家家乐电子相册制作系统 2006.3简单算法分析
【文章标题】: 家家乐电子相册制作系统 2006.3简单算法分析【文章作者】: lzq1973
【作者邮箱】: [email protected]
【作者QQ号】: 150787972
【软件名称】: 家家乐电子相册制作系统 2006.3
【软件大小】: 6132KB
【下载地址】: http://www.onlinedown.net/soft/48127.htm
【加壳方式】: 无
【保护方式】: SN
【编写语言】: Borland Delphi 6.0 - 7.0
【使用工具】: OD、PEID
【操作平台】: WIN2000
【软件介绍】: 本系统帮助您管理您的图片、相片,有150种图片切换显示方式,并生成完整的电子相册或VCD、SVCD、DVD格式的视频文件,方便刻录到光盘。在光盘中即可直接播放。
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
OD载入,查找相关字串断在这里
004DAD8C/.55 PUSH EBP
004DAD8D|.8BEC MOV EBP,ESP
004DAD8F|.B9 04000000 MOV ECX,4
004DAD94|>6A 00 /PUSH 0
004DAD96|.6A 00 |PUSH 0
004DAD98|.49 |DEC ECX
004DAD99|.^ 75 F9 \JNZ SHORT PicAlbum.004DAD94
004DAD9B|.51 PUSH ECX
004DAD9C|.53 PUSH EBX
004DAD9D|.56 PUSH ESI
004DAD9E|.8BD8 MOV EBX,EAX
004DADA0|.33C0 XOR EAX,EAX
004DADA2|.55 PUSH EBP
004DADA3|.68 A0AF4D00 PUSH PicAlbum.004DAFA0
004DADA8|.64:FF30 PUSH DWORD PTR FS:
004DADAB|.64:8920 MOV DWORD PTR FS:,ESP
004DADAE|.8D45 FC LEA EAX,DWORD PTR SS:
004DADB1|.50 PUSH EAX
004DADB2|.8D55 F4 LEA EDX,DWORD PTR SS:
004DADB5|.8B83 00030000 MOV EAX,DWORD PTR DS:
004DADBB|.E8 BCF5F6FF CALL PicAlbum.0044A37C
004DADC0|.8B45 F4 MOV EAX,DWORD PTR SS: ;假码
004DADC3|.8D55 F8 LEA EDX,DWORD PTR SS:
004DADC6|.E8 15E2F2FF CALL PicAlbum.00408FE0
004DADCB|.8B45 F8 MOV EAX,DWORD PTR SS: ;假码
004DADCE|.50 PUSH EAX
004DADCF|.8D55 EC LEA EDX,DWORD PTR SS:
004DADD2|.8B83 FC020000 MOV EAX,DWORD PTR DS:
004DADD8|.E8 9FF5F6FF CALL PicAlbum.0044A37C
004DADDD|.8B45 EC MOV EAX,DWORD PTR SS: ;用户名
004DADE0|.8D55 F0 LEA EDX,DWORD PTR SS:
004DADE3|.E8 F8E1F2FF CALL PicAlbum.00408FE0
004DADE8|.8B55 F0 MOV EDX,DWORD PTR SS: ;用户名
004DADEB|.A1 8CC34E00 MOV EAX,DWORD PTR DS:
004DADF0|.8B00 MOV EAX,DWORD PTR DS: ;(ASCII "PicAlbum")
004DADF2|.59 POP ECX
004DADF3|.E8 880CFEFF CALL PicAlbum.004BBA80 ;注册算法关键
004DADF8|.8B55 FC MOV EDX,DWORD PTR SS: ;(ASCII "NONE")
004DADFB|.A1 E4C44E00 MOV EAX,DWORD PTR DS:
004DAE00|.E8 CF9BF2FF CALL PicAlbum.004049D4
004DAE05|.A1 E4C44E00 MOV EAX,DWORD PTR DS:
004DAE0A|.8B00 MOV EAX,DWORD PTR DS: ;(ASCII "NONE")
004DAE0C|.BA B8AF4D00 MOV EDX,PicAlbum.004DAFB8 ;ok
004DAE11|.E8 669FF2FF CALL PicAlbum.00404D7C
004DAE16 0F85 19010000 JNZ PicAlbum.004DAF35
004DAE1C|.8D55 E4 LEA EDX,DWORD PTR SS:
004DAE1F|.8B83 FC020000 MOV EAX,DWORD PTR DS:
004DAE25|.E8 52F5F6FF CALL PicAlbum.0044A37C
004DAE2A|.8B45 E4 MOV EAX,DWORD PTR SS: ;用户名
004DAE2D|.8D55 E8 LEA EDX,DWORD PTR SS:
004DAE30|.E8 ABE1F2FF CALL PicAlbum.00408FE0
004DAE35|.8B55 E8 MOV EDX,DWORD PTR SS:
004DAE38|.A1 A8C44E00 MOV EAX,DWORD PTR DS:
004DAE3D|.E8 929BF2FF CALL PicAlbum.004049D4
004DAE42|.8D55 DC LEA EDX,DWORD PTR SS:
004DAE45|.8B83 00030000 MOV EAX,DWORD PTR DS:
004DAE4B|.E8 2CF5F6FF CALL PicAlbum.0044A37C
004DAE50|.8B45 DC MOV EAX,DWORD PTR SS: ;假码
004DAE53|.8D55 E0 LEA EDX,DWORD PTR SS:
004DAE56|.E8 85E1F2FF CALL PicAlbum.00408FE0
004DAE5B|.8B55 E0 MOV EDX,DWORD PTR SS:
004DAE5E|.A1 D8C54E00 MOV EAX,DWORD PTR DS:
004DAE63|.E8 6C9BF2FF CALL PicAlbum.004049D4
004DAE68|.B2 01 MOV DL,1
004DAE6A|.A1 50054700 MOV EAX,DWORD PTR DS:
004DAE6F|.E8 DC57F9FF CALL PicAlbum.00470650
004DAE74|.8BF0 MOV ESI,EAX
004DAE76|.BA 02000080 MOV EDX,80000002
004DAE7B|.8BC6 MOV EAX,ESI
004DAE7D|.E8 6E58F9FF CALL PicAlbum.004706F0
004DAE82|.BA C4AF4D00 MOV EDX,PicAlbum.004DAFC4 ;software\hwafullsoft\picalbum
004DAE87|.8BC6 MOV EAX,ESI
004DAE89|.E8 565DF9FF CALL PicAlbum.00470BE4
004DAE8E|.84C0 TEST AL,AL
004DAE90|.75 0C JNZ SHORT PicAlbum.004DAE9E
004DAE92|.BA C4AF4D00 MOV EDX,PicAlbum.004DAFC4 ;software\hwafullsoft\picalbum
004DAE97|.8BC6 MOV EAX,ESI
004DAE99|.E8 B658F9FF CALL PicAlbum.00470754
004DAE9E|>B1 01 MOV CL,1
004DAEA0|.BA C4AF4D00 MOV EDX,PicAlbum.004DAFC4 ;software\hwafullsoft\picalbum
004DAEA5|.8BC6 MOV EAX,ESI
004DAEA7|.E8 8459F9FF CALL PicAlbum.00470830
004DAEAC|.84C0 TEST AL,AL
004DAEAE|.74 31 JE SHORT PicAlbum.004DAEE1
004DAEB0|.8B0D A8C44E00 MOV ECX,DWORD PTR DS: ;PicAlbum.0053D004
004DAEB6|.8B09 MOV ECX,DWORD PTR DS:
004DAEB8|.BA ECAF4D00 MOV EDX,PicAlbum.004DAFEC ;reg_name
004DAEBD|.8BC6 MOV EAX,ESI
004DAEBF|.E8 085BF9FF CALL PicAlbum.004709CC
004DAEC4|.8B0D D8C54E00 MOV ECX,DWORD PTR DS: ;PicAlbum.0053D008
004DAECA|.8B09 MOV ECX,DWORD PTR DS:
004DAECC|.BA 00B04D00 MOV EDX,PicAlbum.004DB000 ;reg_no
004DAED1|.8BC6 MOV EAX,ESI
004DAED3|.E8 F45AF9FF CALL PicAlbum.004709CC
004DAED8|.8BC6 MOV EAX,ESI
004DAEDA|.E8 E157F9FF CALL PicAlbum.004706C0
004DAEDF|.EB 2A JMP SHORT PicAlbum.004DAF0B
004DAEE1|>B2 01 MOV DL,1
004DAEE3|.8BC6 MOV EAX,ESI
004DAEE5|.8B08 MOV ECX,DWORD PTR DS:
004DAEE7|.FF51 FC CALL DWORD PTR DS:
004DAEEA|.6A 40 PUSH 40
004DAEEC|.B9 08B04D00 MOV ECX,PicAlbum.004DB008 ;提示信息
004DAEF1|.BA 14B04D00 MOV EDX,PicAlbum.004DB014 ;写注册表出错,请检查此用户是否可以写注册表!
004DAEF6|.A1 C0C44E00 MOV EAX,DWORD PTR DS:
004DAEFB|.8B00 MOV EAX,DWORD PTR DS:
004DAEFD|.E8 02F7F8FF CALL PicAlbum.0046A604
004DAF02|.8BC3 MOV EAX,EBX
004DAF04|.E8 BFBEF8FF CALL PicAlbum.00466DC8
004DAF09|.EB 42 JMP SHORT PicAlbum.004DAF4D
004DAF0B|>B2 01 MOV DL,1
004DAF0D|.8BC6 MOV EAX,ESI
004DAF0F|.8B08 MOV ECX,DWORD PTR DS:
004DAF11|.FF51 FC CALL DWORD PTR DS:
004DAF14|.6A 40 PUSH 40
004DAF16|.B9 08B04D00 MOV ECX,PicAlbum.004DB008 ;提示信息
004DAF1B|.BA 44B04D00 MOV EDX,PicAlbum.004DB044 ;您注册成功,欢迎使用!
004DAF20|.A1 C0C44E00 MOV EAX,DWORD PTR DS:
004DAF25|.8B00 MOV EAX,DWORD PTR DS:
004DAF27|.E8 D8F6F8FF CALL PicAlbum.0046A604
004DAF2C|.8BC3 MOV EAX,EBX
004DAF2E|.E8 95BEF8FF CALL PicAlbum.00466DC8
004DAF33|.EB 18 JMP SHORT PicAlbum.004DAF4D
004DAF35|>6A 40 PUSH 40
004DAF37|.B9 08B04D00 MOV ECX,PicAlbum.004DB008 ;提示信息
004DAF3C|.BA 5CB04D00 MOV EDX,PicAlbum.004DB05C ;您输入的数据有错,请重新注册!
004DAF41|.A1 C0C44E00 MOV EAX,DWORD PTR DS:
004DAF46|.8B00 MOV EAX,DWORD PTR DS:
004DAF48|.E8 B7F6F8FF CALL PicAlbum.0046A604
004DAF4D|>33C0 XOR EAX,EAX
004DAF4F|.5A POP EDX
004DAF50|.59 POP ECX
004DAF51|.59 POP ECX
004DAF52|.64:8910 MOV DWORD PTR FS:,EDX
004DAF55|.68 A7AF4D00 PUSH PicAlbum.004DAFA7
004DAF5A|>8D45 DC LEA EAX,DWORD PTR SS:
004DAF5D|.E8 1E9AF2FF CALL PicAlbum.00404980
004DAF62|.8D45 E0 LEA EAX,DWORD PTR SS:
004DAF65|.E8 169AF2FF CALL PicAlbum.00404980
004DAF6A|.8D45 E4 LEA EAX,DWORD PTR SS:
004DAF6D|.E8 0E9AF2FF CALL PicAlbum.00404980
004DAF72|.8D45 E8 LEA EAX,DWORD PTR SS:
004DAF75|.E8 069AF2FF CALL PicAlbum.00404980
004DAF7A|.8D45 EC LEA EAX,DWORD PTR SS:
004DAF7D|.E8 FE99F2FF CALL PicAlbum.00404980
004DAF82|.8D45 F0 LEA EAX,DWORD PTR SS:
004DAF85|.E8 F699F2FF CALL PicAlbum.00404980
004DAF8A|.8D45 F4 LEA EAX,DWORD PTR SS:
004DAF8D|.E8 EE99F2FF CALL PicAlbum.00404980
004DAF92|.8D45 F8 LEA EAX,DWORD PTR SS:
004DAF95|.BA 02000000 MOV EDX,2
004DAF9A|.E8 059AF2FF CALL PicAlbum.004049A4
004DAF9F\.C3 RETN
004DAFA0 .^ E9 7F93F2FF JMP PicAlbum.00404324
004DAFA5 .^ EB B3 JMP SHORT PicAlbum.004DAF5A
004DAFA7 .5E POP ESI
004DAFA8 .5B POP EBX
004DAFA9 .8BE5 MOV ESP,EBP
004DAFAB .5D POP EBP
004DAFAC .C3 RETN
-----004DADF3|.E8 880CFEFF CALL PicAlbum.004BBA80 这里跟进-----
004BBA80/$55 PUSH EBP
004BBA81|.8BEC MOV EBP,ESP
004BBA83|.81C4 7CFFFFFF ADD ESP,-84
004BBA89|.53 PUSH EBX
004BBA8A|.56 PUSH ESI
004BBA8B|.57 PUSH EDI
004BBA8C|.33DB XOR EBX,EBX
004BBA8E|.899D 7CFFFFFF MOV DWORD PTR SS:,EBX
004BBA94|.895D 80 MOV DWORD PTR SS:,EBX
004BBA97|.895D 84 MOV DWORD PTR SS:,EBX
004BBA9A|.895D 88 MOV DWORD PTR SS:,EBX
004BBA9D|.895D 8C MOV DWORD PTR SS:,EBX
004BBAA0|.895D 90 MOV DWORD PTR SS:,EBX
004BBAA3|.895D F0 MOV DWORD PTR SS:,EBX
004BBAA6|.894D F4 MOV DWORD PTR SS:,ECX
004BBAA9|.8955 F8 MOV DWORD PTR SS:,EDX
004BBAAC|.8945 FC MOV DWORD PTR SS:,EAX
004BBAAF|.8B45 FC MOV EAX,DWORD PTR SS:
004BBAB2|.E8 6993F4FF CALL PicAlbum.00404E20
004BBAB7|.8B45 F8 MOV EAX,DWORD PTR SS:
004BBABA|.E8 6193F4FF CALL PicAlbum.00404E20
004BBABF|.8B45 F4 MOV EAX,DWORD PTR SS: ;假码
004BBAC2|.E8 5993F4FF CALL PicAlbum.00404E20
004BBAC7|.33C0 XOR EAX,EAX
004BBAC9|.55 PUSH EBP
004BBACA|.68 9EBD4B00 PUSH PicAlbum.004BBD9E
004BBACF|.64:FF30 PUSH DWORD PTR FS:
004BBAD2|.64:8920 MOV DWORD PTR FS:,ESP
004BBAD5|.8D55 90 LEA EDX,DWORD PTR SS:
004BBAD8|.8B45 F4 MOV EAX,DWORD PTR SS: ;假码
004BBADB|.E8 00D5F4FF CALL PicAlbum.00408FE0
004BBAE0|.8B55 90 MOV EDX,DWORD PTR SS: ;假码
004BBAE3|.8D45 F4 LEA EAX,DWORD PTR SS:
004BBAE6|.E8 2D8FF4FF CALL PicAlbum.00404A18
004BBAEB|.8B45 F4 MOV EAX,DWORD PTR SS: ;假码
004BBAEE|.E8 4591F4FF CALL PicAlbum.00404C38
004BBAF3|.83F8 13 CMP EAX,13 ;注册码长度为19
004BBAF6|.74 12 JE SHORT PicAlbum.004BBB0A ;是19就跳,否则完玩
004BBAF8|.8B45 08 MOV EAX,DWORD PTR SS:
004BBAFB|.BA B8BD4B00 MOV EDX,PicAlbum.004BBDB8 ;none
004BBB00|.E8 CF8EF4FF CALL PicAlbum.004049D4
004BBB05|.E9 69020000 JMP PicAlbum.004BBD73
004BBB0A|>8D55 F0 LEA EDX,DWORD PTR SS:
004BBB0D|.8B45 F8 MOV EAX,DWORD PTR SS: ;用户名
004BBB10|.E8 CBD4F4FF CALL PicAlbum.00408FE0
004BBB15|.8B45 F0 MOV EAX,DWORD PTR SS:
004BBB18|.E8 1B91F4FF CALL PicAlbum.00404C38
004BBB1D|.8BF8 MOV EDI,EAX
004BBB1F|.83FF 01 CMP EDI,1
004BBB22|.7D 12 JGE SHORT PicAlbum.004BBB36
004BBB24|.8B45 08 MOV EAX,DWORD PTR SS:
004BBB27|.BA B8BD4B00 MOV EDX,PicAlbum.004BBDB8 ;none
004BBB2C|.E8 A38EF4FF CALL PicAlbum.004049D4
004BBB31|.E9 3D020000 JMP PicAlbum.004BBD73
004BBB36|>83FF 10 CMP EDI,10 ;比较用户名长度(就为16)
004BBB39|.7D 25 JGE SHORT PicAlbum.004BBB60 ;小于16就不跳
004BBB3B|>8D55 8C /LEA EDX,DWORD PTR SS:
004BBB3E|.8B45 F8 |MOV EAX,DWORD PTR SS: ;用户名
004BBB41|.E8 9AD4F4FF |CALL PicAlbum.00408FE0
004BBB46|.8B55 8C |MOV EDX,DWORD PTR SS: ;复制用户名
004BBB49|.8D45 F0 |LEA EAX,DWORD PTR SS:
004BBB4C|.E8 EF90F4FF |CALL PicAlbum.00404C40
004BBB51|.8B45 F0 |MOV EAX,DWORD PTR SS: ;进行连接
004BBB54|.E8 DF90F4FF |CALL PicAlbum.00404C38
004BBB59|.8BF8 |MOV EDI,EAX
004BBB5B|.83FF 10 |CMP EDI,10 ;长度不是16就继续
004BBB5E|.^ 7C DB \JL SHORT PicAlbum.004BBB3B
004BBB60|>C645 97 50 MOV BYTE PTR SS:,50 ;堆栈 SS:=00
004BBB64|.C645 98 39 MOV BYTE PTR SS:,39 ;堆栈 SS:=84
004BBB68|.C645 99 43 MOV BYTE PTR SS:,43 ;堆栈 SS:=F0
004BBB6C|.C645 9A 38 MOV BYTE PTR SS:,38 ;堆栈 SS:=12
004BBB70|.C645 9B 55 MOV BYTE PTR SS:,55 ;堆栈 SS:=00
004BBB74|.C645 9C 37 MOV BYTE PTR SS:,37 ;堆栈 SS:=74 ('t')
004BBB78|.C645 9D 45 MOV BYTE PTR SS:,45 ;堆栈 SS:=23 ('#')
004BBB7C|.C645 9E 36 MOV BYTE PTR SS:,36 ;堆栈 SS:=40 ('@')
004BBB80|.C645 9F 48 MOV BYTE PTR SS:,48 ;堆栈 SS:=00
004BBB84|.C645 A0 35 MOV BYTE PTR SS:,35 ;堆栈 SS:=30 ('0')
004BBB88|.C645 A1 55 MOV BYTE PTR SS:,55 ;堆栈 SS:=F0
004BBB8C|.C645 A2 34 MOV BYTE PTR SS:,34 ;堆栈 SS:=12
004BBB90|.C645 A3 49 MOV BYTE PTR SS:,49 ;堆栈 SS:=00
004BBB94|.C645 A4 33 MOV BYTE PTR SS:,33 ;堆栈 SS:=07
004BBB98|.C645 A5 47 MOV BYTE PTR SS:,47 ;堆栈 SS:=00
004BBB9C|.C645 A6 32 MOV BYTE PTR SS:,32 ;堆栈 SS:=00
004BBBA0|.33DB XOR EBX,EBX
004BBBA2|.8D45 AC LEA EAX,DWORD PTR SS:
004BBBA5|>69D3 89000000 /IMUL EDX,EBX,89 ;整数乘法EDX=10*89[这里为16进制]
004BBBAB|.8910 |MOV DWORD PTR DS:,EDX
004BBBAD|.43 |INC EBX
004BBBAE|.83C0 04 |ADD EAX,4
004BBBB1|.83FB 10 |CMP EBX,10
004BBBB4|.^ 75 EF \JNZ SHORT PicAlbum.004BBBA5
004BBBB6|.33F6 XOR ESI,ESI
004BBBB8|.8B45 FC MOV EAX,DWORD PTR SS: ;(ASCII "PicAlbum")
004BBBBB|.E8 7890F4FF CALL PicAlbum.00404C38
004BBBC0|.85C0 TEST EAX,EAX ;长度是否为8
004BBBC2|.7E 13 JLE SHORT PicAlbum.004BBBD7 ;不为8不跳
004BBBC4|.BB 01000000 MOV EBX,1
004BBBC9|>8B55 FC /MOV EDX,DWORD PTR SS: ;(ASCII "PicAlbum")
004BBBCC|.0FB6541A FF |MOVZX EDX,BYTE PTR DS: ;逐位取
004BBBD1|.03F2 |ADD ESI,EDX ;各字符16进制逐位相加[最后 ESI=30D,这应是常数]
004BBBD3|.43 |INC EBX
004BBBD4|.48 |DEC EAX
004BBBD5|.^ 75 F2 \JNZ SHORT PicAlbum.004BBBC9
004BBBD7|>8BC7 MOV EAX,EDI
004BBBD9|.85C0 TEST EAX,EAX
004BBBDB|.7E 13 JLE SHORT PicAlbum.004BBBF0
004BBBDD|.BB 01000000 MOV EBX,1
004BBBE2|>8B55 F0 /MOV EDX,DWORD PTR SS: ;拼接后的用户名
004BBBE5|.0FB6541A FF |MOVZX EDX,BYTE PTR DS:
004BBBEA|.03F2 |ADD ESI,EDX ;ESI=ESI+EDX,我这里最后计算得98E
004BBBEC|.43 |INC EBX ;取哪一位
004BBBED|.48 |DEC EAX ;拼接后的用户名长度递减
004BBBEE|.^ 75 F2 \JNZ SHORT PicAlbum.004BBBE2
004BBBF0|>8BC7 MOV EAX,EDI
004BBBF2|.48 DEC EAX ;用户长度-1
004BBBF3|.85C0 TEST EAX,EAX
004BBBF5|.7C 40 JL SHORT PicAlbum.004BBC37
004BBBF7|.40 INC EAX ;+1
004BBBF8|.33DB XOR EBX,EBX
004BBBFA|>8B55 F0 /MOV EDX,DWORD PTR SS: ;拼接后的用户名(ASCII "lzq1973lzq1973lzq1973")
004BBBFD|.8A141A |MOV DL,BYTE PTR DS: ;逐位取
004BBC00|.81E2 FF000000 |AND EDX,0FF ;与运算
004BBC06|.8BCB |MOV ECX,EBX
004BBC08|.81E1 0F000080 |AND ECX,8000000F ;与运算
004BBC0E|.79 05 |JNS SHORT PicAlbum.004BBC15
004BBC10|.49 |DEC ECX
004BBC11|.83C9 F0 |OR ECX,FFFFFFF0
004BBC14|.41 |INC ECX
004BBC15|>0FB64C0D 97 |MOVZX ECX,BYTE PTR SS:
004BBC1A|.0FAFD1 |IMUL EDX,ECX ;整数乘法(拼接后的各字符16进制与其对应的50、39、43、38、55、37、45、36、48、35、55、34、49、33、47、32)
004BBC1D|.0FAFD6 |IMUL EDX,ESI ;EDX=EDX*98E
004BBC20|.8BCB |MOV ECX,EBX
004BBC22|.81E1 0F000080 |AND ECX,8000000F
004BBC28|.79 05 |JNS SHORT PicAlbum.004BBC2F
004BBC2A|.49 |DEC ECX
004BBC2B|.83C9 F0 |OR ECX,FFFFFFF0
004BBC2E|.41 |INC ECX
004BBC2F|>01548D AC |ADD DWORD PTR SS:,EDX
004BBC33|.43 |INC EBX
004BBC34|.48 |DEC EAX
004BBC35|.^ 75 C3 \JNZ SHORT PicAlbum.004BBBFA
004BBC37|>BB 10000000 MOV EBX,10
004BBC3C|.8D4D AC LEA ECX,DWORD PTR SS:
004BBC3F|.8D75 97 LEA ESI,DWORD PTR SS: ;这应是常量(ASCII "P9C8U7E6H5U4I3G2")
004BBC42|>8B01 /MOV EAX,DWORD PTR DS:
004BBC44|.BF FF010000 |MOV EDI,1FF
004BBC49|.99 |CDQ ; 双字扩展
004BBC4A|.F7FF |IDIV EDI ;整数除法
004BBC4C|.6BC2 35 |IMUL EAX,EDX,35 ;EAX=174*35
004BBC4F|.6BC0 59 |IMUL EAX,EAX,59 ;EAX=EAX*59
004BBC52|.BF 25000000 |MOV EDI,25 ;EDI=25
004BBC57|.99 |CDQ
004BBC58|.F7FF |IDIV EDI ;EDI/25
004BBC5A|.8BFA |MOV EDI,EDX
004BBC5C|.8939 |MOV DWORD PTR DS:,EDI
004BBC5E|.83FF 24 |CMP EDI,24
004BBC61|.75 06 |JNZ SHORT PicAlbum.004BBC69
004BBC63|.C701 12000000 |MOV DWORD PTR DS:,12 ;第一次赋12
004BBC69|>8B01 |MOV EAX,DWORD PTR DS:
004BBC6B|.83F8 0A |CMP EAX,0A
004BBC6E|.7D 07 |JGE SHORT PicAlbum.004BBC77 ;大于10就跳
004BBC70|.83C0 30 |ADD EAX,30
004BBC73|.8806 |MOV BYTE PTR DS:,AL
004BBC75|.EB 08 |JMP SHORT PicAlbum.004BBC7F
004BBC77|>83C0 41 |ADD EAX,41 ;EAX=EAX+41
004BBC7A|.83E8 0A |SUB EAX,0A ;EAX=EAX-0A
004BBC7D|.8806 |MOV BYTE PTR DS:,AL ;对应的注册码字符
004BBC7F|>46 |INC ESI
004BBC80|.83C1 04 |ADD ECX,4
004BBC83|.4B |DEC EBX
004BBC84|.^ 75 BC \JNZ SHORT PicAlbum.004BBC42
004BBC86|.8D45 F0 LEA EAX,DWORD PTR SS:
004BBC89|.E8 F28CF4FF CALL PicAlbum.00404980
004BBC8E|.BB 04000000 MOV EBX,4 ;取4位
004BBC93|.8D75 97 LEA ESI,DWORD PTR SS: ; (ASCII "IEC1QFR0WPRN2D8O")
004BBC96|>8D45 88 /LEA EAX,DWORD PTR SS:
004BBC99|.8A16 |MOV DL,BYTE PTR DS:
004BBC9B|.E8 C08EF4FF |CALL PicAlbum.00404B60
004BBCA0|.8B55 88 |MOV EDX,DWORD PTR SS:
004BBCA3|.8D45 F0 |LEA EAX,DWORD PTR SS:
004BBCA6|.E8 958FF4FF |CALL PicAlbum.00404C40
004BBCAB|.46 |INC ESI
004BBCAC|.4B |DEC EBX
004BBCAD|.^ 75 E7 \JNZ SHORT PicAlbum.004BBC96
004BBCAF|.8D45 F0 LEA EAX,DWORD PTR SS:
004BBCB2|.BA C8BD4B00 MOV EDX,PicAlbum.004BBDC8 ;-
004BBCB7|.E8 848FF4FF CALL PicAlbum.00404C40
004BBCBC|.BB 04000000 MOV EBX,4 ;取4位
004BBCC1|.8D75 9B LEA ESI,DWORD PTR SS: ;(ASCII "QFR0WPRN2D8O")
004BBCC4|>8D45 84 /LEA EAX,DWORD PTR SS:
004BBCC7|.8A16 |MOV DL,BYTE PTR DS:
004BBCC9|.E8 928EF4FF |CALL PicAlbum.00404B60
004BBCCE|.8B55 84 |MOV EDX,DWORD PTR SS:
004BBCD1|.8D45 F0 |LEA EAX,DWORD PTR SS:
004BBCD4|.E8 678FF4FF |CALL PicAlbum.00404C40
004BBCD9|.46 |INC ESI
004BBCDA|.4B |DEC EBX
004BBCDB|.^ 75 E7 \JNZ SHORT PicAlbum.004BBCC4
004BBCDD|.8D45 F0 LEA EAX,DWORD PTR SS:
004BBCE0|.BA C8BD4B00 MOV EDX,PicAlbum.004BBDC8 ;-
004BBCE5|.E8 568FF4FF CALL PicAlbum.00404C40
004BBCEA|.BB 04000000 MOV EBX,4 ;取4位
004BBCEF|.8D75 9F LEA ESI,DWORD PTR SS: ; (ASCII "WPRN2D8O")
004BBCF2|>8D45 80 /LEA EAX,DWORD PTR SS:
004BBCF5|.8A16 |MOV DL,BYTE PTR DS:
004BBCF7|.E8 648EF4FF |CALL PicAlbum.00404B60
004BBCFC|.8B55 80 |MOV EDX,DWORD PTR SS:
004BBCFF|.8D45 F0 |LEA EAX,DWORD PTR SS:
004BBD02|.E8 398FF4FF |CALL PicAlbum.00404C40
004BBD07|.46 |INC ESI
004BBD08|.4B |DEC EBX
004BBD09|.^ 75 E7 \JNZ SHORT PicAlbum.004BBCF2
004BBD0B|.8D45 F0 LEA EAX,DWORD PTR SS:
004BBD0E|.BA C8BD4B00 MOV EDX,PicAlbum.004BBDC8 ;-
004BBD13|.E8 288FF4FF CALL PicAlbum.00404C40
004BBD18|.BB 04000000 MOV EBX,4 ;取4位
004BBD1D|.8D75 A3 LEA ESI,DWORD PTR SS: ;(ASCII "2D8O")
004BBD20|>8D85 7CFFFFFF /LEA EAX,DWORD PTR SS:
004BBD26|.8A16 |MOV DL,BYTE PTR DS:
004BBD28|.E8 338EF4FF |CALL PicAlbum.00404B60
004BBD2D|.8B95 7CFFFFFF |MOV EDX,DWORD PTR SS:
004BBD33|.8D45 F0 |LEA EAX,DWORD PTR SS:
004BBD36|.E8 058FF4FF |CALL PicAlbum.00404C40
004BBD3B|.46 |INC ESI
004BBD3C|.4B |DEC EBX
004BBD3D|.^ 75 E1 \JNZ SHORT PicAlbum.004BBD20
004BBD3F|.8B45 F0 MOV EAX,DWORD PTR SS: ;进行拼接(ASCII "IEC1-QFR0-WPRN-2D8O")
004BBD42|.8B55 F4 MOV EDX,DWORD PTR SS: ;(ASCII "1234567890123456789")
004BBD45|.E8 3290F4FF CALL PicAlbum.00404D7C
004BBD4A|.75 1A JNZ SHORT PicAlbum.004BBD66
004BBD4C|.8D55 F0 LEA EDX,DWORD PTR SS:
004BBD4F|.8B45 F8 MOV EAX,DWORD PTR SS:
004BBD52|.E8 89D2F4FF CALL PicAlbum.00408FE0
004BBD57|.8B45 08 MOV EAX,DWORD PTR SS:
004BBD5A|.BA D4BD4B00 MOV EDX,PicAlbum.004BBDD4 ;ok
004BBD5F|.E8 708CF4FF CALL PicAlbum.004049D4
004BBD64|.EB 0D JMP SHORT PicAlbum.004BBD73
004BBD66|>8B45 08 MOV EAX,DWORD PTR SS:
004BBD69|.BA B8BD4B00 MOV EDX,PicAlbum.004BBDB8 ;none
004BBD6E|.E8 618CF4FF CALL PicAlbum.004049D4
004BBD73|>33C0 XOR EAX,EAX
004BBD75|.5A POP EDX
004BBD76|.59 POP ECX
004BBD77|.59 POP ECX
004BBD78|.64:8910 MOV DWORD PTR FS:,EDX
004BBD7B|.68 A5BD4B00 PUSH PicAlbum.004BBDA5
004BBD80|>8D85 7CFFFFFF LEA EAX,DWORD PTR SS:
004BBD86|.BA 06000000 MOV EDX,6
004BBD8B|.E8 148CF4FF CALL PicAlbum.004049A4
004BBD90|.8D45 F0 LEA EAX,DWORD PTR SS:
004BBD93|.BA 04000000 MOV EDX,4
004BBD98|.E8 078CF4FF CALL PicAlbum.004049A4
004BBD9D\.C3 RETN
004BBD9E .^ E9 8185F4FF JMP PicAlbum.00404324
004BBDA3 .^ EB DB JMP SHORT PicAlbum.004BBD80
004BBDA5 .5F POP EDI
004BBDA6 .5E POP ESI
004BBDA7 .5B POP EBX
004BBDA8 .8BE5 MOV ESP,EBP
004BBDAA .5D POP EBP
004BBDAB .C2 0400 RETN 4
至此注册码已出,明码比较。
--------------------------------------------------------------------------------
【经验总结】
这篇破文用了我半天的时间,头疼的很,心里明白,可是用文字表示不出来,还请敬谅~~,下面是些胡言乱语??
常量(PicAlbum)各字符的16进制累加值为30D
令用户名各字符16进制+30D为A,A=A+30D
用户名前16位(不足16位则循环取)各自×与其对应的(50、39、43、38、55、37、45、36、48、35、55、34、49、33、47
、32)的积为C,则D=D*A
常量(ASCII "P9C8U7E6H5U4I3G2")
E=CDQ(CDQ(D)/1FF*35*59)/25 > 0A则,
对应的注册码字符F=E+41-0A
反这E < 0A则,F=E+30
最后拼接为IEC1QFR0WPRN2D8O,每4位一组中间用“-”间隔,即IEC1-QFR0-WPRN-2D8O就是注册码。
注册码长度必须是19,用户名不能为空,支持中文。
附上几组注册码
用户名:lzq1973
注册码:JC6I-8JZ4-DBDC-07E8
用户名:网眼天下
注册码:0G8Z-XY9I-95IW-217B
--------------------------------------------------------------------------------
【版权声明】: 本文属于大家, 转载请注明作者并保持文章的完整, 谢谢!
2006年03月28日 11:34:08 学习了``` 004BBB60|>C645 97 50 MOV BYTE PTR SS:,50
004BBB64|.C645 98 39 MOV BYTE PTR SS:,39
004BBB68|.C645 99 43 MOV BYTE PTR SS:,43
004BBB6C|.C645 9A 38 MOV BYTE PTR SS:,38
004BBB70|.C645 9B 55 MOV BYTE PTR SS:,55
004BBB74|.C645 9C 37 MOV BYTE PTR SS:,37
004BBB78|.C645 9D 45 MOV BYTE PTR SS:,45
004BBB7C|.C645 9E 36 MOV BYTE PTR SS:,36
004BBB80|.C645 9F 48 MOV BYTE PTR SS:,48
004BBB84|.C645 A0 35 MOV BYTE PTR SS:,35
004BBB88|.C645 A1 55 MOV BYTE PTR SS:,55
004BBB8C|.C645 A2 34 MOV BYTE PTR SS:,34
004BBB90|.C645 A3 49 MOV BYTE PTR SS:,49
004BBB94|.C645 A4 33 MOV BYTE PTR SS:,33
004BBB98|.C645 A5 47 MOV BYTE PTR SS:,47
004BBB9C|.C645 A6 32 MOV BYTE PTR SS:,32
这个就是一个表:P9C8U7E6H5U4I3G2
实际上作者还是做了一定的防破解的(没有把关键字符直接显示出来,而是采用如上的ascii码形式逐个传递,不过最终明码,可惜啊........) 在好,也难逃比较啊 看看```学习下! 作者又更新了,加了个23位注册码的计算,可能就是他说的普通版与商业版吧!
004BBAE3 83F8 13 cmp eax,13 ; 比较注册码是否是19位
004BBAE6 74 1F je short PicAlbum.004BBB07
004BBAE8 8B45 F4 mov eax,dword ptr ss:
004BBAEB E8 4891F4FF call PicAlbum.00404C38
004BBAF0 83F8 17 cmp eax,17 ; 比较注册码是否是23位
004BBAF3 74 12 je short PicAlbum.004BBB07
商业版出来了,跟了一个注册码出来:用户名:abcdef,注册码为:79754-55862-61461-03887 附:家家乐电子相册制作系统 2006.3内存注册机
[ 本帖最后由 chadd 于 2006-4-3 13:36 编辑 ]
页:
[1]