 0345 F0 add eax,dword ptr ss:[ebp-0x10] ; 存放第1组注册码首地址加上计数 00417B8F 8B4D 08 mov ecx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417B92 034D F8 add ecx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417B95 8A11 mov dl,byte ptr ds:[ecx] ; 取注册码 00417B97 8810 mov byte ptr ds:[eax],dl ; 存放 00417B99 ^ EB CD jmp short dvdiphon.00417B68 00417B9B 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] ; 取计数值 00417B9E 83C0 01 add eax,0x1 ; 计数加1 00417BA1 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417BA4 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417BAB EB 1B jmp short dvdiphon.00417BC8 00417BAD 8B4D FC mov ecx,dword ptr ss:[ebp-0x4] 00417BB0 83C1 01 add ecx,0x1 ; 计数加1 00417BB3 894D FC mov dword ptr ss:[ebp-0x4],ecx 00417BB6 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] 00417BB9 83C2 01 add edx,0x1 ; 计数加1 00417BBC 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417BBF 8B45 F4 mov eax,dword ptr ss:[ebp-0xC] 00417BC2 83C0 01 add eax,0x1 ; 计数加1 00417BC5 8945 F4 mov dword ptr ss:[ebp-0xC],eax 00417BC8 837D FC 03 cmp dword ptr ss:[ebp-0x4],0x3 ; 判断计数是否大于等于3 00417BCC 7D 12 jge short dvdiphon.00417BE0 00417BCE 8B4D 18 mov ecx,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417BD1 034D F4 add ecx,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417BD4 8B55 08 mov edx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417BD7 0355 F8 add edx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417BDA 8A02 mov al,byte ptr ds:[edx] ; 取注册码 00417BDC 8801 mov byte ptr ds:[ecx],al ; 存放 00417BDE ^ EB CD jmp short dvdiphon.00417BAD 00417BE0 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417BE7 EB 1B jmp short dvdiphon.00417C04 00417BE9 8B4D FC mov ecx,dword ptr ss:[ebp-0x4] 00417BEC 83C1 01 add ecx,0x1 ; 计数加1 00417BEF 894D FC mov dword ptr ss:[ebp-0x4],ecx 00417BF2 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] 00417BF5 83C2 01 add edx,0x1 ; 计数加1 00417BF8 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417BFB 8B45 F0 mov eax,dword ptr ss:[ebp-0x10] 00417BFE 83C0 01 add eax,0x1 ; 计数加1 00417C01 8945 F0 mov dword ptr ss:[ebp-0x10],eax 00417C04 837D FC 02 cmp dword ptr ss:[ebp-0x4],0x2 ; 判断计数是否大于等于3 00417C08 7D 12 jge short dvdiphon.00417C1C 00417C0A 8B4D 10 mov ecx,dword ptr ss:[ebp+0x10] ; 存放第1组注册码首地址 00417C0D 034D F0 add ecx,dword ptr ss:[ebp-0x10] ; 存放第1组注册码首地址加上计数 00417C10 8B55 08 mov edx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417C13 0355 F8 add edx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417C16 8A02 mov al,byte ptr ds:[edx] ; 取注册码 00417C18 8801 mov byte ptr ds:[ecx],al ; 存放 00417C1A ^ EB CD jmp short dvdiphon.00417BE9 00417C1C 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] ; 取计数值 00417C1F 83C1 01 add ecx,0x1 ; 计数值加1 00417C22 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417C25 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417C2C EB 1B jmp short dvdiphon.00417C49 00417C2E 8B55 FC mov edx,dword ptr ss:[ebp-0x4] 00417C31 83C2 01 add edx,0x1 ; 计数值加1 00417C34 8955 FC mov dword ptr ss:[ebp-0x4],edx 00417C37 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] 00417C3A 83C0 01 add eax,0x1 ; 计数值加1 00417C3D 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417C40 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC] 00417C43 83C1 01 add ecx,0x1 ; 计数值加1 00417C46 894D F4 mov dword ptr ss:[ebp-0xC],ecx 00417C49 837D FC 03 cmp dword ptr ss:[ebp-0x4],0x3 ; 判断计数是否大于等于3 00417C4D 7D 12 jge short dvdiphon.00417C61 00417C4F 8B55 18 mov edx,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417C52 0355 F4 add edx,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417C55 8B45 08 mov eax,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417C58 0345 F8 add eax,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417C5B 8A08 mov cl,byte ptr ds:[eax] ; 取注册码 00417C5D 880A mov byte ptr ds:[edx],cl ; 存放 00417C5F ^ EB CD jmp short dvdiphon.00417C2E 00417C61 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417C68 EB 1B jmp short dvdiphon.00417C85 00417C6A 8B55 FC mov edx,dword ptr ss:[ebp-0x4] 00417C6D 83C2 01 add edx,0x1 ; 计数值加1 00417C70 8955 FC mov dword ptr ss:[ebp-0x4],edx 00417C73 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] 00417C76 83C0 01 add eax,0x1 ; 计数值加1 00417C79 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417C7C 8B4D F0 mov ecx,dword ptr ss:[ebp-0x10] 00417C7F 83C1 01 add ecx,0x1 ; 计数值加1 00417C82 894D F0 mov dword ptr ss:[ebp-0x10],ecx 00417C85 837D FC 02 cmp dword ptr ss:[ebp-0x4],0x2 ; 判断计数是否大于等于2 00417C89 7D 12 jge short dvdiphon.00417C9D 00417C8B 8B55 10 mov edx,dword ptr ss:[ebp+0x10] ; 存放第1组注册码首地址 00417C8E 0355 F0 add edx,dword ptr ss:[ebp-0x10] ; 存放第1组注册码首地址加上计数 00417C91 8B45 08 mov eax,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417C94 0345 F8 add eax,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417C97 8A08 mov cl,byte ptr ds:[eax] ; 取注册码 00417C99 880A mov byte ptr ds:[edx],cl ; 存放 00417C9B ^ EB CD jmp short dvdiphon.00417C6A 00417C9D 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] ; 取计数值 00417CA0 83C2 01 add edx,0x1 ; 计数值加1 00417CA3 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417CA6 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417CAD EB 1B jmp short dvdiphon.00417CCA 00417CAF 8B45 FC mov eax,dword ptr ss:[ebp-0x4] 00417CB2 83C0 01 add eax,0x1 ; 计数值加1 00417CB5 8945 FC mov dword ptr ss:[ebp-0x4],eax 00417CB8 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] 00417CBB 83C1 01 add ecx,0x1 ; 计数值加1 00417CBE 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417CC1 8B55 F4 mov edx,dword ptr ss:[ebp-0xC] 00417CC4 83C2 01 add edx,0x1 ; 计数值加1 00417CC7 8955 F4 mov dword ptr ss:[ebp-0xC],edx 00417CCA 837D FC 03 cmp dword ptr ss:[ebp-0x4],0x3 ; 判断计数是否大于等于3 00417CCE 7D 12 jge short dvdiphon.00417CE2 00417CD0 8B45 18 mov eax,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417CD3 0345 F4 add eax,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417CD6 8B4D 08 mov ecx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417CD9 034D F8 add ecx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417CDC 8A11 mov dl,byte ptr ds:[ecx] ; 取注册码 00417CDE 8810 mov byte ptr ds:[eax],dl ; 存放 00417CE0 ^ EB CD jmp short dvdiphon.00417CAF 00417CE2 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417CE9 EB 1B jmp short dvdiphon.00417D06 00417CEB 8B45 FC mov eax,dword ptr ss:[ebp-0x4] 00417CEE 83C0 01 add eax,0x1 ; 计数值加1 00417CF1 8945 FC mov dword ptr ss:[ebp-0x4],eax 00417CF4 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] 00417CF7 83C1 01 add ecx,0x1 ; 计数值加1 00417CFA 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417CFD 8B55 F0 mov edx,dword ptr ss:[ebp-0x10] 00417D00 83C2 01 add edx,0x1 ; 计数值加1 00417D03 8955 F0 mov dword ptr ss:[ebp-0x10],edx 00417D06 837D FC 02 cmp dword ptr ss:[ebp-0x4],0x2 ; 判断计数是否大于等于2 00417D0A 7D 12 jge short dvdiphon.00417D1E 00417D0C 8B45 10 mov eax,dword ptr ss:[ebp+0x10] ; 存放第1组注册码首地址 00417D0F 0345 F0 add eax,dword ptr ss:[ebp-0x10] ; 存放第1组注册码首地址加上计数 00417D12 8B4D 08 mov ecx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417D15 034D F8 add ecx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417D18 8A11 mov dl,byte ptr ds:[ecx] ; 取注册码 00417D1A 8810 mov byte ptr ds:[eax],dl ; 存放 00417D1C ^ EB CD jmp short dvdiphon.00417CEB 00417D1E 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] ; 取计数值 00417D21 83C0 01 add eax,0x1 ; 计数加1 00417D24 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417D27 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417D2E EB 1B jmp short dvdiphon.00417D4B 00417D30 8B4D FC mov ecx,dword ptr ss:[ebp-0x4] 00417D33 83C1 01 add ecx,0x1 ; 计数加1 00417D36 894D FC mov dword ptr ss:[ebp-0x4],ecx 00417D39 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] 00417D3C 83C2 01 add edx,0x1 ; 计数加1 00417D3F 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417D42 8B45 F4 mov eax,dword ptr ss:[ebp-0xC] 00417D45 83C0 01 add eax,0x1 ; 计数加1 00417D48 8945 F4 mov dword ptr ss:[ebp-0xC],eax 00417D4B 837D FC 03 cmp dword ptr ss:[ebp-0x4],0x3 ; 判断计数是否大于等于3 00417D4F 7D 12 jge short dvdiphon.00417D63 00417D51 8B4D 18 mov ecx,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417D54 034D F4 add ecx,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417D57 8B55 08 mov edx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417D5A 0355 F8 add edx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417D5D 8A02 mov al,byte ptr ds:[edx] ; 取注册码 00417D5F 8801 mov byte ptr ds:[ecx],al ; 存放 00417D61 ^ EB CD jmp short dvdiphon.00417D30 00417D63 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417D6A EB 1B jmp short dvdiphon.00417D87 00417D6C 8B4D FC mov ecx,dword ptr ss:[ebp-0x4] 00417D6F 83C1 01 add ecx,0x1 ; 计数加1 00417D72 894D FC mov dword ptr ss:[ebp-0x4],ecx 00417D75 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] 00417D78 83C2 01 add edx,0x1 ; 计数加1 00417D7B 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417D7E 8B45 F0 mov eax,dword ptr ss:[ebp-0x10] 00417D81 83C0 01 add eax,0x1 ; 计数加1 00417D84 8945 F0 mov dword ptr ss:[ebp-0x10],eax 00417D87 837D FC 02 cmp dword ptr ss:[ebp-0x4],0x2 ; 判断计数是否大于等于2 00417D8B 7D 12 jge short dvdiphon.00417D9F 00417D8D 8B4D 10 mov ecx,dword ptr ss:[ebp+0x10] ; 存放第1组注册码首地址 00417D90 034D F0 add ecx,dword ptr ss:[ebp-0x10] ; 存放第1组注册码首地址加上计数 00417D93 8B55 08 mov edx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417D96 0355 F8 add edx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417D99 8A02 mov al,byte ptr ds:[edx] ; 取注册码 00417D9B 8801 mov byte ptr ds:[ecx],al ; 存放 00417D9D ^ EB CD jmp short dvdiphon.00417D6C 00417D9F 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] ; 取计数值 00417DA2 83C1 01 add ecx,0x1 ; 计数加1 00417DA5 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417DA8 C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417DAF EB 1B jmp short dvdiphon.00417DCC 00417DB1 8B55 FC mov edx,dword ptr ss:[ebp-0x4] 00417DB4 83C2 01 add edx,0x1 ; 计数加1 00417DB7 8955 FC mov dword ptr ss:[ebp-0x4],edx 00417DBA 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] 00417DBD 83C0 01 add eax,0x1 ; 计数加1 00417DC0 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417DC3 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC] 00417DC6 83C1 01 add ecx,0x1 ; 计数加1 00417DC9 894D F4 mov dword ptr ss:[ebp-0xC],ecx 00417DCC 837D FC 05 cmp dword ptr ss:[ebp-0x4],0x5 ; 判断计数是否大于等于5 00417DD0 7D 12 jge short dvdiphon.00417DE4 00417DD2 8B55 18 mov edx,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417DD5 0355 F4 add edx,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417DD8 8B45 08 mov eax,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417DDB 0345 F8 add eax,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417DDE 8A08 mov cl,byte ptr ds:[eax] ; 取注册码 00417DE0 880A mov byte ptr ds:[edx],cl ; 存放 00417DE2 ^ EB CD jmp short dvdiphon.00417DB1 00417DE4 8B55 F8 mov edx,dword ptr ss:[ebp-0x8] ; 取计数值 00417DE7 83C2 01 add edx,0x1 ; 计数值加1 00417DEA 8955 F8 mov dword ptr ss:[ebp-0x8],edx 00417DED C745 FC 00000000 mov dword ptr ss:[ebp-0x4],0x0 ; 计数清0 00417DF4 EB 1B jmp short dvdiphon.00417E11 00417DF6 8B45 FC mov eax,dword ptr ss:[ebp-0x4] 00417DF9 83C0 01 add eax,0x1 ; 计数加1 00417DFC 8945 FC mov dword ptr ss:[ebp-0x4],eax 00417DFF 8B4D F8 mov ecx,dword ptr ss:[ebp-0x8] 00417E02 83C1 01 add ecx,0x1 ; 计数加1 00417E05 894D F8 mov dword ptr ss:[ebp-0x8],ecx 00417E08 8B55 F4 mov edx,dword ptr ss:[ebp-0xC] 00417E0B 83C2 01 add edx,0x1 ; 计数加1 00417E0E 8955 F4 mov dword ptr ss:[ebp-0xC],edx 00417E11 837D FC 05 cmp dword ptr ss:[ebp-0x4],0x5 ; 判断计数是否大于等于5 00417E15 7D 12 jge short dvdiphon.00417E29 00417E17 8B45 18 mov eax,dword ptr ss:[ebp+0x18] ; 存放第2组注册码首地址 00417E1A 0345 F4 add eax,dword ptr ss:[ebp-0xC] ; 存放第2组注册码首地址加上计数 00417E1D 8B4D 08 mov ecx,dword ptr ss:[ebp+0x8] ; 注册码首地址 00417E20 034D F8 add ecx,dword ptr ss:[ebp-0x8] ; 注册码首地址加上计数 00417E23 8A11 mov dl,byte ptr ds:[ecx] ; 取注册码 00417E25 8810 mov byte ptr ds:[eax],dl ; 存放 00417E27 ^ EB CD jmp short dvdiphon.00417DF6 00417E29 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] ; 取计数值 00417E2C 83C0 01 add eax,0x1 ; 计数值加1 00417E2F 8945 F8 mov dword ptr ss:[ebp-0x8],eax 00417E32 8B4D 14 mov ecx,dword ptr ss:[ebp+0x14] 00417E35 8B55 F0 mov edx,dword ptr ss:[ebp-0x10] 00417E38 8911 mov dword ptr ds:[ecx],edx ; 第1组注册码长度 0xB 00417E3A 8B45 1C mov eax,dword ptr ss:[ebp+0x1C] 00417E3D 8B4D F4 mov ecx,dword ptr ss:[ebp-0xC] 00417E40 8908 mov dword ptr ds:[eax],ecx ; 第2组注册码长度 0x16 00417E42 B8 01000000 mov eax,0x1 00417E47 8BE5 mov esp,ebp 00417E49 5D pop ebp 00417E4A C3 retn
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
