-
-
Source Insight4 破解
-
发表于: 2023-4-7 10:43
-
文件下载:链接:https://pan.baidu.com/s/1xSZBiSF7R465iB3r2x0Tow 提取码:sujd
使用方法:安装 Source Insight4 后,将 exe 文件放到 Source Insight4 的安装目录。将 si.lic 放到 C:\ProgramData\Source Insight\4.0 目录下。
版本:Source Insight 4.00.0126
修改 PE,关闭随机基址。
对获取文件框文本的 API 下断点,输入序列号,断点命中在 GetWindowsTextW() 函数。
序列号格式检验的函数
序列号长度:19
序列号格式:XXXX-XXXX-XXXX-XXXX
Serial[0] = 'S'
Serial[1] = [0-9] => ArgcList_604 = szSerial[1] - '0' = 4
Serial[2] = [T B S U] => ArgcList_60C = [1 3 0 0] = 1
Serial[3] = G => *ArgcList_608 = 1
Serial[6] = [R G D F]
根据规则乱造一个序列号:S4SG-ARCD-EFGH-XXXX,后四位可有 sub_514370() 函数生成。
生成后四位的算法
根据算法写注册机
生成的后四位为:”36V6”,最后序列号为:“S4SG-ARCD-EFGH-36V6”。
输入序列号后,填写信息,然后会出现提示信息 "Now activating your license... Please wait...",打开 Fiddler 抓包,发现有发请求,但是返回的数据包里面没有可用信息。这时可以对 HttpSendRequestW() 函数下断点。
网络验证关键代码
发送请求后,会通过 HttpQueryInfoW() 获取返回的信息。获取的值等于 0xC8,则表示网页验证通过。这里我们直接修改二进制,让 HttpQueryInfoW() 函数的 result 参数被赋值为 0xC8。
生成请求数据包的函数
网页验证通过后,会修改注册表和 C:\ProgramData\Source Insight\4.0\si.lic 文件。
如果是正版的序列号,返回的 HTTP 数据包会有数据,给我们回写到注册表和 C:\ProgramData\Source Insight\4.0\si.lic 的文件中。但是这里我们没有数据,所以这里我们修改二进制将 return 0x1D0 改为 return 0xC8。
将 C:\ProgramData\Source Insight\4.0\si.lic 的内容进行 XML 格式化,并对文件中各个字段的数据进行检查。
si.lic 文件中 ActId 字段的值为 Deferred,无法通过 call sourceinsight4.403570 的 ActId 的检验。进入到 sourceinsight4.403570 函数内部后,sub_403240() 会返回一张存有很多 ActId 的表,那 ActId 表的第一项和 si.lic 文件中 ActId 字段的值进行比较。这里我们直接将软件内的 ActId 拷贝到 si.lic 文件中。
比较 ActId 字段的值的代码
修改 si.lic 中的 ActId 字段。
读取 si.lic 文件的内容,去除掉空白字符,通过 call sourceinsight4.403210 生成校验码1,然后再使用去除掉空白字符的文件内容和 “Value” 字段的值通过 call sourceinsight4.402F00 函数生成校验码2,对比两个校验码。相同则验证通过,否则验证失败。
这里我们将验证码比较部分,去除掉验证码不相同的判断。
改为
硬件设备的检验的关键代码
call sourceinsight4.516EE0 会根据软件信息、token、硬件信息等生成一个序列,然后将这个序列会和一个 "44D35B3608E5C603D775C76216F555E000D04B6718E33E93F35887A8A360D2F468E313DC7B3E047E08F10A51B75561B5L55576B63BF2D7750F09557AF661F14849F94F2652A903A10E9074E61EA4FE7E83A6F5090AD61F3F365D1C67DA22A478FA17" 的序列做比较。相同,则验证通过。
这里我们将函数的返回 eax 改为 1,表示验证通过。
破解成功
BOOL __cdecl sub_514BA0(char *szSerial, void *ArgcList_608, void *ArgcList_60C, void *ArgcList_604, int n_1)
{ char v5; // al
char v6; // al
char v7; // al
char v8; // al
int v10; // [esp+4h] [ebp-18h] BYREF
char Destination[20]; // [esp+8h] [ebp-14h] BYREF
_strupr(szSerial);
if ( strlen(szSerial) != 19 )
return 0;
if ( szSerial[4] != '-' )
return 0;
if ( szSerial[9] != '-' )
return 0;
if ( szSerial[14] != '-' )
return 0;
if ( *szSerial != 'S' )
return 0;
if ( n_1 )
{
v5 = szSerial[6];
if ( v5 != 'R' && v5 != 'G' && v5 != 'D' && v5 != 'F' )
return 0;
}
v6 = szSerial[1];
if ( v6 < '0' || v6 > '9' )
return 0;
*ArgcList_604 = v6 - '0'; // *ArgcList_604 = szSerial[1] - '0';
v7 = szSerial[2];
switch ( v7 ) // *ArgcList_604 = [1 3 0 0]
{
case 'T':
*ArgcList_60C = 1;
break;
case 'B':
*ArgcList_60C = 3;
break;
case 'S':
*ArgcList_60C = 0;
break;
case 'U':
*ArgcList_60C = 0;
break;
default:
return 0;
}
v8 = szSerial[3];
if ( v8 == 'G' )
{
*ArgcList_608 = 1;
}
else
{
if ( v8 != 'R' )
return 0;
*ArgcList_608 = 0;
}
if ( !n_1 )
return 1;
strcpy(Destination, szSerial);
Destination[15] = 0;
sub_514370(Destination, 15, &unk_604F70, &v10);// 根据序列号的前 15 位生成后四位
return *(szSerial + 15) == v10; // 判断生成的后四位和序列号中的后四位是否相等。
}BOOL __cdecl sub_514BA0(char *szSerial, void *ArgcList_608, void *ArgcList_60C, void *ArgcList_604, int n_1)
{ char v5; // al
char v6; // al
char v7; // al
char v8; // al
int v10; // [esp+4h] [ebp-18h] BYREF
char Destination[20]; // [esp+8h] [ebp-14h] BYREF
_strupr(szSerial);
if ( strlen(szSerial) != 19 )
return 0;
if ( szSerial[4] != '-' )
return 0;
if ( szSerial[9] != '-' )
return 0;
if ( szSerial[14] != '-' )
return 0;
if ( *szSerial != 'S' )
return 0;
if ( n_1 )
{
v5 = szSerial[6];
if ( v5 != 'R' && v5 != 'G' && v5 != 'D' && v5 != 'F' )
return 0;
}
v6 = szSerial[1];
if ( v6 < '0' || v6 > '9' )
return 0;
*ArgcList_604 = v6 - '0'; // *ArgcList_604 = szSerial[1] - '0';
v7 = szSerial[2];
switch ( v7 ) // *ArgcList_604 = [1 3 0 0]
{
case 'T':
*ArgcList_60C = 1;
break;
case 'B':
*ArgcList_60C = 3;
break;
case 'S':
*ArgcList_60C = 0;
break;
case 'U':
*ArgcList_60C = 0;
break;
default:
return 0;
}
v8 = szSerial[3];
if ( v8 == 'G' )
{
*ArgcList_608 = 1;
}
else
{
if ( v8 != 'R' )
return 0;
*ArgcList_608 = 0;
}
if ( !n_1 )
return 1;
strcpy(Destination, szSerial);
Destination[15] = 0;
sub_514370(Destination, 15, &unk_604F70, &v10);// 根据序列号的前 15 位生成后四位
return *(szSerial + 15) == v10; // 判断生成的后四位和序列号中的后四位是否相等。
}int __cdecl sub_514370(_BYTE *szSerial, unsigned int nSerialLength, char *pTable, int nResult)
{ unsigned int i; // esi
unsigned __int8 v5; // cl
unsigned int j; // eax
int result; // eax
for ( i = 0; i < 4; *(i + nResult - 1) = byte_604E50[v5 % 26] )
{
v5 = pTable[(i + *szSerial)];
for ( j = 1; j < nSerialLength; ++j )
v5 = pTable[v5 ^ szSerial[j]];
result = nResult;
++i;
}
return result;
}int __cdecl sub_514370(_BYTE *szSerial, unsigned int nSerialLength, char *pTable, int nResult)
{ unsigned int i; // esi
unsigned __int8 v5; // cl
unsigned int j; // eax
int result; // eax
for ( i = 0; i < 4; *(i + nResult - 1) = byte_604E50[v5 % 26] )
{
v5 = pTable[(i + *szSerial)];
for ( j = 1; j < nSerialLength; ++j )
v5 = pTable[v5 ^ szSerial[j]];
result = nResult;
++i;
}
return result;
}unsigned char g_szAlphabetTable[] =
{ 0x4B, 0x56, 0x39, 0x36, 0x47, 0x4D, 0x4A, 0x59, 0x48, 0x37,
0x51, 0x46, 0x35, 0x54, 0x43, 0x57, 0x34, 0x55, 0x33, 0x58,
0x5A, 0x50, 0x52, 0x53, 0x44, 0x4E, 0x00
};int __cdecl sub_514370(char* szSerial, unsigned int nSerialLength, char* pTable, char* pLastFourCharacters)
{ unsigned int i; // esi
unsigned __int8 v5; // cl
unsigned int j; // eax
int result; // eax
for (i = 0; i < 4; *(i + pLastFourCharacters - 1) = g_szAlphabetTable[v5 % 26])
{
v5 = pTable[(i + *szSerial)];
for (j = 1; j < nSerialLength; ++j)
v5 = pTable[v5 ^ szSerial[j]];
result = pLastFourCharacters;
++i;
}
return result;
}int main(int argc, char* argv[])
{ // "S4SG-XRXX-XXXX-XXXX"
char szSerial[20] = { 'S', '4', 'S', 'G', '-', 'A', 'R', 'C', 'D', '-', 'E', 'F', 'G', 'H', '-', 'X', 'X', 'X', 'X' , 0 };
char aryLastFourCharacters[4] = {0};
sub_514370(szSerial, 15, g_aryTable, &aryLastFourCharacters);
*(PULONG)(szSerial + 15) = *(PLONG)aryLastFourCharacters;
printf("Serial: %s", szSerial);
}unsigned char g_szAlphabetTable[] =
{ 0x4B, 0x56, 0x39, 0x36, 0x47, 0x4D, 0x4A, 0x59, 0x48, 0x37,
0x51, 0x46, 0x35, 0x54, 0x43, 0x57, 0x34, 0x55, 0x33, 0x58,
0x5A, 0x50, 0x52, 0x53, 0x44, 0x4E, 0x00
};int __cdecl sub_514370(char* szSerial, unsigned int nSerialLength, char* pTable, char* pLastFourCharacters)
{ unsigned int i; // esi
unsigned __int8 v5; // cl
unsigned int j; // eax
int result; // eax
for (i = 0; i < 4; *(i + pLastFourCharacters - 1) = g_szAlphabetTable[v5 % 26])
{
v5 = pTable[(i + *szSerial)];
for (j = 1; j < nSerialLength; ++j)
v5 = pTable[v5 ^ szSerial[j]];
result = pLastFourCharacters;
++i;
}
return result;
}int main(int argc, char* argv[])
{ // "S4SG-XRXX-XXXX-XXXX"
char szSerial[20] = { 'S', '4', 'S', 'G', '-', 'A', 'R', 'C', 'D', '-', 'E', 'F', 'G', 'H', '-', 'X', 'X', 'X', 'X' , 0 };
char aryLastFourCharacters[4] = {0};
sub_514370(szSerial, 15, g_aryTable, &aryLastFourCharacters);
*(PULONG)(szSerial + 15) = *(PLONG)aryLastFourCharacters;
printf("Serial: %s", szSerial);
}int __usercall sub_425860@<eax>(
char *Str,
int a3,
const CHAR *lpMultiByteStr,
char *lpOptional,
_BYTE *lpBuffer,
int a7)
{ int v6; // ebp MAPDST
DWORD v7; // edi
DWORD v8; // ebx
INTERNET_PORT v9; // si
void *v10; // eax
void *v12; // eax
void *v13; // ebp
void *v14; // eax
void *v15; // esi
int LastError; // eax
int v18; // [esp+0h] [ebp-11Ch]
int result; // [esp+Ch] [ebp-110h] BYREF
DWORD dwNumberOfBytesRead; // [esp+10h] [ebp-10Ch] BYREF
DWORD dwBufferLength; // [esp+14h] [ebp-108h] BYREF
HINTERNET hInternet; // [esp+18h] [ebp-104h]
char v23[256]; // [esp+1Ch] [ebp-100h] BYREF
v7 = strlen(lpOptional);
result = 0x3E8;
dwBufferLength = 4;
v8 = 67420928;
if ( a3 )
{
v8 = 75817728;
v9 = 443;
}
else
{
v9 = 80;
}
v10 = sub_455BE0("Source Insight", 0, 0, 0, 0);
hInternet = v10;
if ( v10 )
{
v12 = sub_455D90(v10, Str, v9, 0, 0, 3u, 0, 0);
v13 = v12;
if ( v12 )
{
v14 = sub_455F60(v12, "POST", lpMultiByteStr, 0, 0, 0, v8, 0);
v15 = v14;
if ( v14 )
{
sub_456190(v14, "Content-Type: application/x-www-form-urlencoded", 0xFFFFFFFF, 0x20000000u);
sub_456190(v15, "Accept: text/plain", 0xFFFFFFFF, 0x20000000u);
sprintf(v23, "Content-length: %d\n", v7);
sub_456190(v15, v23, 0xFFFFFFFF, 0x20000000u);
if ( HttpSendRequestW(v15, 0, 0, lpOptional, v7) )
{
HttpQueryInfoW(v15, 0x20000013u, &result, &dwBufferLength, 0);
if ( result == 0xC8 ) // 网络验证通过的分支。
{
if ( InternetReadFile(v15, lpBuffer, a7 - 1, &dwNumberOfBytesRead) )
{
lpBuffer[dwNumberOfBytesRead] = 0;
result = 0xC8;
}
else
{
lpBuffer[dwNumberOfBytesRead] = 0;
sub_413440(0, 0, "InternetReadFile Error", v6);
result = 1007;
}
}
}
else
{
LastError = GetLastError();
result = (LastError == 12045) + 1004;
sub_413440(0, 0, "HttpSendRequest Error %d", LastError);
}
InternetCloseHandle(v15);
}
else
{
sub_413440(0, 0, "HttpOpenRequest failed.", v6);
result = 1006;
}
InternetCloseHandle(v13);
}
else
{
sub_413440(0, 0, "InternetConnect failed.", v6);
result = 0x3EA;
}
InternetCloseHandle(hInternet);
return result;
}
else
{
sub_413440(0, 0, "InternetOpen failed.", v18);
return 0x3E9;
}
}int __usercall sub_425860@<eax>(
char *Str,
int a3,
const CHAR *lpMultiByteStr,
char *lpOptional,
_BYTE *lpBuffer,
int a7)
{ int v6; // ebp MAPDST
DWORD v7; // edi
DWORD v8; // ebx
INTERNET_PORT v9; // si
void *v10; // eax
void *v12; // eax
void *v13; // ebp
void *v14; // eax
void *v15; // esi
int LastError; // eax
int v18; // [esp+0h] [ebp-11Ch]
int result; // [esp+Ch] [ebp-110h] BYREF
DWORD dwNumberOfBytesRead; // [esp+10h] [ebp-10Ch] BYREF
DWORD dwBufferLength; // [esp+14h] [ebp-108h] BYREF
HINTERNET hInternet; // [esp+18h] [ebp-104h]
char v23[256]; // [esp+1Ch] [ebp-100h] BYREF
v7 = strlen(lpOptional);
result = 0x3E8;
dwBufferLength = 4;
v8 = 67420928;
if ( a3 )
{
v8 = 75817728;
v9 = 443;
}
else
{
v9 = 80;
}
v10 = sub_455BE0("Source Insight", 0, 0, 0, 0);
hInternet = v10;
if ( v10 )
{
v12 = sub_455D90(v10, Str, v9, 0, 0, 3u, 0, 0);
v13 = v12;
if ( v12 )
{
v14 = sub_455F60(v12, "POST", lpMultiByteStr, 0, 0, 0, v8, 0);
v15 = v14;
if ( v14 )
{
sub_456190(v14, "Content-Type: application/x-www-form-urlencoded", 0xFFFFFFFF, 0x20000000u);
sub_456190(v15, "Accept: text/plain", 0xFFFFFFFF, 0x20000000u);
sprintf(v23, "Content-length: %d\n", v7);
sub_456190(v15, v23, 0xFFFFFFFF, 0x20000000u);
if ( HttpSendRequestW(v15, 0, 0, lpOptional, v7) )
{
HttpQueryInfoW(v15, 0x20000013u, &result, &dwBufferLength, 0);
if ( result == 0xC8 ) // 网络验证通过的分支。
{
if ( InternetReadFile(v15, lpBuffer, a7 - 1, &dwNumberOfBytesRead) )
{
lpBuffer[dwNumberOfBytesRead] = 0;
result = 0xC8;
}
else
{
lpBuffer[dwNumberOfBytesRead] = 0;
sub_413440(0, 0, "InternetReadFile Error", v6);
result = 1007;
}
}
}
else
{
LastError = GetLastError();
result = (LastError == 12045) + 1004;
sub_413440(0, 0, "HttpSendRequest Error %d", LastError);
}
InternetCloseHandle(v15);
}
else
{
sub_413440(0, 0, "HttpOpenRequest failed.", v6);
result = 1006;
}
InternetCloseHandle(v13);
}
else
{
sub_413440(0, 0, "InternetConnect failed.", v6);
result = 0x3EA;
}
InternetCloseHandle(hInternet);
return result;
}
else
{
sub_413440(0, 0, "InternetOpen failed.", v18);
return 0x3E9;
}
}00425A0D | BB C8000000 | mov ebx,C8 |
00425A12 | 895C24 10 | mov dword ptr ss:[esp+10],ebx | 将 [esp+10] 改为 C8
00425A0D | BB C8000000 | mov ebx,C8 |
00425A12 | 895C24 10 | mov dword ptr ss:[esp+10],ebx | 将 [esp+10] 改为 C8
int __thiscall sub_515290(_DWORD *this, char *pBuffer, int n_1FA0)
{ BOOL v4; // ebp
char *pPackage; // eax
char *pPackage2; // esi
int result; // eax
int dwNumberOfProcessors; // eax
int v9; // eax
int v10; // edi
char v11[12]; // [esp+Ch] [ebp-20Ch] BYREF
char Buffer[256]; // [esp+18h] [ebp-200h] BYREF
char v13[256]; // [esp+118h] [ebp-100h] BYREF
int v14; // [esp+224h] [ebp+Ch]
v4 = this[387] == 1;
pPackage = sub_425300(0x2000u, 0);
pPackage2 = pPackage;
if ( !pPackage )
return 492;
*pPackage = 0;
sub_425E70("serial", this + 4, pPackage, 0x2000);
sub_425F00("product_version_major", HIBYTE(dword_659510), pPackage2, 0x2000);
sub_425F00("product_version_minor", BYTE2(dword_659510), pPackage2, 0x2000);
sub_425F00("product_version_build", dword_659510, pPackage2, 0x2000);
sub_425E70("user_name", this + 260, pPackage2, 0x2000);
sub_425E70("user_org", this + 516, pPackage2, 0x2000);
sub_425E70("user_email", this + 772, pPackage2, 0x2000);
sub_425E70("prevserial", this + 1028, pPackage2, 0x2000);
sub_425E70("upgradeserial", this + 1284, pPackage2, 0x2000);
if ( v14 )
{
dwNumberOfProcessors = 12;
}
else
{
dwNumberOfProcessors = SystemInfo.dwNumberOfProcessors;
if ( SystemInfo.dwNumberOfProcessors == 12 )
dwNumberOfProcessors = 8;
}
sub_425F00("cpu_count", dwNumberOfProcessors, pPackage2, 0x2000);
if ( *this == 3 )
sub_425E70("localactivation", "true", pPackage2, 0x2000);
else
sub_425E70("localactivation", "false", pPackage2, 0x2000);
sub_425E70("usersid", this + 2412, pPackage2, 0x2000);
sub_425E70("volumeid", this + 2156, pPackage2, 0x2000);
sub_425E70("compname", this + 2668, pPackage2, 0x2000);
_itoa_s(this[731], Buffer, 0xFFu, 10);
sub_425E70("os_version_major", Buffer, pPackage2, 0x2000);
_itoa_s(this[732], Buffer, 0xFFu, 10);
sub_425E70("os_version_minor", Buffer, pPackage2, 0x2000);
_itoa_s(this[733], Buffer, 0xFFu, 10);
sub_425E70("os_version_build", Buffer, pPackage2, 0x2000);
if ( this[734] )
sub_425E70("os_server", "true", pPackage2, 0x2000);
else
sub_425E70("os_server", "false", pPackage2, 0x2000);
sub_425E70("app_type", "release", pPackage2, 0x2000);
sub_514880(v11);
sub_425E70("requestid", v11, pPackage2, 0x2000);
sub_5143E0(v11, v13);
sub_425E70("local_time", v13, pPackage2, 0x2000);
if ( !v4 || *(this + 4) )
v9 = (sub_425860)(this[535], 1, this[0x218], pPackage2, pBuffer, n_1FA0);// 发送数据包 /request_activation/
else
v9 = (sub_425860)(this[535], 1, this[0x219], pPackage2, pBuffer, n_1FA0);// 发送数据包 /create_trial_license/
v10 = v9;
sub_412C90(); // 清理数据
sub_424E30(pPackage2); // 释放缓冲区
result = v10;
switch ( v10 )
{
case 0x3E9:
result = 465;
break;
case 0x3EA:
result = 466;
break;
case 0x3EB:
case 0x3EE:
result = 467;
break;
case 0x3EC:
result = 480;
break;
case 0x3ED:
result = 496;
break;
case 0x3EF:
result = 484;
break;
default:
return result;
}
return result;
}int __thiscall sub_515290(_DWORD *this, char *pBuffer, int n_1FA0)
{ BOOL v4; // ebp
char *pPackage; // eax
char *pPackage2; // esi
int result; // eax
int dwNumberOfProcessors; // eax
int v9; // eax
int v10; // edi
char v11[12]; // [esp+Ch] [ebp-20Ch] BYREF
char Buffer[256]; // [esp+18h] [ebp-200h] BYREF
char v13[256]; // [esp+118h] [ebp-100h] BYREF
int v14; // [esp+224h] [ebp+Ch]
v4 = this[387] == 1;
pPackage = sub_425300(0x2000u, 0);
pPackage2 = pPackage;
if ( !pPackage )
return 492;
*pPackage = 0;
sub_425E70("serial", this + 4, pPackage, 0x2000);
sub_425F00("product_version_major", HIBYTE(dword_659510), pPackage2, 0x2000);
sub_425F00("product_version_minor", BYTE2(dword_659510), pPackage2, 0x2000);
sub_425F00("product_version_build", dword_659510, pPackage2, 0x2000);
sub_425E70("user_name", this + 260, pPackage2, 0x2000);
sub_425E70("user_org", this + 516, pPackage2, 0x2000);
sub_425E70("user_email", this + 772, pPackage2, 0x2000);
sub_425E70("prevserial", this + 1028, pPackage2, 0x2000);
sub_425E70("upgradeserial", this + 1284, pPackage2, 0x2000);
if ( v14 )
{
dwNumberOfProcessors = 12;
}
else
{
dwNumberOfProcessors = SystemInfo.dwNumberOfProcessors;
if ( SystemInfo.dwNumberOfProcessors == 12 )
dwNumberOfProcessors = 8;
}
sub_425F00("cpu_count", dwNumberOfProcessors, pPackage2, 0x2000);
if ( *this == 3 )
sub_425E70("localactivation", "true", pPackage2, 0x2000);
else
sub_425E70("localactivation", "false", pPackage2, 0x2000);
sub_425E70("usersid", this + 2412, pPackage2, 0x2000);
sub_425E70("volumeid", this + 2156, pPackage2, 0x2000);
sub_425E70("compname", this + 2668, pPackage2, 0x2000);
_itoa_s(this[731], Buffer, 0xFFu, 10);
sub_425E70("os_version_major", Buffer, pPackage2, 0x2000);
_itoa_s(this[732], Buffer, 0xFFu, 10);
sub_425E70("os_version_minor", Buffer, pPackage2, 0x2000);
_itoa_s(this[733], Buffer, 0xFFu, 10);
sub_425E70("os_version_build", Buffer, pPackage2, 0x2000);
if ( this[734] )
sub_425E70("os_server", "true", pPackage2, 0x2000);
else
sub_425E70("os_server", "false", pPackage2, 0x2000);
sub_425E70("app_type", "release", pPackage2, 0x2000);
sub_514880(v11);
sub_425E70("requestid", v11, pPackage2, 0x2000);
sub_5143E0(v11, v13);
sub_425E70("local_time", v13, pPackage2, 0x2000);
if ( !v4 || *(this + 4) )
v9 = (sub_425860)(this[535], 1, this[0x218], pPackage2, pBuffer, n_1FA0);// 发送数据包 /request_activation/
else
v9 = (sub_425860)(this[535], 1, this[0x219], pPackage2, pBuffer, n_1FA0);// 发送数据包 /create_trial_license/
v10 = v9;
sub_412C90(); // 清理数据
sub_424E30(pPackage2); // 释放缓冲区
result = v10;
switch ( v10 )
{
case 0x3E9:
result = 465;
break;
case 0x3EA:
result = 466;
break;
case 0x3EB:
case 0x3EE:
result = 467;
break;
case 0x3EC:
result = 480;
break;
case 0x3ED:
result = 496;
break;
case 0x3EF:
result = 484;
break;
default:
return result;
}
return result;
}int __thiscall sub_5171D0(const CHAR *this, int a2)
{ int result; // eax
int v4; // [esp+4h] [ebp-3FA4h] BYREF
int v5[2024]; // [esp+8h] [ebp-3FA0h] BYREF
char Str[8192]; // [esp+1FA8h] [ebp-2000h] BYREF
memset(Str, 0, sizeof(Str));
result = sub_515290(this, v5, 0x1FA0); // 网络验证
if ( result == 0xC8 )
{
if ( a2 )
{
if ( sub_514610(this + 0x75C, &v4, 0x1FA0) == 0xC8 )
sub_516FF0(this, &v4);
return 0xC8;
}
else
{ // 网页验证完后,会进入这个分支。
sub_412990(); // 生成注册信息写到 FileHandle 为 3 的文件中。
if ( sub_425C80(&v4, &v5[2023], 0x2000u) && strlen(&v5[2023]) >= 8 )// v5 是服务器返回的东西。这里我们的 v5 是空的。
{
sub_516FF0(this, &Str[4]); // 写注册表
return sub_5148C0(this + 0x75C, &Str[4]);// 写 si.lic 文件
}
else
{
return 0x1D0; // 修改返回值为 C8
}
}
}
return result;
}int __thiscall sub_5171D0(const CHAR *this, int a2)
{ int result; // eax
int v4; // [esp+4h] [ebp-3FA4h] BYREF
int v5[2024]; // [esp+8h] [ebp-3FA0h] BYREF
char Str[8192]; // [esp+1FA8h] [ebp-2000h] BYREF
memset(Str, 0, sizeof(Str));
result = sub_515290(this, v5, 0x1FA0); // 网络验证
if ( result == 0xC8 )
{
if ( a2 )
{
if ( sub_514610(this + 0x75C, &v4, 0x1FA0) == 0xC8 )
sub_516FF0(this, &v4);
return 0xC8;
}
else
{ // 网页验证完后,会进入这个分支。
sub_412990(); // 生成注册信息写到 FileHandle 为 3 的文件中。
if ( sub_425C80(&v4, &v5[2023], 0x2000u) && strlen(&v5[2023]) >= 8 )// v5 是服务器返回的东西。这里我们的 v5 是空的。
{
sub_516FF0(this, &Str[4]); // 写注册表
return sub_5148C0(this + 0x75C, &Str[4]);// 写 si.lic 文件
}
else
{
return 0x1D0; // 修改返回值为 C8
}
}
}
return result;
}00517282 | B8 C8000000 | mov eax,C8 |
00517282 | B8 C8000000 | mov eax,C8 |
005167D0 | 64:A1 00000000 | mov eax,dword ptr fs:[0] | eax:&"ActId"
005167D6 | 6A FF | push FFFFFFFF |
005167D8 | 68 FB365D00 | push sourceinsight4.5D36FB |
005167DD | 50 | push eax | eax:&"ActId"
005167DE | 64:8925 00000000 | mov dword ptr fs:[0],esp |
005167E5 | 81EC 10040000 | sub esp,410 |
005167EB | 53 | push ebx |
005167EC | 56 | push esi |
005167ED | 33DB | xor ebx,ebx |
005167EF | 57 | push edi |
005167F0 | 8BF1 | mov esi,ecx |
005167F2 | 33C0 | xor eax,eax | eax:&"ActId"
005167F4 | 895C84 1C | mov dword ptr ss:[esp+eax*4+1C],ebx |
005167F8 | 899C84 1C020000 | mov dword ptr ss:[esp+eax*4+21C],ebx |
005167FF | 40 | inc eax | eax:&"ActId"
00516800 | 3D 80000000 | cmp eax,80 | eax:&"ActId"
00516805 | 72 ED | jb sourceinsight4.5167F4 |
00516807 | 899C24 24040000 | mov dword ptr ss:[esp+424],ebx |
0051680E | 8D4424 1C | lea eax,dword ptr ss:[esp+1C] |
00516812 | 50 | push eax | eax:&"ActId"
00516813 | 8D8E 5C070000 | lea ecx,dword ptr ds:[esi+75C] | esi+75C:"C:\\ProgramData\\Source Insight\\4.0\\si4.lic"
00516819 | 51 | push ecx |
0051681A | E8 71E9FFFF | call sourceinsight4.515190 | 解释文件中数据,并保存。
0051681F | 83C4 08 | add esp,8 |
00516822 | 8D5424 0C | lea edx,dword ptr ss:[esp+C] |
00516826 | 52 | push edx |
00516827 | 68 CCD05E00 | push sourceinsight4.5ED0CC | 5ED0CC:"Type"
0051682C | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
00516830 | 899E 0C060000 | mov dword ptr ds:[esi+60C],ebx |
00516836 | E8 85DDFFFF | call sourceinsight4.5145C0 | 取出 Type 字段的值
0051683B | 85C0 | test eax,eax | eax:&"ActId"
0051683D | 74 58 | je sourceinsight4.516897 |
0051683F | 8B7C24 0C | mov edi,dword ptr ss:[esp+C] |
00516843 | 68 DCA25F00 | push sourceinsight4.5FA2DC | 5FA2DC:"Trial"
00516848 | 57 | push edi |
00516849 | E8 DCA50B00 | call sourceinsight4.5D0E2A | stricmp(["Type"], "Trial")
0051684E | 83C4 08 | add esp,8 |
00516851 | 85C0 | test eax,eax | eax:&"ActId"
00516853 | 75 0C | jne sourceinsight4.516861 |
00516855 | C786 0C060000 01000000 | mov dword ptr ds:[esi+60C],1 |
0051685F | EB 36 | jmp sourceinsight4.516897 |
00516861 | 68 8C616000 | push sourceinsight4.60618C | 60618C:"Beta"
00516866 | 57 | push edi |
00516867 | E8 BEA50B00 | call sourceinsight4.5D0E2A |
0051686C | 83C4 08 | add esp,8 |
0051686F | 85C0 | test eax,eax | eax:&"ActId"
00516871 | 75 0C | jne sourceinsight4.51687F |
00516873 | C786 0C060000 03000000 | mov dword ptr ds:[esi+60C],3 |
0051687D | EB 18 | jmp sourceinsight4.516897 |
0051687F | 68 80616000 | push sourceinsight4.606180 | 606180:"Standard"
00516884 | 57 | push edi |
00516885 | E8 A0A50B00 | call sourceinsight4.5D0E2A |
0051688A | 83C4 08 | add esp,8 |
0051688D | 85C0 | test eax,eax | eax:&"ActId"
0051688F | 75 06 | jne sourceinsight4.516897 |
00516891 | 899E 0C060000 | mov dword ptr ds:[esi+60C],ebx |
00516897 | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
0051689B | 50 | push eax | eax:&"ActId"
0051689C | 68 D0656000 | push sourceinsight4.6065D0 | 6065D0:"LicensedUser"
005168A1 | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
005168A5 | E8 16DDFFFF | call sourceinsight4.5145C0 | 取出 ["LicensedUser"] 的值
005168AA | 85C0 | test eax,eax | eax:&"ActId"
005168AC | 0F84 36030000 | je sourceinsight4.516BE8 |
005168B2 | 8B4C24 0C | mov ecx,dword ptr ss:[esp+C] |
005168B6 | 51 | push ecx |
005168B7 | 8D96 04010000 | lea edx,dword ptr ds:[esi+104] |
005168BD | 52 | push edx |
005168BE | E8 BD4E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["LicensedUser"])
005168C3 | 83C4 08 | add esp,8 |
005168C6 | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
005168CA | 50 | push eax | eax:&"ActId"
005168CB | 68 C0656000 | push sourceinsight4.6065C0 | 6065C0:"Organization"
005168D0 | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
005168D4 | E8 E7DCFFFF | call sourceinsight4.5145C0 | 取出 ["Organization"] 的值
005168D9 | 85C0 | test eax,eax | eax:&"ActId"
005168DB | 74 14 | je sourceinsight4.5168F1 |
005168DD | 8B4C24 0C | mov ecx,dword ptr ss:[esp+C] |
005168E1 | 51 | push ecx |
005168E2 | 8D96 04020000 | lea edx,dword ptr ds:[esi+204] |
005168E8 | 52 | push edx |
005168E9 | E8 924E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["Organization"])
005168EE | 83C4 08 | add esp,8 |
005168F1 | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
005168F5 | 50 | push eax | eax:&"ActId"
005168F6 | 68 B8656000 | push sourceinsight4.6065B8 | 6065B8:"Email"
005168FB | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
005168FF | E8 BCDCFFFF | call sourceinsight4.5145C0 | 取出 ["Email"] 的值
00516904 | 85C0 | test eax,eax | eax:&"ActId"
00516906 | 74 14 | je sourceinsight4.51691C |
00516908 | 8B4C24 0C | mov ecx,dword ptr ss:[esp+C] |
0051690C | 51 | push ecx |
0051690D | 8D96 04030000 | lea edx,dword ptr ds:[esi+304] |
00516913 | 52 | push edx |
00516914 | E8 674E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["Email"])
00516919 | 83C4 08 | add esp,8 |
0051691C | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
00516920 | 50 | push eax | eax:&"ActId"
00516921 | 68 B0656000 | push sourceinsight4.6065B0 | 6065B0:"Serial"
00516926 | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
0051692A | E8 91DCFFFF | call sourceinsight4.5145C0 | 取出 ["Serial"] 的值
0051692F | 85C0 | test eax,eax | eax:&"ActId"
00516931 | 0F84 B1020000 | je sourceinsight4.516BE8 |
00516937 | 8B4C24 0C | mov ecx,dword ptr ss:[esp+C] |
0051693B | 55 | push ebp |
0051693C | 51 | push ecx |
0051693D | 8D6E 04 | lea ebp,dword ptr ds:[esi+4] |
00516940 | 55 | push ebp |
00516941 | E8 3A4E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["Serial"])
00516946 | 83C4 08 | add esp,8 |
00516949 | 8D5424 10 | lea edx,dword ptr ss:[esp+10] |
0051694D | 52 | push edx |
0051694E | 68 A8656000 | push sourceinsight4.6065A8 | 6065A8:"ActId"
00516953 | 8D4C24 28 | lea ecx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
00516957 | E8 64DCFFFF | call sourceinsight4.5145C0 | 取出 ["ActId"] 的值
0051695C | 85C0 | test eax,eax | eax:&"ActId"
0051695E | 0F84 66020000 | je sourceinsight4.516BCA |
00516964 | 8B4424 10 | mov eax,dword ptr ss:[esp+10] |
00516968 | 50 | push eax | eax:&"ActId"
00516969 | 8DBE 3A060000 | lea edi,dword ptr ds:[esi+63A] |
0051696F | 57 | push edi |
00516970 | E8 0B4E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["ActId"])
00516975 | 68 7F1B0000 | push 1B7F |
0051697A | 6A 32 | push 32 |
0051697C | 6A 04 | push 4 |
0051697E | 68 701A6500 | push sourceinsight4.651A70 |
00516983 | 57 | push edi |
00516984 | E8 E7CBEEFF | call sourceinsight4.403570 | 检查 ["ActId"] 的值
00516989 | 33C9 | xor ecx,ecx |
0051698B | 3BC3 | cmp eax,ebx | eax:&"ActId"
0051698D | 0F9FC1 | setg cl |
00516990 | 68 9C656000 | push sourceinsight4.60659C | 60659C:"Deferred"
00516995 | 57 | push edi |
00516996 | 8BD9 | mov ebx,ecx |
00516998 | E8 8DA40B00 | call sourceinsight4.5D0E2A | stricmp(["ActId"], "Deferred")
0051699D | 83C4 24 | add esp,24 |
005169A0 | 85C0 | test eax,eax | eax:&"ActId"
005169A2 | 75 38 | jne sourceinsight4.5169DC |
005169A4 | C706 02000000 | mov dword ptr ds:[esi],2 |
005169AA | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
005169B5 | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
005169B9 | E8 22DBFFFF | call sourceinsight4.5144E0 | 释放掉保存的文件数据
005169BE | B8 C8000000 | mov eax,C8 | eax:&"ActId"
005169C3 | 5D | pop ebp |
005169C4 | 5F | pop edi |
005169C5 | 5E | pop esi |
005169C6 | 5B | pop ebx |
005169C7 | 8B8C24 10040000 | mov ecx,dword ptr ss:[esp+410] |
005169CE | 64:890D 00000000 | mov dword ptr fs:[0],ecx |
005169D5 | 81C4 1C040000 | add esp,41C |
005169DB | C3 | ret |
005169DC | 33D2 | xor edx,edx |
005169DE | 85DB | test ebx,ebx |
005169E0 | 0F94C2 | sete dl |
005169E3 | 8D4424 14 | lea eax,dword ptr ss:[esp+14] |
005169E7 | 8D4C24 18 | lea ecx,dword ptr ss:[esp+18] |
005169EB | 52 | push edx |
005169EC | 50 | push eax | eax:&"ActId"
005169ED | 51 | push ecx |
005169EE | 8D5424 28 | lea edx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
005169F2 | 52 | push edx |
005169F3 | 55 | push ebp |
005169F4 | E8 A7E1FFFF | call sourceinsight4.514BA0 | 检查 ["Serial"]
005169F9 | 83C4 14 | add esp,14 |
005169FC | 85C0 | test eax,eax | eax:&"ActId"
005169FE | 74 0C | je sourceinsight4.516A0C |
00516A00 | 8B4424 18 | mov eax,dword ptr ss:[esp+18] |
00516A04 | 3B86 0C060000 | cmp eax,dword ptr ds:[esi+60C] | eax:&"ActId"
00516A0A | 74 1B | je sourceinsight4.516A27 |
00516A0C | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
00516A17 | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
00516A1B | E8 C0DAFFFF | call sourceinsight4.5144E0 |
00516A20 | B8 EF010000 | mov eax,1EF | eax:&"ActId"
00516A25 | EB 9C | jmp sourceinsight4.5169C3 |
00516A27 | 0FB60D 13956500 | movzx ecx,byte ptr ds:[659513] |
00516A2E | 8B7C24 14 | mov edi,dword ptr ss:[esp+14] |
00516A32 | 3BF9 | cmp edi,ecx |
00516A34 | 0F85 BA000000 | jne sourceinsight4.516AF4 |
00516A3A | 55 | push ebp |
00516A3B | B9 40846600 | mov ecx,sourceinsight4.668440 |
00516A40 | E8 CB6FF4FF | call sourceinsight4.45DA10 |
00516A45 | 85C0 | test eax,eax | eax:&"ActId"
00516A47 | 74 1E | je sourceinsight4.516A67 |
00516A49 | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
00516A54 | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
00516A58 | E8 83DAFFFF | call sourceinsight4.5144E0 |
00516A5D | B8 CC010000 | mov eax,1CC | eax:&"ActId"
00516A62 | E9 5CFFFFFF | jmp sourceinsight4.5169C3 |
00516A67 | 85DB | test ebx,ebx |
00516A69 | 75 37 | jne sourceinsight4.516AA2 |
00516A6B | 8D5424 10 | lea edx,dword ptr ss:[esp+10] |
00516A6F | 52 | push edx |
00516A70 | 68 94656000 | push sourceinsight4.606594 | 606594:"HWID"
00516A75 | 8D4C24 28 | lea ecx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
00516A79 | C706 01000000 | mov dword ptr ds:[esi],1 |
00516A7F | E8 3CDBFFFF | call sourceinsight4.5145C0 |
00516A84 | 85C0 | test eax,eax | eax:&"ActId"
00516A86 | 0F84 3E010000 | je sourceinsight4.516BCA |
00516A8C | 8B4424 10 | mov eax,dword ptr ss:[esp+10] |
00516A90 | 50 | push eax | eax:&"ActId"
00516A91 | 8D8E 28060000 | lea ecx,dword ptr ds:[esi+628] |
00516A97 | 51 | push ecx |
00516A98 | E8 E34C0A00 | call sourceinsight4.5BB780 |
00516A9D | 83C4 08 | add esp,8 |
00516AA0 | EB 06 | jmp sourceinsight4.516AA8 |
00516AA2 | C706 03000000 | mov dword ptr ds:[esi],3 |
00516AA8 | 8D5424 10 | lea edx,dword ptr ss:[esp+10] |
00516AAC | 52 | push edx |
00516AAD | 68 10AC5D00 | push sourceinsight4.5DAC10 | 5DAC10:"Version"
00516AB2 | 8D4C24 28 | lea ecx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
00516AB6 | E8 05DBFFFF | call sourceinsight4.5145C0 | 取出 ["Version"] 的值
00516ABB | 85C0 | test eax,eax | eax:&"ActId"
00516ABD | 0F84 07010000 | je sourceinsight4.516BCA |
00516AC3 | 8B4424 10 | mov eax,dword ptr ss:[esp+10] |
00516AC7 | 8A00 | mov al,byte ptr ds:[eax] | eax:&"ActId"
00516AC9 | 3C 30 | cmp al,30 | 30:'0'
00516ACB | 0F8C F9000000 | jl sourceinsight4.516BCA |
00516AD1 | 3C 39 | cmp al,39 | 39:'9'
00516AD3 | 0F8F F1000000 | jg sourceinsight4.516BCA |
00516AD9 | 0FBEC0 | movsx eax,al | eax:&"ActId"
00516ADC | 83C0 D0 | add eax,FFFFFFD0 | eax:&"ActId"
00516ADF | 8986 04060000 | mov dword ptr ds:[esi+604],eax | eax:&"ActId"
00516AE5 | 0FB60D 13956500 | movzx ecx,byte ptr ds:[659513] |
00516AEC | 3BC1 | cmp eax,ecx | eax:&"ActId"
00516AEE | 75 04 | jne sourceinsight4.516AF4 |
00516AF0 | 3BC7 | cmp eax,edi | eax:&"ActId"
00516AF2 | 74 1E | je sourceinsight4.516B12 |
00516AF4 | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
00516AFF | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
00516B03 | E8 D8D9FFFF | call sourceinsight4.5144E0 |
00516B08 | B8 EA010000 | mov eax,1EA | eax:&"ActId"
00516B0D | E9 B1FEFFFF | jmp sourceinsight4.5169C3 |
00516B12 | 8D5424 10 | lea edx,dword ptr ss:[esp+10] |
00516B16 | 33DB | xor ebx,ebx |
00516B18 | 52 | push edx |
00516B19 | 68 88656000 | push sourceinsight4.606588 | 606588:"Expiration"
00516B1E | 8D4C24 28 | lea ecx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
00516B22 | 899E 18060000 | mov dword ptr ds:[esi+618],ebx |
00516B28 | 899E 14060000 | mov dword ptr ds:[esi+614],ebx |
00516B2E | 899E 10060000 | mov dword ptr ds:[esi+610],ebx |
00516B34 | E8 87DAFFFF | call sourceinsight4.5145C0 | 取出 ["Expiration"] 的值
00516B39 | 85C0 | test eax,eax | eax:&"ActId"
00516B3B | 74 1F | je sourceinsight4.516B5C |
00516B3D | 8B4424 10 | mov eax,dword ptr ss:[esp+10] |
00516B41 | 50 | push eax | eax:&"ActId"
00516B42 | 8D8E 10060000 | lea ecx,dword ptr ds:[esi+610] |
00516B48 | E8 E394F3FF | call sourceinsight4.450030 |
00516B4D | 8D8E 10060000 | lea ecx,dword ptr ds:[esi+610] |
00516B53 | E8 8881F3FF | call sourceinsight4.44ECE0 |
00516B58 | 85C0 | test eax,eax | eax:&"ActId"
00516B5A | 74 50 | je sourceinsight4.516BAC |
00516B5C | 8D4C24 10 | lea ecx,dword ptr ss:[esp+10] |
00516B60 | 51 | push ecx |
00516B61 | 68 D8A65E00 | push sourceinsight4.5EA6D8 | 5EA6D8:"Date"
00516B66 | 8D4C24 28 | lea ecx,dword ptr ss:[esp+28] | [esp+28]:"Serial"
00516B6A | 899E 24060000 | mov dword ptr ds:[esi+624],ebx |
00516B70 | 899E 20060000 | mov dword ptr ds:[esi+620],ebx |
00516B76 | 899E 1C060000 | mov dword ptr ds:[esi+61C],ebx |
00516B7C | E8 3FDAFFFF | call sourceinsight4.5145C0 | 取出 ["Date"] 的值
00516B81 | 85C0 | test eax,eax | eax:&"ActId"
00516B83 | 0F84 21FEFFFF | je sourceinsight4.5169AA |
00516B89 | 8B5424 10 | mov edx,dword ptr ss:[esp+10] |
00516B8D | 52 | push edx |
00516B8E | 8D8E 1C060000 | lea ecx,dword ptr ds:[esi+61C] |
00516B94 | E8 9794F3FF | call sourceinsight4.450030 | 检查日期的有效性
00516B99 | 8D8E 1C060000 | lea ecx,dword ptr ds:[esi+61C] |
00516B9F | E8 3C81F3FF | call sourceinsight4.44ECE0 |
00516BA4 | 85C0 | test eax,eax | 检查年、月、日的有效性
00516BA6 | 0F85 FEFDFFFF | jne sourceinsight4.5169AA |
00516BAC | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
00516BB7 | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
00516BBB | E8 20D9FFFF | call sourceinsight4.5144E0 |
00516BC0 | B8 E3010000 | mov eax,1E3 | eax:&"ActId"
00516BC5 | E9 F9FDFFFF | jmp sourceinsight4.5169C3 |
00516BCA | C78424 28040000 FFFFFF | mov dword ptr ss:[esp+428],FFFFFFFF |
00516BD5 | 8D4C24 20 | lea ecx,dword ptr ss:[esp+20] |
00516BD9 | E8 02D9FFFF | call sourceinsight4.5144E0 |
00516BDE | B8 D5010000 | mov eax,1D5 | eax:&"ActId"
00516BE3 | E9 DBFDFFFF | jmp sourceinsight4.5169C3 |
00516BE8 | C78424 24040000 FFFFFF | mov dword ptr ss:[esp+424],FFFFFFFF |
00516BF3 | 8D4C24 1C | lea ecx,dword ptr ss:[esp+1C] |
00516BF7 | E8 E4D8FFFF | call sourceinsight4.5144E0 |
00516BFC | 8B8C24 1C040000 | mov ecx,dword ptr ss:[esp+41C] |
00516C03 | 5F | pop edi |
00516C04 | 5E | pop esi |
00516C05 | B8 D5010000 | mov eax,1D5 | eax:&"ActId"
00516C0A | 5B | pop ebx |
00516C0B | 64:890D 00000000 | mov dword ptr fs:[0],ecx |
00516C12 | 81C4 1C040000 | add esp,41C |
00516C18 | C3 | ret |
005167D0 | 64:A1 00000000 | mov eax,dword ptr fs:[0] | eax:&"ActId"
005167D6 | 6A FF | push FFFFFFFF |
005167D8 | 68 FB365D00 | push sourceinsight4.5D36FB |
005167DD | 50 | push eax | eax:&"ActId"
005167DE | 64:8925 00000000 | mov dword ptr fs:[0],esp |
005167E5 | 81EC 10040000 | sub esp,410 |
005167EB | 53 | push ebx |
005167EC | 56 | push esi |
005167ED | 33DB | xor ebx,ebx |
005167EF | 57 | push edi |
005167F0 | 8BF1 | mov esi,ecx |
005167F2 | 33C0 | xor eax,eax | eax:&"ActId"
005167F4 | 895C84 1C | mov dword ptr ss:[esp+eax*4+1C],ebx |
005167F8 | 899C84 1C020000 | mov dword ptr ss:[esp+eax*4+21C],ebx |
005167FF | 40 | inc eax | eax:&"ActId"
00516800 | 3D 80000000 | cmp eax,80 | eax:&"ActId"
00516805 | 72 ED | jb sourceinsight4.5167F4 |
00516807 | 899C24 24040000 | mov dword ptr ss:[esp+424],ebx |
0051680E | 8D4424 1C | lea eax,dword ptr ss:[esp+1C] |
00516812 | 50 | push eax | eax:&"ActId"
00516813 | 8D8E 5C070000 | lea ecx,dword ptr ds:[esi+75C] | esi+75C:"C:\\ProgramData\\Source Insight\\4.0\\si4.lic"
00516819 | 51 | push ecx |
0051681A | E8 71E9FFFF | call sourceinsight4.515190 | 解释文件中数据,并保存。
0051681F | 83C4 08 | add esp,8 |
00516822 | 8D5424 0C | lea edx,dword ptr ss:[esp+C] |
00516826 | 52 | push edx |
00516827 | 68 CCD05E00 | push sourceinsight4.5ED0CC | 5ED0CC:"Type"
0051682C | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
00516830 | 899E 0C060000 | mov dword ptr ds:[esi+60C],ebx |
00516836 | E8 85DDFFFF | call sourceinsight4.5145C0 | 取出 Type 字段的值
0051683B | 85C0 | test eax,eax | eax:&"ActId"
0051683D | 74 58 | je sourceinsight4.516897 |
0051683F | 8B7C24 0C | mov edi,dword ptr ss:[esp+C] |
00516843 | 68 DCA25F00 | push sourceinsight4.5FA2DC | 5FA2DC:"Trial"
00516848 | 57 | push edi |
00516849 | E8 DCA50B00 | call sourceinsight4.5D0E2A | stricmp(["Type"], "Trial")
0051684E | 83C4 08 | add esp,8 |
00516851 | 85C0 | test eax,eax | eax:&"ActId"
00516853 | 75 0C | jne sourceinsight4.516861 |
00516855 | C786 0C060000 01000000 | mov dword ptr ds:[esi+60C],1 |
0051685F | EB 36 | jmp sourceinsight4.516897 |
00516861 | 68 8C616000 | push sourceinsight4.60618C | 60618C:"Beta"
00516866 | 57 | push edi |
00516867 | E8 BEA50B00 | call sourceinsight4.5D0E2A |
0051686C | 83C4 08 | add esp,8 |
0051686F | 85C0 | test eax,eax | eax:&"ActId"
00516871 | 75 0C | jne sourceinsight4.51687F |
00516873 | C786 0C060000 03000000 | mov dword ptr ds:[esi+60C],3 |
0051687D | EB 18 | jmp sourceinsight4.516897 |
0051687F | 68 80616000 | push sourceinsight4.606180 | 606180:"Standard"
00516884 | 57 | push edi |
00516885 | E8 A0A50B00 | call sourceinsight4.5D0E2A |
0051688A | 83C4 08 | add esp,8 |
0051688D | 85C0 | test eax,eax | eax:&"ActId"
0051688F | 75 06 | jne sourceinsight4.516897 |
00516891 | 899E 0C060000 | mov dword ptr ds:[esi+60C],ebx |
00516897 | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
0051689B | 50 | push eax | eax:&"ActId"
0051689C | 68 D0656000 | push sourceinsight4.6065D0 | 6065D0:"LicensedUser"
005168A1 | 8D4C24 24 | lea ecx,dword ptr ss:[esp+24] | [esp+24]:"ActId"
005168A5 | E8 16DDFFFF | call sourceinsight4.5145C0 | 取出 ["LicensedUser"] 的值
005168AA | 85C0 | test eax,eax | eax:&"ActId"
005168AC | 0F84 36030000 | je sourceinsight4.516BE8 |
005168B2 | 8B4C24 0C | mov ecx,dword ptr ss:[esp+C] |
005168B6 | 51 | push ecx |
005168B7 | 8D96 04010000 | lea edx,dword ptr ds:[esi+104] |
005168BD | 52 | push edx |
005168BE | E8 BD4E0A00 | call sourceinsight4.5BB780 | strcpy(edx, ["LicensedUser"])
005168C3 | 83C4 08 | add esp,8 |
005168C6 | 8D4424 0C | lea eax,dword ptr ss:[esp+C] |
005168CA | 50 | push eax | eax:&"ActId"
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
