能力值:
![]()
(RANK:410 )
|
-
-
26 楼
非常强大。。
有了sn,算法应该也差不多了。
|
能力值:
( LV12,RANK:980 )
|
-
-
27 楼
膜拜!!!!!!!!
|
能力值:
( LV9,RANK:250 )
|
-
-
28 楼
|
能力值:
( LV9,RANK:230 )
|
-
-
29 楼
强人!!!分析能力太让人羡慕啊。
|
能力值:
( LV2,RANK:140 )
|
-
-
30 楼
VM中指令类型有6种(6个分支),这里只用到了0,1,2三种?
|
能力值:
( LV2,RANK:140 )
|
-
-
31 楼
没搞定, 等有时间再看看~~~~~
Fail result log:
Code:2 Addr:D007D0 Value:F0AD4954 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00FF0 Value:F52B6AB FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D0053C Value:87A95B55 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D01030 Value:F8FFEDFE FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D007D0 Value:E3FFB7FB FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00AD4 Value:1C004804 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00524 Value:7001201 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D01030 Value:FBFFFFFF FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D007D0 Value:BFFFFFFF FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002F4 Value:40000000 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00C3C Value:4000000 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00ADC Value:87A95B55 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00244 Value:87A95B55 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:A4AA FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D003E0 Value:A4AA7856 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00AE4 Value:5B5587A9 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFF5B55 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:5255 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:FFFFADAA FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:5255 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFADAA FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:8000292A FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:7FFFD6D5 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:292A FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFD6D5 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:1495 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:FFFFEB6A FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:1495 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFEB6A FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00508 Value:1 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0069C Value:2 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Success result log:
Code:2 Addr:D007D0 Value:F0AC6824 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00FF0 Value:F5397DB FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D0053C Value:87A9CBED FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D01030 Value:F8FE7C36 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D007D0 Value:E3F9F0DB FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00AD4 Value:1C060F24 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00524 Value:70183C9 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D01030 Value:FBFFFCFF FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D007D0 Value:BFFFCFFF FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002F4 Value:40003000 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00C3C Value:4000300 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00ADC Value:87A9CBED FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00244 Value:87A9CBED FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:3412 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D003E0 Value:34127856 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D00AE4 Value:CBED87A9 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFCBED FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:1A09 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:FFFFE5F6 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:1A09 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFE5F6 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:80000D04 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:7FFFF2FB FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:D04 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFF2FB FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0081C Value:682 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
Code:0 Addr:D002A8 Value:FFFFF97D FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D006E4 Value:682 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00EE0 Value:FFFFF97D FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:0 Addr:D00508 Value:0 FLAG:AAAAAAAA (a1&a2)|(a3&a4)
Code:2 Addr:D0069C Value:0 FLAG:AAAAAAAA (a1>>(a2%20))|(a1<<(a2%20))
|
能力值:
( LV9,RANK:180 )
|
-
-
32 楼
不算通过?
你个性真坚持
后八 = 前 word * word
|
能力值:
![]()
(RANK:410 )
|
-
-
33 楼
通过。 
本意不是作为crackme,所以没有发到crackme版。
看大家喜欢门电路,所以发到虚拟机版让大家尝试还原下vm。
|
能力值:
![]()
(RANK:410 )
|
-
-
34 楼
很强大,很恐怖。。
|
能力值:
( LV9,RANK:250 )
|
-
-
35 楼
要暴喽~~
|
能力值:
( LV2,RANK:140 )
|
-
-
36 楼
爆掉了,show一下~~~
 算内存补丁?
.text:004013ED mov edx, [ebp+op1]
.text:004013F0 mov [ecx+eax*4], edx
.text:004013F3 jmp NextInstruction
在004013F0下条件断点执行如下指令:
if (eax == 0x400) edx=Dword(Dword(0x00420C58));
任意序列号都pass了~~
|
能力值:
( LV9,RANK:180 )
|
-
-
37 楼
辛苦你了 
你试试改 vmdata.dat
|
能力值:
( LV2,RANK:140 )
|
-
-
38 楼
不知道用的啥压缩软件?
|
能力值:
( LV9,RANK:180 )
|
-
-
39 楼
aPLib
123
|
能力值:
( LV2,RANK:140 )
|
-
-
40 楼
多谢了~~~
不过不想弄了, 用与或非如何实现四则运算? 完全没概念啊,统统忘光光~~~
|
能力值:
( LV9,RANK:180 )
|
-
-
41 楼
实际上是 NOR
你看的那个可变换为 not and or xor
|
能力值:
( LV2,RANK:140 )
|
-
-
42 楼
参考http://bbs.pediy.com/showthread.php?t=83490
对于Code 0 ~((a1&a2)|(a3&a4)),令为p(a1,a2,a3,a4)
则有:
NOT A = p(A,A,A,A) =p(A,A,0,0)=..., 简记为p(A4).
AND A,B = p(p(A4),p(A4),p(B4),p(B4))
OR A,B = p(p(A4),p(B4),p(A4),p(B4)
XOR A,B = p(p(A4),p(B4),A,B)
|
能力值:
( LV2,RANK:140 )
|
-
-
43 楼
这个基本能搞定了。但如何用逻辑运算实现算术运算呢?
例如A=2, B=3, 怎么算2+3=5 和 2x3=6呢?
|
能力值:
![]()
(RANK:410 )
|
-
-
44 楼
半加器,全加器......
|
能力值:
( LV2,RANK:10 )
|
-
-
45 楼
爆在外面的Mark一下 想请教一下 除了字符搜索 还有别的进入VM的方法吗?
|
能力值:
( LV2,RANK:10 )
|
-
-
46 楼
00401886 . /74 0B je short RM090228.00401893
9090
|
|
|
|
