我是一个初学的菜鸟,对软件的调试不知如何入门,加入论坛以来,一会儿学OD,一会儿学汇编,也不知到底应学什么?请各高人指点一二。昨天小弟的朋友弄了个DELPHI的软件,让小弟试试,小弟首先用DEDE反了一下,找到了以下代码,但接下来就不知如何用工具CRACK它了,请高人指导一下让小弟少走弯路(小弟也不知何年何月才能达到高人们的水平,唉!!!)
(*
0073A5C8 55 push ebp
0073A5C9 8BEC mov ebp, esp
0073A5CB B906000000 mov ecx, $00000006
0073A5D0 6A00 push $00
0073A5D2 6A00 push $00
0073A5D4 49 dec ecx
0073A5D5 75F9 jnz 0073A5D0
0073A5D7 53 push ebx
0073A5D8 56 push esi
0073A5D9 8BD8 mov ebx, eax
0073A5DB 33C0 xor eax, eax
0073A5DD 55 push ebp
* Possible String Reference to: '辇??朕[?]?
|
0073A5DE 68C2A77300 push $0073A7C2
***** TRY
|
0073A5E3 64FF30 push dword ptr fs:[eax]
0073A5E6 648920 mov fs:[eax], esp
0073A5E9 8D55EC lea edx, [ebp-$14]
* Reference to control Treg.dxMaskEdit1 : TdxMaskEdit
|
0073A5EC 8B8308030000 mov eax, [ebx+$0308]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A5F2 E81152E5FF call 0058F808
0073A5F7 8B45EC mov eax, [ebp-$14]
|
0073A5FA E895A4CCFF call 00404A94
0073A5FF 83F804 cmp eax, +$04
0073A602 7551 jnz 0073A655
0073A604 8D55E8 lea edx, [ebp-$18]
* Reference to control Treg.dxMaskEdit2 : TdxMaskEdit
|
0073A607 8B830C030000 mov eax, [ebx+$030C]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A60D E8F651E5FF call 0058F808
0073A612 8B45E8 mov eax, [ebp-$18]
|
0073A615 E87AA4CCFF call 00404A94
0073A61A 83F804 cmp eax, +$04
0073A61D 7536 jnz 0073A655
0073A61F 8D55E4 lea edx, [ebp-$1C]
* Reference to control Treg.dxMaskEdit3 : TdxMaskEdit
|
0073A622 8B8310030000 mov eax, [ebx+$0310]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A628 E8DB51E5FF call 0058F808
0073A62D 8B45E4 mov eax, [ebp-$1C]
|
0073A630 E85FA4CCFF call 00404A94
0073A635 83F804 cmp eax, +$04
0073A638 751B jnz 0073A655
0073A63A 8D55E0 lea edx, [ebp-$20]
* Reference to control Treg.dxMaskEdit4 : TdxMaskEdit
|
0073A63D 8B8314030000 mov eax, [ebx+$0314]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A643 E8C051E5FF call 0058F808
0073A648 8B45E0 mov eax, [ebp-$20]
|
0073A64B E844A4CCFF call 00404A94
0073A650 83F804 cmp eax, +$04
0073A653 740F jz 0073A664
* Possible String Reference to: '注册码不对! '
|
0073A655 B8D8A77300 mov eax, $0073A7D8
|
0073A65A E8B122FAFF call 006DC910
0073A65F E943010000 jmp 0073A7A7
0073A664 8D45FC lea eax, [ebp-$04]
|
0073A667 E8E019FFFF call 0072C04C
0073A66C 8D55F8 lea edx, [ebp-$08]
0073A66F 8B45FC mov eax, [ebp-$04]
|
0073A672 E8B11EFFFF call 0072C528
0073A677 8D55DC lea edx, [ebp-$24]
* Reference to control Treg.dxMaskEdit1 : TdxMaskEdit
|
0073A67A 8B8308030000 mov eax, [ebx+$0308]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A680 E88351E5FF call 0058F808
0073A685 FF75DC push dword ptr [ebp-$24]
0073A688 8D55D8 lea edx, [ebp-$28]
* Reference to control Treg.dxMaskEdit2 : TdxMaskEdit
|
0073A68B 8B830C030000 mov eax, [ebx+$030C]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A691 E87251E5FF call 0058F808
0073A696 FF75D8 push dword ptr [ebp-$28]
0073A699 8D55D4 lea edx, [ebp-$2C]
* Reference to control Treg.dxMaskEdit3 : TdxMaskEdit
|
0073A69C 8B8310030000 mov eax, [ebx+$0310]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A6A2 E86151E5FF call 0058F808
0073A6A7 FF75D4 push dword ptr [ebp-$2C]
0073A6AA 8D55D0 lea edx, [ebp-$30]
* Reference to control Treg.dxMaskEdit4 : TdxMaskEdit
|
0073A6AD 8B8314030000 mov eax, [ebx+$0314]
* Reference to : TdxInplaceMaskEdit._PROC_0058F808()
|
0073A6B3 E85051E5FF call 0058F808
0073A6B8 FF75D0 push dword ptr [ebp-$30]
0073A6BB 8D45F4 lea eax, [ebp-$0C]
0073A6BE BA04000000 mov edx, $00000004
|
0073A6C3 E88CA4CCFF call 00404B54
0073A6C8 8B45F8 mov eax, [ebp-$08]
0073A6CB 8B55F4 mov edx, [ebp-$0C]
|
0073A6CE E80DA5CCFF call 00404BE0
0073A6D3 740F jz 0073A6E4
* Possible String Reference to: '注册码不对! '
|
0073A6D5 B8D8A77300 mov eax, $0073A7D8
|
0073A6DA E83122FAFF call 006DC910
0073A6DF E9C3000000 jmp 0073A7A7
0073A6E4 B201 mov dl, $01
* Reference to class TRegistry
|
0073A6E6 A190464500 mov eax, dword ptr [$00454690]
|
0073A6EB E864A1D1FF call 00454854
0073A6F0 8BF0 mov esi, eax
0073A6F2 BA02000080 mov edx, $80000002
0073A6F7 8BC6 mov eax, esi
|
0073A6F9 E886A2D1FF call 00454984
0073A6FE 8D45F0 lea eax, [ebp-$10]
* Possible String Reference to: 'SOFTWARE\xingming\dw'
|
0073A701 BAF0A77300 mov edx, $0073A7F0
|
0073A706 E851A1CCFF call 0040485C
0073A70B B101 mov cl, $01
0073A70D 8B55F0 mov edx, [ebp-$10]
0073A710 8BC6 mov eax, esi
|
0073A712 E821A4D1FF call 00454B38
0073A717 84C0 test al, al
0073A719 7418 jz 0073A733
0073A71B 8B4DF4 mov ecx, [ebp-$0C]
* Possible String Reference to: 'key'
|
0073A71E BA14A87300 mov edx, $0073A814
0073A723 8BC6 mov eax, esi
|
0073A725 E8C2A8D1FF call 00454FEC
0073A72A 8BC6 mov eax, esi
|
0073A72C E807A2D1FF call 00454938
0073A731 EB13 jmp 0073A746
0073A733 8BC6 mov eax, esi
|
0073A735 E87691CCFF call 004038B0
* Possible String Reference to: '注册失败! '
|
0073A73A B820A87300 mov eax, $0073A820
|
0073A73F E8CC21FAFF call 006DC910
0073A744 EB61 jmp 0073A7A7
0073A746 8BC6 mov eax, esi
|
0073A748 E86391CCFF call 004038B0
* Possible String Reference to: '注册成功! '
|
0073A74D B838A87300 mov eax, $0073A838
|
0073A752 E8B921FAFF call 006DC910
* Possible String Reference to: '已注册'
|
0073A757 BA50A87300 mov edx, $0073A850
0073A75C A1E8F67500 mov eax, dword ptr [$0075F6E8]
|
0073A761 E8FA5ED5FF call 00490660
0073A766 33D2 xor edx, edx
* Reference to control Treg.dxMaskEdit1 : TdxMaskEdit
|
0073A768 8B8308030000 mov eax, [ebx+$0308]
0073A76E 8B08 mov ecx, [eax]
* Possible reference to virtual method TdxMaskEdit.OFFS_64
|
0073A770 FF5164 call dword ptr [ecx+$64]
0073A773 33D2 xor edx, edx
* Reference to control Treg.dxMaskEdit2 : TdxMaskEdit
|
0073A775 8B830C030000 mov eax, [ebx+$030C]
0073A77B 8B08 mov ecx, [eax]
* Possible reference to virtual method TdxMaskEdit.OFFS_64
|
0073A77D FF5164 call dword ptr [ecx+$64]
0073A780 33D2 xor edx, edx
* Reference to control Treg.dxMaskEdit3 : TdxMaskEdit
|
0073A782 8B8310030000 mov eax, [ebx+$0310]
0073A788 8B08 mov ecx, [eax]
* Possible reference to virtual method TdxMaskEdit.OFFS_64
|
0073A78A FF5164 call dword ptr [ecx+$64]
0073A78D 33D2 xor edx, edx
* Reference to control Treg.dxMaskEdit4 : TdxMaskEdit
|
0073A78F 8B8314030000 mov eax, [ebx+$0314]
0073A795 8B08 mov ecx, [eax]
* Possible reference to virtual method TdxMaskEdit.OFFS_64
|
0073A797 FF5164 call dword ptr [ecx+$64]
0073A79A 33D2 xor edx, edx
* Reference to control Treg.BitBtn1 : TBitBtn
|
0073A79C 8B83F8020000 mov eax, [ebx+$02F8]
0073A7A2 8B08 mov ecx, [eax]
* Possible reference to virtual method TBitBtn.OFFS_64
|
0073A7A4 FF5164 call dword ptr [ecx+$64]
0073A7A7 33C0 xor eax, eax
0073A7A9 5A pop edx
0073A7AA 59 pop ecx
0073A7AB 59 pop ecx
0073A7AC 648910 mov fs:[eax], edx
****** FINALLY
|
* Possible String Reference to: '^[?]?
|
0073A7AF 68C9A77300 push $0073A7C9
0073A7B4 8D45D0 lea eax, [ebp-$30]
0073A7B7 BA0C000000 mov edx, $0000000C
|
0073A7BC E827A0CCFF call 004047E8
0073A7C1 C3 ret
|
0073A7C2 E97D98CCFF jmp 00404044
0073A7C7 EBEB jmp 0073A7B4
****** END
|
0073A7C9 5E pop esi
0073A7CA 5B pop ebx
0073A7CB 8BE5 mov esp, ebp
0073A7CD 5D pop ebp
0073A7CE C3 ret
*)
[课程]Android-CTF解题方法汇总!
