[求助]请问这个软件怎样才能找出注册吗？-软件逆向-看雪-安全社区|安全招聘|kanxue.com

[求助]请问这个软件怎样才能找出注册吗？

发表于: 2006-9-19 18:26 3415

[求助]请问这个软件怎样才能找出注册吗？

luoaiqq

2006-9-19 18:26

3415

00530E2C /.  55          push ebp
00530E2D |.  8BEC       mov ebp,esp
00530E2F |.  B9 07000000 mov ecx,7
00530E34 |>  6A 00       /push 0
00530E36 |.  6A 00       |push 0
00530E38 |.  49          |dec ecx
00530E39 |.^ 75 F9       \jnz short QTV.00530E34
00530E3B |.  51          push ecx
00530E3C |.  53          push ebx
00530E3D |.  56          push esi
00530E3E |.  57          push edi
00530E3F |.  8BD8       mov ebx,eax
00530E41 |.  33C0       xor eax,eax
00530E43 |.  55          push ebp
00530E44 |.  68 74105300 push QTV.00531074
00530E49 |.  64:FF30    push dword ptr fs:[eax]
00530E4C |.  64:8920    mov dword ptr fs:[eax],esp
00530E4F |.  8D55 F0    lea edx,dword ptr ss:[ebp-10]
00530E52 |.  8B83 24030000 mov eax,dword ptr ds:[ebx+324]
00530E58 |.  E8 6716F2FF call QTV.004524C4
00530E5D |.  8D55 EC    lea edx,dword ptr ss:[ebp-14]
00530E60 |.  8B83 28030000 mov eax,dword ptr ds:[ebx+328]
00530E66 |.  E8 5916F2FF call QTV.004524C4
00530E6B |.  8D55 E8    lea edx,dword ptr ss:[ebp-18]
00530E6E |.  8B83 20030000 mov eax,dword ptr ds:[ebx+320]
00530E74 |.  E8 4B16F2FF call QTV.004524C4
00530E79 |.  8D55 E4    lea edx,dword ptr ss:[ebp-1C]
00530E7C |.  8B83 20030000 mov eax,dword ptr ds:[ebx+320]
00530E82 |.  E8 3D16F2FF call QTV.004524C4
00530E87 |.  8B45 E4    mov eax,dword ptr ss:[ebp-1C]
00530E8A |.  E8 BD36EDFF call QTV.0040454C
00530E8F |.  8BF0       mov esi,eax
00530E91 |.  8D55 E0    lea edx,dword ptr ss:[ebp-20]
00530E94 |.  8B83 24030000 mov eax,dword ptr ds:[ebx+324]
00530E9A |.  E8 2516F2FF call QTV.004524C4
00530E9F |.  8B45 E0    mov eax,dword ptr ss:[ebp-20]
00530EA2 |.  E8 A536EDFF call QTV.0040454C
00530EA7 |.  8BF8       mov edi,eax
00530EA9 |.  8D55 DC    lea edx,dword ptr ss:[ebp-24]
00530EAC |.  8B83 28030000 mov eax,dword ptr ds:[ebx+328]
00530EB2 |.  E8 0D16F2FF call QTV.004524C4
00530EB7 |.  8B45 DC    mov eax,dword ptr ss:[ebp-24]
00530EBA |.  E8 8D36EDFF call QTV.0040454C
00530EBF |.  8BD8       mov ebx,eax
00530EC1 |.  837D F0 00 cmp dword ptr ss:[ebp-10],0
00530EC5 |.  74 1B       je short QTV.00530EE2
00530EC7 |.  837D EC 00 cmp dword ptr ss:[ebp-14],0
00530ECB |.  74 15       je short QTV.00530EE2
00530ECD |.  837D E8 00 cmp dword ptr ss:[ebp-18],0
00530ED1 |.  74 0F       je short QTV.00530EE2
00530ED3 |.  83FE 06    cmp esi,6
00530ED6 |.  7C 0A       jl short QTV.00530EE2
00530ED8 |.  83FF 06    cmp edi,6
00530EDB |.  7C 05       jl short QTV.00530EE2
00530EDD |.  83FB 06    cmp ebx,6
00530EE0 |.  7D 0F       jge short QTV.00530EF1
00530EE2 |>  B8 8C105300 mov eax,QTV.0053108C
00530EE7 |.  E8 2851F0FF call QTV.00436014
00530EEC |.  E9 4E010000 jmp QTV.0053103F
00530EF1 |>  8D55 FC    lea edx,dword ptr ss:[ebp-4]
00530EF4 |.  8B45 F0    mov eax,dword ptr ss:[ebp-10]
00530EF7 |.  E8 8880EDFF call QTV.00408F84
00530EFC |.  84C0       test al,al
00530EFE |.  0F84 31010000 je QTV.00531035
00530F04 |.  8D55 FC    lea edx,dword ptr ss:[ebp-4]
00530F07 |.  8B45 EC    mov eax,dword ptr ss:[ebp-14]
00530F0A |.  E8 7580EDFF call QTV.00408F84
00530F0F |.  84C0       test al,al
00530F11 |.  0F84 1E010000 je QTV.00531035
00530F17 |.  8D45 D8    lea eax,dword ptr ss:[ebp-28]
00530F1A |.  8B55 F0    mov edx,dword ptr ss:[ebp-10]
00530F1D |.  8A52 01    mov dl,byte ptr ds:[edx+1]
00530F20 |.  E8 4F35EDFF call QTV.00404474
00530F25 |.  8B45 D8    mov eax,dword ptr ss:[ebp-28]
00530F28 |.  E8 0380EDFF call QTV.00408F30
00530F2D |.  50          push eax
00530F2E |.  8D45 D4    lea eax,dword ptr ss:[ebp-2C]
00530F31 |.  8B55 EC    mov edx,dword ptr ss:[ebp-14]
00530F34 |.  8A12       mov dl,byte ptr ds:[edx]
00530F36 |.  E8 3935EDFF call QTV.00404474
00530F3B |.  8B45 D4    mov eax,dword ptr ss:[ebp-2C]
00530F3E |.  E8 ED7FEDFF call QTV.00408F30
00530F43 |.  5A          pop edx
00530F44 |.  03D0       add edx,eax
00530F46 |.  8955 F8    mov dword ptr ss:[ebp-8],edx
00530F49 |.  8D45 D0    lea eax,dword ptr ss:[ebp-30]
00530F4C |.  8B55 F0    mov edx,dword ptr ss:[ebp-10]
00530F4F |.  8A52 04    mov dl,byte ptr ds:[edx+4]
00530F52 |.  E8 1D35EDFF call QTV.00404474
00530F57 |.  8B45 D0    mov eax,dword ptr ss:[ebp-30]
00530F5A |.  E8 D17FEDFF call QTV.00408F30
00530F5F |.  50          push eax
00530F60 |.  8D45 CC    lea eax,dword ptr ss:[ebp-34]
00530F63 |.  8B55 EC    mov edx,dword ptr ss:[ebp-14]
00530F66 |.  8A52 01    mov dl,byte ptr ds:[edx+1]
00530F69 |.  E8 0635EDFF call QTV.00404474
00530F6E |.  8B45 CC    mov eax,dword ptr ss:[ebp-34]
00530F71 |.  E8 BA7FEDFF call QTV.00408F30
00530F76 |.  5A          pop edx
00530F77 |.  03D0       add edx,eax
00530F79 |.  8955 F4    mov dword ptr ss:[ebp-C],edx
00530F7C |.  8D45 C8    lea eax,dword ptr ss:[ebp-38]
00530F7F |.  8B55 F0    mov edx,dword ptr ss:[ebp-10]
00530F82 |.  8A52 03    mov dl,byte ptr ds:[edx+3]
00530F85 |.  E8 EA34EDFF call QTV.00404474
00530F8A |.  8B45 C8    mov eax,dword ptr ss:[ebp-38]
00530F8D |.  E8 9E7FEDFF call QTV.00408F30
00530F92 |.  50          push eax
00530F93 |.  8D45 C4    lea eax,dword ptr ss:[ebp-3C]
00530F96 |.  8B55 EC    mov edx,dword ptr ss:[ebp-14]
00530F99 |.  8A52 03    mov dl,byte ptr ds:[edx+3]
00530F9C |.  E8 D334EDFF call QTV.00404474
00530FA1 |.  8B45 C4    mov eax,dword ptr ss:[ebp-3C]
00530FA4 |.  E8 877FEDFF call QTV.00408F30
00530FA9 |.  8BD0       mov edx,eax
00530FAB |.  58          pop eax
00530FAC |.  03C2       add eax,edx
00530FAE |.  3BDE       cmp ebx,esi
00530FB0    75 16       jnz short QTV.00530FC8
00530FB2 |.  83FF 09    cmp edi,9
00530FB5    75 11       jnz short QTV.00530FC8
00530FB7 |.  837D F8 05 cmp dword ptr ss:[ebp-8],5
00530FBB    75 0B       jnz short QTV.00530FC8
00530FBD |.  837D F4 06 cmp dword ptr ss:[ebp-C],6
00530FC1    75 05       jnz short QTV.00530FC8
00530FC3 |.  83F8 08    cmp eax,8
00530FC6    74 0C       je short QTV.00530FD4
00530FC8 |>  B8 B0105300 mov eax,QTV.005310B0
00530FCD |.  E8 4250F0FF call QTV.00436014
00530FD2 |.  EB 6B       jmp short QTV.0053103F
00530FD4 |>  B8 B0105300 mov eax,QTV.005310B0
00530FD9 |.  E8 3650F0FF call QTV.00436014
00530FDE |.  B2 01       mov dl,1
00530FE0 |.  A1 D0AF4300 mov eax,dword ptr ds:[43AFD0]
00530FE5 |.  E8 E6A0F0FF call QTV.0043B0D0
00530FEA |.  8BD8       mov ebx,eax
00530FEC |.  BA 02000080 mov edx,80000002
00530FF1 |.  8BC3       mov eax,ebx
00530FF3 |.  E8 78A1F0FF call QTV.0043B170
00530FF8 |.  B1 01       mov cl,1
00530FFA |.  BA DC105300 mov edx,QTV.005310DC                   ;  ASCII "Software\Microsoft\Windows\CurrentVersion\QTV"
00530FFF |.  8BC3       mov eax,ebx
00531001 |.  E8 CEA1F0FF call QTV.0043B1D4
00531006 |.  84C0       test al,al
00531008 |.  74 1B       je short QTV.00531025
0053100A |.  B9 14115300 mov ecx,QTV.00531114                   ;  ASCII "544318"
0053100F |.  BA 24115300 mov edx,QTV.00531124                   ;  ASCII "qtvregid"
00531014 |.  8BC3       mov eax,ebx
00531016 |.  E8 55A3F0FF call QTV.0043B370
0053101B |.  A1 1CFF5300 mov eax,dword ptr ds:[53FF1C]
00531020 |.  E8 43DCF3FF call QTV.0046EC68
00531025 |>  8BC3       mov eax,ebx
00531027 |.  E8 14A1F0FF call QTV.0043B140
0053102C |.  8BC3       mov eax,ebx
0053102E |.  E8 E923EDFF call QTV.0040341C
00531033 |.  EB 0A       jmp short QTV.0053103F
00531035 |>  B8 38115300 mov eax,QTV.00531138
0053103A |.  E8 D54FF0FF call QTV.00436014
0053103F |>  33C0       xor eax,eax
00531041 |.  5A          pop edx
00531042 |.  59          pop ecx
00531043 |.  59          pop ecx
00531044 |.  64:8910    mov dword ptr fs:[eax],edx
00531047 |.  68 7B105300 push QTV.0053107B
0053104C |>  8D45 C4    lea eax,dword ptr ss:[ebp-3C]
0053104F |.  BA 06000000 mov edx,6
00531054 |.  E8 5732EDFF call QTV.004042B0
00531059 |.  8D45 DC    lea eax,dword ptr ss:[ebp-24]
0053105C |.  BA 03000000 mov edx,3
00531061 |.  E8 4A32EDFF call QTV.004042B0
00531066 |.  8D45 E8    lea eax,dword ptr ss:[ebp-18]
00531069 |.  BA 03000000 mov edx,3
0053106E |.  E8 3D32EDFF call QTV.004042B0
00531073 \.  C3          retn

[课程]Linux pwn 探索篇！

收藏・1

免费・0

支持

最新回复 (1)
backuper 雪币： 200 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 202 粉丝 0 关注私信	backuper 2 楼无解 2006-9-19 21:37 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

luoaiqq

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (1)
backuper 雪币： 200 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 202 粉丝 0 关注私信	backuper 2 楼无解 2006-9-19 21:37 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复