大家好:
小弟诚恳请各位大侠帮忙分析下面的代码,要怎样算出注册码或是怎么暴力破解.谢谢!,我在后面加了一点注释不知正不正确.
(这几天心情达到了低谷,被人骗的感觉,迟迟不能末去,这是我花了X个大洋买回的软件.骗子说,要想知密码,请在给N个大洋.我
,我无奈,只能默默的吞下苦涩的结果.希望大家与人交易时,多加分析.切记草率决定)
工具:用P32Dsam v2.3 反编译得到的代码
Module1 7.1 ---- ///// 可能是密码算法或判断的功能,具体什么功能不明白
0024875C: 00 LargeBos
0024875E: 00 LargeBos
00248760: 4B OnErrorGoto
00248763: 00 LargeBos
00248765: 28 LitVarI2: 1 0x1 var_D8
0024876A: 04 FLdRfVar var_98
0024876D: FD16 ILdRfDarg param_10
00248773: FBEB FnLenVar
00248777: FE68 ForVar For (counter = start) To (end)
0024877D: 00 LargeBos
0024877F: 28 LitVarI2: 1 0x1 var_B8
00248784: 04 FLdRfVar var_98
00248787: FC22 CI4Var
00248789: 6C ILdRf param_10
0024878C: 04 FLdRfVar var_108
0024878F: 0A ImpAdCallFPR4 Mid()
00248794: 04 FLdRfVar var_108
00248797: FDFE CStrVarVal var_10C
0024879B: 0B ImpAdCallI2 Asc()
002487A0: 44 CVarI2 var_C8
002487A3: FCF6 FStVar var_11C
002487A7: 2F FFree1Str var_10C
002487AA: 36 FFreeVar var_B8 var_108
002487B1: 00 LargeBos
002487B3: 04 FLdRfVar var_12C
002487B6: 04 FLdRfVar var_11C
002487B9: FB94 AddVar + var_B8
002487BD: FCF6 FStVar var_12C
002487C1: 00 LargeBos
002487C3: 04 FLdRfVar var_98
002487C6: FE7E NextStepVar Next (element)
002487CC: 00 LargeBos
002487CE: 04 FLdRfVar var_12C
002487D1: FEC4 LitVarR8
002487DD: FBB4 MulVar *
002487E1: 28 LitVarI2: 6 0x6 var_C8
002487E6: FBBC DivVar
002487EA: FBE9 FnIntVar
002487EE: FCF6 FStVar var_12C
002487F2: 00 LargeBos
002487F4: 04 FLdRfVar var_12C
002487F7: FD30 IStDargCopy
002487FB: 00 LargeBos
002487FD: 28 LitVarI2: 0 0x0 var_A8
00248802: FCF6 FStVar var_14C
00248806: 00 LargeBos
00248808: 28 LitVarI2: 1 0x1 var_D8
0024880D: 04 FLdRfVar var_15C
00248810: FD16 ILdRfDarg param_C
00248816: FBEB FnLenVar
0024881A: FE68 ForVar For (counter = start) To (end)
00248820: 00 LargeBos
00248822: 28 LitVarI2: 1 0x1 var_B8
00248827: 04 FLdRfVar var_15C
0024882A: FC22 CI4Var
0024882C: 6C ILdRf param_C
0024882F: 04 FLdRfVar var_108
00248832: 0A ImpAdCallFPR4 Mid()
00248837: 04 FLdRfVar var_108
0024883A: FDFE CStrVarVal var_10C
0024883E: 0B ImpAdCallI2 Asc()
00248843: 44 CVarI2 var_C8
00248846: FCF6 FStVar var_11C
0024884A: 2F FFree1Str var_10C
0024884D: 36 FFreeVar var_B8 var_108
00248854: 00 LargeBos
00248856: 04 FLdRfVar var_14C
00248859: 28 LitVarI2: 1 0x1 var_A8
0024885E: FB94 AddVar + var_B8
00248862: FCF6 FStVar var_14C
00248866: 00 LargeBos
00248868: 04 FLdRfVar var_14C
0024886B: 28 LitVarI2: 6 0x6 var_A8
00248870: 5D HardType
00248871: FB33 EqVarBool =
00248873: 1C BranchF 00248881
00248876: 00 LargeBos
00248878: 28 LitVarI2: 0 0x0 var_A8
0024887D: FCF6 FStVar var_14C
00248881: loc_00248873
00248881: 00 LargeBos
00248883: 28 LitVarI2: 0 0x0 var_A8
00248888: FCF6 FStVar var_12C
0024888C: 00 LargeBos
0024888E: 04 FLdRfVar var_14C
00248891: 28 LitVarI2: 0 0x0 var_A8
00248896: 5D HardType
00248897: FB33 EqVarBool =
00248899: 1C BranchF 002488B8
0024889C: 00 LargeBos
0024889E: 04 FLdRfVar var_11C
002488A1: FD16 ILdRfDarg param_10
002488A7: 28 LitVarI2: 2 0x2 var_A8
002488AC: FB9C SubVar -
002488B0: FB94 AddVar + var_108
002488B4: FCF6 FStVar var_12C
002488B8: loc_00248899
002488B8: 00 LargeBos
002488BA: 04 FLdRfVar var_14C
002488BD: 28 LitVarI2: 1 0x1 var_A8
002488C2: 5D HardType
002488C3: FB33 EqVarBool =
002488C5: 1C BranchF 002488E4
002488C8: 00 LargeBos
002488CA: 04 FLdRfVar var_11C
002488CD: FD16 ILdRfDarg param_10
002488D3: 28 LitVarI2: 5 0x5 var_A8
002488D8: FB9C SubVar -
002488DC: FB9C SubVar -
002488E0: FCF6 FStVar var_12C
002488E4: loc_002488C5
002488E4: 00 LargeBos
002488E6: 04 FLdRfVar var_14C
002488E9: 28 LitVarI2: 2 0x2 var_A8
002488EE: 5D HardType
002488EF: FB33 EqVarBool =
002488F1: 1C BranchF 00248910
002488F4: 00 LargeBos
002488F6: 04 FLdRfVar var_11C
002488F9: FD16 ILdRfDarg param_10
002488FF: 28 LitVarI2: 4 0x4 var_A8
00248904: FB9C SubVar -
00248908: FB94 AddVar + var_108
0024890C: FCF6 FStVar var_12C
00248910: loc_002488F1
00248910: 00 LargeBos
00248912: 04 FLdRfVar var_14C
00248915: 28 LitVarI2: 3 0x3 var_A8
0024891A: 5D HardType
0024891B: FB33 EqVarBool =
0024891D: 1C BranchF 0024893C
00248920: 00 LargeBos
00248922: 04 FLdRfVar var_11C
00248925: FD16 ILdRfDarg param_10
0024892B: 28 LitVarI2: 2 0x2 var_A8
00248930: FB9C SubVar -
00248934: FB9C SubVar -
00248938: FCF6 FStVar var_12C
0024893C: loc_0024891D
0024893C: 00 LargeBos
0024893E: 04 FLdRfVar var_14C
00248941: 28 LitVarI2: 4 0x4 var_A8
00248946: 5D HardType
00248947: FB33 EqVarBool =
00248949: 1C BranchF 00248968
0024894C: 00 LargeBos
0024894E: 04 FLdRfVar var_11C
00248951: FD16 ILdRfDarg param_10
00248957: 28 LitVarI2: 3 0x3 var_A8
0024895C: FB9C SubVar -
00248960: FB94 AddVar + var_108
00248964: FCF6 FStVar var_12C
00248968: loc_00248949
00248968: 00 LargeBos
0024896A: 04 FLdRfVar var_14C
0024896D: 28 LitVarI2: 5 0x5 var_A8
00248972: 5D HardType
00248973: FB33 EqVarBool =
00248975: 1C BranchF 00248994
00248978: 00 LargeBos
0024897A: 04 FLdRfVar var_11C
0024897D: FD16 ILdRfDarg param_10
00248983: 28 LitVarI2: 5 0x5 var_A8
00248988: FB9C SubVar -
0024898C: FB9C SubVar -
00248990: FCF6 FStVar var_12C
00248994: loc_00248975
00248994: 00 LargeBos
00248996: 04 FLdRfVar var_12C
00248999: 04 FLdRfVar var_14C
0024899C: FB9C SubVar -
002489A0: FCF6 FStVar var_12C
002489A4: 00 LargeBos
002489A6: 04 FLdRfVar var_18C
002489A9: 04 FLdRfVar var_12C
002489AC: FC22 CI4Var
002489AE: 04 FLdRfVar var_B8
002489B1: 0A ImpAdCallFPR4 Chr()
002489B6: 04 FLdRfVar var_B8
002489B9: FBEF ConcatVar
002489BD: FCF6 FStVar var_18C
002489C1: 35 FFree1Var var_B8
002489C4: 00 LargeBos
002489C6: 04 FLdRfVar var_15C
002489C9: FE7E NextStepVar Next (element)
002489CF: 00 LargeBos
002489D1: 04 FLdRfVar var_18C
002489D4: FC02 CStrVar
002489D6: 31 FStStr var_88
002489D9: 00 LargeBos
002489DB: 14 ExitProc
=============================================
frmLogin 10.13 ----
0024794C: 04 FLdRfVar var_CC
0024794F: 21 FLdPrThis
00247950: 0F VCallAd
00247953: 19 FStAdFunc var_C8
00247956: 08 FLdPr var_C8
00247959: 0D VCallHresult TextBox.Get_Text()
0024795E: 6C ILdRf var_CC
00247961: 3A LitVarStr: "518976"
00247966: 4E FStVarCopyObj var_C4
00247969: 04 FLdRfVar var_C4
0024796C: 3A LitVarStr: "besks"
00247971: 4E FStVarCopyObj var_A4
00247974: 04 FLdRfVar var_A4
00247977: 0B ImpAdCallI2 Module1 7.1
0024797C: 23 FStStrNoPop var_D0
0024797F: FB30 EqStr =
00247981: 04 FLdRfVar var_118
00247984: 21 FLdPrThis
00247985: 0F VCallAd
00247988: 19 FStAdFunc var_114
0024798B: 08 FLdPr var_114
0024798E: 0D VCallHresult TextBox.Get_Text()
00247993: 6C ILdRf var_118
00247996: 3A LitVarStr: "518976"
0024799B: 4E FStVarCopyObj var_110
0024799E: 04 FLdRfVar var_110
002479A1: 3A LitVarStr: "[XLD]EM:?HSWZ2;9LUB5"
002479A6: 4E FStVarCopyObj var_F0
002479A9: 04 FLdRfVar var_F0
002479AC: 0B ImpAdCallI2 Module1 7.1 ////密码算法或其它,不是很明白
002479B1: 23 FStStrNoPop var_11C ////这个不知是不是注册码存放处
002479B4: FB30 EqStr =
002479B6: C4 AndI4 And
002479B7: 32 FFreeStr var_CC var_D0 var_118 var_11C
002479C2: 29 FFreeAd: var_C8 var_114
002479C9: 36 FFreeVar var_A4 var_C4 var_F0 var_110
002479D4: 1C BranchF 00247A0D ////正确与否, 用户名和密码都错误,要想暴力破解都不行!
002479D7: 27 LitVar_Missing
002479DA: 27 LitVar_Missing
002479DD: 3A LitVarStr: 系统提示
002479E2: 4E FStVarCopyObj var_C4
002479E5: 04 FLdRfVar var_C4
002479E8: F5 LitI4: 16 0x10
002479ED: 3A LitVarStr: 用户名和密码错误
002479F2: 4E FStVarCopyObj var_A4
002479F5: 04 FLdRfVar var_A4
002479F8: 0A ImpAdCallFPR4 MsgBox()
002479FD: 36 FFreeVar var_A4 var_C4 var_F0 var_110
00247A08: FCC8 End End
00247A0A: 1E Branch 00247A40
00247A0D: loc_002479D4
00247A0D: 27 LitVar_Missing
00247A10: 27 LitVar_Missing
00247A13: 3A LitVarStr: 系统提示
00247A18: 4E FStVarCopyObj var_C4
00247A1B: 04 FLdRfVar var_C4
00247A1E: F5 LitI4: 16 0x10
00247A23: 3A LitVarStr: 用户名和密码错误
00247A28: 4E FStVarCopyObj var_A4
00247A2B: 04 FLdRfVar var_A4
00247A2E: 0A ImpAdCallFPR4 MsgBox()
00247A33: 36 FFreeVar var_A4 var_C4 var_F0 var_110
00247A3E: FCC8 End End
00247A40: loc_00247A0A
00247A40: 13 ExitProcHresult
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法