【破文标题】糖尿病康复专家软件简单算法分析
【破文作者】bfqyygy
【作者邮箱】bfqyygy@sohu.com
【作者主页】
【破解工具】OD
【破解平台】XP
【软件名称】糖尿病康复专家
【软件大小】2.85M
【原版下载】http://www.cofiresoft.com/downloadsoft.htm
【保护方式】无壳.序列号
【软件简介】
1、它根据经典的“五驾马车”疗法把糖尿病的防治分为了五个方面,提供了一个比较全 面并不断升级的数据库,您可以从中得到您想知道的所有的糖尿病知识。
2、一周食谱设计、营养素排序系统,可以让您根据您的身体情况自己制订出每周的食谱,得知每天所摄入的热量是多少,以及某一营养素的食物排名等。
3、一个检测结果记录系统,可以让您把检测的血糖、尿糖、血压、糖化血红蛋白、血脂等数据保存起来,并以柱状图形象的表示出来,使您知道过去和现在的身体状态,并做出相应的调整。
4、一个检验结果查询系统,有了它您就可以知道化验单上的结果是什么意思了。
------------------------------------------------------------------------
【破解过程】一、PEiD查无壳。软件是Borland Delphi 6.0 - 7.0编写。
运行,注册名:bfqyygy 试练码:123456789
经过初步分析.很容易就来到关键代码:
00531816 |. 55 PUSH EBP
00531817 |. 68 611A5300 PUSH 糖尿病康.00531A61
0053181C |. 64:FF30 PUSH DWORD PTR FS:[EAX]
0053181F |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
00531822 |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
00531825 |. 8B86 FC020000 MOV EAX,DWORD PTR DS:[ESI+2FC]
0053182B |. E8 5871F4FF CALL 糖尿病康.00478988
00531830 |. 8B45 E4 MOV EAX,DWORD PTR SS:[EBP-1C]
00531833 |. 8D4D FC LEA ECX,DWORD PTR SS:[EBP-4]
00531836 |. BA 08000000 MOV EDX,8
0053183B |. E8 3CB9F0FF CALL 糖尿病康.0043D17C
00531840 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00531843 |. E8 0079EDFF CALL 糖尿病康.00409148 ; 机器码从第二位取
00531848 |. 8BD8 MOV EBX,EAX
0053184A |. 81C3 D3173201 ADD EBX,13217D3 ; 机器码+13217D3
00531850 |. 81EB C5EA2C01 SUB EBX,12CEAC5 ; 再减去.12CEAC5
00531856 |. 8D049B LEA EAX,DWORD PTR DS:[EBX+EBX*4] ; EBX+EBX*4 结果送入EAX
00531859 |. 8BD8 MOV EBX,EAX ; 送给EBX
0053185B |. 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
0053185E |. 8BC3 MOV EAX,EBX
00531860 |. E8 A777EDFF CALL 糖尿病康.0040900C ; 转换进制
00531865 |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
00531868 |. 8D4D F8 LEA ECX,DWORD PTR SS:[EBP-8]
0053186B |. BA 07000000 MOV EDX,7
00531870 |. E8 97B8F0FF CALL 糖尿病康.0043D10C
00531875 |. 8D4D F4 LEA ECX,DWORD PTR SS:[EBP-C]
00531878 |. BA 03000000 MOV EDX,3
0053187D |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] ; 取前7位设为A
00531880 |. E8 87B8F0FF CALL 糖尿病康.0043D10C
00531885 |. 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
00531888 |. E8 BB78EDFF CALL 糖尿病康.00409148
0053188D |. 3D F4010000 CMP EAX,1F4 ; A的前3位与500比较
00531892 |. 7E 1D JLE SHORT 糖尿病康.005318B1 ; 小于等于就跳,不跳就与字符串"ly"相连
00531894 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00531897 |. BA 781A5300 MOV EDX,糖尿病康.00531A78 ; ASCII "Ly"
0053189C |. E8 DB2AEDFF CALL 糖尿病康.0040437C
005318A1 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
005318A4 |. 8B4D EC MOV ECX,DWORD PTR SS:[EBP-14]
005318A7 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005318AA |. E8 512DEDFF CALL 糖尿病康.00404600
005318AF |. EB 18 JMP SHORT 糖尿病康.005318C9
005318B1 |> 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
005318B4 |. BA 841A5300 MOV EDX,糖尿病康.00531A84 ; ASCII "KH"
005318B9 |. E8 BE2AEDFF CALL 糖尿病康.0040437C ; 跳到这里与字符"KH"相连A的前三位设为B
005318BE |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
005318C1 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005318C4 |. E8 F32CEDFF CALL 糖尿病康.004045BC
005318C9 |> 8D4D F0 LEA ECX,DWORD PTR SS:[EBP-10]
005318CC |. BA 03000000 MOV EDX,3
005318D1 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
005318D4 |. E8 A3B8F0FF CALL 糖尿病康.0043D17C
005318D9 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
005318DC |. E8 6778EDFF CALL 糖尿病康.00409148
005318E1 |. 3D F4010000 CMP EAX,1F4 ; A的后三位与500比较
005318E6 |. 7E 1D JLE SHORT 糖尿病康.00531905 ; 小于或等于就跳,不跳就与"RD"相连
005318E8 |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
005318EB |. BA 901A5300 MOV EDX,糖尿病康.00531A90 ; ASCII "RD"
005318F0 |. E8 872AEDFF CALL 糖尿病康.0040437C ; A与RD相连设为C
005318F5 |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
005318F8 |. 8B4D E8 MOV ECX,DWORD PTR SS:[EBP-18]
005318FB |. 8B55 F0 MOV EDX,DWORD PTR SS:[EBP-10]
005318FE |. E8 FD2CEDFF CALL 糖尿病康.00404600
00531903 |. EB 18 JMP SHORT 糖尿病康.0053191D
00531905 |> 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
00531908 |. BA 9C1A5300 MOV EDX,糖尿病康.00531A9C ; ASCII "DJ"
0053190D |. E8 6A2AEDFF CALL 糖尿病康.0040437C
00531912 |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
00531915 |. 8B55 F0 MOV EDX,DWORD PTR SS:[EBP-10]
00531918 |. E8 9F2CEDFF CALL 糖尿病康.004045BC
0053191D |> 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00531920 |. 8B4D E8 MOV ECX,DWORD PTR SS:[EBP-18]
00531923 |. 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
00531926 |. E8 D52CEDFF CALL 糖尿病康.00404600 ; B与C相连
0053192B |. 8D55 DC LEA EDX,DWORD PTR SS:[EBP-24]
0053192E |. 8B86 00030000 MOV EAX,DWORD PTR DS:[ESI+300]
00531934 |. E8 4F70F4FF CALL 糖尿病康.00478988
00531939 |. 8B55 DC MOV EDX,DWORD PTR SS:[EBP-24] ; 假码
0053193C |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; 真码
0053193F |. E8 BC2DEDFF CALL 糖尿病康.00404700 ; 关键比较
00531944 |. 0F85 DA000000 JNZ 糖尿病康.00531A24 ; 关键跳转
0053194A |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
0053194F |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00531951 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
00531957 |. E8 2CF7F7FF CALL 糖尿病康.004B1088
0053195C |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
00531961 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00531963 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
00531969 |. 33D2 XOR EDX,EDX
0053196B |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
0053196D |. FF91 90010000 CALL DWORD PTR DS:[ECX+190]
00531973 |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
00531978 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
0053197A |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
00531980 |. BA A81A5300 MOV EDX,糖尿病康.00531AA8
00531985 |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
00531987 |. FF91 98010000 CALL DWORD PTR DS:[ECX+198]
0053198D |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
00531992 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00531994 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
0053199A |. B2 01 MOV DL,1
0053199C |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
0053199E |. FF91 90010000 CALL DWORD PTR DS:[ECX+190]
005319A4 |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
005319A9 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005319AB |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
005319B1 |. BA C81A5300 MOV EDX,糖尿病康.00531AC8 ; ASCII "shuju1"
005319B6 |. E8 05FAF9FF CALL 糖尿病康.004D13C0
005319BB |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
005319C0 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005319C2 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
005319C8 |. E8 AFF6F7FF CALL 糖尿病康.004B107C
005319CD |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
005319D2 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005319D4 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
005319DA |. E8 6D1EF8FF CALL 糖尿病康.004B384C
005319DF |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
005319E4 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005319E6 |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
005319EC |. BA D81A5300 MOV EDX,糖尿病康.00531AD8
005319F1 |. E8 2206F8FF CALL 糖尿病康.004B2018
005319F6 |. BA E41A5300 MOV EDX,糖尿病康.00531AE4 ; ASCII "11"
005319FB |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
005319FD |. FF91 B0000000 CALL DWORD PTR DS:[ECX+B0]
00531A03 |. A1 54525600 MOV EAX,DWORD PTR DS:[565254]
00531A08 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00531A0A |. 8B80 F8020000 MOV EAX,DWORD PTR DS:[EAX+2F8]
00531A10 |. 8B10 MOV EDX,DWORD PTR DS:[EAX]
00531A12 |. FF92 4C020000 CALL DWORD PTR DS:[EDX+24C]
00531A18 |. B8 F01A5300 MOV EAX,糖尿病康.00531AF0
00531A1D |. E8 B66CF0FF CALL 糖尿病康.004386D8
00531A22 |. EB 0A JMP SHORT 糖尿病康.00531A2E
00531A24 |> B8 141B5300 MOV EAX,糖尿病康.00531B14
00531A29 |. E8 AA6CF0FF CALL 糖尿病康.004386D8
00531A2E |> 33C0 XOR EAX,EAX
00531A30 |. 5A POP EDX
00531A31 |. 59 POP ECX
00531A32 |. 59 POP ECX
00531A33 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
00531A36 |. 68 681A5300 PUSH 糖尿病康.00531A68
00531A3B |> 8D45 DC LEA EAX,DWORD PTR SS:[EBP-24]
00531A3E |. E8 A128EDFF CALL 糖尿病康.004042E4
00531A43 |. 8D45 E0 LEA EAX,DWORD PTR SS:[EBP-20]
00531A46 |. E8 9928EDFF CALL 糖尿病康.004042E4
00531A4B |. 8D45 E4 LEA EAX,DWORD PTR SS:[EBP-1C]
00531A4E |. E8 9128EDFF CALL 糖尿病康.004042E4
00531A53 |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
00531A56 |. BA 06000000 MOV EDX,6
00531A5B |. E8 A828EDFF CALL 糖尿病康.00404308
00531A60 \. C3 RETN
00531A61 .^ E9 8222EDFF JMP 糖尿病康.00403CE8
00531A66 .^ EB D3 JMP SHORT 糖尿病康.00531A3B
00531A68 . 5E POP ESI
00531A69 . 5B POP EBX
00531A6A . 8BE5 MOV ESP,EBP
00531A6C . 5D POP EBP
00531A6D . C3 RETN
---------------------------------------------------------------------------------------
【算法小结】
1,机器码从第三位开始取.参与注册码运算
2,机器码加13217D3 再减去.12CEAC5 记做为A 得出的A乘以4,再加上A,再转换成10进制数,记做为B
3,取B的前三位与固定数500比较.小于等于就与字符串"KH"相连.反之就与"Ly"相连.记做为C
4,取B的后三位与固定数500比较.小于等于就与字符串"RD"相连.反之就与"DJ"相连.记做为D
5,C的结果与D的结果相连.就是软件的注册码!!
------------------------------------------------------------------------
【破解总结】软件算法比较简单.适合新手练习..我也是莱鸟,算法与总结都感觉写的不太好!希望大家支持!
------------------------------------------------------------------------
【版权声明】本文纯属技术交流, 转载请注明作者信息并保持文章的完整, 谢谢!
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)