- UID
- 66309
注册时间2010-5-1
阅读权限95
最后登录1970-1-1
超级版主
  
TA的每日心情 | 开心
2019-3-25 14:18 |
|---|
签到天数: 881 天 [LV.10]以坛为家III
|
1、软件没有加壳;
2、字符串切入关键点
3、算法简单,主要是为了学写注册机;
4、算法分析代码:
- 004A833E |. 8945 F8 mov dword ptr ss:[ebp-0x8],eax
- 004A8341 |. 8B45 FC mov eax,dword ptr ss:[ebp-0x4] ; (ASCII "ChinaPYG")
- 004A8344 |. E8 CBC4F5FF call Colorsch.00404814 ; 计算注册名长度
- 004A8349 |. 8BF0 mov esi,eax
- 004A834B |. 85F6 test esi,esi
- 004A834D |. 7E 17 jle short Colorsch.004A8366
- 004A834F |. BB 01000000 mov ebx,0x1 ; ebx初始化为1
- 004A8354 |> 8B45 FC /mov eax,dword ptr ss:[ebp-0x4] ; (ASCII "ChinaPYG")
- 004A8357 |. 0FB64418 FF |movzx eax,byte ptr ds:[eax+ebx-0x1] ; 依次取注册名的每一位,AS入eax
- 004A835C |. C1E0 10 |shl eax,0x10 ; 左移动0x10=16位
- 004A835F |. 0145 F8 |add dword ptr ss:[ebp-0x8],eax ; 累加和入[ebp-0x8]=02D30000
- 004A8362 |. 43 |inc ebx
- 004A8363 |. 4E |dec esi
- 004A8364 |.^ 75 EE \jnz short Colorsch.004A8354
- 004A8366 |> 8D55 EC lea edx,dword ptr ss:[ebp-0x14]
- 004A8369 |. 8B45 F8 mov eax,dword ptr ss:[ebp-0x8] ; 累加和=02D30000
- 004A836C |. E8 B302F6FF call Colorsch.00408624 ; 16进制转10进制,0x02D30000 转为 "47382528"
- 004A8371 |. 8B45 FC mov eax,dword ptr ss:[ebp-0x4] ; (ASCII "ChinaPYG")
- 004A8374 |. E8 9BC4F5FF call Colorsch.00404814 ; 计算注册名长度
- 004A8379 |. 8BF0 mov esi,eax
- 004A837B |. 85F6 test esi,esi
- 004A837D |. 7E 59 jle short Colorsch.004A83D8
- 004A837F |. BB 01000000 mov ebx,0x1 ; ebx初始化为1
- 004A8384 |> 8B45 FC /mov eax,dword ptr ss:[ebp-0x4] ; (ASCII "ChinaPYG")
- 004A8387 |. 0FB64418 FF |movzx eax,byte ptr ds:[eax+ebx-0x1] ; 依次取注册名的每一位,AS入eax
- 004A838C |. B9 09000000 |mov ecx,0x9 ; 0x9入ecx
- 004A8391 |. 33D2 |xor edx,edx ; edx清零
- 004A8393 |. F7F1 |div ecx ; 注册名每个字符AS与0x9取余
- 004A8395 |. 8955 F4 |mov dword ptr ss:[ebp-0xC],edx
- 004A8398 |. 8D45 E8 |lea eax,dword ptr ss:[ebp-0x18]
- 004A839B |. 8B55 EC |mov edx,dword ptr ss:[ebp-0x14] ; (ASCII "47382528")
- 004A839E |. 8A541A FF |mov dl,byte ptr ds:[edx+ebx-0x1] ; 依次取字符串(ASCII "47382528")的每一位AS值入dl
- 004A83A2 |. E8 95C3F5FF |call Colorsch.0040473C ; 猜是A码转U码
- 004A83A7 |. 8B45 E8 |mov eax,dword ptr ss:[ebp-0x18]
- 004A83AA |. E8 B103F6FF |call Colorsch.00408760
- 004A83AF |. 8945 F0 |mov dword ptr ss:[ebp-0x10],eax ; eax= ,7,3,8,
- 004A83B2 |. 8B45 F4 |mov eax,dword ptr ss:[ebp-0xC] ; 余数入eax
- 004A83B5 |. 0345 F0 |add eax,dword ptr ss:[ebp-0x10] ; 注册名对应位AS值与0x9的余数+字符(ASCII "47382528")对应位数字
- 004A83B8 |. B9 09000000 |mov ecx,0x9
- 004A83BD |. 99 |cdq
- 004A83BE |. F7F9 |idiv ecx ; 和取余
- 004A83C0 |. 8BC2 |mov eax,edx ; 余数入eax= 8,3,0,1,0,4,1,7
- 004A83C2 |. 8D55 E4 |lea edx,dword ptr ss:[ebp-0x1C]
- 004A83C5 |. E8 5A02F6FF |call Colorsch.00408624 ; 猜是A码转U码
- 004A83CA |. 8B55 E4 |mov edx,dword ptr ss:[ebp-0x1C] ; U码 8,3,0,1,0,4,1,7
- 004A83CD |. 8BC7 |mov eax,edi
- 004A83CF |. E8 48C4F5FF |call Colorsch.0040481C ;
- 004A83D4 |. 43 |inc ebx
- 004A83D5 |. 4E |dec esi
- 004A83D6 |.^ 75 AC \jnz short Colorsch.004A8384
- 004A83D8 |> 68 48844A00 push Colorsch.004A8448 ; CS3
- 004A83DD |. 8D45 E0 lea eax,dword ptr ss:[ebp-0x20]
- 004A83E0 |. 50 push eax
- 004A83E1 |. B9 05000000 mov ecx,0x5 ; 取的位数为5
- 004A83E6 |. BA 02000000 mov edx,0x2 ; 从第二位开始取
- 004A83EB |. 8B45 EC mov eax,dword ptr ss:[ebp-0x14] ; (ASCII "47382528")
- 004A83EE |. E8 81C6F5FF call Colorsch.00404A74 ; 截取字符串
- 004A83F3 |. FF75 E0 push dword ptr ss:[ebp-0x20] ; (ASCII "73825")
- 004A83F6 |. 8D45 DC lea eax,dword ptr ss:[ebp-0x24]
- 004A83F9 |. 50 push eax
- 004A83FA |. 8B07 mov eax,dword ptr ds:[edi] ; (ASCII "83010417") 余数组成的字符串
- 004A83FC |. B9 08000000 mov ecx,0x8 ; 取的长度为8位
- 004A8401 |. 33D2 xor edx,edx ; 从第0们开始取
- 004A8403 |. E8 6CC6F5FF call Colorsch.00404A74
- 004A8408 |. FF75 DC push dword ptr ss:[ebp-0x24] ; (ASCII "83010417")
- 004A840B |. 8BC7 mov eax,edi ; (ASCII "83010417")
- 004A840D |. BA 03000000 mov edx,0x3
5、注册机源代码:
- using System;
- using System.Collections.Generic;
- using System.ComponentModel;
- using System.Data;
- using System.Drawing;
- using System.Linq;
- using System.Text;
- using System.Threading.Tasks;
- using System.Windows.Forms;
- namespace Color_Schemer_v3
- {
- public partial class Form1 : Form
- {
- public Form1()
- {
- InitializeComponent();
- }
- private void btnKeyGen_Click(object sender, EventArgs e)
- {
- if (txtName.Text.Trim().Length == 8)
- {
- //计算第一段注册码
- string ordName = txtName.Text.Trim();
- int sum = 0;
- int i = 0;
- int ASCIICode = 0;
- double number1;
- string str = "CS3";
- for (i = 0; i < txtName.Text.Length; i++)
- {
- ASCIICode = (int)ordName[i];
- sum += ASCIICode; //723
- }
- number1 = Math.Pow(2, 16) * sum; //左移动0x10即16位,2的16次方;用10进制直接计算(10进制:47382528)
-
- txtKey1.Text = str + (number1.ToString()).Substring(1, 5);
- //计算第二段注册码
- int MODNum = 0;
- string txtKey = "";
- int p;
- for (i = 0; i < txtName.Text.Length; i++)
- {
- MODNum = (int)ordName[i] % 9;
- int k = Convert.ToInt32((number1.ToString()[i]).ToString());
- int number = (MODNum + k) % 9;
- txtKey += number.ToString();
- }
- txtKey2.Text = txtKey;
- }
- else
- {
- txtName.SelectAll(); //输入位数错误时选中框中的内容
- txtName.Focus(); //让输入框获得焦点
- MessageBox.Show("你输入的字符串位数错误,请输入8位字符串", "错误提示");
- }
- }
- private void txtName_TextChanged(object sender, EventArgs e)
- {
- txtKey1.Text = ""; //注册名修改清空注册码框
- txtKey2.Text = "";
- }
- private void linkPYG_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
- {
- System.Diagnostics.Process.Start("[url=https://www.chinapyg.com]https://www.chinapyg.com[/url]");
- }
- private void txtName_DoubleClick(object sender, EventArgs e)
- {
- if (txtName.Text.Length == 8)
- {
- Clipboard.SetText(txtName.Text);
- labCopy.Visible = true;
- labCopy.Text = "注册名复制成功";
- }
- }
- private void txtKey1_DoubleClick(object sender, EventArgs e)
- {
- if (txtKey1.Text.Length == 8)
- {
- Clipboard.SetText(txtKey1.Text);
- labCopy.Visible = true;
- labCopy.Text = "第一段复制成功";
- }
- }
- private void txtKey2_DoubleClick(object sender, EventArgs e)
- {
- if (txtKey2.Text.Length == 8)
- {
- Clipboard.SetText(txtKey2.Text);
- labCopy.Visible = true;
- labCopy.Text = "第二段复制成功";
- }
- }
- private void Form1_Load(object sender, EventArgs e)
- {
- labCopy.Visible = false;
- }
- private void txtName_TextChanged_1(object sender, EventArgs e)
- {
- txtKey1.Text = "";
- txtKey2.Text = "";
- labCopy.Visible = false;
- }
- private void txtName_MouseLeave(object sender, EventArgs e)
- {
- labCopy.Visible = false;
- }
- }
- }
Color Schemer v3注册机源代码.rar
(110.85 KB, 下载次数: 28)
|
评分
-
查看全部评分
|
IP卡
发表于 2015-8-14 09:43:22
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2015-8-14 10:19:45
楼主
发表于 2015-8-14 11:27:18
