PEDIY_CrackMe_2007 视频集1
PEDIY_CrackMe_2007BP GetDlgItemTextA
名称在 unpacked, 项目 4
地址=00403120
类型=导入 (已知)
名称=USER32.GetDlgItemTextA
77D6AE36 >8BFF MOV EDI,EDI
77D6AE38 55 PUSH EBP
77D6AE39 8BEC MOV EBP,ESP
77D6AE3B FF75 0C PUSH DWORD PTR SS:
77D6AE3E FF75 08 PUSH DWORD PTR SS:
77D6AE41 E8 888FFBFF CALL USER32.GetDlgItem
77D6AE46 85C0 TEST EAX,EAX
0012F9B0 0040153E/CALL 到 GetDlgItemTextA 来自 unpacked.00401539
0012F9B4 003E0AEE|hWnd = 003E0AEE ('TheBigMan's CrackMe #6',class='#32770')
0012F9B8 00000065|ControlID = 65 (101.)
0012F9BC 0012F9D0|Buffer = 0012F9D0
0012F9C0 00000100\Count = 100 (256.)
0012F9C4 0012FAF7ASCII "SHiT ... you entered the correct serial!"
0012F9C8 00402593ASCII "You have to make an own working keygen!
Send the solutions to: [email protected]
Patching is not allowed!
Enjoy !"
0040153E|.89C3 MOV EBX,EAX
00401540|.09DB OR EBX,EBX
00401542|.75 04 JNZ SHORT unpacked.00401548
00401544|.31C0 XOR EAX,EAX
00401546|.EB 50 JMP SHORT unpacked.00401598
00401548|>BF BC020000 MOV EDI,2BC
00401585|.53 PUSH EBX
00401586|.FF75 08 PUSH DWORD PTR SS:
00401589|.E8 77FDFFFF CALL unpacked.00401?
0040158E|.83C4 0C ADD ESP,0C
00401591|.09C0 OR EAX,EAX
004013C9|.F7F9 IDIV ECX
004013CB|.83FA 17 CMP EDX,17
004013CE|.74 07 JE SHORT unpacked.004013D7
004013D0|.31C0 XOR EAX,EAX
004013D2|.E9 2D010000 JMP unpacked.00401504
004013D7|>31DB XOR EBX,EBX
00401475|> \3B5D 0C CMP EBX,DWORD PTR SS:
00401478|.^ 0F8C 74FFFFFF \JL unpacked.004013F2
0040147E|.8D85 FCFEFFFF LEA EAX,DWORD PTR SS: ?
004014B0|.57 PUSH EDI
004014B1|.8DBD E1FBFFFF LEA EDI,DWORD PTR SS: T654002
004014B7|.57 PUSH EDI
堆栈地址=0012F591, (ASCII "T654002")
EDI=00000062
004014DF|.8D85 E1FCFFFF LEA EAX,DWORD PTR SS: ; |
004014E5|.50 PUSH EAX ; |Arg2
004014E6|.8D85 E1FDFFFF LEA EAX,DWORD PTR SS: ; |
004014EC|.50 PUSH EAX ; |Arg1
004014ED|.E8 D0FDFFFF CALL unpacked.004012C2 ; \unpacked.004012C2
004012CD|.46 INC ESI
004012CE|.EB 29 JMP SHORT unpacked.004012F9
004012D0|>8B55 08 /MOV EDX,DWORD PTR SS:
004012D3|.0FBE3C32 |MOVSX EDI,BYTE PTR DS:
004012D7|.89F8 |MOV EAX,EDI
004012D9|.83F0 20 |XOR EAX,20
004012DC|.B9 0A000000 |MOV ECX,0A
004012E1|.99 |CDQ
004012E2|.F7F9 |IDIV ECX
004012E4|.89D7 |MOV EDI,EDX
004012E6|.83C7 30 |ADD EDI,30
004012E9|.8B55 0C |MOV EDX,DWORD PTR SS:
004012EC|.0FBE1432 |MOVSX EDX,BYTE PTR DS:
004012F0|.39D7 |CMP EDI,EDX
004012F2 74 04 JE SHORT unpacked.004012F8 ???????????
004012F4|.31C0 |XOR EAX,EAX
004012F6|.EB 08 |JMP SHORT unpacked.00401300
004012F8|>46 |INC ESI
004012F9|>39DE CMP ESI,EBX
004012FB|.^ 7C D3 \JL SHORT unpacked.004012D0
004012FD|.31C0 XOR EAX,EAX
EAX 0012F691 ASCII "999999999999999999"
ECX 0012F791 ASCII "T654002-98"
FCW 037FPrec NEAR,64Mask 1 1 1 1 1 1
004014DF|.8D85 E1FCFFFF LEA EAX,DWORD PTR SS: ; |
004014E5|.50 PUSH EAX ; |Arg2
004014E6|.8D85 E1FDFFFF LEA EAX,DWORD PTR SS: ; |
004014EC|.50 PUSH EAX ; |Arg1
004014ED|.E8 D0FDFFFF CALL unpacked.004012C2 ; \unpacked.004012C2
004014F2|.83C4 0C ADD ESP,0C
004012DC|.B9 0A000000 |MOV ECX,0A
004012E1|.99 |CDQ
004012E2|.F7F9 |IDIV ECX
004012E4|.89D7 |MOV EDI,EDX
004012E6|.83C7 30 |ADD EDI,30
004012E9|.8B55 0C |MOV EDX,DWORD PTR SS:
004012EC|.0FBE1432 |MOVSX EDX,BYTE PTR DS:
004012F0|.39D7 |CMP EDI,EDX
004012F2|.74 04 |JE SHORT unpacked.004012F8
004012F4|.31C0 |XOR EAX,EAX
004012F6|.EB 08 |JMP SHORT unpacked.00401300
004012F8|>46 |INC ESI**** Hidden Message ***** 学习..感谢楼主 感谢分享啊,看看学习一下 学习学习啊,好教程 先顶下楼主,学习下。 谢谢了........... 好久没上来了,学习下 thanx for sharing....... 学习下楼主的高招! 学习..感谢楼主