/
/
010Editor
注册机完整版控制台版.cpp : 此文件包含
"main"
函数。程序执行将在此处开始并结束。
/
/
/
/
密码表
DWORD codeArr[]
=
{
0x39cb44b8
,
0x23754f67
,
0x5f017211
,
0x3ebb24da
,
0x351707c6
,
0x63f9774b
,
0x17827288
,
0x0fe74821
,
0x5b5f670f
,
0x48315ae8
,
0x785b7769
,
0x2b7a1547
,
0x38d11292
,
0x42a11b32
,
0x35332244
,
0x77437b60
,
0x1eab3b10
,
0x53810000
,
0x1d0212ae
,
0x6f0377a8
,
0x43c03092
,
0x2d3c0a8e
,
0x62950cbf
,
0x30f06ffa
,
0x34f710e0
,
0x28f417fb
,
0x350d2f95
,
0x5a361d5a
,
0x15cc060b
,
0x0afd13cc
,
0x28603bcf
,
0x3371066b
,
0x30cd14e4
,
0x175d3a67
,
0x6dd66a13
,
0x2d3409f9
,
0x581e7b82
,
0x76526b99
,
0x5c8d5188
,
0x2c857971
,
0x15f51fc0
,
0x68cc0d11
,
0x49f55e5c
,
0x275e4364
,
0x2d1e0dbc
,
0x4cee7ce3
,
0x32555840
,
0x112e2e08
,
0x6978065a
,
0x72921406
,
0x314578e7
,
0x175621b7
,
0x40771dbf
,
0x3fc238d6
,
0x4a31128a
,
0x2dad036e
,
0x41a069d6
,
0x25400192
,
0x00dd4667
,
0x6afc1f4f
,
0x571040ce
,
0x62fe66df
,
0x41db4b3e
,
0x3582231f
,
0x55f6079a
,
0x1ca70644
,
0x1b1643d2
,
0x3f7228c9
,
0x5f141070
,
0x3e1474ab
,
0x444b256e
,
0x537050d9
,
0x0f42094b
,
0x2fd820e6
,
0x778b2e5e
,
0x71176d02
,
0x7fea7a69
,
0x5bb54628
,
0x19ba6c71
,
0x39763a99
,
0x178d54cd
,
0x01246e88
,
0x3313537e
,
0x2b8e2d17
,
0x2a3d10be
,
0x59d10582
,
0x37a163db
,
0x30d6489a
,
0x6a215c46
,
0x0e1c7a76
,
0x1fc760e7
,
0x79b80c65
,
0x27f459b4
,
0x799a7326
,
0x50ba1782
,
0x2a116d5c
,
0x63866e1b
,
0x3f920e3c
,
0x55023490
,
0x55b56089
,
0x2c391fd1
,
0x2f8035c2
,
0x64fd2b7a
,
0x4ce8759a
,
0x518504f0
,
0x799501a8
,
0x3f5b2cad
,
0x38e60160
,
0x637641d8
,
0x33352a42
,
0x51a22c19
,
0x085c5851
,
0x032917ab
,
0x2b770ac7
,
0x30ac77b3
,
0x2bec1907
,
0x035202d0
,
0x0fa933d3
,
0x61255df3
,
0x22ad06bf
,
0x58b86971
,
0x5fca0de5
,
0x700d6456
,
0x56a973db
,
0x5ab759fd
,
0x330e0be2
,
0x5b3c0ddd
,
0x495d3c60
,
0x53bd59a6
,
0x4c5e6d91
,
0x49d9318d
,
0x103d5079
,
0x61ce42e3
,
0x7ed5121d
,
0x14e160ed
,
0x212d4ef2
,
0x270133f0
,
0x62435a96
,
0x1fa75e8b
,
0x6f092fbe
,
0x4a000d49
,
0x57ae1c70
,
0x004e2477
,
0x561e7e72
,
0x468c0033
,
0x5dcc2402
,
0x78507ac6
,
0x58af24c7
,
0x0df62d34
,
0x358a4708
,
0x3cfb1e11
,
0x2b71451c
,
0x77a75295
,
0x56890721
,
0x0fef75f3
,
0x120f24f1
,
0x01990ae7
,
0x339c4452
,
0x27a15b8e
,
0x0ba7276d
,
0x60dc1b7b
,
0x4f4b7f82
,
0x67db7007
,
0x4f4a57d9
,
0x621252e8
,
0x20532cfc
,
0x6a390306
,
0x18800423
,
0x19f3778a
,
0x462316f0
,
0x56ae0937
,
0x43c2675c
,
0x65ca45fd
,
0x0d604ff2
,
0x0bfd22cb
,
0x3afe643b
,
0x3bf67fa6
,
0x44623579
,
0x184031f8
,
0x32174f97
,
0x4c6a092a
,
0x5fb50261
,
0x01650174
,
0x33634af1
,
0x712d18f4
,
0x6e997169
,
0x5dab7afe
,
0x7c2b2ee8
,
0x6edb75b4
,
0x5f836fb6
,
0x3c2a6dd6
,
0x292d05c2
,
0x052244db
,
0x149a5f4f
,
0x5d486540
,
0x331d15ea
,
0x4f456920
,
0x483a699f
,
0x3b450f05
,
0x3b207c6c
,
0x749d70fe
,
0x417461f6
,
0x62b031f1
,
0x2750577b
,
0x29131533
,
0x588c3808
,
0x1aef3456
,
0x0f3c00ec
,
0x7da74742
,
0x4b797a6c
,
0x5ebb3287
,
0x786558b8
,
0x00ed4ff2
,
0x6269691e
,
0x24a2255f
,
0x62c11f7e
,
0x2f8a7dcd
,
0x643b17fe
,
0x778318b8
,
0x253b60fe
,
0x34bb63a3
,
0x5b03214f
,
0x5f1571f4
,
0x1a316e9f
,
0x7acf2704
,
0x28896838
,
0x18614677
,
0x1bf569eb
,
0x0ba85ec9
,
0x6aca6b46
,
0x1e43422a
,
0x514d5f0e
,
0x413e018c
,
0x307626e9
,
0x01ed1dfa
,
0x49f46f5a
,
0x461b642b
,
0x7d7007f2
,
0x13652657
,
0x6b160bc5
,
0x65e04849
,
0x1f526e1c
,
0x5a0251b6
,
0x2bd73f69
,
0x2dbf7acd
,
0x51e63e80
,
0x5cf2670f
,
0x21cd0a03
,
0x5cff0261
,
0x33ae061e
,
0x3bb6345f
,
0x5d814a75
,
0x257b5df4
,
0x0a5c2c5b
,
0x16a45527
,
0x16f23945
};
/
/
用户名加密
DWORD UNEncode(const char
*
pUsername,
int
a2, char a3, unsigned __int16 a4) {
/
/
计算出用户名的长度
int
UNLen
=
strlen(pUsername);
DWORD LOCAL_1
=
0
, LOCAL_2
=
0
, LOCAL_3
=
0
, LOCAL_4
=
0
;
DWORD EAX
=
0
, EBX
=
0
, ECX
=
0
, EDX
=
0
;
if
(UNLen >
0
) {
EBX
=
a4;
LOCAL_4
=
ECX;
LOCAL_3
=
ECX;
ECX
=
a3;
EBX
=
EBX <<
4
;
EBX
-
=
a4;
ECX
=
ECX <<
4
;
ECX
+
=
a3;
LOCAL_2
=
ECX;
/
/
然后就到了最重要的循环计算环节
for
(
int
i
=
0
; i < UNLen; i
+
+
) {
/
/
将字符转换成大写
EAX
=
toupper(pUsername[i]);
EDX
=
EAX;
ECX
=
codeArr[EDX]
+
LOCAL_1;
/
/
两条不同的分支
if
(a2
=
=
1
) {
EAX
=
EDX
+
0xD
;
EAX &
0xFF
;
ECX
=
ECX ^ codeArr[EAX];
EAX
=
EDX
+
0x2F
;
EAX
=
EAX &
0xFF
;
ECX
*
=
codeArr[EAX];
EAX
=
LOCAL_2;
EAX
=
EAX &
0xFF
;
ECX
+
=
codeArr[EAX];
EAX
=
EBX &
0xFF
;
ECX
+
=
codeArr[EAX];
EAX
=
LOCAL_3;
EAX
=
EAX &
0xFF
;
ECX
+
=
codeArr[EAX];
EAX
=
ECX;
LOCAL_1
=
EAX;
}
if
(a2
=
=
0
) {
/
*
013BD1CE
| >
8D42
3F
| LEA EAX, DWORD PTR DS : [EDX
+
0x3F
] ; EAX
=
大写字母的ASCII码
+
0x3F
的地址
013BD1D1
| .
25
FF000000 | AND EAX,
0xFF
; EAX
=
EAX &
0xFF
013BD1D6
| .
330C85
4841E6
> | XOR ECX, DWORD PTR DS : [EAX
*
4
+
0x2E64148
] ; ECX
=
ECX ^ (EAX
*
4
+
byCode)
013BD1DD
| .
8D42
17
| LEA EAX, DWORD PTR DS : [EDX
+
0x17
] ; EAX
=
大写字母ASCII码
+
0x17
的地址
013BD1E0
| .
25
FF000000 | AND EAX,
0xFF
; EAX
=
EAX &
0xFF
013BD1E5
| .
0FAF0C85
4841
> | IMUL ECX, DWORD PTR DS : [EAX
*
4
+
0x2E64148
] ; ECX
=
ECX
*
(EAX
*
4
+
byCode)
013BD1ED
| .
8B45
F8 | MOV EAX, [LOCAL_AL.
2
]; EAX
=
0
013BD1F0
| .
0FB6C0
| MOVZX EAX, AL; EAX
=
0
013BD1F3
| .
030C85
4841E6
> | ADD ECX, DWORD PTR DS : [EAX
*
4
+
0x2E64148
] ; ECX
=
ECX
+
(EAX
*
4
+
byCode)
013BD1FA
| .
0FB6C3
| MOVZX EAX, BL; EAX
=
0x0000
0098
013BD1FD
| .
030C85
4841E6
> | ADD ECX, DWORD PTR DS : [EAX
*
4
+
0x2E64148
] ; ECX
=
ECX
+
(EAX
*
4
+
byCode)
013BD204
| .
8B45
F0 | MOV EAX, [LOCAL_AL.
4
]; EAX
=
0
013BD207
| .
0FB6C0
| MOVZX EAX, AL; EAX
=
0
013BD20A
| .
030C85
4841E6
> | ADD ECX, DWORD PTR DS : [EAX
*
4
+
0x2E64148
] ; ECX
=
ECX
+
(EAX
*
4
+
byCode)
013BD211
| .
8BC1
| MOV EAX, ECX; EAX
=
ECX
013BD213
| .
894D
FC | MOV[LOCAL_AL.
1
], ECX; LOCAL_al.
1
=
ECX
013BD216
| >
8345
F4
13
| ADD[LOCAL_AL.
3
],
0x13
; LOCAL_al.
3
=
LOCAL_al.
3
+
0x13
=
0x13
*
/
}
LOCAL_3
+
=
0x13
;
LOCAL_2
+
=
0x9
;
EBX
+
=
0xD
;
LOCAL_4
+
=
0x7
;
}
}
return
EAX;
}
int
main() {
/
/
首先获取一下用户名
srand(time(NULL));
BYTE byCode[
10
]
=
{
0x12
,
0x34
,
0x56
,
0x9C
,
0x12
,
0x34
,
0x56
,
0x78
,
0x12
,
0x34
};
/
/
用户名计算
int
dwKey
=
0x3E8
;
char chUsername[
50
]
=
{
0
};
printf(
"请输入用户名: "
);
scanf_s(
"%s"
, chUsername,
50
);
DWORD dwUNKey
=
UNEncode(chUsername,
1
,
0
, dwKey);
/
/
序列号的
4
、
5
、
6
、
7
位分别对应计算结果的
4
个字节
byCode[
4
]
=
dwUNKey &
0xFF
;
byCode[
5
]
=
dwUNKey >>
8
&
0xFF
;
byCode[
6
]
=
dwUNKey >>
16
&
0xFF
;
byCode[
7
]
=
dwUNKey >>
24
&
0xFF
;
/
/
还原一下我们输进去的序列号 这里我们进入的分支是k[
3
]
=
=
0x9C
while
(true) {
/
/
随机生成两个
1
字节的数
BYTE tempCode0
=
rand()
%
0xFF
;
BYTE tempCode6
=
byCode[
6
];
/
/
最先开始处理的数据 AL
=
(k[
0
] ^ k[
6
] ^
0x18
+
0x3D
) ^
0xA7
/
/
我们也构造一个变量出来让它对应上数组下标为
0
和
6
的元素关系
BYTE AL
=
(tempCode0 ^ tempCode0 ^
0x18
+
0x3D
) ^
0xA7
;
if
(AL >
=
9
) {
byCode[
0
]
=
tempCode0;
byCode[
6
]
=
tempCode6;
break
;
}
}
/
/
ESI
=
(
0x100
*
(k[
1
] ^ k[
7
] &
0xFF
)
+
((k[
5
] ^ k[
2
]) &
0xFF
)) &
0xFFFF
/
/
EAX
=
((ESI) ^
0x7892
+
0x4D30
) ^
0x3421
&
0xFFFF
/
0xB
/
/
判断余数是否为
0
,为
0
返回商,否则返回
0
/
/
这里余数要为
0
/
/
商还要小于
0x3E8
while
(true) {
BYTE tempCode1
=
rand()
%
0xFF
;
BYTE tempCode2
=
rand()
%
0xFF
;
BYTE tempCode5
=
byCode[
5
];
BYTE tempCode7
=
byCode[
7
];
DWORD ESI
=
(
0x100
*
(tempCode1 ^ tempCode7 &
0xFF
)
+
tempCode5 ^ tempCode2 &
0xFF
) &
0xFFFF
;
DWORD EAX
=
(((ESI ^
0x7892
)
+
0x4D30
) ^
0x3421
) &
0xFFFF
;
if
(EAX
%
0xB
=
=
0
&& EAX
/
0xB
=
=
dwKey) {
byCode[
1
]
=
tempCode1;
byCode[
2
]
=
tempCode2;
byCode[
5
]
=
tempCode5;
byCode[
7
]
=
tempCode7;
break
;
}
}
printf((
"序列号为: %2X%2X-%2X%2X-%2X%2X-%2X%2X-%2X%2X"
), byCode[
0
], byCode[
1
], byCode[
2
], byCode[
3
], byCode[
4
], byCode[
5
], byCode[
6
], byCode[
7
], byCode[
8
], byCode[
9
]);
}