能力值:
( LV2,RANK:10 )
|
-
-
2 楼
追码的确很简单
算码就算了
还没学到算码那里
|
能力值:
( LV3,RANK:20 )
|
-
-
3 楼
004B9CBB |. E8 ACC4FEFF call 004A616C
004B9CC0 |. 83C4 08 add esp, 8
004B9CC3 |. 0FB6D0 movzx edx, al
004B9CC6 |. 85D2 test edx, edx
004B9CC8 74 16 je short 004B9CE0 爆破专家们的兴趣点
004B9CCA |. 6A 20 push 20
004B9CCC |. 68 D4856100 push 006185D4 ; ASCII ">.<"
004B9CD1 |. 68 A8856100 push 006185A8
004B9CD6 |. 8B4D EC mov ecx, dword ptr [ebp-14]
004B9CD9 |. E8 CD02FFFF call 004A9FAB
004B9CDE |. EB 14 jmp short 004B9CF4
OD载入,下万能断点,断下后ALT+F9返回到
0055DBA4 |. FF15 C01D6800 call dword ptr [<&USER32.GetWindowTex>; \GetWindowTextA
0055DBAA |. EB 5D jmp short 0055DC09
0055DBAC |> 8D4D F0 lea ecx, dword ptr [ebp-10]
跳到
004B9B96 |. 8D45 9C lea eax, dword ptr [ebp-64]用户名出现
004B9B99 |. 50 push eax
004B9B9A |. E8 48EBFEFF call 004A86E7
004B9B9F |. 83C4 04 add esp, 4
004B9BA2 |. 8945 D4 mov dword ptr [ebp-2C], eax
004B9BA5 |. 837D D4 03 cmp dword ptr [ebp-2C], 3 用户名长度检测
004B9BA9 |. 7C 06 jl short 004B9BB1
004B9BAB |. 837D D4 0B cmp dword ptr [ebp-2C], 0B用户名长度检测
004B9BAF |. 7E 19 jle short 004B9BCA
004B9BB1 |> 6A 20 push 20
004B9BB3 |. 68 E4856100 push 006185E4 ; ASCII "-_-!"
004B9BB8 |. 68 EA856100 push 006185EA
004B9BBD |. 8B4D EC mov ecx, dword ptr [ebp-14]
004B9BC0 |. E8 E603FFFF call 004A9FAB
004B9BC5 |. E9 2A010000 jmp 004B9CF4
004B9BCA |> C745 E0 00000>mov dword ptr [ebp-20], 0
004B9BD1 |. EB 09 jmp short 004B9BDC
004B9BD3 |> 8B45 E0 /mov eax, dword ptr [ebp-20]
004B9BD6 |. 83C0 01 |add eax, 1
004B9BD9 |. 8945 E0 |mov dword ptr [ebp-20], eax
004B9BDC |> 8B45 E0 mov eax, dword ptr [ebp-20]
004B9BDF |. 3B45 D4 |cmp eax, dword ptr [ebp-2C]判断是否取完
004B9BE2 |. 7D 2C |jge short 004B9C10
004B9BE4 |. 8B45 E0 |mov eax, dword ptr [ebp-20]
004B9BE7 |. 0FBE4C05 9C |movsx ecx, byte ptr [ebp+eax-64]取用户名第一个字母
004B9BEC |. 8B55 E0 |mov edx, dword ptr [ebp-20]
004B9BEF |. 0FBE4415 9D |movsx eax, byte ptr [ebp+edx-63]取用户名第2个字母
004B9BF4 |. 33C8 |xor ecx, eax 第一与第2异或
004B9BF6 |. 894D BC |mov dword ptr [ebp-44], ecx
004B9BF9 |. 8B45 BC |mov eax, dword ptr [ebp-44]
004B9BFC |. 69C0 26BD0301 |imul eax, eax, 103BD26
004B9C02 |. 8945 BC |mov dword ptr [ebp-44], eax
004B9C05 |. 8B45 B0 |mov eax, dword ptr [ebp-50]
004B9C08 |. 0345 BC |add eax, dword ptr [ebp-44]
004B9C0B |. 8945 B0 |mov dword ptr [ebp-50], eax
004B9C0E |.^ EB C3 \jmp short 004B9BD3 跳回继续取用户名,第2与第3,第3与第4,第4与第5.....进行异或运算
004B9C10 |> 8B45 BC mov eax, dword ptr [ebp-44]
004B9C13 |. 3345 B0 xor eax, dword ptr [ebp-50]
004B9C16 |. 8945 BC mov dword ptr [ebp-44], eax
004B9C19 |. 8B45 BC mov eax, dword ptr [ebp-44]
004B9C1C |. 83C0 01 add eax, 1
004B9C1F |. 8945 BC mov dword ptr [ebp-44], eax
004B9C22 |. 8B45 BC mov eax, dword ptr [ebp-44]
004B9C25 |. 69C0 66550000 imul eax, eax, 5566
004B9C2B |. 8945 BC mov dword ptr [ebp-44], eax
004B9C2E |. 8B45 BC mov eax, dword ptr [ebp-44]
004B9C31 |. 50 push eax
004B9C32 |. 8B4D BC mov ecx, dword ptr [ebp-44]
004B9C35 |. 51 push ecx
004B9C36 |. 8B55 BC mov edx, dword ptr [ebp-44]
004B9C39 |. 52 push edx
004B9C3A |. 68 D8856100 push 006185D8 ; ASCII "%X%lu%o"
004B9C3F |. 8D85 30FFFFFF lea eax, dword ptr [ebp-D0]
004B9C45 |. 50 push eax
004B9C46 |. E8 B0F9FEFF call 004A95FB注册码算法CALL,在本人分析能力以上
004B9C4B |. 83C4 14 add esp, 14
004B9C4E |. 8D85 30FFFFFF lea eax, dword ptr [ebp-D0]
004B9C54 |. 50 push eax
004B9C55 |. E8 8DEAFEFF call 004A86E7
004B9C5A |. 83C4 04 add esp, 4
004B9C5D |. 8945 C8 mov dword ptr [ebp-38], eax
004B9C60 |. 8D85 18FFFFFF lea eax, dword ptr [ebp-E8]
004B9C66 |. 50 push eax
004B9C67 |. 68 E9030000 push 3E9
004B9C6C |. 8B4D EC mov ecx, dword ptr [ebp-14]
004B9C6F |. E8 A7FCFEFF call 004A991B
我这里用户名:mikeyabc
注册码:118730162940723422141630026
|
能力值:
( LV2,RANK:10 )
|
-
-
4 楼
顶您一下
我的注册名:yinguilin
我的注册码:81AA3482217541542620152432202
|