求救“注册.rar”用字符参考下不了断,用消息断了下来,但它内部的分支无论哪一个都是失败,是没分析对?还是断点没弄对?
0040232D . 85C0 TEST EAX,EAX
0040232F . 75 15 JNZ SHORT 注册.00402346
00402331 . 8BCE MOV ECX,ESI
00402333 . E8 78000000 CALL 注册.004023B0
00402338 . 6A 00 PUSH 0
0040233A . 68 C0714400 PUSH 注册.004471C0 ; 注册成功
0040233F . 68 AC714400 PUSH 注册.004471AC ; 恭喜您,注册成功!
00402344 . EB 0C JMP SHORT 注册.00402352
00402346 > 6A 00 PUSH 0
00402348 . 68 A4714400 PUSH 注册.004471A4 ; 错误
0040234D . 68 8C714400 PUSH 注册.0044718C ; 对不起,您的注册码有误
上面几行及附件为什么断不了?
断到42c902,跟入call,
0042C8EF |> \FF75 14 PUSH DWORD PTR SS:[EBP+14] ; /Arg7 = 00000000
0042C8F2 |. FF70 10 PUSH DWORD PTR DS:[EAX+10] ; |Arg6
0042C8F5 |. FF75 10 PUSH DWORD PTR SS:[EBP+10] ; |Arg5
0042C8F8 |. FF70 14 PUSH DWORD PTR DS:[EAX+14] ; |Arg4
0042C8FB |. FF75 0C PUSH DWORD PTR SS:[EBP+C] ; |Arg3
0042C8FE |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |Arg2
0042C901 |. 57 PUSH EDI ; |Arg1
0042C902 |. E8 F5FDFFFF CALL 注册.0042C6FC ; \注册.0042C6FC
call如下,里面所有分支全是失败,
0042C6FC /$ 55 PUSH EBP
0042C6FD |. 8BEC MOV EBP,ESP
0042C6FF |. 8B45 20 MOV EAX,DWORD PTR SS:[EBP+20] ; 调用时堆栈传入的参数 12f92c
0042C702 |. 53 PUSH EBX
0042C703 |. 56 PUSH ESI
0042C704 |. 6A 01 PUSH 1
0042C706 |. 85C0 TEST EAX,EAX
0042C708 |. 5B POP EBX
0042C709 |. 74 10 JE SHORT 注册.0042C71B
0042C70B |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C70E |. 8908 MOV DWORD PTR DS:[EAX],ECX
0042C710 |. 8B4D 14 MOV ECX,DWORD PTR SS:[EBP+14]
0042C713 |. 8948 04 MOV DWORD PTR DS:[EAX+4],ECX
0042C716 |. E9 E0000000 JMP 注册.0042C7FB
0042C71B |> 8B45 1C MOV EAX,DWORD PTR SS:[EBP+1C]
0042C71E |. 83F8 28 CMP EAX,28 ; 分支 (案例 2..2F)
0042C721 |. 77 71 JA SHORT 注册.0042C794
0042C723 |. 74 5C JE SHORT 注册.0042C781
0042C725 |. 48 DEC EAX
0042C726 |. 48 DEC EAX
0042C727 |. 74 53 JE SHORT 注册.0042C77C
0042C729 |. 83E8 0A SUB EAX,0A
0042C72C 74 46 JE SHORT 注册.0042C774 ; 不能跳
0042C72E |. 48 DEC EAX
0042C72F |. 74 3E JE SHORT 注册.0042C76F
0042C731 |. 83E8 16 SUB EAX,16
0042C734 |. 74 2E JE SHORT 注册.0042C764
0042C736 |. 83E8 03 SUB EAX,3
0042C739 |. 74 16 JE SHORT 注册.0042C751
0042C73B |. 48 DEC EAX
0042C73C |. 75 69 JNZ SHORT 注册.0042C7A7
0042C73E |. 8B45 18 MOV EAX,DWORD PTR SS:[EBP+18] ; 案例 27 --> 分支 0042C71E
0042C741 |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C744 |. FF30 PUSH DWORD PTR DS:[EAX]
0042C746 |. FF70 04 PUSH DWORD PTR DS:[EAX+4]
0042C749 |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C74C |. E9 A8000000 JMP 注册.0042C7F9
0042C751 |> 8B45 18 MOV EAX,DWORD PTR SS:[EBP+18] ; 案例 26 --> 分支 0042C71E
0042C754 |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C757 |. FF30 PUSH DWORD PTR DS:[EAX]
0042C759 |. FF70 04 PUSH DWORD PTR DS:[EAX+4]
0042C75C |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C75F |. E9 97000000 JMP 注册.0042C7FB
0042C764 |> 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8] ; 案例 23 --> 分支 0042C71E
0042C767 |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C76A |. E9 8A000000 JMP 注册.0042C7F9
0042C76F |> FF75 0C PUSH DWORD PTR SS:[EBP+C] ; 案例 D --> 分支 0042C71E
0042C772 |. EB 45 JMP SHORT 注册.0042C7B9
0042C774 |> 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8] ; 案例 C --> 分支 0042C71E
0042C777 |. FF55 14 CALL DWORD PTR SS:[EBP+14] ; 失败
0042C77A |. EB 7F JMP SHORT 注册.0042C7FB
0042C77C |> FF75 0C PUSH DWORD PTR SS:[EBP+C] ; 案例 2 --> 分支 0042C71E
0042C77F |. EB 2D JMP SHORT 注册.0042C7AE
0042C781 |> 8B45 18 MOV EAX,DWORD PTR SS:[EBP+18] ; 案例 28 --> 分支 0042C71E
0042C784 |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C787 |. FF30 PUSH DWORD PTR DS:[EAX]
0042C789 |. FF70 04 PUSH DWORD PTR DS:[EAX+4]
0042C78C |. FF75 0C PUSH DWORD PTR SS:[EBP+C]
0042C78F |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C792 |. EB 67 JMP SHORT 注册.0042C7FB
0042C794 |> 83E8 29 SUB EAX,29
0042C797 |. 74 4F JE SHORT 注册.0042C7E8
0042C799 |. 83E8 03 SUB EAX,3
0042C79C |. 74 3E JE SHORT 注册.0042C7DC
0042C79E |. 48 DEC EAX
0042C79F |. 74 20 JE SHORT 注册.0042C7C1
0042C7A1 |. 48 DEC EAX
0042C7A2 |. 74 12 JE SHORT 注册.0042C7B6
0042C7A4 |. 48 DEC EAX
0042C7A5 |. 74 04 JE SHORT 注册.0042C7AB
0042C7A7 |> 33C0 XOR EAX,EAX ; 分支 0042C71E 默认案例
0042C7A9 |. EB 52 JMP SHORT 注册.0042C7FD ; 这里无失败提示
0042C7AB |> FF75 18 PUSH DWORD PTR SS:[EBP+18] ; 案例 2F --> 分支 0042C71E
0042C7AE |> 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C7B1 |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C7B4 |. EB 43 JMP SHORT 注册.0042C7F9
0042C7B6 |> FF75 18 PUSH DWORD PTR SS:[EBP+18] ; 案例 2E --> 分支 0042C71E
0042C7B9 |> 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C7BC |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C7BF |. EB 3A JMP SHORT 注册.0042C7FB
0042C7C1 |> FF75 0C PUSH DWORD PTR SS:[EBP+C] ; 案例 2D --> 分支 0042C71E
0042C7C4 |. 8B75 18 MOV ESI,DWORD PTR SS:[EBP+18]
0042C7C7 |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C7CA |. 56 PUSH ESI
0042C7CB |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C7CE |> 33DB XOR EBX,EBX
0042C7D0 |. 395E 1C CMP DWORD PTR DS:[ESI+1C],EBX
0042C7D3 |. 0F94C3 SETE BL
0042C7D6 |. 8366 1C 00 AND DWORD PTR DS:[ESI+1C],0
0042C7DA |. EB 1F JMP SHORT 注册.0042C7FB
0042C7DC |> 8B75 18 MOV ESI,DWORD PTR SS:[EBP+18] ; 案例 2C --> 分支 0042C71E
0042C7DF |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C7E2 |. 56 PUSH ESI
0042C7E3 |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C7E6 |.^ EB E6 JMP SHORT 注册.0042C7CE
0042C7E8 |> 8B45 18 MOV EAX,DWORD PTR SS:[EBP+18] ; 案例 29 --> 分支 0042C71E
0042C7EB |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+8]
0042C7EE |. FF30 PUSH DWORD PTR DS:[EAX]
0042C7F0 |. FF70 04 PUSH DWORD PTR DS:[EAX+4]
0042C7F3 |. FF75 0C PUSH DWORD PTR SS:[EBP+C]
0042C7F6 |. FF55 14 CALL DWORD PTR SS:[EBP+14]
0042C7F9 |> 8BD8 MOV EBX,EAX
0042C7FB |> 8BC3 MOV EAX,EBX
0042C7FD |> 5E POP ESI
0042C7FE |. 5B POP EBX
0042C7FF |. 5D POP EBP
0042C800 \. C2 1C00 RETN 1C
没找到原帖子,才这样发的,只是为了请教哪里才是注册的算法部分?
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
