请大家帮看下,下面这段用户名以硬盘ID号,的注册机算法!
找了N天,终于在DLL文件里找到注册机算法,可是上弟有些看不明白,望大家能指点一二
10002445 |. /74 24 JE SHORT MyLib.1000246B
10002447 |. |53 PUSH EBX ; /pOverlapped => NULL
10002448 |. |8D4424 18 LEA EAX,DWORD PTR SS:[ESP+18] ; |
1000244C |. |50 PUSH EAX ; |pBytesReturned
1000244D |. |6A 04 PUSH 4 ; |OutBufferSize = 4
1000244F |. |8D8C24 240400>LEA ECX,DWORD PTR SS:[ESP+424] ; |
10002456 |. |51 PUSH ECX ; |OutBuffer
10002457 |. |53 PUSH EBX ; |InBufferSize => 0
10002458 |. |53 PUSH EBX ; |InBuffer => NULL
10002459 |. |6A 01 PUSH 1 ; |IoControlCode = 1
1000245B |. |56 PUSH ESI ; |hDevice
1000245C |. |FF15 C4720210 CALL DWORD PTR DS:[<&KERNEL32.DeviceIoControl>] ; \DeviceIoControl
10002462 |. |56 PUSH ESI ; /hObject
10002463 |. |FF15 94720210 CALL DWORD PTR DS:[<&KERNEL32.CloseHandle>] ; \CloseHandle
10002469 |. |EB 14 JMP SHORT MyLib.1000247F
1000246B |> \6A 10 PUSH 10 ; /Style = MB_OK|MB_ICONHAND|MB_APPLMODAL
1000246D |. 68 E4770210 PUSH MyLib.100277E4 ; |diskid32
10002472 |. 68 BC770210 PUSH MyLib.100277BC ; |error: could not open ide21201.vxd filediskid32
10002477 |. 6A 00 PUSH 0 ; |hOwner = NULL
10002479 |. FF15 BC730210 CALL DWORD PTR DS:[<&USER32.MessageBoxA>] ; \MessageBoxA
1000247F |> 33F6 XOR ESI,ESI
10002481 |. 8DBC24 240400>LEA EDI,DWORD PTR SS:[ESP+424]
10002488 |. EB 06 JMP SHORT MyLib.10002490
1000248A | 8D9B 00000000 LEA EBX,DWORD PTR DS:[EBX]
10002490 |> 8A8434 1C0400>/MOV AL,BYTE PTR SS:[ESP+ESI+41C]
10002497 |. 84C0 |TEST AL,AL
10002499 |. 74 3B |JE SHORT MyLib.100024D6
1000249B |. 8BD6 |MOV EDX,ESI
1000249D |. D1EA |SHR EDX,1
1000249F |. 8A8414 180400>|MOV AL,BYTE PTR SS:[ESP+EDX+418]
100024A6 |. 84C0 |TEST AL,AL
100024A8 |. 74 2C |JE SHORT MyLib.100024D6
100024AA |. 33C0 |XOR EAX,EAX
100024AC |. 8BCF |MOV ECX,EDI
100024AE |. 8BFF |MOV EDI,EDI
100024B0 |> 0FB711 |/MOVZX EDX,WORD PTR DS:[ECX]
100024B3 |. 895484 18 ||MOV DWORD PTR SS:[ESP+EAX*4+18],EDX
100024B7 |. 40 ||INC EAX
100024B8 |. 83C1 02 ||ADD ECX,2
100024BB |. 3D 00010000 ||CMP EAX,100
100024C0 |.^ 7C EE |\JL SHORT MyLib.100024B0
100024C2 |. 8B4C24 10 |MOV ECX,DWORD PTR SS:[ESP+10]
100024C6 |. 8D4424 18 |LEA EAX,DWORD PTR SS:[ESP+18]
100024CA |. 50 |PUSH EAX
100024CB |. 56 |PUSH ESI
100024CC |. E8 FFF9FFFF |CALL MyLib.10001ED0
100024D1 |. BB 01000000 |MOV EBX,1
100024D6 |> 46 |INC ESI
100024D7 |. 81C7 00020000 |ADD EDI,200
100024DD |. 83FE 08 |CMP ESI,8
100024E0 |.^ 72 AE \JB SHORT MyLib.10002490
100024E2 |. 6A 20 PUSH 20 ; /Priority = NORMAL_PRIORITY_CLASS
100024E4 |. FF15 88720210 CALL DWORD PTR DS:[<&KERNEL32.GetCurrentProcess>] ; |[GetCurrentProcess
100024EA |. 50 PUSH EAX ; |hProcess
100024EB |. FF15 8C720210 CALL DWORD PTR DS:[<&KERNEL32.SetPriorityClass>] ; \SetPriorityClass
100024F1 |. 8B8C24 2C1400>MOV ECX,DWORD PTR SS:[ESP+142C]
100024F8 |. 8BC3 MOV EAX,EBX
100024FA |. E8 0FB40000 CALL MyLib.1000D90E
100024FF |. 5F POP EDI
10002500 |. 5E POP ESI
10002501 |. 5B POP EBX
10002502 |. 8BE5 MOV ESP,EBP
10002504 |. 5D POP EBP
10002505 \. C3 RETN
找了N天,终于在DLL文件里找到注册机算法,可是上弟有些看不明白,望大家能指点一二
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
