佳宜仓库管理软件 V2.96 企业版算法分析
【破文标题】佳宜仓库管理软件 V2.96 企业版算法分析【破文作者】黑夜彩虹
【破解工具】OD
【破解平台】Win9x/NT/2000/XP/2003
【软件名称】佳宜仓库管理软件 V2.96 企业版
【更新时间】2006-07-02 15:34:43
【原版下载】http://www.skycn.com/soft/18980.html
【保护方式】注册码
【软件简介】
一、适应对象:
本软件适用于大中小型企业、商畅?生产厂等物资供销、商品流通部门进行物资(商品)的采购、销售、库存的管理。主要功能包括进采购、采购退货、采购付款、销售、销售退货、物料领用、领料退回、库存盘点、仓库调拨、借入、借出、借入还出、借出还入,供方客户资料管理,供方供货汇总、明细报表,明细报表,客户供货汇总、明细报表,明细报表,部门领用汇总、明细报表、仓库汇总、明细报表。销售毛利汇总、明细报表,销售年报表等多种报表,使公司业务情况一目了然。
二、软件特点:
1。导航式的界面:
所想即所见,所见即所想,这就是导航式操作的优点。众多功能的巧妙安排,缩短了数据传输的流程;帐务的错综复杂体现在系统内部,你的操作依然那么简单,省时又省心。 全能的报表查询;所有的报表和基本资料均可导入EXCEL中进行分析加工,以满足用户的更高的要求。
2。高效强大的查询工具:
系统提供多种查询方式来帮助您快速找到所需要的资料。无论是使用预制条件还是临时的高级组合查找,都能够让您省心省力;
3。稳定安全的数据库:
佳宜系列软件分两种数据库版本,一种是采用Mrosoft公司的Access作后台数据库性能稳定、数据交换速度快、数据安全(用友、金碟单机版也是使用Access数据库),另一种是采用Microsoft公司的SQL作后台数据库性能稳定、数据交换速度快、数据安全。
(1)佳宜Access数据库版本的系列软件支持单机、网络.
(2)佳宜SQL数据库版本的系列软件支持单机、网络、远程连接.
4。完全的网络化操作:
各个站点的数据保存即通过网络传递到服务器,相关人员可以随时看到更新的数据,极大的提高了信息传递的速度,使得企业的管理效率更上一层楼;
5。开放式的打印设置:
佳宜系列软件的打印样式设计功能采用当今流行的报表设计器进行设计,兼具WORD和EXCEL的强大功能。用户不仅可以对单据/报表的外观进行设计(包括对格式、字体、边框、背景等的设计),而且可以设定报表内部数据的计算方法(包括对数据来源的设定、数据算法的设定等)。
三、部分特色功能:
1,支持 固定成本法、加权平均法、移动加权平均法 计算物品成本单价;
2,支持材料入库、出库、调拨、盘点、借货处理;
3,支持以仓库为中心的场景管理模式;
4,支持入库、出库和调拨向导操作模式;
5,支持生成每月的物品收发结存表,使企业界及时的了解当前库存情况;
6,支持生成每种物品的收发明细账;
7,销售毛利汇总、明细报表,销售年报表等多种报表,使公司业务情况一目了然。
8,支持警戒库存量报警功能;
9,支持简单易用的数据自动备份、数据恢复等功能;
10,完善、灵活的角色、操作员权限管理;
四、 市场卖点:
实惠体贴的价格,为您提供高性价比的实用软件;
一次购买,终生免费升级;
确认汇款凭证后,当日提供软件注册码,让交易更快捷,用户更放心。
五、 售后服务与技术支持:
注册用户享有最新版本免费升级权利;
对用户提出的合理改进要求,免费进行修改;
提供电话全天候咨询;
提供网上论坛进行互动交流;
提供电子邮件与在线 QQ 实时技术支持。
【算法分析】
一、PEiD查无壳。软件是Borland Delphi 6.0 - 7.0编写。
运行,注册名:vxin 试练码:123456
二、OD载入后,超级ASCII参串
超级字串参考+ ,项目 2387
地址=005EF312
反汇编=push DepotMan.005EF43C
文本字串=系统注册成功,欢迎你使用本软件!
005EF174 E8 63FEE5FFcall DepotMan.0044EFDC
005EF179 8B45 F0 mov eax,dword ptr ss:=01808DD4, (ASCII "vxin")
005EF17C 8D55 F4 lea edx,dword ptr ss:[ebp> ; EAX 01808DD4 ASCII "vxin"
005EF17F E8 A4A5E1FFcall DepotMan.00409728
005EF184 837D F4 00 cmp dword ptr ss:,> ; 堆栈 ss:=01836740, (ASCII "vxin")
005EF188 75 22 jnz short DepotMan.005EF1>
005EF18A 6A 00 push 0
005EF18C 68 D0F35E00push DepotMan.005EF3D0 ; 请填写用户名称!
005EF191 E8 2E04FFFFcall <jmp.&PunUnitLib.Sho>
......................省掉N行代码........................
005EF1B8 E8 1FFEE5FFcall DepotMan.0044EFDC
005EF1BD 8B45 E8 mov eax,dword ptr ss:=017F1ACC, (ASCII "123456")
005EF1C0 8D55 EC lea edx,dword ptr ss:[ebp> ; EAX 017F1ACC ASCII "123456"
005EF1C3 E8 60A5E1FFcall DepotMan.00409728
005EF1C8 837D EC 00 cmp dword ptr ss:> ; 堆栈 ss:=01834048, (ASCII "123456")
005EF1CC 75 22 jnz short DepotMan.005EF1>
005EF1CE 6A 00 push 0
005EF1D0 68 E4F35E00push DepotMan.005EF3E4 ; 授权号不能为空,请填写授权号!
005EF1D5 E8 EA03FFFFcall <jmp.&PunUnitLib.Sho>
005EF1DA 8B45 FC mov eax,dword ptr ss:[ebp>
005EF1DD 8B80 FC02000>mov eax,dword ptr ds:[eax>
005EF1E3 8B10 mov edx,dword ptr ds:[eax>
005EF1E5 FF92 C000000>call dword ptr ds:[edx+C0>
005EF1EB E9 6D010000jmp DepotMan.005EF35D
005EF1F0 A1 54876A00mov eax,dword ptr ds:[6A8>
005EF1F5 8B00 mov eax,dword ptr ds:[eax> ; ASCII "CA9D-36Q8"
005EF1F7 E8 D45DE1FFcall DepotMan.00404FD0
005EF1FC 50 push eax ; eax=005DF658 (DepotMan.005DF658), ASCII "CA9D-36Q8"
005EF1FD 8D55 E4 lea edx,dword ptr ss:[ebp>
005EF200 8B45 FC mov eax,dword ptr ss:[ebp> ; eax=005DF658 (DepotMan.005DF658), ASCII "CA9D-36Q8"
005EF203 8B80 F402000>mov eax,dword ptr ds:[eax>
005EF209 E8 CEFDE5FFcall DepotMan.0044EFDC
005EF20E 8B45 E4 mov eax,dword ptr ss:=01814974, (ASCII "MRG254KBEDXE1P")
005EF211 E8 BA5DE1FFcall DepotMan.00404FD0
005EF216 50 push eax ; eax=01814974, (ASCII "MRG254KBEDXE1P")
005EF217 E8 D803FFFFcall <jmp.&PunUnitLib.Get> ; 关键算法CALL
005EF21C 8BD0 mov edx,eax ; ASCII "CA9D-0513-36Q8-5485"
005EF21E 8D45 F8 lea eax,dword ptr ss:[ebp> ; eax=00B125A8, (ASCII "CA9D-0513-36Q8-5485")
005EF221 E8 EA5AE1FFcall DepotMan.00404D10
005EF226 8D55 DC lea edx,dword ptr ss:[ebp>
005EF229 8B45 FC mov eax,dword ptr ss:[ebp>
005EF22C 8B80 FC02000>mov eax,dword ptr ds:[eax>
005EF232 E8 A5FDE5FFcall DepotMan.0044EFDC
005EF237 8B45 DC mov eax,dword ptr ss:=01813788, (ASCII "123456")
005EF23A 8D55 E0 lea edx,dword ptr ss:[ebp> ; EAX 01813788 ASCII "123456"
005EF23D E8 E6A4E1FFcall DepotMan.00409728
005EF242 8B45 E0 mov eax,dword ptr ss:=017F5304, (ASCII "123456")
005EF245 8B55 F8 mov edx,dword ptr ss:=0183B30C, (ASCII "CA9D-0513-36Q8-5485")
005EF248 E8 CF5CE1FFcall DepotMan.00404F1C ; EDX 0183B30C ASCII "CA9D-0513-36Q8-5485"
005EF24D 0F85 FE00000>jnz DepotMan.005EF351 ; 暴点,不等则跳,跳就over
005EF253 33C0 xor eax,eax
005EF312 68 3CF45E00push DepotMan.005EF43C ; 系统注册成功,欢迎你使用本软件!
005EF317 E8 A802FFFFcall <jmp.&PunUnitLib.Sho>
005EF31C A1 50876A00mov eax,dword ptr ds:[6A8>
005EF321 C700 0200000>mov dword ptr ds:,2
......................省掉N行代码........................
++++++++++++++++++++++++++++++++++++++++关键算法CALL++++++++++++++++++++++++++++++++++++
005EF351 6A 03 push 3
005EF353 68 60F45E00push DepotMan.005EF460 ; 系统注册失败,请检查注册是否有误!
005EF358 E8 6702FFFFcall <jmp.&PunUnitLib.Sho>
008C9035 33C0 xor eax,eax ; 产品编号:ASCII "MRG254KBEDXE1P"
008C9037 55 push ebp
008C9038 68 F2918C00push PunUnitL.008C91F2
008C903D 64:FF30 push dword ptr fs:
008C9040 64:8920 mov dword ptr fs:,es>
008C9043 8D45 EC lea eax,dword ptr ss:[ebp>
008C9046 E8 65B5F8FFcall PunUnitL.008545B0
008C904B 8D45 F0 lea eax,dword ptr ss:[ebp>
008C904E 8B55 08 mov edx,dword ptr ss:[ebp> ; 产品编号:ASCII "MRG254KBEDXE1P"
008C9051 E8 4AB7F8FFcall PunUnitL.008547A0
008C9056 8B45 F0 mov eax,dword ptr ss:[ebp> ; 产品编号:ASCII "MRG254KBEDXE1P"
008C9059 E8 0AB8F8FFcall PunUnitL.00854868 ; 产品编号:ASCII "MRG254KBEDXE1P" 入 EAX
008C905E 8BF0 mov esi,eax
008C9060 85F6 test esi,esi
008C9062 7E 26 jle short PunUnitL.008C90>
008C9064 BB 01000000mov ebx,1
008C9069 8D4D E8 lea ecx,dword ptr ss:[ebp>
008C906C 8B45 F0 mov eax,dword ptr ss:[ebp> ; 取 产品编号:MRG254KBEDXE1P 的ASCII码(16进制)
ds:=4D ('M')
eax=00B12484, (ASCII "MRG254KBEDXE1P")
ds:=52 ('R')
eax=00B12484, (ASCII "MRG254KBEDXE1P")
ds:=47 ('G')
eax=00B12484, (ASCII "MRG254KBEDXE1P")
......................省掉N行代码........................
ds:=50 ('P')
eax=00B12484, (ASCII "MRG254KBEDXE1P")
008C9074 33D2 xor edx,edx ; ASCII "31"
008C9076 E8 F905F9FFcall PunUnitL.00859674
008C907B 8B55 E8 mov edx,dword ptr ss:[ebp> ; ASCII "50"
008C907E 8D45 FC lea eax,dword ptr ss:[ebp>
008C9081 E8 EAB7F8FFcall PunUnitL.00854870
008C9086 43 inc ebx
008C9087 4E dec esi
008C9088 ^ 75 DF jnz short PunUnitL.008C90>
008C908A 8B45 FC mov eax,dword ptr ss:[ebp> ; ASCII "4D52473235344B42454458453150"
008C908D E8 D6B7F8FFcall PunUnitL.00854868 ; ASCII "4D52473235344B42454458453150" 入 EAX
008C9092 8BF0 mov esi,eax
008C9094 85F6 test esi,esi
008C9096 7E 2C jle short PunUnitL.008C90>
008C9098 BB 01000000mov ebx,1
008C909D 8B45 FC mov eax,dword ptr ss:[ebp> ; ASCII "4D52473235344B42454458453150"
008C90A0 E8 C3B7F8FFcall PunUnitL.00854868 ; ASCII "4D52473235344B42454458453150" 入 EAX
008C90A5 2BC3 sub eax,ebx
008C90A7 8B55 FC mov edx,dword ptr ss:[ebp> ; ASCII "4D52473235344B42454458453150"重尾到头重新排列
008C90AA 8A1402 mov dl,byte ptr ds:[edx+e>
008C90AD 8D45 E4 lea eax,dword ptr ss:[ebp>
......................省掉N行代码........................
008C90CD BA 01000000mov edx,1
008C90D2 8B45 F8 mov eax,dword ptr ss:[ebp> ; ASCII "05135485445424B44353237425D4"
008C90D5 E8 E6B9F8FFcall PunUnitL.00854AC0 ; ASCII "05135485445424B44353237425D4" 入 EAX
008C90DA 8D45 F8 lea eax,dword ptr ss:[ebp>
008C90DD 50 push eax
008C90DE B9 04000000mov ecx,4
008C90E3 BA 05000000mov edx,5
008C90E8 8B45 F8 mov eax,dword ptr ss:[ebp> ; ASCII "05135485445424B44353237425D4"
008C90EB E8 D0B9F8FFcall PunUnitL.00854AC0
008C90F0 8B45 FC mov eax,dword ptr ss:[ebp> ; ASCII "0513"
008C90F3 E8 70B7F8FFcall PunUnitL.00854868 ; ASCII "0513" 入 EAX
008C90F8 83F8 04 cmp eax,4
008C90FB 7D 2F jge short PunUnitL.008C91>
008C90FD 8B45 FC mov eax,dword ptr ss:[ebp>
......................省掉N行代码........................
008C911E 8D45 FC lea eax,dword ptr ss:[ebp>
008C9121 E8 4AB7F8FFcall PunUnitL.00854870
008C9126 43 inc ebx
008C9127 83FB 04 cmp ebx,4
008C912A ^ 75 E0 jnz short PunUnitL.008C91>
008C912C 8B45 F8 mov eax,dword ptr ss:[ebp> ; ASCII "5485"
......................省掉N行代码........................
008C916B 8B55 0C mov edx,dword ptr ss:[ebp> ; ASCII "CA9D-36Q8"
008C916E E8 2DB6F8FFcall PunUnitL.008547A0 ; ASCII "CA9D-36Q8" 入 EDX
008C9173 8B45 D8 mov eax,dword ptr ss:[ebp> ; ASCII "CA9D-36Q8"
008C9176 8D55 F4 lea edx,dword ptr ss:[ebp> ; ASCII "CA9D-36Q8" 入 EAX
008C9179 E8 DE03F9FFcall PunUnitL.0085955C
008C917E 8D45 D4 lea eax,dword ptr ss:[ebp>
008C9181 50 push eax
008C9182 B9 04000000mov ecx,4
008C9187 BA 01000000mov edx,1
008C918C 8B45 F4 mov eax,dword ptr ss:[ebp> ; ASCII "CA9D-36Q8"
008C918F E8 2CB9F8FFcall PunUnitL.00854AC0 ; ASCII "CA9D-36Q8" 入 EAX
008C9194 FF75 D4 push dword ptr ss:[ebp-2C> ; ASCII "CA9D"
008C9197 68 0C928C00push PunUnitL.008C920C
008C919C FF75 FC push dword ptr ss: ; ASCII "0513"
008C91AD 8B45 F4 mov eax,dword ptr ss:[ebp> ; ASCII "CA9D-36Q8"
008C91B0 E8 0BB9F8FFcall PunUnitL.00854AC0 ; ASCII "CA9D-36Q8" 入 EAX
008C91B5 FF75 D0 push dword ptr ss:[ebp-30> ; ASCII "-36Q8"
008C91B8 68 0C928C00push PunUnitL.008C920C
008C91BD FF75 F8 push dword ptr ss: ; ASCII "5485"
008C91C0 8D45 EC lea eax,dword ptr ss:[ebp>
008C91C3 BA 06000000mov edx,6
008C91C8 E8 5BB7F8FFcall PunUnitL.00854928
008C91CD 8B45 EC mov eax,dword ptr ss:[ebp> ; ASCII "CA9D-0513-36Q8-5485"
008C91D0 E8 8BB8F8FFcall PunUnitL.00854A60 ; ASCII "CA9D-0513-36Q8-5485" 入 EAX
008C91D5 8BD8 mov ebx,eax ; ASCII "CA9D-0513-36Q8-5485"
008C91D7 33C0 xor eax,eax ; ASCII "CA9D-0513-36Q8-5485" 入EBX
008C91F9 8BC3 mov eax,ebx ; ASCII "CA9D-0513-36Q8-5485"
008C91FB 5E pop esi ; ASCII "CA9D-0513-36Q8-5485" 入 EAX
008C91FC 5B pop ebx ; ASCII "CA9D-0513-36Q8-5485"
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
【算法小结】
1、取硬盘的序列号作为产品编号 MRG254KBEDXE1P
2、取产品编号的ASCII码(16进制) 4D52473235344B42454458453150
3、ASCII码,重尾到头重新排列 05135485445424B44353237425D4
4、部分注册码CA9D- 这是固定的
5、取第3点的前4位 0513
6、部分注册码-36Q8 这是固定的
7、取第3点的第5位到第8位 5485
[ 本帖最后由 黑夜彩虹 于 2006-7-3 01:16 编辑 ] 学习!!!老大,为什么软件注册成功后还要重启验证.重启后又要输注册码! 厉害。。。。。。。。。。 我也来灌水^_^
+++++++++++++++++++++++++++++++++++++++++++++++++++++
005EF144 .55 PUSH EBP
005EF145 .8BEC MOV EBP,ESP
005EF147 .B9 06000000 MOV ECX,6
005EF14C >6A 00 PUSH 0
005EF14E .6A 00 PUSH 0
005EF150 .49 DEC ECX
005EF151 .^ 75 F9 JNZ SHORT DepotMan.005EF14C
005EF153 .51 PUSH ECX
005EF154 .53 PUSH EBX
005EF155 .56 PUSH ESI
005EF156 .57 PUSH EDI
005EF157 .8945 FC MOV DWORD PTR SS:,EAX
005EF15A .33C0 XOR EAX,EAX
005EF15C .55 PUSH EBP
005EF15D .68 C2F35E00 PUSH DepotMan.005EF3C2
005EF162 .64:FF30 PUSH DWORD PTR FS:
005EF165 .64:8920 MOV DWORD PTR FS:,ESP
005EF168 .8D55 F0 LEA EDX,DWORD PTR SS:
005EF16B .8B45 FC MOV EAX,DWORD PTR SS:
005EF16E .8B80 0C030000 MOV EAX,DWORD PTR DS:
005EF174 .E8 63FEE5FF CALL DepotMan.0044EFDC
005EF179 .8B45 F0 MOV EAX,DWORD PTR SS:
005EF17C .8D55 F4 LEA EDX,DWORD PTR SS:
005EF17F .E8 A4A5E1FF CALL DepotMan.00409728
005EF184 .837D F4 00 CMP DWORD PTR SS:,0
005EF188 .75 22 JNZ SHORT DepotMan.005EF1AC
005EF18A .6A 00 PUSH 0
005EF18C .68 D0F35E00 PUSH DepotMan.005EF3D0 ;请填写用户名称!
005EF191 .E8 2E04FFFF CALL <JMP.&PunUnitLib.ShowMess>
005EF196 .8B45 FC MOV EAX,DWORD PTR SS:
005EF199 .8B80 0C030000 MOV EAX,DWORD PTR DS:
005EF19F .8B10 MOV EDX,DWORD PTR DS:
005EF1A1 .FF92 C0000000 CALL DWORD PTR DS:
005EF1A7 .E9 B1010000 JMP DepotMan.005EF35D
005EF1AC >8D55 E8 LEA EDX,DWORD PTR SS:
005EF1AF .8B45 FC MOV EAX,DWORD PTR SS:
005EF1B2 .8B80 FC020000 MOV EAX,DWORD PTR DS:
005EF1B8 .E8 1FFEE5FF CALL DepotMan.0044EFDC
005EF1BD .8B45 E8 MOV EAX,DWORD PTR SS:
005EF1C0 .8D55 EC LEA EDX,DWORD PTR SS:
005EF1C3 .E8 60A5E1FF CALL DepotMan.00409728
005EF1C8 .837D EC 00 CMP DWORD PTR SS:,0
005EF1CC .75 22 JNZ SHORT DepotMan.005EF1F0
005EF1CE .6A 00 PUSH 0
005EF1D0 .68 E4F35E00 PUSH DepotMan.005EF3E4 ;授权号不能为空,请填写授权号!
005EF1D5 .E8 EA03FFFF CALL <JMP.&PunUnitLib.ShowMess>
005EF1DA .8B45 FC MOV EAX,DWORD PTR SS:
005EF1DD .8B80 FC020000 MOV EAX,DWORD PTR DS:
005EF1E3 .8B10 MOV EDX,DWORD PTR DS:
005EF1E5 .FF92 C0000000 CALL DWORD PTR DS:
005EF1EB .E9 6D010000 JMP DepotMan.005EF35D
005EF1F0 >A1 54876A00 MOV EAX,DWORD PTR DS:
005EF1F5 .8B00 MOV EAX,DWORD PTR DS:
005EF1F7 .E8 D45DE1FF CALL DepotMan.00404FD0
005EF1FC .50 PUSH EAX ;ASCII "CA9D-36Q8"
005EF1FD .8D55 E4 LEA EDX,DWORD PTR SS:
005EF200 .8B45 FC MOV EAX,DWORD PTR SS:
005EF203 .8B80 F4020000 MOV EAX,DWORD PTR DS:
005EF209 .E8 CEFDE5FF CALL DepotMan.0044EFDC
005EF20E .8B45 E4 MOV EAX,DWORD PTR SS: ;ASCII "3JX667WQ"机器码
005EF211 .E8 BA5DE1FF CALL DepotMan.00404FD0
005EF216 .50 PUSH EAX ;ASCII "3JX667WQ"
005EF217 .E8 D803FFFF CALL <JMP.&PunUnitLib.GetRegPass>
005EF21C .8BD0 MOV EDX,EAX ;EAX=ASCII "CA9D-1575-36Q8-7363"
005EF21E .8D45 F8 LEA EAX,DWORD PTR SS:
005EF221 .E8 EA5AE1FF CALL DepotMan.00404D10
005EF226 .8D55 DC LEA EDX,DWORD PTR SS:
005EF229 .8B45 FC MOV EAX,DWORD PTR SS:
005EF22C .8B80 FC020000 MOV EAX,DWORD PTR DS:
005EF232 .E8 A5FDE5FF CALL DepotMan.0044EFDC
005EF237 .8B45 DC MOV EAX,DWORD PTR SS: ;试练码
005EF23A .8D55 E0 LEA EDX,DWORD PTR SS:
005EF23D .E8 E6A4E1FF CALL DepotMan.00409728
005EF242 .8B45 E0 MOV EAX,DWORD PTR SS: ;试练码
005EF245 .8B55 F8 MOV EDX,DWORD PTR SS: ;注册码
005EF248 .E8 CF5CE1FF CALL DepotMan.00404F1C
005EF24D .0F85 FE000000 JNZ DepotMan.005EF351 ;关键跳
005EF253 .33C0 XOR EAX,EAX
005EF255 .55 PUSH EBP
005EF256 .68 3DF35E00 PUSH DepotMan.005EF33D
005EF25B .64:FF30 PUSH DWORD PTR FS:
005EF25E .64:8920 MOV DWORD PTR FS:,ESP
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
进入CALL 005EF217 //根据机器码算出注册码,没有详细跟
003E9033 53 PUSH EBX
003E9034 56 PUSH ESI
003E9035 33C0 XOR EAX,EAX
003E9037 55 PUSH EBP
003E9038 68 F2913E00 PUSH PunUnitL.003E91F2
003E903D 64:FF30 PUSH DWORD PTR FS:
003E9040 64:8920 MOV DWORD PTR FS:,ESP
003E9043 8D45 EC LEA EAX,DWORD PTR SS:
003E9046 E8 65B5F8FF CALL PunUnitL.003745B0
003E904B 8D45 F0 LEA EAX,DWORD PTR SS:
003E904E 8B55 08 MOV EDX,DWORD PTR SS: ; 机器码
003E9051 E8 4AB7F8FF CALL PunUnitL.003747A0
003E9056 8B45 F0 MOV EAX,DWORD PTR SS: ; 机器码
003E9059 E8 0AB8F8FF CALL PunUnitL.00374868
003E905E 8BF0 MOV ESI,EAX
003E9060 85F6 TEST ESI,ESI
003E9062 7E 26 JLE SHORT PunUnitL.003E908A
003E9064 BB 01000000 MOV EBX,1
003E9069 8D4D E8 LEA ECX,DWORD PTR SS:
003E906C 8B45 F0 MOV EAX,DWORD PTR SS: ; 机器码
003E906F 0FB64418 FF MOVZX EAX,BYTE PTR DS: ; 3 j
003E9074 33D2 XOR EDX,EDX
003E9076 E8 F905F9FF CALL PunUnitL.00379674
003E907B 8B55 E8 MOV EDX,DWORD PTR SS: ; 33
003E907E 8D45 FC LEA EAX,DWORD PTR SS:
003E9081 E8 EAB7F8FF CALL PunUnitL.00374870
003E9086 43 INC EBX
003E9087 4E DEC ESI
003E9088^ 75 DF JNZ SHORT PunUnitL.003E9069 ; 抓机器码算半天
003E908A 8B45 FC MOV EAX,DWORD PTR SS: ;(ASCII "334A583636375751")字符串转为16进制数
003E908D E8 D6B7F8FF CALL PunUnitL.00374868
003E9092 8BF0 MOV ESI,EAX
003E9094 85F6 TEST ESI,ESI
003E9096 7E 2C JLE SHORT PunUnitL.003E90C4
003E9098 BB 01000000 MOV EBX,1
003E909D 8B45 FC MOV EAX,DWORD PTR SS:
003E90A0 E8 C3B7F8FF CALL PunUnitL.00374868
003E90A5 2BC3 SUB EAX,EBX
003E90A7 8B55 FC MOV EDX,DWORD PTR SS:
003E90AA 8A1402 MOV DL,BYTE PTR DS:
003E90AD 8D45 E4 LEA EAX,DWORD PTR SS:
003E90B0 E8 DBB6F8FF CALL PunUnitL.00374790
003E90B5 8B55 E4 MOV EDX,DWORD PTR SS:
003E90B8 8D45 F8 LEA EAX,DWORD PTR SS:
003E90BB E8 B0B7F8FF CALL PunUnitL.00374870
003E90C0 43 INC EBX
003E90C1 4E DEC ESI
003E90C2^ 75 D9 JNZ SHORT PunUnitL.003E909D ; 又把机器码16进制数算半天
003E90C4 8D45 FC LEA EAX,DWORD PTR SS:
003E90C7 50 PUSH EAX
003E90C8 B9 04000000 MOV ECX,4
003E90CD BA 01000000 MOV EDX,1
003E90D2 8B45 F8 MOV EAX,DWORD PTR SS: ; (ASCII "157573636385A433")数倒过来了
003E90D5 E8 E6B9F8FF CALL PunUnitL.00374AC0
003E90DA 8D45 F8 LEA EAX,DWORD PTR SS:
003E90DD 50 PUSH EAX
003E90DE B9 04000000 MOV ECX,4
003E90E3 BA 05000000 MOV EDX,5
003E90E8 8B45 F8 MOV EAX,DWORD PTR SS: ; ASCII "157573636385A433")
003E90EB E8 D0B9F8FF CALL PunUnitL.00374AC0
003E90F0 8B45 FC MOV EAX,DWORD PTR SS: ; 取前4位(ASCII "1575")
003E90F3 E8 70B7F8FF CALL PunUnitL.00374868
003E90F8 83F8 04 CMP EAX,4
003E90FB 7D 2F JGE SHORT PunUnitL.003E912C
003E90FD 8B45 FC MOV EAX,DWORD PTR SS:
003E9100 E8 63B7F8FF CALL PunUnitL.00374868
003E9105 8BD8 MOV EBX,EAX
003E9107 83FB 03 CMP EBX,3
003E910A 7F 20 JG SHORT PunUnitL.003E912C
003E910C 8D4D E0 LEA ECX,DWORD PTR SS:
003E910F 8BC3 MOV EAX,EBX
003E9111 C1E0 02 SHL EAX,2
003E9114 33D2 XOR EDX,EDX
003E9116 E8 5905F9FF CALL PunUnitL.00379674
003E911B 8B55 E0 MOV EDX,DWORD PTR SS:
003E911E 8D45 FC LEA EAX,DWORD PTR SS:
003E9121 E8 4AB7F8FF CALL PunUnitL.00374870
003E9126 43 INC EBX
003E9127 83FB 04 CMP EBX,4
003E912A^ 75 E0 JNZ SHORT PunUnitL.003E910C
003E912C 8B45 F8 MOV EAX,DWORD PTR SS: ; 第5到8位(ASCII "7363")
003E912F E8 34B7F8FF CALL PunUnitL.00374868
003E9134 83F8 04 CMP EAX,4
003E9137 7D 2F JGE SHORT PunUnitL.003E9168
003E9139 8B45 F8 MOV EAX,DWORD PTR SS:
003E913C E8 27B7F8FF CALL PunUnitL.00374868
003E9141 8BD8 MOV EBX,EAX
003E9143 83FB 03 CMP EBX,3
003E9146 7F 20 JG SHORT PunUnitL.003E9168
003E9148 8D4D DC LEA ECX,DWORD PTR SS:
003E914B 8BC3 MOV EAX,EBX
003E914D C1E0 02 SHL EAX,2
003E9150 33D2 XOR EDX,EDX
003E9152 E8 1D05F9FF CALL PunUnitL.00379674
003E9157 8B55 DC MOV EDX,DWORD PTR SS:
003E915A 8D45 F8 LEA EAX,DWORD PTR SS:
003E915D E8 0EB7F8FF CALL PunUnitL.00374870
003E9162 43 INC EBX
003E9163 83FB 04 CMP EBX,4
003E9166^ 75 E0 JNZ SHORT PunUnitL.003E9148
003E9168 8D45 D8 LEA EAX,DWORD PTR SS:
003E916B 8B55 0C MOV EDX,DWORD PTR SS: ;ASCII "CA9D-36Q8"
003E916E E8 2DB6F8FF CALL PunUnitL.003747A0
003E9173 8B45 D8 MOV EAX,DWORD PTR SS: ;ASCII "CA9D-36Q8"
003E9176 8D55 F4 LEA EDX,DWORD PTR SS:
003E9179 E8 DE03F9FF CALL PunUnitL.0037955C
003E917E 8D45 D4 LEA EAX,DWORD PTR SS:
003E9181 50 PUSH EAX
003E9182 B9 04000000 MOV ECX,4
003E9187 BA 01000000 MOV EDX,1
003E918C 8B45 F4 MOV EAX,DWORD PTR SS: ;ASCII "CA9D-36Q8"
003E918F E8 2CB9F8FF CALL PunUnitL.00374AC0
003E9194 FF75 D4 PUSH DWORD PTR SS: ; "CA9D
003E9197 68 0C923E00 PUSH PunUnitL.003E920C
003E919C FF75 FC PUSH DWORD PTR SS: ; “1575”
003E919F 8D45 D0 LEA EAX,DWORD PTR SS:
003E91A2 50 PUSH EAX
003E91A3 B9 05000000 MOV ECX,5
003E91A8 BA 05000000 MOV EDX,5
003E91AD 8B45 F4 MOV EAX,DWORD PTR SS: ;ASCII "CA9D-36Q8"
003E91B0 E8 0BB9F8FF CALL PunUnitL.00374AC0
003E91B5 FF75 D0 PUSH DWORD PTR SS: ; "-36Q8"
003E91B8 68 0C923E00 PUSH PunUnitL.003E920C
003E91BD FF75 F8 PUSH DWORD PTR SS: ; “7363”
003E91C0 8D45 EC LEA EAX,DWORD PTR SS:
003E91C3 BA 06000000 MOV EDX,6
003E91C8 E8 5BB7F8FF CALL PunUnitL.00374928
003E91CD 8B45 EC MOV EAX,DWORD PTR SS: ; 注册码出来了EAX=00AF2508, (ASCII "CA9D-1575-36Q8-7363")
003E91D0 E8 8BB8F8FF CALL PunUnitL.00374A60
003E91D5 8BD8 MOV EBX,EAX ; EAX=00AF2508, (ASCII "CA9D-1575-36Q8-7363")
003E91D7 33C0 XOR EAX,EAX
003E91D9 5A POP EDX
003E91DA 59 POP ECX
003E91DB 59 POP ECX
003E91DC 64:8910 MOV DWORD PTR FS:,EDX
003E91DF 68 F9913E00 PUSH PunUnitL.003E91F9
003E91E4 8D45 D0 LEA EAX,DWORD PTR SS:
003E91E7 BA 0C000000 MOV EDX,0C
003E91EC E8 E3B3F8FF CALL PunUnitL.003745D4
003E91F1 C3 RETN
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
进入CALL 005EF248 //验证试练码是否正确
00404F1C/$53 PUSH EBX
00404F1D|.56 PUSH ESI
00404F1E|.57 PUSH EDI
00404F1F|.89C6 MOV ESI,EAX
00404F21|.89D7 MOV EDI,EDX
00404F23|.39D0 CMP EAX,EDX ;经典比较
00404F25|.0F84 8F000000 JE DepotMan.00404FBA ;试练码和注册码相等就跳
00404F2B|.85F6 TEST ESI,ESI
00404F2D|.74 68 JE SHORT DepotMan.00404F97 ;试练码为空就跳
00404F2F|.85FF TEST EDI,EDI
00404F31|.74 6B JE SHORT DepotMan.00404F9E ;注册码为空就跳
00404F33|.8B46 FC MOV EAX,DWORD PTR DS: ;试练码的位数
00404F36|.8B57 FC MOV EDX,DWORD PTR DS: ;注册码的位数
00404F39|.29D0 SUB EAX,EDX ;注册码位数减试练码位数
00404F3B|.77 02 JA SHORT DepotMan.00404F3F ;大于就跳
00404F3D|.01C2 ADD EDX,EAX ;EDX加EAX
00404F3F|>52 PUSH EDX ;EDX入栈
00404F40|.C1EA 02 SHR EDX,2 ;EDX右移2,原EDX16进制是9等于二进制1001,右移二位就变
成二进制10等于16进制2
00404F43|.74 26 JE SHORT DepotMan.00404F6B ;EDX为空就跳
00404F45|>8B0E /MOV ECX,DWORD PTR DS: ;试练码前四位压进ECX,栈的原理是先进后出,先进的在后面
00404F47|.8B1F |MOV EBX,DWORD PTR DS: ;注册码前四位压进EBX
00404F49|.39D9 |CMP ECX,EBX
00404F4B|.75 58 |JNZ SHORT DepotMan.00404FA5 ;比较前四位是否相等,不等则跳
00404F4D|.4A |DEC EDX ;EDX减1
00404F4E|.74 15 |JE SHORT DepotMan.00404F65 ;????这里不懂做什么
00404F50|.8B4E 04 |MOV ECX,DWORD PTR DS: ;试练码下四位移进ECX
00404F53|.8B5F 04 |MOV EBX,DWORD PTR DS: ;注册码下四位移进EBX
00404F56|.39D9 |CMP ECX,EBX ;比较是否相等
00404F58|.75 4B |JNZ SHORT DepotMan.00404FA5 ;不等则跳
00404F5A|.83C6 08 |ADD ESI,8 ;试练码加8
00404F5D|.83C7 08 |ADD EDI,8 ;注册码加8,结果是去掉了前面的8个字符
00404F60|.4A |DEC EDX ;EDX减1
00404F61|.^ 75 E2 \JNZ SHORT DepotMan.00404F45 ;如果EDX还有数的话再跳回头比较
00404F63|.EB 06 JMP SHORT DepotMan.00404F6B
00404F65|>83C6 04 ADD ESI,4
00404F68|.83C7 04 ADD EDI,4
00404F6B|>5A POP EDX ;EDX出栈,进去时是什么出来就是什么,不管它进去做了什么
00404F6C|.83E2 03 AND EDX,3 ;EDX和3做与比较就是1001和11做与比较,结果为1
00404F6F|.74 22 JE SHORT DepotMan.00404F93 ;等就跳
00404F71|.8B0E MOV ECX,DWORD PTR DS: ;ESI双字节移动到ECX
00404F73|.8B1F MOV EBX,DWORD PTR DS: ;EDI双字节移动到EBX
00404F75|.38D9 CMP CL,BL ;比较ECX和EBX的低位
00404F77|.75 41 JNZ SHORT DepotMan.00404FBA ;不等则跳,这里跳
00404F79|.4A DEC EDX ;EDX减1
00404F7A|.74 17 JE SHORT DepotMan.00404F93 ;为0则跳
00404F7C|.38FD CMP CH,BH ;比较ECX和EBX的高位
00404F7E|.75 3A JNZ SHORT DepotMan.00404FBA ;不等则跳
00404F80|.4A DEC EDX ;EDX减1
00404F81|.74 10 JE SHORT DepotMan.00404F93 ;为0就跳
00404F83|.81E3 0000FF00 AND EBX,0FF0000 ;EBX和0FF0000做与比较
00404F89|.81E1 0000FF00 AND ECX,0FF0000 ;ECX和0FF0000做与较
00404F8F|.39D9 CMP ECX,EBX ;比较ECX和EBX
00404F91|.75 27 JNZ SHORT DepotMan.00404FBA ;不等则跳
00404F93|>01C0 ADD EAX,EAX ;EAX做与运算
00404F95|.EB 23 JMP SHORT DepotMan.00404FBA ;走啰,结束CALL
00404F97|>8B57 FC MOV EDX,DWORD PTR DS:
00404F9A|.29D0 SUB EAX,EDX
00404F9C|.EB 1C JMP SHORT DepotMan.00404FBA
00404F9E|>8B46 FC MOV EAX,DWORD PTR DS:
00404FA1|.29D0 SUB EAX,EDX
00404FA3|.EB 15 JMP SHORT DepotMan.00404FBA
00404FA5|>5A POP EDX
00404FA6|.38D9 CMP CL,BL
00404FA8|.75 10 JNZ SHORT DepotMan.00404FBA
00404FAA|.38FD CMP CH,BH
00404FAC|.75 0C JNZ SHORT DepotMan.00404FBA
00404FAE|.C1E9 10 SHR ECX,10
00404FB1|.C1EB 10 SHR EBX,10
00404FB4|.38D9 CMP CL,BL
00404FB6|.75 02 JNZ SHORT DepotMan.00404FBA
00404FB8|.38FD CMP CH,BH
00404FBA|>5F POP EDI
00404FBB|.5E POP ESI
00404FBC|.5B POP EBX
00404FBD\.C3 RETN
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 都 是强人 ! 呵呵,学习了!!!!! 晕,4楼强人 还可以
继续努力吧。。。
页:
[1]