英汉翻译王 2007's算法分析
【文章标题】: 英汉翻译王 2007's算法分析【文章作者】: Musoft
【作者邮箱】: [email protected]
【作者主页】: http://musoft.blog.sohu.com/
【下载地址】: http://bj.onlinedown.net/soft/50649.htm
【加壳方式】: 无壳
【编写语言】: Borland Delphi 6.0 - 7.0
【软件介绍】: 一款快速高效的英汉翻译软件
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!算法很简单,跟的时候需要细心啊!
--------------------------------------------------------------------------------
【详细过程】
1.搜索字符串,下断,这里就不多说了,直接进入正题
004B1FE4/.55 PUSH EBP //开始
004B1FE5|.8BEC MOV EBP,ESP
004B1FE7|.B9 05000000 MOV ECX,5
004B1FEC|>6A 00 /PUSH 0
004B1FEE|.6A 00 |PUSH 0
004B1FF0|.49 |DEC ECX
004B1FF1|.^ 75 F9 \JNZ SHORT ectk.004B1FEC
004B1FF3|.51 PUSH ECX
004B1FF4|.56 PUSH ESI
004B1FF5|.8BF0 MOV ESI,EAX
004B1FF7|.33C0 XOR EAX,EAX
004B1FF9|.55 PUSH EBP
004B1FFA|.68 C2214B00 PUSH ectk.004B21C2
004B1FFF|.64:FF30 PUSH DWORD PTR FS:
004B2002|.64:8920 MOV DWORD PTR FS:,ESP
004B2005|.8D55 F4 LEA EDX,DWORD PTR SS:
004B2008|.8B86 00030000 MOV EAX,DWORD PTR DS:
004B200E|.E8 8998F9FF CALL ectk.0044B89C ;取注册码位数
004B2013|.8B45 F4 MOV EAX,DWORD PTR SS: ;注册码入EAX
004B2016|.8D55 F8 LEA EDX,DWORD PTR SS:
004B2019|.E8 FA64F5FF CALL ectk.00408518
004B201E|.8B45 F8 MOV EAX,DWORD PTR SS:
004B2021|.50 PUSH EAX
004B2022|.8D55 EC LEA EDX,DWORD PTR SS:
004B2025|.8B86 0C030000 MOV EAX,DWORD PTR DS:
004B202B|.E8 6C98F9FF CALL ectk.0044B89C ;取机器码位数
004B2030|.8B45 EC MOV EAX,DWORD PTR SS: ;机器码入EAX
004B2033|.8D4D F0 LEA ECX,DWORD PTR SS:
004B2036|.BA D8214B00 MOV EDX,ectk.004B21D8 ;固定值t674入EDX
004B203B|.E8 88FAFFFF CALL ectk.004B1AC8 ;算法Call
004B2040|.8B55 F0 MOV EDX,DWORD PTR SS: ;真码浮现
004B2043|.58 POP EAX
004B2044|.E8 4B24F5FF CALL ectk.00404494 ;比较
004B2049|.0F85 E2000000 JNZ ectk.004B2131 ;不等则over
004B204F|.A1 3CDE4B00 MOV EAX,DWORD PTR DS:
004B2054|.8B00 MOV EAX,DWORD PTR DS:
004B2056|.8B80 4C050000 MOV EAX,DWORD PTR DS:
004B205C|.33D2 XOR EDX,EDX
004B205E|.E8 3912F8FF CALL ectk.0043329C
004B2063|.8D55 E4 LEA EDX,DWORD PTR SS:
004B2066|.8B86 00030000 MOV EAX,DWORD PTR DS:
004B206C|.E8 2B98F9FF CALL ectk.0044B89C
004B2071|.8B45 E4 MOV EAX,DWORD PTR SS:
004B2074|.8D55 E8 LEA EDX,DWORD PTR SS:
004B2077|.E8 9C64F5FF CALL ectk.00408518
004B207C|.8B55 E8 MOV EDX,DWORD PTR SS:
004B207F|.A1 3CDE4B00 MOV EAX,DWORD PTR DS:
004B2084|.8B00 MOV EAX,DWORD PTR DS:
004B2086|.8B80 50050000 MOV EAX,DWORD PTR DS:
004B208C|.E8 3B98F9FF CALL ectk.0044B8CC
004B2091|.8D55 DC LEA EDX,DWORD PTR SS:
004B2094|.A1 7CE04B00 MOV EAX,DWORD PTR DS:
004B2099|.8B00 MOV EAX,DWORD PTR DS:
004B209B|.E8 209EFBFF CALL ectk.0046BEC0
004B20A0|.8B45 DC MOV EAX,DWORD PTR SS:
004B20A3|.8D55 E0 LEA EDX,DWORD PTR SS:
004B20A6|.E8 516DF5FF CALL ectk.00408DFC
004B20AB|.8B45 E0 MOV EAX,DWORD PTR SS:
004B20AE|.8D55 FC LEA EDX,DWORD PTR SS:
004B20B1|.E8 4E62F5FF CALL ectk.00408304
004B20B6|.8D4D D8 LEA ECX,DWORD PTR SS:
004B20B9|.33D2 XOR EDX,EDX
004B20BB|.8B45 FC MOV EAX,DWORD PTR SS:
004B20BE|.E8 A56CF5FF CALL ectk.00408D68
004B20C3|.8B55 D8 MOV EDX,DWORD PTR SS:
004B20C6|.8D45 FC LEA EAX,DWORD PTR SS:
004B20C9|.E8 5220F5FF CALL ectk.00404120
004B20CE|.A1 3CDE4B00 MOV EAX,DWORD PTR DS:
004B20D3|.8B00 MOV EAX,DWORD PTR DS:
004B20D5|.FFB0 5C050000 PUSH DWORD PTR DS:
004B20DB|.68 E8214B00 PUSH ectk.004B21E8 ;\
004B20E0|.FF75 FC PUSH DWORD PTR SS:
004B20E3|.68 F4214B00 PUSH ectk.004B21F4 ;.dll
004B20E8|.8D45 D4 LEA EAX,DWORD PTR SS:
004B20EB|.BA 04000000 MOV EDX,4
004B20F0|.E8 1323F5FF CALL ectk.00404408
004B20F5|.8B55 D4 MOV EDX,DWORD PTR SS:
004B20F8|.A1 3CDE4B00 MOV EAX,DWORD PTR DS:
004B20FD|.8B00 MOV EAX,DWORD PTR DS:
004B20FF|.8B80 50050000 MOV EAX,DWORD PTR DS:
004B2105|.8B80 20020000 MOV EAX,DWORD PTR DS:
004B210B|.8B08 MOV ECX,DWORD PTR DS:
004B210D|.FF51 74 CALL DWORD PTR DS:
004B2110|.6A 40 PUSH 40
004B2112|.B9 FC214B00 MOV ECX,ectk.004B21FC ;提示
004B2117|.BA 04224B00 MOV EDX,ectk.004B2204 ;恭喜您,注册成功!
004B211C|.A1 7CE04B00 MOV EAX,DWORD PTR DS:
004B2121|.8B00 MOV EAX,DWORD PTR DS:
004B2123|.E8 1899FBFF CALL ectk.0046BA40
004B2128|.8BC6 MOV EAX,ESI
004B212A|.E8 3560FBFF CALL ectk.00468164
004B212F|.EB 41 JMP SHORT ectk.004B2172
004B2131|>6A 10 PUSH 10
004B2133|.B9 FC214B00 MOV ECX,ectk.004B21FC ;提示
004B2138|.BA 18224B00 MOV EDX,ectk.004B2218
...
-----------------------------------------------------------------------------------------------------------
2.进入算法call
004B1AC8/$55 PUSH EBP //算法开始
004B1AC9|.8BEC MOV EBP,ESP
004B1ACB|.51 PUSH ECX
004B1ACC|.B9 07000000 MOV ECX,7
004B1AD1|>6A 00 /PUSH 0
004B1AD3|.6A 00 |PUSH 0
004B1AD5|.49 |DEC ECX
004B1AD6|.^ 75 F9 \JNZ SHORT ectk.004B1AD1
004B1AD8|.874D FC XCHG DWORD PTR SS:,ECX
004B1ADB|.53 PUSH EBX
004B1ADC|.56 PUSH ESI
004B1ADD|.57 PUSH EDI
004B1ADE|.894D F8 MOV DWORD PTR SS:,ECX
004B1AE1|.8955 FC MOV DWORD PTR SS:,EDX
004B1AE4|.8BD8 MOV EBX,EAX
004B1AE6|.8B45 FC MOV EAX,DWORD PTR SS:
004B1AE9|.E8 4A2AF5FF CALL ectk.00404538
004B1AEE|.33C0 XOR EAX,EAX ;清EAX
004B1AF0|.55 PUSH EBP
004B1AF1|.68 CA1C4B00 PUSH ectk.004B1CCA
004B1AF6|.64:FF30 PUSH DWORD PTR FS:
004B1AF9|.64:8920 MOV DWORD PTR FS:,ESP
004B1AFC|.8D55 F4 LEA EDX,DWORD PTR SS:
004B1AFF|.8BC3 MOV EAX,EBX
004B1B01|.E8 26FFFFFF CALL ectk.004B1A2C ;将机器码的ASC码连接起来设为A
004B1B06|.8D55 F0 LEA EDX,DWORD PTR SS:
004B1B09|.8B45 FC MOV EAX,DWORD PTR SS:
004B1B0C|.E8 1BFFFFFF CALL ectk.004B1A2C ;将固定字符t467的ASC码连接起来设为B
004B1B11|.8D45 EC LEA EAX,DWORD PTR SS:
004B1B14|.8B55 F4 MOV EDX,DWORD PTR SS: ;A入EDX
004B1B17|.E8 0426F5FF CALL ectk.00404120
004B1B1C|.8B45 F0 MOV EAX,DWORD PTR SS: ;B入EAX
004B1B1F|.E8 2428F5FF CALL ectk.00404348 ;计算B位数
004B1B24|.D1F8 SAR EAX,1 ;右移1-也就是除以2的一次方
004B1B26|.79 03 JNS SHORT ectk.004B1B2B
004B1B28|.83D0 00 ADC EAX,0
004B1B2B|>85C0 TEST EAX,EAX
004B1B2D|.0F8E 54010000 JLE ectk.004B1C87
004B1B33|.8945 E0 MOV DWORD PTR SS:,EAX
004B1B36|.BE 01000000 MOV ESI,1 ;ESI=1
004B1B3B|>83FE 01 /CMP ESI,1
004B1B3E|.74 0B |JE SHORT ectk.004B1B4B
004B1B40|.8D45 EC |LEA EAX,DWORD PTR SS:
004B1B43|.8B55 E8 |MOV EDX,DWORD PTR SS:
004B1B46|.E8 D525F5FF |CALL ectk.00404120
004B1B4B|>8D45 E8 |LEA EAX,DWORD PTR SS:
004B1B4E|.E8 3525F5FF |CALL ectk.00404088
004B1B53|.8B45 EC |MOV EAX,DWORD PTR SS: ;A值入EAX,
004B1B56|.E8 ED27F5FF |CALL ectk.00404348 ;计算位数
004B1B5B|.8BF8 |MOV EDI,EAX ;EAX进EDI
004B1B5D|.D1FF |SAR EDI,1 ;右移1
004B1B5F|.79 03 |JNS SHORT ectk.004B1B64
004B1B61|.83D7 00 |ADC EDI,0
004B1B64|>85FF |TEST EDI,EDI
004B1B66|.0F8E 11010000 |JLE ectk.004B1C7D
004B1B6C|.BB 01000000 |MOV EBX,1 ;EBX=1
004B1B71|>BA D81C4B00 |/MOV EDX,ectk.004B1CD8
004B1B76|.8D45 D8 ||LEA EAX,DWORD PTR SS:
004B1B79|.E8 B210F5FF ||CALL ectk.00402C30
004B1B7E|.8D45 D4 ||LEA EAX,DWORD PTR SS:
004B1B81|.8BD3 ||MOV EDX,EBX ;EBX入EDX
004B1B83|.03D2 ||ADD EDX,EDX ;EDX=EDX+EDX
004B1B85|.8B4D EC ||MOV ECX,DWORD PTR SS: ;A值入ECX
004B1B88|.8A5411 FE ||MOV DL,BYTE PTR DS: ;首位开始,隔位取值
004B1B8C|.8850 01 ||MOV BYTE PTR DS:,DL ;DL入DS:
004B1B8F|.C600 01 ||MOV BYTE PTR DS:,1 ;DS:=1
004B1B92|.8D55 D4 ||LEA EDX,DWORD PTR SS:
004B1B95|.8D45 D8 ||LEA EAX,DWORD PTR SS:
004B1B98|.B1 02 ||MOV CL,2 ;CL=2
004B1B9A|.E8 6110F5FF ||CALL ectk.00402C00
004B1B9F|.8D55 D8 ||LEA EDX,DWORD PTR SS:
004B1BA2|.8D45 D0 ||LEA EAX,DWORD PTR SS:
004B1BA5|.E8 8610F5FF ||CALL ectk.00402C30
004B1BAA|.8D45 D4 ||LEA EAX,DWORD PTR SS:
004B1BAD|.8BD3 ||MOV EDX,EBX
004B1BAF|.03D2 ||ADD EDX,EDX
004B1BB1|.8B4D EC ||MOV ECX,DWORD PTR SS: ;A入ECX
004B1BB4|.8A5411 FF ||MOV DL,BYTE PTR DS: ;从A的第2位开始隔位取值
004B1BB8|.8850 01 ||MOV BYTE PTR DS:,DL
004B1BBB|.C600 01 ||MOV BYTE PTR DS:,1
004B1BBE|.8D55 D4 ||LEA EDX,DWORD PTR SS:
004B1BC1|.8D45 D0 ||LEA EAX,DWORD PTR SS:
004B1BC4|.B1 03 ||MOV CL,3 ;CL=3
004B1BC6|.E8 3510F5FF ||CALL ectk.00402C00
004B1BCB|.8D55 D0 ||LEA EDX,DWORD PTR SS:
004B1BCE|.8D45 DC ||LEA EAX,DWORD PTR SS:
004B1BD1|.E8 1627F5FF ||CALL ectk.004042EC
004B1BD6|.8B45 DC ||MOV EAX,DWORD PTR SS:
004B1BD9|.E8 2E6DF5FF ||CALL ectk.0040890C ;将前两步取值连接
004B1BDE|.8845 E7 ||MOV BYTE PTR SS:,AL ;AL入
004B1BE1|.BA D81C4B00 ||MOV EDX,ectk.004B1CD8
004B1BE6|.8D45 D8 ||LEA EAX,DWORD PTR SS:
004B1BE9|.E8 4210F5FF ||CALL ectk.00402C30
004B1BEE|.8D45 D4 ||LEA EAX,DWORD PTR SS:
004B1BF1|.8BD6 ||MOV EDX,ESI ;ESI入EDX
004B1BF3|.03D2 ||ADD EDX,EDX
004B1BF5|.8B4D F0 ||MOV ECX,DWORD PTR SS: ;B值入ECX
004B1BF8|.8A5411 FE ||MOV DL,BYTE PTR DS: ;取B的第一位ASC码
004B1BFC|.8850 01 ||MOV BYTE PTR DS:,DL
004B1BFF|.C600 01 ||MOV BYTE PTR DS:,1
004B1C02|.8D55 D4 ||LEA EDX,DWORD PTR SS:
004B1C05|.8D45 D8 ||LEA EAX,DWORD PTR SS:
004B1C08|.B1 02 ||MOV CL,2 ;CL=2
004B1C0A|.E8 F10FF5FF ||CALL ectk.00402C00
004B1C0F|.8D55 D8 ||LEA EDX,DWORD PTR SS:
004B1C12|.8D45 D0 ||LEA EAX,DWORD PTR SS:
004B1C15|.E8 1610F5FF ||CALL ectk.00402C30
004B1C1A|.8D45 D4 ||LEA EAX,DWORD PTR SS:
004B1C1D|.8BD6 ||MOV EDX,ESI
004B1C1F|.03D2 ||ADD EDX,EDX
004B1C21|.8B4D F0 ||MOV ECX,DWORD PTR SS: ;B入ECX
004B1C24|.8A5411 FF ||MOV DL,BYTE PTR DS: ;取B的第2位ASC码
004B1C28|.8850 01 ||MOV BYTE PTR DS:,DL
004B1C2B|.C600 01 ||MOV BYTE PTR DS:,1
004B1C2E|.8D55 D4 ||LEA EDX,DWORD PTR SS:
004B1C31|.8D45 D0 ||LEA EAX,DWORD PTR SS:
004B1C34|.B1 03 ||MOV CL,3 ;CL=3
004B1C36|.E8 C50FF5FF ||CALL ectk.00402C00
004B1C3B|.8D55 D0 ||LEA EDX,DWORD PTR SS:
004B1C3E|.8D45 CC ||LEA EAX,DWORD PTR SS:
004B1C41|.E8 A626F5FF ||CALL ectk.004042EC
004B1C46|.8B45 CC ||MOV EAX,DWORD PTR SS:
004B1C49|.E8 BE6CF5FF ||CALL ectk.0040890C
004B1C4E|.3245 E7 ||XOR AL,BYTE PTR SS: ;AL与异或,4次运算,分别与t674各字符异或
004B1C51|.8845 E6 ||MOV BYTE PTR SS:,AL ;AL入
004B1C54|.8D45 C4 ||LEA EAX,DWORD PTR SS:
004B1C57|.8A55 E6 ||MOV DL,BYTE PTR SS: ;入DL
004B1C5A|.E8 1126F5FF ||CALL ectk.00404270
004B1C5F|.8B45 C4 ||MOV EAX,DWORD PTR SS:
004B1C62|.8D55 C8 ||LEA EDX,DWORD PTR SS:
004B1C65|.E8 C2FDFFFF ||CALL ectk.004B1A2C
004B1C6A|.8B55 C8 ||MOV EDX,DWORD PTR SS:
004B1C6D|.8D45 E8 ||LEA EAX,DWORD PTR SS:
004B1C70|.E8 DB26F5FF ||CALL ectk.00404350
004B1C75|.43 ||INC EBX
004B1C76|.4F ||DEC EDI
004B1C77|.^ 0F85 F4FEFFFF |\JNZ ectk.004B1B71
004B1C7D|>46 |INC ESI
004B1C7E|.FF4D E0 |DEC DWORD PTR SS:
004B1C81|.^ 0F85 B4FEFFFF \JNZ ectk.004B1B3B
004B1C87|>8B45 F8 MOV EAX,DWORD PTR SS:
004B1C8A|.8B55 E8 MOV EDX,DWORD PTR SS: //真码浮现
004B1C8D|.E8 4A24F5FF CALL ectk.004040DC
004B1C92|.33C0 XOR EAX,EAX
004B1C94|.5A POP EDX
004B1C95|.59 POP ECX
004B1C96|.59 POP ECX
004B1C97|.64:8910 MOV DWORD PTR FS:,EDX
004B1C9A|.68 D11C4B00 PUSH ectk.004B1CD1
004B1C9F|>8D45 C4 LEA EAX,DWORD PTR SS:
004B1CA2|.BA 03000000 MOV EDX,3
004B1CA7|.E8 0024F5FF CALL ectk.004040AC
004B1CAC|.8D45 DC LEA EAX,DWORD PTR SS:
004B1CAF|.E8 D423F5FF CALL ectk.00404088
004B1CB4|.8D45 E8 LEA EAX,DWORD PTR SS:
004B1CB7|.BA 04000000 MOV EDX,4
004B1CBC|.E8 EB23F5FF CALL ectk.004040AC
004B1CC1|.8D45 FC LEA EAX,DWORD PTR SS:
004B1CC4|.E8 BF23F5FF CALL ectk.00404088
004B1CC9\.C3 RETN
004B1CCA .^ E9 BD1DF5FF JMP ectk.00403A8C
004B1CCF .^ EB CE JMP SHORT ectk.004B1C9F
004B1CD1 .5F POP EDI
004B1CD2 .5E POP ESI
004B1CD3 .5B POP EBX
004B1CD4 .8BE5 MOV ESP,EBP
004B1CD6 .5D POP EBP
004B1CD7 .C3 RETN
--------------------------------------------------------------------------------
【算法分析】
1.将机器码的ASCII码连接起来组成A
2.从A中首位起隔位取值,每次取一个数,从A中第2位隔位取值,每次取一个数,连接为B
3.B与固定字符t674(每一次循环运算取一位)异或,结果连接起来组成A*
4.A*经过上面的步骤计算得到A**,再次运算得到A***,继续运算,得到即为真码!
例如我的机器码为:BFED572F004005447EB1
机器码的ASCii码连接成
A:4246454435373246303034303035343437454231
第一次运算得到A*:3632313041434632444440444441404043313645
第二次运算得到A** :0004070677757004727276727277767675070073
第三次运算得到A***:3733303140424733454541454540414142303744
第四次运算得到真码:0307040574767307717175717174757576040370
【经验总结】:小菜一个,算法注册机略,没写过算法分析,写的很乱,学习ING~,花了快一个小时,眼睛疼,草草收尾~
--------------------------------------------------------------------------------
【版权声明】: 没版权,要版权做甚?
2007年02月26日 21:44:25 学习啊!!!
页:
[1]