能力值:
( LV9,RANK:170 )
|
-
-
5 楼
我装了是一个酒店管理软件,可是无法创建数据库,软件无法运行。
以下是一些分析(有错误在里面),你可以参考一下
od直接载入,超级字符串查找,可以找到“注册成功!” 004B4F24
是注册部分,往上找到注册开始的地方
004B47E3 . 8BC8 mov ecx, eax
004B47E5 . BA 98504B00 mov edx, 004B5098 ; 请输入酒店名称
004B47EA . A1 10FC5300 mov eax, dword ptr [53FC10]
004B47EF . 8B00 mov eax, dword ptr [eax]
004B47F1 . E8 1AFEF9FF call 00454610
004B47F6 . E9 42070000 jmp 004B4F3D
004B47FB . 8D55 A0 lea edx, dword ptr [ebp-60]
004B47FE . 8B45 FC mov eax, dword ptr [ebp-4]
004B4801 . 8B80 18030000 mov eax, dword ptr [eax+318]
004B4807 . E8 D802F8FF call 00434AE4 ; 此函数多次被调用,可以进去看看它的作用
004B480C . 8B45 A0 mov eax, dword ptr [ebp-60]
004B480F . 8D55 A4 lea edx, dword ptr [ebp-5C]
004B4812 . E8 0553F5FF call 00409B1C
004B4817 . 837D A4 00 cmp dword ptr [ebp-5C], 0
004B481B . 75 2D jnz short 004B484A ; 大概是酒店不能没有名字
004B481D . 6A 00 push 0
004B481F . 8D55 9C lea edx, dword ptr [ebp-64]
004B4822 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4825 . E8 BA02F8FF call 00434AE4
004B482A . 8B45 9C mov eax, dword ptr [ebp-64]
004B482D . E8 E6FAF4FF call 00404318
004B4832 . 8BC8 mov ecx, eax
004B4834 . BA A8504B00 mov edx, 004B50A8 ; 请输入软件序列号
004B4839 . A1 10FC5300 mov eax, dword ptr [53FC10]
004B483E . 8B00 mov eax, dword ptr [eax]
004B4840 . E8 CBFDF9FF call 00454610
004B4845 . E9 F3060000 jmp 004B4F3D
004B484A > 8D55 94 lea edx, dword ptr [ebp-6C]
004B484D . 8B45 FC mov eax, dword ptr [ebp-4]
004B4850 . 8B80 10030000 mov eax, dword ptr [eax+310]
004B4856 . E8 8902F8FF call 00434AE4
004B485B . 8B45 94 mov eax, dword ptr [ebp-6C]
004B485E . 8D55 98 lea edx, dword ptr [ebp-68]
004B4861 . E8 B652F5FF call 00409B1C
004B4866 . 8B45 98 mov eax, dword ptr [ebp-68]
004B4869 . E8 E6F8F4FF call 00404154
004B486E . 83F8 0A cmp eax, 0A ; 和10比较
004B4871 . 7E 34 jle short 004B48A7
004B4873 . 8D45 C8 lea eax, dword ptr [ebp-38]
004B4876 . 50 push eax
004B4877 . 8D55 8C lea edx, dword ptr [ebp-74]
004B487A . 8B45 FC mov eax, dword ptr [ebp-4]
004B487D . 8B80 10030000 mov eax, dword ptr [eax+310]
004B4883 . E8 5C02F8FF call 00434AE4
004B4888 . 8B45 8C mov eax, dword ptr [ebp-74]
004B488B . 8D55 90 lea edx, dword ptr [ebp-70]
004B488E . E8 8952F5FF call 00409B1C
004B4893 . 8B45 90 mov eax, dword ptr [ebp-70]
004B4896 . B9 0A000000 mov ecx, 0A
004B489B . BA 01000000 mov edx, 1
004B48A0 . E8 B7FAF4FF call 0040435C
004B48A5 . EB 56 jmp short 004B48FD
004B48A7 > 8D55 88 lea edx, dword ptr [ebp-78]
004B48AA . 8B45 FC mov eax, dword ptr [ebp-4]
004B48AD . 8B80 10030000 mov eax, dword ptr [eax+310]
004B48B3 . E8 2C02F8FF call 00434AE4
004B48B8 . 8B45 88 mov eax, dword ptr [ebp-78]
004B48BB . 8D55 C8 lea edx, dword ptr [ebp-38]
004B48BE . E8 5952F5FF call 00409B1C
004B48C3 . 8B45 C8 mov eax, dword ptr [ebp-38]
004B48C6 . E8 89F8F4FF call 00404154
004B48CB . 83F8 0A cmp eax, 0A ; 同上
004B48CE . 7D 2D jge short 004B48FD
004B48D0 . 8D45 84 lea eax, dword ptr [ebp-7C]
004B48D3 . 50 push eax
004B48D4 . 8B45 C8 mov eax, dword ptr [ebp-38]
004B48D7 . E8 78F8F4FF call 00404154
004B48DC . B9 0A000000 mov ecx, 0A
004B48E1 . 2BC8 sub ecx, eax
004B48E3 . BA 01000000 mov edx, 1
004B48E8 . B8 C4504B00 mov eax, 004B50C4 ; 0000000000
004B48ED . E8 6AFAF4FF call 0040435C
004B48F2 . 8B55 84 mov edx, dword ptr [ebp-7C]
004B48F5 . 8D45 C8 lea eax, dword ptr [ebp-38]
004B48F8 . E8 5FF8F4FF call 0040415C
004B48FD > 8D45 B4 lea eax, dword ptr [ebp-4C] ; 上面的case都到这里了
004B4900 . 50 push eax
004B4901 . 8B45 C8 mov eax, dword ptr [ebp-38]
004B4904 . E8 0FFAF4FF call 00404318
004B4909 . 50 push eax
004B490A . E8 71FEFFFF call <jmp.&OftenFunction.getsoftware>
004B490F . 8D45 CC lea eax, dword ptr [ebp-34]
004B4912 . 8D55 B4 lea edx, dword ptr [ebp-4C]
004B4915 . B9 14000000 mov ecx, 14
004B491A . E8 E5F7F4FF call 00404104
004B491F . 8D95 7CFFFFFF lea edx, dword ptr [ebp-84]
004B4925 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4928 . 8B80 18030000 mov eax, dword ptr [eax+318]
004B492E . E8 B101F8FF call 00434AE4
004B4933 . 8B85 7CFFFFFF mov eax, dword ptr [ebp-84]
004B4939 . 8D55 80 lea edx, dword ptr [ebp-80]
004B493C . E8 DB51F5FF call 00409B1C
004B4941 . 8B45 80 mov eax, dword ptr [ebp-80]
004B4944 . 8B55 CC mov edx, dword ptr [ebp-34]
004B4947 . E8 18F9F4FF call 00404264 ; 检查注册码
004B494C . 74 33 je short 004B4981
004B494E . 6A 00 push 0
004B4950 . 8D95 78FFFFFF lea edx, dword ptr [ebp-88]
004B4956 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4959 . E8 8601F8FF call 00434AE4
004B495E . 8B85 78FFFFFF mov eax, dword ptr [ebp-88]
004B4964 . E8 AFF9F4FF call 00404318
004B4969 . 8BC8 mov ecx, eax
004B496B . BA D0504B00 mov edx, 004B50D0 ; 软件序列号不正确!
004B4970 . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4975 . 8B00 mov eax, dword ptr [eax]
004B4977 . E8 94FCF9FF call 00454610
004B497C . E9 BC050000 jmp 004B4F3D
004B4981 > 8D95 6CFFFFFF lea edx, dword ptr [ebp-94]
004B4987 . 8B45 FC mov eax, dword ptr [ebp-4]
004B498A . 8B80 D8020000 mov eax, dword ptr [eax+2D8] ; 像是查表,不知道说的对不对
004B4990 . E8 4F01F8FF call 00434AE4
004B4995 . FFB5 6CFFFFFF push dword ptr [ebp-94]
004B499B . 8D95 68FFFFFF lea edx, dword ptr [ebp-98]
004B49A1 . 8B45 FC mov eax, dword ptr [ebp-4]
004B49A4 . 8B80 E8020000 mov eax, dword ptr [eax+2E8] ; 同上
004B49AA . E8 3501F8FF call 00434AE4
004B49AF . FFB5 68FFFFFF push dword ptr [ebp-98]
004B49B5 . 8D95 64FFFFFF lea edx, dword ptr [ebp-9C]
004B49BB . 8B45 FC mov eax, dword ptr [ebp-4]
004B49BE . 8B80 F0020000 mov eax, dword ptr [eax+2F0]
004B49C4 . E8 1B01F8FF call 00434AE4
004B49C9 . FFB5 64FFFFFF push dword ptr [ebp-9C]
004B49CF . 8D95 60FFFFFF lea edx, dword ptr [ebp-A0]
004B49D5 . 8B45 FC mov eax, dword ptr [ebp-4]
004B49D8 . 8B80 F8020000 mov eax, dword ptr [eax+2F8]
004B49DE . E8 0101F8FF call 00434AE4
004B49E3 . FFB5 60FFFFFF push dword ptr [ebp-A0]
004B49E9 . 8D85 70FFFFFF lea eax, dword ptr [ebp-90]
004B49EF . BA 04000000 mov edx, 4
004B49F4 . E8 1BF8F4FF call 00404214
004B49F9 . 8B85 70FFFFFF mov eax, dword ptr [ebp-90]
004B49FF . 8D95 74FFFFFF lea edx, dword ptr [ebp-8C]
004B4A05 . E8 1251F5FF call 00409B1C
004B4A0A . 8B85 74FFFFFF mov eax, dword ptr [ebp-8C]
004B4A10 . E8 03F9F4FF call 00404318
004B4A15 . 8BF0 mov esi, eax
004B4A17 . 8D85 5CFFFFFF lea eax, dword ptr [ebp-A4]
004B4A1D . 8BD6 mov edx, esi
004B4A1F . E8 68F6F4FF call 0040408C
004B4A24 . 8B85 5CFFFFFF mov eax, dword ptr [ebp-A4]
004B4A2A . E8 25F7F4FF call 00404154
004B4A2F . 83F8 14 cmp eax, 14 ; 注册码必须是二十位
004B4A32 . 74 33 je short 004B4A67 ; 相等就跳,检查注册码长度是否符合要求
004B4A34 . 6A 00 push 0
004B4A36 . 8D95 58FFFFFF lea edx, dword ptr [ebp-A8]
004B4A3C . 8B45 FC mov eax, dword ptr [ebp-4]
004B4A3F . E8 A000F8FF call 00434AE4
004B4A44 . 8B85 58FFFFFF mov eax, dword ptr [ebp-A8]
004B4A4A . E8 C9F8F4FF call 00404318
004B4A4F . 8BC8 mov ecx, eax
004B4A51 . BA E4504B00 mov edx, 004B50E4 ; 注册码输入不正确
004B4A56 . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4A5B . 8B00 mov eax, dword ptr [eax]
004B4A5D . E8 AEFBF9FF call 00454610
004B4A62 . E9 D6040000 jmp 004B4F3D
004B4A67 > 8D45 D0 lea eax, dword ptr [ebp-30]
004B4A6A . 50 push eax
004B4A6B . 8D45 D8 lea eax, dword ptr [ebp-28]
004B4A6E . 50 push eax
004B4A6F . 56 push esi
004B4A70 . E8 03FDFFFF call <jmp.&OftenFunction.getlimitedd>
004B4A75 . 85C0 test eax, eax
004B4A77 . 74 33 je short 004B4AAC ; 必须跳
004B4A79 . 6A 00 push 0
004B4A7B . 8D95 54FFFFFF lea edx, dword ptr [ebp-AC]
004B4A81 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4A84 . E8 5B00F8FF call 00434AE4
004B4A89 . 8B85 54FFFFFF mov eax, dword ptr [ebp-AC]
004B4A8F . E8 84F8F4FF call 00404318
004B4A94 . 8BC8 mov ecx, eax
004B4A96 . BA F8504B00 mov edx, 004B50F8 ; 注册码不正确!
004B4A9B . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4AA0 . 8B00 mov eax, dword ptr [eax]
004B4AA2 . E8 69FBF9FF call 00454610
004B4AA7 . E9 91040000 jmp 004B4F3D
004B4AAC > 8D45 E4 lea eax, dword ptr [ebp-1C]
004B4AAF . 8D55 D8 lea edx, dword ptr [ebp-28]
004B4AB2 . B9 08000000 mov ecx, 8
004B4AB7 . E8 48F6F4FF call 00404104
004B4ABC . 8D45 E0 lea eax, dword ptr [ebp-20]
004B4ABF . 8D55 D0 lea edx, dword ptr [ebp-30]
004B4AC2 . B9 08000000 mov ecx, 8
004B4AC7 . E8 38F6F4FF call 00404104
004B4ACC . 33C0 xor eax, eax
004B4ACE . 55 push ebp
004B4ACF . 68 D44B4B00 push 004B4BD4
004B4AD4 . 64:FF30 push dword ptr fs:[eax]
004B4AD7 . 64:8920 mov dword ptr fs:[eax], esp
004B4ADA . 8D85 50FFFFFF lea eax, dword ptr [ebp-B0]
004B4AE0 . 50 push eax
004B4AE1 . B9 02000000 mov ecx, 2
004B4AE6 . BA 07000000 mov edx, 7
004B4AEB . 8B45 E4 mov eax, dword ptr [ebp-1C]
004B4AEE . E8 69F8F4FF call 0040435C
004B4AF3 . 8B85 50FFFFFF mov eax, dword ptr [ebp-B0]
004B4AF9 . E8 0A53F5FF call 00409E08
004B4AFE . 50 push eax
004B4AFF . 8D85 4CFFFFFF lea eax, dword ptr [ebp-B4]
004B4B05 . 50 push eax
004B4B06 . B9 02000000 mov ecx, 2
004B4B0B . BA 05000000 mov edx, 5
004B4B10 . 8B45 E4 mov eax, dword ptr [ebp-1C]
004B4B13 . E8 44F8F4FF call 0040435C
004B4B18 . 8B85 4CFFFFFF mov eax, dword ptr [ebp-B4]
004B4B1E . E8 E552F5FF call 00409E08
004B4B23 . 50 push eax
004B4B24 . 8D85 48FFFFFF lea eax, dword ptr [ebp-B8]
004B4B2A . 50 push eax
004B4B2B . B9 04000000 mov ecx, 4
004B4B30 . BA 01000000 mov edx, 1
004B4B35 . 8B45 E4 mov eax, dword ptr [ebp-1C]
004B4B38 . E8 1FF8F4FF call 0040435C
004B4B3D . 8B85 48FFFFFF mov eax, dword ptr [ebp-B8]
004B4B43 . E8 C052F5FF call 00409E08
004B4B48 . 5A pop edx
004B4B49 . 59 pop ecx
004B4B4A . E8 AD64F5FF call 0040AFFC
004B4B4F . DD5D F0 fstp qword ptr [ebp-10]
004B4B52 . 9B wait
004B4B53 . 8D85 44FFFFFF lea eax, dword ptr [ebp-BC]
004B4B59 . 50 push eax
004B4B5A . B9 02000000 mov ecx, 2
004B4B5F . BA 07000000 mov edx, 7
004B4B64 . 8B45 E0 mov eax, dword ptr [ebp-20]
004B4B67 . E8 F0F7F4FF call 0040435C
004B4B6C . 8B85 44FFFFFF mov eax, dword ptr [ebp-BC]
004B4B72 . E8 9152F5FF call 00409E08
004B4B77 . 50 push eax
004B4B78 . 8D85 40FFFFFF lea eax, dword ptr [ebp-C0]
004B4B7E . 50 push eax
004B4B7F . B9 02000000 mov ecx, 2
004B4B84 . BA 05000000 mov edx, 5
004B4B89 . 8B45 E0 mov eax, dword ptr [ebp-20]
004B4B8C . E8 CBF7F4FF call 0040435C
004B4B91 . 8B85 40FFFFFF mov eax, dword ptr [ebp-C0]
004B4B97 . E8 6C52F5FF call 00409E08
004B4B9C . 50 push eax
004B4B9D . 8D85 3CFFFFFF lea eax, dword ptr [ebp-C4]
004B4BA3 . 50 push eax
004B4BA4 . B9 04000000 mov ecx, 4
004B4BA9 . BA 01000000 mov edx, 1
004B4BAE . 8B45 E0 mov eax, dword ptr [ebp-20]
004B4BB1 . E8 A6F7F4FF call 0040435C
004B4BB6 . 8B85 3CFFFFFF mov eax, dword ptr [ebp-C4]
004B4BBC . E8 4752F5FF call 00409E08
004B4BC1 . 5A pop edx
004B4BC2 . 59 pop ecx
004B4BC3 . E8 3464F5FF call 0040AFFC
004B4BC8 . DDD8 fstp st
004B4BCA . 33C0 xor eax, eax
004B4BCC . 5A pop edx
004B4BCD . 59 pop ecx
004B4BCE . 59 pop ecx
004B4BCF . 64:8910 mov dword ptr fs:[eax], edx
004B4BD2 . EB 42 jmp short 004B4C16 ; 当然要跳啦
004B4BD4 .^ E9 03EAF4FF jmp 004035DC
004B4BD9 . 6A 00 push 0
004B4BDB . 8D95 38FFFFFF lea edx, dword ptr [ebp-C8]
004B4BE1 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4BE4 . E8 FBFEF7FF call 00434AE4
004B4BE9 . 8B85 38FFFFFF mov eax, dword ptr [ebp-C8]
004B4BEF . E8 24F7F4FF call 00404318
004B4BF4 . 8BC8 mov ecx, eax
004B4BF6 . BA F8504B00 mov edx, 004B50F8 ; 注册码不正确!
004B4BFB . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4C00 . 8B00 mov eax, dword ptr [eax]
004B4C02 . E8 09FAF9FF call 00454610
004B4C07 . E8 ECEDF4FF call 004039F8
004B4C0C . E9 2C030000 jmp 004B4F3D
004B4C11 . E8 E2EDF4FF call 004039F8
004B4C16 > A1 80FC5300 mov eax, dword ptr [53FC80] ; 把注册信息保存到数据库里
004B4C1B . 8B00 mov eax, dword ptr [eax]
004B4C1D . 8B58 54 mov ebx, dword ptr [eax+54]
004B4C20 . 8BC3 mov eax, ebx
004B4C22 . E8 5D7BFDFF call 0048C784
004B4C27 . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4C2D . 8B10 mov edx, dword ptr [eax]
004B4C2F . FF52 40 call dword ptr [edx+40]
004B4C32 . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4C38 . BA 10514B00 mov edx, 004B5110 ; select * from SystemInfo
004B4C3D . 8B08 mov ecx, dword ptr [eax]
004B4C3F . FF51 34 call dword ptr [ecx+34]
004B4C42 . 8BC3 mov eax, ebx
004B4C44 . E8 2F7BFDFF call 0048C778
004B4C49 . A1 80FC5300 mov eax, dword ptr [53FC80]
004B4C4E . 8B00 mov eax, dword ptr [eax]
004B4C50 . 8B40 54 mov eax, dword ptr [eax+54]
004B4C53 . 80B8 91000000>cmp byte ptr [eax+91], 0
004B4C5A . 0F85 C1010000 jnz 004B4E21
004B4C60 . 8B15 80FC5300 mov edx, dword ptr [53FC80] ; HotelMan.00540930
004B4C66 . 8BD8 mov ebx, eax
004B4C68 . 8BC3 mov eax, ebx
004B4C6A . E8 157BFDFF call 0048C784
004B4C6F . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4C75 . 8B10 mov edx, dword ptr [eax]
004B4C77 . FF52 40 call dword ptr [edx+40]
004B4C7A . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4C80 . BA 10514B00 mov edx, 004B5110 ; select * from SystemInfo
004B4C85 . 8B08 mov ecx, dword ptr [eax]
004B4C87 . FF51 34 call dword ptr [ecx+34]
004B4C8A . 8BC3 mov eax, ebx
004B4C8C . E8 E77AFDFF call 0048C778
004B4C91 . A1 80FC5300 mov eax, dword ptr [53FC80]
004B4C96 . 8B00 mov eax, dword ptr [eax]
004B4C98 . 8B58 54 mov ebx, dword ptr [eax+54]
004B4C9B . 80BB 91000000>cmp byte ptr [ebx+91], 0
004B4CA2 . 0F85 5C010000 jnz 004B4E04 ; 不能跳去啊!
004B4CA8 . A1 80FC5300 mov eax, dword ptr [53FC80]
004B4CAD . 8BC3 mov eax, ebx
004B4CAF . BA 34514B00 mov edx, 004B5134 ; RegistCode
004B4CB4 . E8 7F87FDFF call 0048D438
004B4CB9 . 8D95 34FFFFFF lea edx, dword ptr [ebp-CC]
004B4CBF . 8B08 mov ecx, dword ptr [eax]
004B4CC1 . FF51 58 call dword ptr [ecx+58]
004B4CC4 . 83BD 34FFFFFF>cmp dword ptr [ebp-CC], 0
004B4CCB . 74 3E je short 004B4D0B
004B4CCD . A1 80FC5300 mov eax, dword ptr [53FC80]
004B4CD2 . 8B00 mov eax, dword ptr [eax]
004B4CD4 . 8B40 54 mov eax, dword ptr [eax+54]
004B4CD7 . BA 48514B00 mov edx, 004B5148 ; MadeDate
004B4CDC . E8 5787FDFF call 0048D438
004B4CE1 . 8B10 mov edx, dword ptr [eax]
004B4CE3 . FF52 4C call dword ptr [edx+4C]
004B4CE6 . DC5D F0 fcomp qword ptr [ebp-10]
004B4CE9 . DFE0 fstsw ax
004B4CEB . 9E sahf
004B4CEC . 74 1D je short 004B4D0B ; 跳
004B4CEE . 6A 00 push 0
004B4CF0 . B9 54514B00 mov ecx, 004B5154 ; 系统注册
004B4CF5 . BA 60514B00 mov edx, 004B5160 ; 注册码不正确,请重新输入
004B4CFA . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4CFF . 8B00 mov eax, dword ptr [eax]
004B4D01 . E8 0AF9F9FF call 00454610
004B4D06 . E9 32020000 jmp 004B4F3D
004B4D0B > A1 80FC5300 mov eax, dword ptr [53FC80]
004B4D10 . 8B00 mov eax, dword ptr [eax]
004B4D12 . 8B58 54 mov ebx, dword ptr [eax+54]
004B4D15 . 8BC3 mov eax, ebx
004B4D17 . E8 687AFDFF call 0048C784
004B4D1C . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4D22 . 8B10 mov edx, dword ptr [eax]
004B4D24 . FF52 40 call dword ptr [edx+40]
004B4D27 . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4D2D . BA 84514B00 mov edx, 004B5184 ; update SystemInfo set upTownName=:upTownName,SoftWareNo=:SoftWareNo,limitedflag=0,MadeDate=:MadeDate,RegistCode=:RegistCode,Limitedcount=0
004B4D32 . 8B08 mov ecx, dword ptr [eax]
004B4D34 . FF51 34 call dword ptr [ecx+34]
004B4D37 . BA 34514B00 mov edx, 004B5134 ; RegistCode
004B4D3C . 8BC3 mov eax, ebx
004B4D3E . E8 9D1FFFFF call 004A6CE0
004B4D43 . 50 push eax
004B4D44 . 8D85 30FFFFFF lea eax, dword ptr [ebp-D0]
004B4D4A . 8BD6 mov edx, esi
004B4D4C . E8 3BF3F4FF call 0040408C
004B4D51 . 8B95 30FFFFFF mov edx, dword ptr [ebp-D0]
004B4D57 . 58 pop eax
004B4D58 . E8 C36EFDFF call 0048BC20
004B4D5D . FF75 F4 push dword ptr [ebp-C]
004B4D60 . FF75 F0 push dword ptr [ebp-10]
004B4D63 . BA 1C524B00 mov edx, 004B521C ; Madedate
004B4D68 . 8BC3 mov eax, ebx
004B4D6A . E8 711FFFFF call 004A6CE0
004B4D6F . E8 1070FDFF call 0048BD84
004B4D74 . 8D95 28FFFFFF lea edx, dword ptr [ebp-D8]
004B4D7A . 8B45 FC mov eax, dword ptr [ebp-4]
004B4D7D . 8B80 10030000 mov eax, dword ptr [eax+310]
004B4D83 . E8 5CFDF7FF call 00434AE4
004B4D88 . 8B85 28FFFFFF mov eax, dword ptr [ebp-D8]
004B4D8E . 8D95 2CFFFFFF lea edx, dword ptr [ebp-D4]
004B4D94 . E8 834DF5FF call 00409B1C
004B4D99 . 8B85 2CFFFFFF mov eax, dword ptr [ebp-D4]
004B4D9F . 50 push eax
004B4DA0 . BA 30524B00 mov edx, 004B5230 ; uptownName
004B4DA5 . 8BC3 mov eax, ebx
004B4DA7 . E8 341FFFFF call 004A6CE0
004B4DAC . 5A pop edx
004B4DAD . E8 6E6EFDFF call 0048BC20
004B4DB2 . 8D95 20FFFFFF lea edx, dword ptr [ebp-E0]
004B4DB8 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4DBB . 8B80 18030000 mov eax, dword ptr [eax+318]
004B4DC1 . E8 1EFDF7FF call 00434AE4
004B4DC6 . 8B85 20FFFFFF mov eax, dword ptr [ebp-E0]
004B4DCC . 8D95 24FFFFFF lea edx, dword ptr [ebp-DC]
004B4DD2 . E8 454DF5FF call 00409B1C
004B4DD7 . 8B85 24FFFFFF mov eax, dword ptr [ebp-DC]
004B4DDD . 50 push eax
004B4DDE . BA 44524B00 mov edx, 004B5244 ; softwareNo
004B4DE3 . 8BC3 mov eax, ebx
004B4DE5 . E8 F61EFFFF call 004A6CE0
004B4DEA . 5A pop edx
004B4DEB . E8 306EFDFF call 0048BC20
004B4DF0 . 8BC3 mov eax, ebx
004B4DF2 . E8 E91FFFFF call 004A6DE0
004B4DF7 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4DFA . E8 C5BEF9FF call 00450CC4
004B4DFF . E9 19010000 jmp 004B4F1D ; 胜利的曙光到来!
004B4E04 > 6A 00 push 0
004B4E06 . B9 54514B00 mov ecx, 004B5154 ; 系统注册
004B4E0B . BA 60514B00 mov edx, 004B5160 ; 注册码不正确,请重新输入
004B4E10 . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4E15 . 8B00 mov eax, dword ptr [eax]
004B4E17 . E8 F4F7F9FF call 00454610
004B4E1C . E9 1C010000 jmp 004B4F3D
004B4E21 > A1 80FC5300 mov eax, dword ptr [53FC80]
004B4E26 . 8B00 mov eax, dword ptr [eax]
004B4E28 . 8B58 54 mov ebx, dword ptr [eax+54]
004B4E2B . 8BC3 mov eax, ebx
004B4E2D . E8 5279FDFF call 0048C784
004B4E32 . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4E38 . 8B10 mov edx, dword ptr [eax]
004B4E3A . FF52 40 call dword ptr [edx+40]
004B4E3D . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4E43 . BA 58524B00 mov edx, 004B5258 ; insert into SystemInfo (upTownID,UpTownName,SoftWareNo,RegistCode,MadeDate,LimitedFlag,LimitedCount)
004B4E48 . 8B08 mov ecx, dword ptr [eax]
004B4E4A . FF51 34 call dword ptr [ecx+34]
004B4E4D . 8B83 38020000 mov eax, dword ptr [ebx+238]
004B4E53 . BA C8524B00 mov edx, 004B52C8 ; values (1,:UptownName,:SoftWareNo,:RegistCode,:MadeDate,0,0)
004B4E58 . 8B08 mov ecx, dword ptr [eax]
004B4E5A . FF51 34 call dword ptr [ecx+34]
004B4E5D . FF75 F4 push dword ptr [ebp-C]
004B4E60 . FF75 F0 push dword ptr [ebp-10]
004B4E63 . BA 10534B00 mov edx, 004B5310 ; madedate
004B4E68 . 8BC3 mov eax, ebx
004B4E6A . E8 711EFFFF call 004A6CE0
004B4E6F . E8 106FFDFF call 0048BD84
004B4E74 . BA 34514B00 mov edx, 004B5134 ; RegistCode
004B4E79 . 8BC3 mov eax, ebx
004B4E7B . E8 601EFFFF call 004A6CE0
004B4E80 . 50 push eax
004B4E81 . 8D85 1CFFFFFF lea eax, dword ptr [ebp-E4]
004B4E87 . 8BD6 mov edx, esi
004B4E89 . E8 FEF1F4FF call 0040408C
004B4E8E . 8B95 1CFFFFFF mov edx, dword ptr [ebp-E4]
004B4E94 . 58 pop eax
004B4E95 . E8 866DFDFF call 0048BC20
004B4E9A . 8D95 14FFFFFF lea edx, dword ptr [ebp-EC]
004B4EA0 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4EA3 . 8B80 10030000 mov eax, dword ptr [eax+310]
004B4EA9 . E8 36FCF7FF call 00434AE4
004B4EAE . 8B85 14FFFFFF mov eax, dword ptr [ebp-EC]
004B4EB4 . 8D95 18FFFFFF lea edx, dword ptr [ebp-E8]
004B4EBA . E8 5D4CF5FF call 00409B1C
004B4EBF . 8B85 18FFFFFF mov eax, dword ptr [ebp-E8]
004B4EC5 . 50 push eax
004B4EC6 . BA 30524B00 mov edx, 004B5230 ; uptownName
004B4ECB . 8BC3 mov eax, ebx
004B4ECD . E8 0E1EFFFF call 004A6CE0
004B4ED2 . 5A pop edx
004B4ED3 . E8 486DFDFF call 0048BC20
004B4ED8 . 8D95 0CFFFFFF lea edx, dword ptr [ebp-F4]
004B4EDE . 8B45 FC mov eax, dword ptr [ebp-4]
004B4EE1 . 8B80 18030000 mov eax, dword ptr [eax+318]
004B4EE7 . E8 F8FBF7FF call 00434AE4
004B4EEC . 8B85 0CFFFFFF mov eax, dword ptr [ebp-F4]
004B4EF2 . 8D95 10FFFFFF lea edx, dword ptr [ebp-F0]
004B4EF8 . E8 1F4CF5FF call 00409B1C
004B4EFD . 8B85 10FFFFFF mov eax, dword ptr [ebp-F0]
004B4F03 . 50 push eax
004B4F04 . BA 44524B00 mov edx, 004B5244 ; softwareNo
004B4F09 . 8BC3 mov eax, ebx
004B4F0B . E8 D01DFFFF call 004A6CE0
004B4F10 . 5A pop edx
004B4F11 . E8 0A6DFDFF call 0048BC20
004B4F16 . 8BC3 mov eax, ebx
004B4F18 . E8 C31EFFFF call 004A6DE0
004B4F1D > 6A 00 push 0
004B4F1F . B9 54514B00 mov ecx, 004B5154 ; 系统注册
004B4F24 . BA 1C534B00 mov edx, 004B531C ; 注册成功!
004B4F29 . A1 10FC5300 mov eax, dword ptr [53FC10]
004B4F2E . 8B00 mov eax, dword ptr [eax]
004B4F30 . E8 DBF6F9FF call 00454610
004B4F35 . 8B45 FC mov eax, dword ptr [ebp-4]
004B4F38 . E8 87BDF9FF call 00450CC4
004B4F3D > 33C0 xor eax, eax
004B4F3F . 5A pop edx
004B4F40 . 59 pop ecx
004B4F41 . 59 pop ecx
004B4F42 . 64:8910 mov dword ptr fs:[eax], edx
004B4F45 . 68 8E504B00 push 004B508E
004B4F4A > 8D85 0CFFFFFF lea eax, dword ptr [ebp-F4]
004B4F50 . E8 7FEFF4FF call 00403ED4
004B4F55 . 8D85 10FFFFFF lea eax, dword ptr [ebp-F0]
004B4F5B . E8 74EFF4FF call 00403ED4
004B4F60 . 8D85 14FFFFFF lea eax, dword ptr [ebp-EC]
004B4F66 . E8 69EFF4FF call 00403ED4
004B4F6B . 8D85 18FFFFFF lea eax, dword ptr [ebp-E8]
004B4F71 . BA 02000000 mov edx, 2
004B4F76 . E8 7DEFF4FF call 00403EF8
004B4F7B . 8D85 20FFFFFF lea eax, dword ptr [ebp-E0]
004B4F81 . E8 4EEFF4FF call 00403ED4
004B4F86 . 8D85 24FFFFFF lea eax, dword ptr [ebp-DC]
004B4F8C . E8 43EFF4FF call 00403ED4
004B4F91 . 8D85 28FFFFFF lea eax, dword ptr [ebp-D8]
004B4F97 . E8 38EFF4FF call 00403ED4
004B4F9C . 8D85 2CFFFFFF lea eax, dword ptr [ebp-D4]
004B4FA2 . BA 03000000 mov edx, 3
004B4FA7 . E8 4CEFF4FF call 00403EF8
004B4FAC . 8D85 38FFFFFF lea eax, dword ptr [ebp-C8]
004B4FB2 . E8 1DEFF4FF call 00403ED4
004B4FB7 . 8D85 3CFFFFFF lea eax, dword ptr [ebp-C4]
004B4FBD . BA 06000000 mov edx, 6
004B4FC2 . E8 31EFF4FF call 00403EF8
004B4FC7 . 8D85 54FFFFFF lea eax, dword ptr [ebp-AC]
004B4FCD . BA 02000000 mov edx, 2
004B4FD2 . E8 21EFF4FF call 00403EF8
004B4FD7 . 8D85 5CFFFFFF lea eax, dword ptr [ebp-A4]
004B4FDD . E8 F2EEF4FF call 00403ED4
004B4FE2 . 8D85 60FFFFFF lea eax, dword ptr [ebp-A0]
004B4FE8 . BA 05000000 mov edx, 5
004B4FED . E8 06EFF4FF call 00403EF8
004B4FF2 . 8D85 74FFFFFF lea eax, dword ptr [ebp-8C]
004B4FF8 . E8 D7EEF4FF call 00403ED4
004B4FFD . 8D85 78FFFFFF lea eax, dword ptr [ebp-88]
004B5003 . BA 02000000 mov edx, 2
004B5008 . E8 EBEEF4FF call 00403EF8
004B500D . 8D45 80 lea eax, dword ptr [ebp-80]
004B5010 . BA 02000000 mov edx, 2
004B5015 . E8 DEEEF4FF call 00403EF8
004B501A . 8D45 88 lea eax, dword ptr [ebp-78]
004B501D . BA 02000000 mov edx, 2
004B5022 . E8 D1EEF4FF call 00403EF8
004B5027 . 8D45 90 lea eax, dword ptr [ebp-70]
004B502A . E8 A5EEF4FF call 00403ED4
004B502F . 8D45 94 lea eax, dword ptr [ebp-6C]
004B5032 . E8 9DEEF4FF call 00403ED4
004B5037 . 8D45 98 lea eax, dword ptr [ebp-68]
004B503A . E8 95EEF4FF call 00403ED4
004B503F . 8D45 9C lea eax, dword ptr [ebp-64]
004B5042 . BA 02000000 mov edx, 2
004B5047 . E8 ACEEF4FF call 00403EF8
004B504C . 8D45 A4 lea eax, dword ptr [ebp-5C]
004B504F . E8 80EEF4FF call 00403ED4
004B5054 . 8D45 A8 lea eax, dword ptr [ebp-58]
004B5057 . BA 02000000 mov edx, 2
004B505C . E8 97EEF4FF call 00403EF8
004B5061 . 8D45 B0 lea eax, dword ptr [ebp-50]
004B5064 . E8 6BEEF4FF call 00403ED4
004B5069 . 8D45 C8 lea eax, dword ptr [ebp-38]
004B506C . BA 02000000 mov edx, 2
004B5071 . E8 82EEF4FF call 00403EF8
004B5076 . 8D45 E0 lea eax, dword ptr [ebp-20]
004B5079 . BA 02000000 mov edx, 2
004B507E . E8 75EEF4FF call 00403EF8
004B5083 . C3 retn
|
没人理我。。。
我就是看这个程序简单,没加壳,看上去也不复杂,才拿这个开刀,没想到。。。。我再找找资料,大家一起研究。:)
