找到一个超级简单的CRACKME,娱乐一下大家!
004012FB . 6A 1E PUSH 1E ; /Count = 1E (30.)
004012FD . 8D45 E2 LEA EAX,DWORD PTR SS:[EBP-1E] ; |
00401300 . 50 PUSH EAX ; |Buffer
00401301 . 68 F0030000 PUSH 3F0 ; |ControlID = 3F0 (1008.)
00401306 . FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd
00401309 . E8 38080000 CALL <JMP.&user32.GetDlgItemTextA> ; \GetDlgItemTextA
0040130E . 6A 1E PUSH 1E ; /Count = 1E (30.)
00401310 . 8D45 C4 LEA EAX,DWORD PTR SS:[EBP-3C] ; |
00401313 . 50 PUSH EAX ; |Buffer
00401314 . 68 F1030000 PUSH 3F1 ; |ControlID = 3F1 (1009.)
00401319 . FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd
0040131C . E8 25080000 CALL <JMP.&user32.GetDlgItemTextA> ; \GetDlgItemTextA
00401321 . 68 57334000 PUSH mydlg.00403357 ; /String2 = "堆栈"
00401326 . 8D45 E2 LEA EAX,DWORD PTR SS:[EBP-1E] ; |
00401329 . 50 PUSH EAX ; |String1
0040132A . E8 C3070000 CALL <JMP.&kernel32.lstrcmpiA> ; \lstrcmpiA
0040132F . 8945 C0 MOV DWORD PTR SS:[EBP-40],EAX
00401332 . 68 5C334000 PUSH mydlg.0040335C ; /String2 = "86211805"
00401337 . 8D45 C4 LEA EAX,DWORD PTR SS:[EBP-3C] ; |
0040133A . 50 PUSH EAX ; |String1
0040133B . E8 B2070000 CALL <JMP.&kernel32.lstrcmpiA> ; \lstrcmpiA
00401340 . 0BC0 OR EAX,EAX
00401342 . 75 27 JNZ SHORT mydlg.0040136B
00401344 . 837D C0 00 CMP DWORD PTR SS:[EBP-40],0
00401348 . 75 21 JNZ SHORT mydlg.0040136B
0040134A . 6A 00 PUSH 0 ; /Result = 0
0040134C . FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd
0040134F . E8 D4070000 CALL <JMP.&user32.EndDialog> ; \EndDialog
00401354 . 6A 40 PUSH 40 ; /Style = MB_OK|MB_ICONASTERISK|MB_APPLMODAL
00401356 . 68 70334000 PUSH mydlg.00403370 ; |Title = "消息"
0040135B . 68 65334000 PUSH mydlg.00403365 ; |Text = "注册成功!"
00401360 . 6A 00 PUSH 0 ; |hOwner = NULL
00401362 . E8 09080000 CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
00401367 . EB 5B JMP SHORT mydlg.004013C4
00401369 . EB 13 JMP SHORT mydlg.0040137E
0040136B > 6A 30 PUSH 30 ; /Style = MB_OK|MB_ICONEXCLAMATION|MB_APPLMODAL
0040136D . 68 88334000 PUSH mydlg.00403388 ; |Title = "消息"
00401372 . 68 75334000 PUSH mydlg.00403375 ; |Text = "对不起,注册失败!"
00401377 . 6A 00 PUSH 0 ; |hOwner = NULL
00401379 . E8 F2070000 CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
代码我就不分析了,相信大家一看就明白!呵呵!
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!