开心网超级大亨助手 {.Net 算法分析 注册机}
{软件名称} 开心网超级大亨助手
{下载地址}
点击下载 开心网超级大亨助手!
{软件大小} 51Kb (无需安装)
{软件语言}
.Net
{软件限制} 次数限制
{破解作者}
yugi@fanxes
{作者声明} 对CRACK感兴趣, 以学习为目的, 别无他意
{破解工具}
PEiD 0.94, DeDot 1.0.0.6, MetaEditor, Reflector 5.1.5.0
-------------------------------------------------------------------------------
Step 1 >>> 用
PEiD 查壳
结果:
Microsoft Visual C# / Basic .NET
没有加壳 是 .Net 的
Step 2 >>> 尝试用
Reflector 静态分析
不是很走运, 代码被混淆了, 一时又没找到好的 反混淆 工具,
自己改改吧, 原图如下:
Step 3 >>> 部分去除代码混淆
那么只有先用
DeDot 试试, 处理后还是不行, 只是好了一些,
要是
谁有好的去混淆工具可以推荐给我 , 只好把关键代码找出来
再用
MetaEditor 稍微修正下命名, 便于接下来分析
Step 4 >>> 静态分析
最后提取出如下代码(只列出关键部分, 加了些注释):
[FONT=monospace][COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]class[/COLOR] [COLOR=#2b91af]FxMain[/COLOR] : Form[/FONT]
[FONT=monospace]{[/FONT]
[FONT=monospace] [COLOR=#0000ff]private[/COLOR] [COLOR=#0000ff]void[/COLOR] handle([COLOR=#2b91af]object[/COLOR] A_0, EventArgs A_1)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]int[/COLOR] num = [COLOR=#0000ff]this[/COLOR].genNum(10); [COLOR=#008000]// 关在在于它[/COLOR][/FONT]
[FONT=monospace] [COLOR=#2b91af]int[/COLOR] num2 = num;[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (num2 != 0)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (num2 != 100)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].g.Text = [COLOR=#a31515]"软件已试用"[/COLOR] + num.ToString() + [COLOR=#a31515]"次!共可使用30次。[/COLOR][/FONT]
[FONT=monospace][COLOR=#a31515]QQ:1048612349 Email:xierfxz@qq.com"[/COLOR];[/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].g.ForeColor = Color.Blue;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]else[/COLOR][/FONT]
[FONT=monospace] { [COLOR=#008000]// 为 100 则为注册无限制版(一个特别的数哟)[/COLOR][/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].g.Text = [COLOR=#a31515]"注册版本,无任何限制。"[/COLOR];[/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].g.ForeColor = Color.Blue;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]else[/COLOR] [COLOR=#008000]// 没得剩的了, 试用次数用完[/COLOR][/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].g.Text = [COLOR=#a31515]"软件试用已到期,不能使用自动功能,手动功能仍可使用。[/COLOR][/FONT]
[FONT=monospace][COLOR=#a31515]QQ:1048612349 Email:xierfxz@qq.com"[/COLOR];[/FONT]
[FONT=monospace] Process.Start([COLOR=#a31515]"http://shop58530859.taobao.com/"[/COLOR]);[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]this[/COLOR].saveKey();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#008000]// 从注册表中读取信息并解码[/COLOR][/FONT]
[FONT=monospace] [COLOR=#0000ff]private[/COLOR] [COLOR=#2b91af]int[/COLOR] genNum([COLOR=#2b91af]int[/COLOR] A_0)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]int[/COLOR] num = 0;[/FONT]
[FONT=monospace] [COLOR=#2b91af]int[/COLOR] num2 = 0;[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] str = [COLOR=#a31515]""[/COLOR];[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] str2 = [COLOR=#a31515]"0"[/COLOR];[/FONT]
[FONT=monospace] str2 = FXUtil.genCode(FXUtil.openKey([COLOR=#a31515]"SOFTWARE"[/COLOR], [COLOR=#a31515]"360Safe"[/COLOR], FXUtil.encodeIt([COLOR=#a31515]"1"[/COLOR], [COLOR=#a31515]"ZMISGOOD"[/COLOR])), [COLOR=#a31515]"ZMISGOOD"[/COLOR]);[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (str2 == [COLOR=#a31515]"0"[/COLOR])[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] str = FXUtil.encodeIt([COLOR=#a31515]"1"[/COLOR], [COLOR=#a31515]"ZMISGOOD"[/COLOR]);[/FONT]
[FONT=monospace] FXUtil.saveKey([COLOR=#a31515]"SOFTWARE"[/COLOR], [COLOR=#a31515]"360Safe"[/COLOR], str);[/FONT]
[FONT=monospace] num = 1;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] num = Convert.ToInt16(str2);[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (num == 100)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] num2 = num;[/FONT]
[FONT=monospace] Class_02.Field_09 = [COLOR=#0000ff]false[/COLOR];[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (num > 30)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] num2 = 0;[/FONT]
[FONT=monospace] Class_02.Field_09 = [COLOR=#0000ff]true[/COLOR];[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] num2 = num;[/FONT]
[FONT=monospace] str = FXUtil.encodeIt((num + 1).ToString(), [COLOR=#a31515]"ZMISGOOD"[/COLOR]);[/FONT]
[FONT=monospace] FXUtil.saveKey([COLOR=#a31515]"SOFTWARE"[/COLOR], [COLOR=#a31515]"360Safe"[/COLOR], str);[/FONT]
[FONT=monospace] Class_02.Field_09 = [COLOR=#0000ff]false[/COLOR];[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] num2;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace]}[/FONT]
[FONT=monospace][COLOR=#008000]// 这是分析所得[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]//_a = FXUtil.encodeIt("1", "ZMISGOOD");[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]//_b = FXUtil.openKey("SOFTWARE", "360Safe", _a);[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]//_c = FXUtil.genCode(_b, "ZMISGOOD");[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]// 辅助类, 计算注册信息[/COLOR][/FONT]
[FONT=monospace][COLOR=#0000ff]internal[/COLOR] [COLOR=#0000ff]class[/COLOR] [COLOR=#2b91af]FXUtil[/COLOR][/FONT]
[FONT=monospace]{[/FONT]
[FONT=monospace] [COLOR=#008000]// Methods[/COLOR][/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]byte[/COLOR][] cryIt([COLOR=#2b91af]byte[/COLOR][] A_0, [COLOR=#2b91af]byte[/COLOR][] A_1, [COLOR=#2b91af]byte[/COLOR][] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] MemoryStream stream = [COLOR=#0000ff]new[/COLOR] MemoryStream();[/FONT]
[FONT=monospace] Rijndael rijndael = Rijndael.Create();[/FONT]
[FONT=monospace] rijndael.Key = A_1;[/FONT]
[FONT=monospace] rijndael.IV = A_2;[/FONT]
[FONT=monospace] CryptoStream stream2 = [COLOR=#0000ff]new[/COLOR] CryptoStream(stream, rijndael.CreateEncryptor(), CryptoStreamMode.Write);[/FONT]
[FONT=monospace] stream2.Write(A_0, 0, A_0.Length);[/FONT]
[FONT=monospace] stream2.Close();[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] stream.ToArray();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]string[/COLOR] encodeIt([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer = Encoding.Unicode.GetBytes(A_0);[/FONT]
[FONT=monospace] PasswordDeriveBytes bytes = [COLOR=#0000ff]new[/COLOR] PasswordDeriveBytes(A_1, [COLOR=#0000ff]new[/COLOR] [COLOR=#2b91af]byte[/COLOR][] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] Convert.ToBase64String(cryIt(buffer, bytes.GetBytes(0x20), bytes.GetBytes(0x10)));[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]byte[/COLOR][] decryIt([COLOR=#2b91af]byte[/COLOR][] A_0, [COLOR=#2b91af]byte[/COLOR][] A_1, [COLOR=#2b91af]byte[/COLOR][] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] MemoryStream stream = [COLOR=#0000ff]new[/COLOR] MemoryStream();[/FONT]
[FONT=monospace] Rijndael rijndael = Rijndael.Create();[/FONT]
[FONT=monospace] rijndael.Key = A_1;[/FONT]
[FONT=monospace] rijndael.IV = A_2;[/FONT]
[FONT=monospace] CryptoStream stream2 = [COLOR=#0000ff]new[/COLOR] CryptoStream(stream, rijndael.CreateDecryptor(), CryptoStreamMode.Write);[/FONT]
[FONT=monospace] stream2.Write(A_0, 0, A_0.Length);[/FONT]
[FONT=monospace] stream2.Close();[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] stream.ToArray();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]string[/COLOR] genCode([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer = Convert.FromBase64String(A_0);[/FONT]
[FONT=monospace] PasswordDeriveBytes bytes = [COLOR=#0000ff]new[/COLOR] PasswordDeriveBytes(A_1, [COLOR=#0000ff]new[/COLOR] [COLOR=#2b91af]byte[/COLOR][] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer2 = decryIt(buffer, bytes.GetBytes(0x20), bytes.GetBytes(0x10));[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] Encoding.Unicode.GetString(buffer2);[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#0000ff]void[/COLOR] saveKey([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1, [COLOR=#2b91af]string[/COLOR] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] subkey = A_0;[/FONT]
[FONT=monospace] RegistryKey key = Registry.LocalMachine.CreateSubKey(subkey);[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (key == [COLOR=#0000ff]null[/COLOR])[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]try[/COLOR][/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]try[/COLOR][/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] key.SetValue(A_1, A_2);[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]catch[/COLOR][/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]finally[/COLOR][/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] key.Close();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]string[/COLOR] openKey([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1, [COLOR=#2b91af]string[/COLOR] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (A_2 == [COLOR=#0000ff]null[/COLOR])[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] A_2 = [COLOR=#a31515]""[/COLOR];[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] name = A_0;[/FONT]
[FONT=monospace] RegistryKey key = Registry.LocalMachine.OpenSubKey(name);[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (key == [COLOR=#0000ff]null[/COLOR])[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] A_2;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#2b91af]object[/COLOR] obj2 = key.GetValue(A_1, A_2);[/FONT]
[FONT=monospace] key.Close();[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (obj2 != [COLOR=#0000ff]null[/COLOR])[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#0000ff]if[/COLOR] (!(obj2 [COLOR=#0000ff]is[/COLOR] [COLOR=#2b91af]string[/COLOR]))[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] ([COLOR=#2b91af]string[/COLOR]) obj2;[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] [COLOR=#0000ff]null[/COLOR];[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace]}[/FONT]
Step 5 >>> 突破限制
有如下几点我们可以分析得到:
* 软件依赖于注册表信息, 只要我们把它删除就又有30次试用机会
* 加解密很对称, 且易于直接从代码中提取并写出注册机
* 有个魔法值 100 , 如若得到他加密后的值就可以成为注册无限制版
Step 6 >>> 解决方案及注册机
●
方案一 :: 删注册表信息
方案二 :: 提取代码写注册机 (找出 天数 <--> 加密值 之间的映射关系)
注册机代码如下:
[FONT=monospace][COLOR=#0000ff]using[/COLOR] System;[/FONT]
[FONT=monospace][COLOR=#0000ff]using[/COLOR] System.IO;[/FONT]
[FONT=monospace][COLOR=#0000ff]using[/COLOR] System.Security.Cryptography;[/FONT]
[FONT=monospace][COLOR=#0000ff]using[/COLOR] System.Text;[/FONT]
[FONT=monospace][COLOR=#008000]//_a = FXUtil.encodeIt(num, "ZMISGOOD");[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]//_b = FXUtil.openKey("SOFTWARE", "360Safe", _a);[/COLOR][/FONT]
[FONT=monospace][COLOR=#008000]//_c = FXUtil.genCode(_b, "ZMISGOOD");[/COLOR][/FONT]
[FONT=monospace][COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]class[/COLOR] [COLOR=#2b91af]FXUtil[/COLOR][/FONT]
[FONT=monospace]{[/FONT]
[FONT=monospace] [COLOR=#0000ff]static[/COLOR] [COLOR=#0000ff]void[/COLOR] Main([COLOR=#2b91af]string[/COLOR][] args)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] Console.Write([COLOR=#a31515]"input the num of used: "[/COLOR]);[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] name = Console.ReadLine();[/FONT]
[FONT=monospace] [COLOR=#2b91af]string[/COLOR] code = encodeIt(name, [COLOR=#a31515]"ZMISGOOD"[/COLOR]);[/FONT]
[FONT=monospace] Console.WriteLine([COLOR=#a31515]"key ==> {0}"[/COLOR], code);[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]byte[/COLOR][] cryIt([COLOR=#2b91af]byte[/COLOR][] A_0, [COLOR=#2b91af]byte[/COLOR][] A_1, [COLOR=#2b91af]byte[/COLOR][] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] MemoryStream stream = [COLOR=#0000ff]new[/COLOR] MemoryStream();[/FONT]
[FONT=monospace] Rijndael rijndael = Rijndael.Create();[/FONT]
[FONT=monospace] rijndael.Key = A_1;[/FONT]
[FONT=monospace] rijndael.IV = A_2;[/FONT]
[FONT=monospace] CryptoStream stream2 = [COLOR=#0000ff]new[/COLOR] CryptoStream(stream, rijndael.CreateEncryptor(), CryptoStreamMode.Write);[/FONT]
[FONT=monospace] stream2.Write(A_0, 0, A_0.Length);[/FONT]
[FONT=monospace] stream2.Close();[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] stream.ToArray();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]string[/COLOR] encodeIt([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer = Encoding.Unicode.GetBytes(A_0);[/FONT]
[FONT=monospace] PasswordDeriveBytes bytes = [COLOR=#0000ff]new[/COLOR] PasswordDeriveBytes(A_1, [COLOR=#0000ff]new[/COLOR] [COLOR=#2b91af]byte[/COLOR][] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] Convert.ToBase64String(cryIt(buffer, bytes.GetBytes(0x20), bytes.GetBytes(0x10)));[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]byte[/COLOR][] decryIt([COLOR=#2b91af]byte[/COLOR][] A_0, [COLOR=#2b91af]byte[/COLOR][] A_1, [COLOR=#2b91af]byte[/COLOR][] A_2)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] MemoryStream stream = [COLOR=#0000ff]new[/COLOR] MemoryStream();[/FONT]
[FONT=monospace] Rijndael rijndael = Rijndael.Create();[/FONT]
[FONT=monospace] rijndael.Key = A_1;[/FONT]
[FONT=monospace] rijndael.IV = A_2;[/FONT]
[FONT=monospace] CryptoStream stream2 = [COLOR=#0000ff]new[/COLOR] CryptoStream(stream, rijndael.CreateDecryptor(), CryptoStreamMode.Write);[/FONT]
[FONT=monospace] stream2.Write(A_0, 0, A_0.Length);[/FONT]
[FONT=monospace] stream2.Close();[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] stream.ToArray();[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace] [COLOR=#0000ff]public[/COLOR] [COLOR=#0000ff]static[/COLOR] [COLOR=#2b91af]string[/COLOR] genCode([COLOR=#2b91af]string[/COLOR] A_0, [COLOR=#2b91af]string[/COLOR] A_1)[/FONT]
[FONT=monospace] {[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer = Convert.FromBase64String(A_0);[/FONT]
[FONT=monospace] PasswordDeriveBytes bytes = [COLOR=#0000ff]new[/COLOR] PasswordDeriveBytes(A_1, [COLOR=#0000ff]new[/COLOR] [COLOR=#2b91af]byte[/COLOR][] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });[/FONT]
[FONT=monospace] [COLOR=#2b91af]byte[/COLOR][] buffer2 = decryIt(buffer, bytes.GetBytes(0x20), bytes.GetBytes(0x10));[/FONT]
[FONT=monospace] [COLOR=#0000ff]return[/COLOR] Encoding.Unicode.GetString(buffer2);[/FONT]
[FONT=monospace] }[/FONT]
[FONT=monospace]}[/FONT]
最后可以写个
reg 文件, 把 100 这个魔法值对应的密钥写入注册表,
即可获得注册无限制版:
[FONT=monospace][COLOR=#aa22ff]Windows Registry Editor Version 5.00[/COLOR][/FONT]
[FONT=monospace][COLOR=#aa22ff][HKEY_LOCAL_MACHINE\SOFTWARE][/COLOR][/FONT]
[FONT=monospace][COLOR=#aa22ff]"360Safe"="hbfD1/48It5o2qewOtTqZw=="[/COLOR][/FONT]
贴个最终图:
[课程]Android-CTF解题方法汇总!