OD打开crackme,F9运行输入111111 点击注册直接崩溃,来的如下地址
0040225F |. 6A 00 push 0
00402261 |. FF35 242E4B00 push dword ptr [4B2E24] ; crackme.0048B0D1
00402267 |. 6A FF push -1
00402269 |. 6A 0A push 0A
0040226B |. 68 22000116 push 16010022
00402270 |. 68 01000152 push 52010001
00402275 |. E8 1E010000 call 00402398
0040227A |. 83C4 18 add esp, 18
0040227D |. E9 28000000 jmp 004022AA
00402282 |> 0102 add dword ptr [edx], eax
00402284 |. 030405 060708>add eax, dword ptr [eax+9080706]
0040228B |. 006A 00 add byte ptr [edx], ch
0040228E |. FF35 242E4B00 push dword ptr [4B2E24] ; crackme.0048B0D1
00402294 |. 6A FF push -1
00402296 |. 6A 0A push 0A
00402298 |. 68 22000116 push 16010022
查看堆栈发现
00E7FF3C 00160EA8 ASCII "3055c2e4eb28af4cd195a2c4bc88ec04"
00E7FF40 00160E70
00E7FF44 00160E38 ASCII "3055c2e4eb28af4cd195a2c4bc88ec04112"
00E7FF48 00160C70
00E7FF4C 00000000
00E7FF50 00160E38 ASCII "3055c2e4eb28af4cd195a2c4bc88ec04112"
00E7FF54 00160D40
00E7FF58 00000000
00E7FF5C 405C0000
00E7FF60 00160EE8
00E7FF64 00160CB0
00E7FF68 00160C90
00E7FF6C 00160C70
00E7FF70 00160E18
00E7FF74 00160DF8 ASCII "33053055C3055C2E3030553055C2"
00E7FF78 00000000
00E7FF7C 00160D40
00E7FF80 00160DF8 ASCII "33053055C3055C2E3030553055C2"
00E7FF84 00000001
00E7FF88 00160E38 ASCII "3055c2e4eb28af4cd195a2c4bc88ec04112"
00E7FF8C 00160EA8 ASCII "3055c2e4eb28af4cd195a2c4bc88ec04"
好吧,先试试这几个字符串
sn = 33053055C3055C2E3030553055C2
[峰会]看雪.第八届安全开发者峰会10月23日上海龙之梦大酒店举办!