请问高手们有否关于一些WKTVBDE工具如何破解P-CODE软件的资料呢？-软件逆向-看雪-安全社区|安全招聘|kanxue.com

最新回复 (3)
linhanshi 雪币： 97697 活跃值： (200829) 能力值： (RANK：10 ) 在线值：发帖 9249 回帖 27947 粉丝 453 关注私信	linhanshi 2 楼 P-CODE标题:我和pcode的第一次――:) (5千字) 发信人:bbbsl 时间:2002-9-23 0:08:26 详细信息: 娃娃的CCG crackme3简要分析(P-CODE型) 作者:bbbsl[iPB][FCG] 目标:娃娃的CCG CRACKME3 工具:WKTVBDebugger v1.3,exdec(以上工具在风飘学兄的站点有下载) 首先我得多谢master兄引我上路,要不到现在我还不知道怎么弄P-CODE的东东,这两天从风飘雪兄的网站下了几个CRACKME,练习了一下,效果还不错,这个可是我自己连猜带蒙搞定的哦!!!哦,对了还要多谢好友upfeed每次耐心地听我罗嗦及对我不吝其口舌的指点!!!还有一位很可爱的老朋友,尽管此君老大年纪了,居然还是和我一样单身,哎,同病相怜啊,谢谢你老人家给予我信心!!! 顺便说一句,我从开始学着用exdec和wktvbdebugger到搞定这个东东的算法总共不到5小时,哇,这样一看,pcode的入门也不是很难嘛,所以会pcode的高手一定很多,帮忙看看我的分析有啥不对的啦!多谢! 代码如下,用exdec反编译的,哦,如果静态分析有困难,可以用WKTVBDebugger,由于是在输入的同时进行验证,所以我们在EDIT上下断点,方法:用WKTVBDebugger打开crackme,点Form Manager,拉下拉框选择main,然后选择TEXTBOX,下拉框选择TEXT1,点BPX钮,OK,现在按F5执行程序,在输入框中输入任何东东,立刻断下来了:)于是到了这里.... 40EAAC: 04 FLdRfVar local_00E0 ==>push address这玩艺过会存放字符串的地址, 40EAAF: 21 FLdPrThis ==>这里我怀疑是取程序本身的句柄,不确定,请高手指点 40EAB0: 0f VCallAd (object 2 ) ==>之所以有上面的怀疑是因为这里wktvbdbg注释为 ==>main.text1,所以猜是调用某程序自身的函数 40EAB3: 19 FStAdFunc local_00DC 40EAB6: 08 FLdPr local_00DC 40EAB9: 0d VCallHresult id ==>get_ipropTEXTEDIT 得到输入字符串 40EABE: 3e FLdZeroAd local_00E0 ==>字符串地址指针 40EAC1: 46 CVarStr local_00F0 ==>复制指针到local_00F0 40EAC4: 04 FLdRfVar local_0100 ==>push函数参数,WKTVBdbg走到这里可以看 ==>locao_0100+8所指代的内存,那是你输入的东东 40EAC7: 0a ImpAdCallFPR4: ==>rtvTrimVar相当于what?VB高手告诉我这函数干嘛用的 ==>好吗? 40EACC: 04 FLdRfVar local_0100 ==>push字符串 40EACF: Lead0/eb FnLenVar ==>得到字符串长度 40EAD3: Lead1/f6 FStVar ==>将长度存到某处,哪里我没弄明白:( 40EAD7: 1a FFree1Ad local_00DC 40EADA: 36 FFreeVar ==>free... 40EAE1: f4 LitI2_Byte: 0x1 1 (.) ==>push 1 as byte??? 40EAE3: 04 FLdRfVar local_00D6 40EAE6: 04 FLdRfVar local_00D4 40EAE9: 55 CI2Var ==>这里应该是相当于计数器i了,当然是以刚才取的长度为... 40EAEA: Lead3/63 ForI2: (when done) 40EB5D==>靠,总算见着个确定的函数,for语句,都见过吧:) 40EAF0: 21 FLdPrThis ==>看看,又是一个,我刚才说过我的猜测了 40EAF1: 0f VCallAd (object 2 ) ==>某函数??? 40EAF4: 19 FStAdFunc local_00DC 40EAF7: 28 LitVarI2: ( local_0100 ) 0x1 (1)==>把常数1赋给local_0100,然后将此变量入栈 40EAFC: 6b FLdI2 local_00D6 ==>这里是计数器i 40EAFF: e7 CI4UI1 ==>似乎起符号扩展的作用,大伙看看 40EB00: 3e FLdZeroAd local_00DC 40EB03: Lead2/6f CVarAd 40EB07: 04 FLdRfVar local_0110 40EB0A: 0a ImpAdCallFPR4: ==>这里是rtcMidChar,这十几行就是Mid$(str,i,1) 40EB0F: 04 FLdRfVar local_0110 40EB12: Lead1/f6 FStVar 40EB16: 1a FFree1Ad local_00DC 40EB19: 36 FFreeVar 40EB20: 04 FLdRfVar local_0094 40EB23: Lead2/fe CStrVarVal local_00E0 ==>取得的字符地址入栈 40EB27: 0b ImpAdCallI2 ==>call rtcAnsiValueBstr,就是ASC$(char) 40EB2C: 44 CVarI2 local_0124 ==>字符的ASCII值 40EB2F: Lead1/f6 FStVar 40EB33: 2f FFree1Str local_00E0 40EB36: 04 FLdRfVar local_00B4 ==>这个应是返回值了 40EB39: 6b FLdI2 local_00D6 ==>当当当....当!计数器i出现,干什么用呢? 40EB3C: 44 CVarI2 local_0124 ==>哇,取得的字符也出现了 40EB3F: Lead0/94 AddVar local_00F0 ==>原来是加起来用啊 40EB43: Lead1/f6 FStVar 40EB47: 04 FLdRfVar local_00A4 ==>这个东东是sum 40EB4A: 04 FLdRfVar local_00B4 ==>这个东东是刚才的结果 40EB4D: Lead0/94 AddVar local_00F0 ==>两个东东加一起 40EB51: Lead1/f6 FStVar ==>放到local_00A4里面去.哦哦... 40EB55: 04 FLdRfVar local_00D6 ==>计数器i再次登场 40EB58: 64 NextI2: (continue) 40EAF0==>是否继续??? 40EB5D: 04 FLdRfVar local_00A4 ==>刚才我说过的sum 40EB60: 28 LitVarI2: ( local_0124 ) 0x6e4 (1764)==>一个常数0x6e4 40EB65: 5d HardType 40EB66: Lead0/33 EqVarBool ==>两者是否相等? 40EB68: 1c BranchF: 40EB94 ==>不等就错误了:) 40EB6B: 1b LitStr: "恭喜你..." 40EB6E: 21 FLdPrThis 40EB6F: 0f VCallAd (object 2 ) 40EB72: 19 FStAdFunc local_00DC 40EB75: 08 FLdPr local_00DC 40EB78: 0d VCallHresult 禚d ==>put _ipropTEXTEDIT写下几句肉麻的话^_* 40EB7D: 1a FFree1Ad local_00DC 40EB80: f4 LitI2_Byte: 0x0 0 (.) 40EB82: 21 FLdPrThis 40EB83: 0f VCallAd (object 1 ) 40EB86: 19 FStAdFunc local_00DC 40EB89: 08 FLdPr local_00DC 40EB8C: 0d VCallHresult 禚d 总结: 算法如下:int sum=0;int char,len; gets(str);len=strlen(str); for (int i=0;i<len;i++) sum+=(i+1+str[i]); if (sum==0x6e4) printf("Bingo,just so so"); 呵呵,我就会弄些简单的糊弄人,没法,就这么大本事,还请各位海涵.... 附:反正得凑个数,没什么目的性,就当成注册机写吧,其实写的时候也是迷迷糊糊,尽量保证不出现特殊字符吧 int main(){ int i,len,sum=0; char str[20]="bbbsl"; clrscr(); gets(str); len=strlen(str); for (i=0;i<len;i++) sum+=(str[i]+1+i); if (sum>0x6e4) printf("error name"); else{ sum=0x6e4-sum; do{ str[i]=0x41; sum-=(0x42+i); i++; }while((sum-0x42-i)>0x40); if (sum>0x7a+0x14) { sum-=40; str[i]=sum/2; str[i+1]=sum-str[i]-1; str[i+2]='\0'; }else{ sum-=20; str[i]=sum; str[i+1]='\0'; } puts (str); } return 0; } -------------------------------------------------------------------------------- Copyright © 2000-2003 看雪学院(www.pediy.com) All Rights Reserved. 标题:IDCrackme的分析 (5千字) 发信人:bbbsl 时间:2002-9-23 0:10:36 详细信息: IDCrackme的分析作者:bbbsl 目标:IDCrackme?pcode型工具:WKTVBDebugger,exdec 没什么难度,大致分析一下流程,熟悉一下p-code的语句吧 412254: 04 FLdRfVar local_011C 412257: 21 FLdPrThis 412258: 0f VCallAd text 41225B: 19 FStAdFunc local_0118 41225E: 08 FLdPr local_0118 412261: 0d VCallHresult get__ipropTEXTEDIT ==>取名字 412266: 3e FLdZeroAd local_011C 412269: 46 CVarStr local_012C 41226C: Lead1/f6 FStVar 412270: 1a FFree1Ad local_0118 412273: 04 FLdRfVar local_0094 412276: Lead0/eb FnLenVar ==>求长度 41227A: 28 LitVarI2: ( local_013C ) 0x5 (5) ==>常数5 41227F: 5d HardType 412280: Lead0/67 LtVarBool ==>长度<5? 412282: 1c BranchF: 4122B1 ==>不小于跳 412285: 27 LitVar_Missing ==>否则MessageBox("Your ...") 412288: 27 LitVar_Missing 41228B: 27 LitVar_Missing 41228E: f5 LitI4: 0x0 0 (....) 412293: 3a LitVarStr: ( local_013C ) Your User Name Must Be At Least Five Characters 412298: 4e FStVarCopyObj local_012C 41229B: 04 FLdRfVar local_012C 41229E: 0a ImpAdCallFPR4: _rtcMsgBox 4122A3: 36 FFreeVar 4122AE: 1e Branch: 4124fe 4122B1: 28 LitVarI2: ( local_012C ) 0x5 (5) ==>常数5 4122B6: f5 LitI4: 0x1 1 (....) ==>常数1 4122BB: 04 FLdRfVar local_0094 4122BE: 04 FLdRfVar local_014C 4122C1: 0a ImpAdCallFPR4: _rtcMidCharVar ==>Name2=Mid$(name,1,5) 4122C6: 04 FLdRfVar local_014C 4122C9: Lead1/f6 FStVar 4122CD: 35 FFree1Var local_012C 4122D0: 04 FLdRfVar local_0094 4122D3: Lead0/eb FnLenVar ==>求现在的长度(靠,当然是5啦) 4122D7: 04 FLdRfVar local_01AC 4122DA: 28 LitVarI2: ( local_015C ) 0x1 (1) ==>常数1 4122DF: 28 LitVarI2: ( local_013C ) 0xffffffff (-1) ==>step=-1即相当于for (i=5;i>=0;i--)之类 4122E4: Lead3/70 ForStepVar 4122EA: 04 FLdRfVar local_00A4 4122ED: 28 LitVarI2: ( local_012C ) 0x1 (1) 4122F2: 04 FLdRfVar local_01AC 4122F5: Lead1/22 CI4Var 4122F7: 04 FLdRfVar local_0094 4122FA: 04 FLdRfVar local_014C 4122FD: 0a ImpAdCallFPR4: _rtcMidCharVar ==>相当于Mid$(Name2,i,1) 412302: 04 FLdRfVar local_014C 412305: Lead0/ef ConcatVar ==>得到字符串连接起来,相当于把字符串取前5个倒置(abcdefg变成edcba) 412309: Lead1/f6 FStVar 41230D: 36 FFreeVar 412314: 04 FLdRfVar local_01AC 412317: Lead3/7e NextStepVar: (continue) 4122EA ==>循环 41231D: 04 FLdRfVar local_00A4 412320: Lead2/00 FStVarCopy 412324: 28 LitVarI2: ( local_012C ) 0x2 (2) ==>loop 412329: f5 LitI4: 0x1 1 (....) 41232E: 04 FLdRfVar local_0104 412331: 04 FLdRfVar local_014C 412334: 0a ImpAdCallFPR4: _rtcMidCharVar ==>str=Mid(Name2,i,i+=1)? 412339: 04 FLdRfVar local_014C 41233C: Lead1/f6 FStVar 412340: 35 FFree1Var local_012C 412343: 04 FLdRfVar local_00B4 412346: Lead2/fe CStrVarVal local_011C 41234A: 0b ImpAdCallI2 _rtcAnsiValueBstr ==>ASC$(str) 41234F: 44 CVarI2 local_013C 412352: Lead1/f6 FStVar ... ==>这里省略若干行 4123F8: 28 LitVarI2: ( local_012C ) 0x6 (6) ==>until i+1=6 4123FD: f5 LitI4: 0x5 5 (....) 412402: 04 FLdRfVar local_0104 412405: 04 FLdRfVar local_014C 412408: 0a ImpAdCallFPR4: _rtcMidCharVar 41240D: 04 FLdRfVar local_014C 412410: Lead1/f6 FStVar 412414: 35 FFree1Var local_012C 412417: 04 FLdRfVar local_00F4 41241A: Lead2/fe CStrVarVal local_011C 41241E: 0b ImpAdCallI2 _rtcAnsiValueBstr 412423: 44 CVarI2 local_013C 412426: Lead1/f6 FStVar 41242A: 2f FFree1Str local_011C 41242D: 04 FLdRfVar local_00B4 412430: 04 FLdRfVar local_00C4 412433: Lead0/ef ConcatVar ==>所得到的字符串相连接 412437: 04 FLdRfVar local_00D4 41243A: Lead0/ef ConcatVar 41243E: 04 FLdRfVar local_00E4 ==>... 412441: Lead0/ef ConcatVar 412445: 04 FLdRfVar local_00F4 412448: Lead0/ef ConcatVar 41244C: Lead1/f6 FStVar 412450: 36 FFreeVar 412459: 04 FLdRfVar local_011C 41245C: 21 FLdPrThis 41245D: 0f VCallAd text 412460: 19 FStAdFunc local_0118 412463: 08 FLdPr local_0118 412466: 0d VCallHresult get__ipropTEXTEDIT ==>取输入的假注册码 41246B: 3e FLdZeroAd local_011C 41246E: 46 CVarStr local_012C 412471: 5d HardType 412472: 04 FLdRfVar local_0114 412475: Lead0/33 EqVarBool ==>相等否? 412477: 1a FFree1Ad local_0118 41247A: 35 FFree1Var local_012C 41247D: 1c BranchF: 4124AC ==>不等跳到错误处理 412480: 27 LitVar_Missing 412483: 27 LitVar_Missing 412486: 27 LitVar_Missing 412489: f5 LitI4: 0x0 0 (....) 41248E: 3a LitVarStr: ( local_013C ) Nice Work! On To Harder Things! 412493: 4e FStVarCopyObj local_012C 412496: 04 FLdRfVar local_012C 412499: 0a ImpAdCallFPR4: _rtcMsgBox -------------------------------------------------------------------------------- Copyright © 2000-2003 看雪学院(www.pediy.com) All Rights Reserved. 2004-8-7 18:34 0
cobra1111 雪币： 231 活跃值： (465) 能力值： ( LV2，RANK：10 ) 在线值：发帖 23 回帖 179 粉丝 1 关注私信	cobra1111 3 楼哈哈 PCODE还是在破解CCG的试题时学的当时真是懂啊不过现在又全部忘记了啊嘿嘿 2004-8-7 18:55 0
saint12 雪币： 212 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 6 回帖 75 粉丝 0 关注私信	saint12 4 楼很好，谢谢linhanshi兄了。 2004-8-7 22:23 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (3)
linhanshi 雪币： 97697 活跃值： (200829) 能力值： (RANK：10 ) 在线值：发帖 9249 回帖 27947 粉丝 453 关注私信	linhanshi 2 楼 P-CODE标题:我和pcode的第一次――:) (5千字) 发信人:bbbsl 时间:2002-9-23 0:08:26 详细信息: 娃娃的CCG crackme3简要分析(P-CODE型) 作者:bbbsl[iPB][FCG] 目标:娃娃的CCG CRACKME3 工具:WKTVBDebugger v1.3,exdec(以上工具在风飘学兄的站点有下载) 首先我得多谢master兄引我上路,要不到现在我还不知道怎么弄P-CODE的东东,这两天从风飘雪兄的网站下了几个CRACKME,练习了一下,效果还不错,这个可是我自己连猜带蒙搞定的哦!!!哦,对了还要多谢好友upfeed每次耐心地听我罗嗦及对我不吝其口舌的指点!!!还有一位很可爱的老朋友,尽管此君老大年纪了,居然还是和我一样单身,哎,同病相怜啊,谢谢你老人家给予我信心!!! 顺便说一句,我从开始学着用exdec和wktvbdebugger到搞定这个东东的算法总共不到5小时,哇,这样一看,pcode的入门也不是很难嘛,所以会pcode的高手一定很多,帮忙看看我的分析有啥不对的啦!多谢! 代码如下,用exdec反编译的,哦,如果静态分析有困难,可以用WKTVBDebugger,由于是在输入的同时进行验证,所以我们在EDIT上下断点,方法:用WKTVBDebugger打开crackme,点Form Manager,拉下拉框选择main,然后选择TEXTBOX,下拉框选择TEXT1,点BPX钮,OK,现在按F5执行程序,在输入框中输入任何东东,立刻断下来了:)于是到了这里.... 40EAAC: 04 FLdRfVar local_00E0 ==>push address这玩艺过会存放字符串的地址, 40EAAF: 21 FLdPrThis ==>这里我怀疑是取程序本身的句柄,不确定,请高手指点 40EAB0: 0f VCallAd (object 2 ) ==>之所以有上面的怀疑是因为这里wktvbdbg注释为 ==>main.text1,所以猜是调用某程序自身的函数 40EAB3: 19 FStAdFunc local_00DC 40EAB6: 08 FLdPr local_00DC 40EAB9: 0d VCallHresult id ==>get_ipropTEXTEDIT 得到输入字符串 40EABE: 3e FLdZeroAd local_00E0 ==>字符串地址指针 40EAC1: 46 CVarStr local_00F0 ==>复制指针到local_00F0 40EAC4: 04 FLdRfVar local_0100 ==>push函数参数,WKTVBdbg走到这里可以看 ==>locao_0100+8所指代的内存,那是你输入的东东 40EAC7: 0a ImpAdCallFPR4: ==>rtvTrimVar相当于what?VB高手告诉我这函数干嘛用的 ==>好吗? 40EACC: 04 FLdRfVar local_0100 ==>push字符串 40EACF: Lead0/eb FnLenVar ==>得到字符串长度 40EAD3: Lead1/f6 FStVar ==>将长度存到某处,哪里我没弄明白:( 40EAD7: 1a FFree1Ad local_00DC 40EADA: 36 FFreeVar ==>free... 40EAE1: f4 LitI2_Byte: 0x1 1 (.) ==>push 1 as byte??? 40EAE3: 04 FLdRfVar local_00D6 40EAE6: 04 FLdRfVar local_00D4 40EAE9: 55 CI2Var ==>这里应该是相当于计数器i了,当然是以刚才取的长度为... 40EAEA: Lead3/63 ForI2: (when done) 40EB5D==>靠,总算见着个确定的函数,for语句,都见过吧:) 40EAF0: 21 FLdPrThis ==>看看,又是一个,我刚才说过我的猜测了 40EAF1: 0f VCallAd (object 2 ) ==>某函数??? 40EAF4: 19 FStAdFunc local_00DC 40EAF7: 28 LitVarI2: ( local_0100 ) 0x1 (1)==>把常数1赋给local_0100,然后将此变量入栈 40EAFC: 6b FLdI2 local_00D6 ==>这里是计数器i 40EAFF: e7 CI4UI1 ==>似乎起符号扩展的作用,大伙看看 40EB00: 3e FLdZeroAd local_00DC 40EB03: Lead2/6f CVarAd 40EB07: 04 FLdRfVar local_0110 40EB0A: 0a ImpAdCallFPR4: ==>这里是rtcMidChar,这十几行就是Mid$(str,i,1) 40EB0F: 04 FLdRfVar local_0110 40EB12: Lead1/f6 FStVar 40EB16: 1a FFree1Ad local_00DC 40EB19: 36 FFreeVar 40EB20: 04 FLdRfVar local_0094 40EB23: Lead2/fe CStrVarVal local_00E0 ==>取得的字符地址入栈 40EB27: 0b ImpAdCallI2 ==>call rtcAnsiValueBstr,就是ASC$(char) 40EB2C: 44 CVarI2 local_0124 ==>字符的ASCII值 40EB2F: Lead1/f6 FStVar 40EB33: 2f FFree1Str local_00E0 40EB36: 04 FLdRfVar local_00B4 ==>这个应是返回值了 40EB39: 6b FLdI2 local_00D6 ==>当当当....当!计数器i出现,干什么用呢? 40EB3C: 44 CVarI2 local_0124 ==>哇,取得的字符也出现了 40EB3F: Lead0/94 AddVar local_00F0 ==>原来是加起来用啊 40EB43: Lead1/f6 FStVar 40EB47: 04 FLdRfVar local_00A4 ==>这个东东是sum 40EB4A: 04 FLdRfVar local_00B4 ==>这个东东是刚才的结果 40EB4D: Lead0/94 AddVar local_00F0 ==>两个东东加一起 40EB51: Lead1/f6 FStVar ==>放到local_00A4里面去.哦哦... 40EB55: 04 FLdRfVar local_00D6 ==>计数器i再次登场 40EB58: 64 NextI2: (continue) 40EAF0==>是否继续??? 40EB5D: 04 FLdRfVar local_00A4 ==>刚才我说过的sum 40EB60: 28 LitVarI2: ( local_0124 ) 0x6e4 (1764)==>一个常数0x6e4 40EB65: 5d HardType 40EB66: Lead0/33 EqVarBool ==>两者是否相等? 40EB68: 1c BranchF: 40EB94 ==>不等就错误了:) 40EB6B: 1b LitStr: "恭喜你..." 40EB6E: 21 FLdPrThis 40EB6F: 0f VCallAd (object 2 ) 40EB72: 19 FStAdFunc local_00DC 40EB75: 08 FLdPr local_00DC 40EB78: 0d VCallHresult 禚d ==>put _ipropTEXTEDIT写下几句肉麻的话^_* 40EB7D: 1a FFree1Ad local_00DC 40EB80: f4 LitI2_Byte: 0x0 0 (.) 40EB82: 21 FLdPrThis 40EB83: 0f VCallAd (object 1 ) 40EB86: 19 FStAdFunc local_00DC 40EB89: 08 FLdPr local_00DC 40EB8C: 0d VCallHresult 禚d 总结: 算法如下:int sum=0;int char,len; gets(str);len=strlen(str); for (int i=0;i<len;i++) sum+=(i+1+str[i]); if (sum==0x6e4) printf("Bingo,just so so"); 呵呵,我就会弄些简单的糊弄人,没法,就这么大本事,还请各位海涵.... 附:反正得凑个数,没什么目的性,就当成注册机写吧,其实写的时候也是迷迷糊糊,尽量保证不出现特殊字符吧 int main(){ int i,len,sum=0; char str[20]="bbbsl"; clrscr(); gets(str); len=strlen(str); for (i=0;i<len;i++) sum+=(str[i]+1+i); if (sum>0x6e4) printf("error name"); else{ sum=0x6e4-sum; do{ str[i]=0x41; sum-=(0x42+i); i++; }while((sum-0x42-i)>0x40); if (sum>0x7a+0x14) { sum-=40; str[i]=sum/2; str[i+1]=sum-str[i]-1; str[i+2]='\0'; }else{ sum-=20; str[i]=sum; str[i+1]='\0'; } puts (str); } return 0; } -------------------------------------------------------------------------------- Copyright © 2000-2003 看雪学院(www.pediy.com) All Rights Reserved. 标题:IDCrackme的分析 (5千字) 发信人:bbbsl 时间:2002-9-23 0:10:36 详细信息: IDCrackme的分析作者:bbbsl 目标:IDCrackme?pcode型工具:WKTVBDebugger,exdec 没什么难度,大致分析一下流程,熟悉一下p-code的语句吧 412254: 04 FLdRfVar local_011C 412257: 21 FLdPrThis 412258: 0f VCallAd text 41225B: 19 FStAdFunc local_0118 41225E: 08 FLdPr local_0118 412261: 0d VCallHresult get__ipropTEXTEDIT ==>取名字 412266: 3e FLdZeroAd local_011C 412269: 46 CVarStr local_012C 41226C: Lead1/f6 FStVar 412270: 1a FFree1Ad local_0118 412273: 04 FLdRfVar local_0094 412276: Lead0/eb FnLenVar ==>求长度 41227A: 28 LitVarI2: ( local_013C ) 0x5 (5) ==>常数5 41227F: 5d HardType 412280: Lead0/67 LtVarBool ==>长度<5? 412282: 1c BranchF: 4122B1 ==>不小于跳 412285: 27 LitVar_Missing ==>否则MessageBox("Your ...") 412288: 27 LitVar_Missing 41228B: 27 LitVar_Missing 41228E: f5 LitI4: 0x0 0 (....) 412293: 3a LitVarStr: ( local_013C ) Your User Name Must Be At Least Five Characters 412298: 4e FStVarCopyObj local_012C 41229B: 04 FLdRfVar local_012C 41229E: 0a ImpAdCallFPR4: _rtcMsgBox 4122A3: 36 FFreeVar 4122AE: 1e Branch: 4124fe 4122B1: 28 LitVarI2: ( local_012C ) 0x5 (5) ==>常数5 4122B6: f5 LitI4: 0x1 1 (....) ==>常数1 4122BB: 04 FLdRfVar local_0094 4122BE: 04 FLdRfVar local_014C 4122C1: 0a ImpAdCallFPR4: _rtcMidCharVar ==>Name2=Mid$(name,1,5) 4122C6: 04 FLdRfVar local_014C 4122C9: Lead1/f6 FStVar 4122CD: 35 FFree1Var local_012C 4122D0: 04 FLdRfVar local_0094 4122D3: Lead0/eb FnLenVar ==>求现在的长度(靠,当然是5啦) 4122D7: 04 FLdRfVar local_01AC 4122DA: 28 LitVarI2: ( local_015C ) 0x1 (1) ==>常数1 4122DF: 28 LitVarI2: ( local_013C ) 0xffffffff (-1) ==>step=-1即相当于for (i=5;i>=0;i--)之类 4122E4: Lead3/70 ForStepVar 4122EA: 04 FLdRfVar local_00A4 4122ED: 28 LitVarI2: ( local_012C ) 0x1 (1) 4122F2: 04 FLdRfVar local_01AC 4122F5: Lead1/22 CI4Var 4122F7: 04 FLdRfVar local_0094 4122FA: 04 FLdRfVar local_014C 4122FD: 0a ImpAdCallFPR4: _rtcMidCharVar ==>相当于Mid$(Name2,i,1) 412302: 04 FLdRfVar local_014C 412305: Lead0/ef ConcatVar ==>得到字符串连接起来,相当于把字符串取前5个倒置(abcdefg变成edcba) 412309: Lead1/f6 FStVar 41230D: 36 FFreeVar 412314: 04 FLdRfVar local_01AC 412317: Lead3/7e NextStepVar: (continue) 4122EA ==>循环 41231D: 04 FLdRfVar local_00A4 412320: Lead2/00 FStVarCopy 412324: 28 LitVarI2: ( local_012C ) 0x2 (2) ==>loop 412329: f5 LitI4: 0x1 1 (....) 41232E: 04 FLdRfVar local_0104 412331: 04 FLdRfVar local_014C 412334: 0a ImpAdCallFPR4: _rtcMidCharVar ==>str=Mid(Name2,i,i+=1)? 412339: 04 FLdRfVar local_014C 41233C: Lead1/f6 FStVar 412340: 35 FFree1Var local_012C 412343: 04 FLdRfVar local_00B4 412346: Lead2/fe CStrVarVal local_011C 41234A: 0b ImpAdCallI2 _rtcAnsiValueBstr ==>ASC$(str) 41234F: 44 CVarI2 local_013C 412352: Lead1/f6 FStVar ... ==>这里省略若干行 4123F8: 28 LitVarI2: ( local_012C ) 0x6 (6) ==>until i+1=6 4123FD: f5 LitI4: 0x5 5 (....) 412402: 04 FLdRfVar local_0104 412405: 04 FLdRfVar local_014C 412408: 0a ImpAdCallFPR4: _rtcMidCharVar 41240D: 04 FLdRfVar local_014C 412410: Lead1/f6 FStVar 412414: 35 FFree1Var local_012C 412417: 04 FLdRfVar local_00F4 41241A: Lead2/fe CStrVarVal local_011C 41241E: 0b ImpAdCallI2 _rtcAnsiValueBstr 412423: 44 CVarI2 local_013C 412426: Lead1/f6 FStVar 41242A: 2f FFree1Str local_011C 41242D: 04 FLdRfVar local_00B4 412430: 04 FLdRfVar local_00C4 412433: Lead0/ef ConcatVar ==>所得到的字符串相连接 412437: 04 FLdRfVar local_00D4 41243A: Lead0/ef ConcatVar 41243E: 04 FLdRfVar local_00E4 ==>... 412441: Lead0/ef ConcatVar 412445: 04 FLdRfVar local_00F4 412448: Lead0/ef ConcatVar 41244C: Lead1/f6 FStVar 412450: 36 FFreeVar 412459: 04 FLdRfVar local_011C 41245C: 21 FLdPrThis 41245D: 0f VCallAd text 412460: 19 FStAdFunc local_0118 412463: 08 FLdPr local_0118 412466: 0d VCallHresult get__ipropTEXTEDIT ==>取输入的假注册码 41246B: 3e FLdZeroAd local_011C 41246E: 46 CVarStr local_012C 412471: 5d HardType 412472: 04 FLdRfVar local_0114 412475: Lead0/33 EqVarBool ==>相等否? 412477: 1a FFree1Ad local_0118 41247A: 35 FFree1Var local_012C 41247D: 1c BranchF: 4124AC ==>不等跳到错误处理 412480: 27 LitVar_Missing 412483: 27 LitVar_Missing 412486: 27 LitVar_Missing 412489: f5 LitI4: 0x0 0 (....) 41248E: 3a LitVarStr: ( local_013C ) Nice Work! On To Harder Things! 412493: 4e FStVarCopyObj local_012C 412496: 04 FLdRfVar local_012C 412499: 0a ImpAdCallFPR4: _rtcMsgBox -------------------------------------------------------------------------------- Copyright © 2000-2003 看雪学院(www.pediy.com) All Rights Reserved. 2004-8-7 18:34 0
cobra1111 雪币： 231 活跃值： (465) 能力值： ( LV2，RANK：10 ) 在线值：发帖 23 回帖 179 粉丝 1 关注私信	cobra1111 3 楼哈哈 PCODE还是在破解CCG的试题时学的当时真是懂啊不过现在又全部忘记了啊嘿嘿 2004-8-7 18:55 0
saint12 雪币： 212 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 6 回帖 75 粉丝 0 关注私信	saint12 4 楼很好，谢谢linhanshi兄了。 2004-8-7 22:23 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复