请高手们分析一下这是怎么回事.
以下是一个软件验算注册码的代码段,请高手们看看是怎么验算的.0041BC42 .68 80A64600 push 0046A680
0041BC47 .64:A1 0000000>mov eax, dword ptr fs:
0041BC4D .50 push eax
0041BC4E .83EC 4C sub esp, 4C
0041BC51 .A1 E8B74800 mov eax, dword ptr
0041BC56 .33C4 xor eax, esp
0041BC58 .894424 48 mov dword ptr , eax
0041BC5C .56 push esi
0041BC5D .57 push edi
0041BC5E .A1 E8B74800 mov eax, dword ptr
0041BC63 .33C4 xor eax, esp
0041BC65 .50 push eax
0041BC66 .8D4424 58 lea eax, dword ptr
0041BC6A .64:A3 0000000>mov dword ptr fs:, eax
0041BC70 .8B3D 7CC54600 mov edi, dword ptr [<&USER32.GetDlgI>;USER32.GetDlgItemTextA
0041BC76 .6A 04 push 4 ; /Count = 4
0041BC78 .8D4424 20 lea eax, dword ptr ; |
0041BC7C .50 push eax ; |Buffer
0041BC7D .8BF1 mov esi, ecx ; |
0041BC7F .8B4E 20 mov ecx, dword ptr ; |
0041BC82 .68 EA030000 push 3EA ; |ControlID = 3EA (1002.)
0041BC87 .51 push ecx ; |hWnd
0041BC88 .FFD7 call edi ; \GetDlgItemTextA
0041BC8A .8B46 20 mov eax, dword ptr
0041BC8D .6A 09 push 9 ; /Count = 9
0041BC8F .8D5424 4C lea edx, dword ptr ; |
0041BC93 .52 push edx ; |Buffer
0041BC94 .68 EB030000 push 3EB ; |ControlID = 3EB (1003.)
0041BC99 .50 push eax ; |hWnd
0041BC9A .FFD7 call edi ; \GetDlgItemTextA
0041BC9C .8D4C24 20 lea ecx, dword ptr
0041BCA0 .51 push ecx
0041BCA1 .8D4C24 20 lea ecx, dword ptr
0041BCA5 .E8 F6F2FFFF call 0041AFA0
0041BCAA .8D5424 48 lea edx, dword ptr
0041BCAE .52 push edx
0041BCAF .8D4C24 14 lea ecx, dword ptr
0041BCB3 .51 push ecx
0041BCB4 .8BC8 mov ecx, eax
0041BCB6 .C74424 68 000>mov dword ptr , 0
0041BCBE .E8 FD040000 call 0041C1C0
0041BCC3 .83C4 08 add esp, 8
0041BCC6 .C64424 60 02mov byte ptr , 2
0041BCCB .8B4424 20 mov eax, dword ptr
0041BCCF .83C0 F0 add eax, -10
0041BCD2 .8D50 0C lea edx, dword ptr
0041BCD5 .83C9 FF or ecx, FFFFFFFF
0041BCD8 .F0:0FC10A lock xadd dword ptr , ecx
0041BCDC .49 dec ecx
0041BCDD .85C9 test ecx, ecx
0041BCDF .7F 0A jg short 0041BCEB
0041BCE1 .8B08 mov ecx, dword ptr
0041BCE3 .8B11 mov edx, dword ptr
0041BCE5 .50 push eax
0041BCE6 .8B42 04 mov eax, dword ptr
0041BCE9 .FFD0 call eax
0041BCEB >8B56 20 mov edx, dword ptr
0041BCEE .6A 06 push 6
0041BCF0 .8D4C24 2C lea ecx, dword ptr
0041BCF4 .51 push ecx
0041BCF5 .68 F6030000 push 3F6
0041BCFA .52 push edx
0041BCFB .FFD7 call edi
0041BCFD .8B4E 20 mov ecx, dword ptr
0041BD00 .6A 06 push 6
0041BD02 .8D4424 44 lea eax, dword ptr
0041BD06 .50 push eax
0041BD07 .68 FA030000 push 3FA
0041BD0C .51 push ecx
0041BD0D .FFD7 call edi
0041BD0F .8B46 20 mov eax, dword ptr
0041BD12 .6A 06 push 6
0041BD14 .8D5424 34 lea edx, dword ptr
0041BD18 .52 push edx
0041BD19 .68 FB030000 push 3FB
0041BD1E .50 push eax
0041BD1F .FFD7 call edi
0041BD21 .8B56 20 mov edx, dword ptr
0041BD24 .6A 06 push 6
0041BD26 .8D4C24 3C lea ecx, dword ptr
0041BD2A .51 push ecx
0041BD2B .68 FC030000 push 3FC
0041BD30 .52 push edx
0041BD31 .FFD7 call edi
0041BD33 .8D4424 24 lea eax, dword ptr
0041BD37 .50 push eax
0041BD38 .8D4C24 2C lea ecx, dword ptr
0041BD3C .E8 5FF2FFFF call 0041AFA0
0041BD41 .8D4C24 40 lea ecx, dword ptr
0041BD45 .51 push ecx
0041BD46 .8D5424 18 lea edx, dword ptr
0041BD4A .52 push edx
0041BD4B .8BC8 mov ecx, eax
0041BD4D .C64424 68 03mov byte ptr , 3
0041BD52 .E8 69040000 call 0041C1C0
0041BD57 .8D4C24 38 lea ecx, dword ptr
0041BD5B .51 push ecx
0041BD5C .8D5424 24 lea edx, dword ptr
0041BD60 .52 push edx
0041BD61 .8BC8 mov ecx, eax
0041BD63 .C64424 70 04mov byte ptr , 4
0041BD68 .E8 53040000 call 0041C1C0
0041BD6D .8D4C24 48 lea ecx, dword ptr
0041BD71 .51 push ecx
0041BD72 .8D5424 20 lea edx, dword ptr
0041BD76 .52 push edx
0041BD77 .8BC8 mov ecx, eax
0041BD79 .C64424 78 05mov byte ptr , 5
0041BD7E .E8 3D040000 call 0041C1C0
0041BD83 .83C4 18 add esp, 18
0041BD86 .C64424 60 07mov byte ptr , 7
0041BD8B .8B4424 18 mov eax, dword ptr
0041BD8F .83C0 F0 add eax, -10
0041BD92 .8D48 0C lea ecx, dword ptr
0041BD95 .83CA FF or edx, FFFFFFFF
0041BD98 .F0:0FC111 lock xadd dword ptr , edx
0041BD9C .4A dec edx
0041BD9D .85D2 test edx, edx
0041BD9F .7F 0A jg short 0041BDAB
0041BDA1 .8B08 mov ecx, dword ptr
0041BDA3 .8B11 mov edx, dword ptr
0041BDA5 .50 push eax
0041BDA6 .8B42 04 mov eax, dword ptr
0041BDA9 .FFD0 call eax
0041BDAB >C64424 60 08mov byte ptr , 8
0041BDB0 .8B4424 14 mov eax, dword ptr
0041BDB4 .83C0 F0 add eax, -10
0041BDB7 .8D48 0C lea ecx, dword ptr
0041BDBA .83CA FF or edx, FFFFFFFF
0041BDBD .F0:0FC111 lock xadd dword ptr , edx
0041BDC1 .4A dec edx
0041BDC2 .85D2 test edx, edx
0041BDC4 .7F 0A jg short 0041BDD0
0041BDC6 .8B08 mov ecx, dword ptr
0041BDC8 .8B11 mov edx, dword ptr
0041BDCA .50 push eax
0041BDCB .8B42 04 mov eax, dword ptr
0041BDCE .FFD0 call eax
0041BDD0 >C64424 60 09mov byte ptr , 9
0041BDD5 .8B4424 24 mov eax, dword ptr
0041BDD9 .83C0 F0 add eax, -10
0041BDDC .8D48 0C lea ecx, dword ptr
0041BDDF .83CA FF or edx, FFFFFFFF
0041BDE2 .F0:0FC111 lock xadd dword ptr , edx
0041BDE6 .4A dec edx
0041BDE7 .85D2 test edx, edx
0041BDE9 7F 0A jg short 0041BDF5
0041BDEB .8B08 mov ecx, dword ptr
0041BDED .8B11 mov edx, dword ptr
0041BDEF .50 push eax
0041BDF0 .8B42 04 mov eax, dword ptr
0041BDF3 .FFD0 call eax
0041BDF5 68 60D24700 push 0047D260 ;ASCII "ArmAccess.DLL"
0041BDFA FF15 40C34600 call dword ptr [<&KERNEL32.LoadLibrar>;kernel32.LoadLibraryA
0041BE00 85C0 test eax, eax
0041BE02 74 6A je short 0041BE6E ;跳向失败1
0041BE04 68 98D24700 push 0047D298 ;ASCII "InstallKey"
0041BE09 50 push eax
0041BE0A FF15 A0C34600 call dword ptr [<&KERNEL32.GetProcAdd>;kernel32.GetProcAddress
0041BE10 8BF8 mov edi, eax
0041BE12 85FF test edi, edi
0041BE14 74 58 je short 0041BE6E ;跳向失败2
0041BE16 .8B4C24 10 mov ecx, dword ptr
0041BE1A .E8 61EAFFFF call 0041A880
0041BE1F .85C0 test eax, eax
0041BE21 74 4B je short 0041BE6E ;跳向失败3
0041BE23 .8B4C24 0C mov ecx, dword ptr
0041BE27 .E8 74EBFFFF call 0041A9A0
0041BE2C .85C0 test eax, eax
0041BE2E 74 3E je short 0041BE6E ;跳向失败4
0041BE30 .8D4424 10 lea eax, dword ptr
0041BE34 .E8 E7E9FFFF call 0041A820
0041BE39 .8D4424 0C lea eax, dword ptr
0041BE3D .E8 FEEAFFFF call 0041A940
0041BE42 .8B4C24 0C mov ecx, dword ptr
0041BE46 .8B5424 10 mov edx, dword ptr
0041BE4A .51 push ecx
0041BE4B .52 push edx
0041BE4C .FFD7 call edi
0041BE4E .0FB6C0 movzx eax, al
0041BE51 .85C0 test eax, eax
0041BE53 74 19 je short 0041BE6E ;跳向失败5
0041BE55 .6A 00 push 0
0041BE57 .6A 40 push 40
0041BE59 .68 78D54700 push 0047D578 ; 注册成功
0041BE5E .E8 399A0100 call 0043589C
0041BE63 .6A 01 push 1
0041BE65 .8BCE mov ecx, esi
0041BE67 .E8 FA640100 call 00432366
0041BE6C .EB 0E jmp short 0041BE7C
0041BE6E >6A 00 push 0 ;注册激活失败
0041BE70 .6A 30 push 30
0041BE72 .68 A8D54700 push 0047D5A8
0041BE77 .E8 209A0100 call 0043589C
0041BE7C >C64424 60 02mov byte ptr , 2
0041BE81 .8B4424 0C mov eax, dword ptr
0041BE85 .83C0 F0 add eax, -10
0041BE88 .8D48 0C lea ecx, dword ptr
0041BE8B .83CA FF or edx, FFFFFFFF
0041BE8E .F0:0FC111 lock xadd dword ptr , edx
0041BE92 .4A dec edx
0041BE93 .85D2 test edx, edx
0041BE95 .7F 0A jg short 0041BEA1
0041BE97 .8B08 mov ecx, dword ptr
0041BE99 .8B11 mov edx, dword ptr
0041BE9B .50 push eax
0041BE9C .8B42 04 mov eax, dword ptr
0041BE9F .FFD0 call eax
0041BEA1 >C74424 60 FFF>mov dword ptr , -1
0041BEA9 .8B4424 10 mov eax, dword ptr
0041BEAD .83C0 F0 add eax, -10
0041BEB0 .8D48 0C lea ecx, dword ptr
0041BEB3 .83CA FF or edx, FFFFFFFF
0041BEB6 .F0:0FC111 lock xadd dword ptr , edx
0041BEBA .4A dec edx
0041BEBB .85D2 test edx, edx
0041BEBD .7F 0A jg short 0041BEC9
0041BEBF .8B08 mov ecx, dword ptr
0041BEC1 .8B11 mov edx, dword ptr
0041BEC3 .50 push eax
0041BEC4 .8B42 04 mov eax, dword ptr
0041BEC7 .FFD0 call eax
0041BEC9 >8B4C24 58 mov ecx, dword ptr
0041BECD .64:890D 00000>mov dword ptr fs:, ecx
0041BED4 .59 pop ecx
0041BED5 .5F pop edi
0041BED6 .5E pop esi
0041BED7 .8B4C24 48 mov ecx, dword ptr
0041BEDB .33CC xor ecx, esp
0041BEDD .E8 C5340300 call 0044F3A7
0041BEE2 .83C4 58 add esp, 58
0041BEE5 .C3 retn
用以上的代码能否写出算法注册机?谢谢! 看不懂,帮你顶一下 我也是初学者。。看看也没什么思路
页:
[1]