Color Schemer v3 算法分析+注册机源代码
1、软件没有加壳;2、字符串切入关键点
3、算法简单,主要是为了学写注册机;
4、算法分析代码:
004A833E|.8945 F8 mov dword ptr ss:,eax
004A8341|.8B45 FC mov eax,dword ptr ss: ;(ASCII "ChinaPYG")
004A8344|.E8 CBC4F5FF call Colorsch.00404814 ;计算注册名长度
004A8349|.8BF0 mov esi,eax
004A834B|.85F6 test esi,esi
004A834D|.7E 17 jle short Colorsch.004A8366
004A834F|.BB 01000000 mov ebx,0x1 ;ebx初始化为1
004A8354|>8B45 FC /mov eax,dword ptr ss: ;(ASCII "ChinaPYG")
004A8357|.0FB64418 FF |movzx eax,byte ptr ds: ;依次取注册名的每一位,AS入eax
004A835C|.C1E0 10 |shl eax,0x10 ;左移动0x10=16位
004A835F|.0145 F8 |add dword ptr ss:,eax ;累加和入=02D30000
004A8362|.43 |inc ebx
004A8363|.4E |dec esi
004A8364|.^ 75 EE \jnz short Colorsch.004A8354
004A8366|>8D55 EC lea edx,dword ptr ss:
004A8369|.8B45 F8 mov eax,dword ptr ss: ;累加和=02D30000
004A836C|.E8 B302F6FF call Colorsch.00408624 ;16进制转10进制,0x02D30000 转为 "47382528"
004A8371|.8B45 FC mov eax,dword ptr ss: ;(ASCII "ChinaPYG")
004A8374|.E8 9BC4F5FF call Colorsch.00404814 ;计算注册名长度
004A8379|.8BF0 mov esi,eax
004A837B|.85F6 test esi,esi
004A837D|.7E 59 jle short Colorsch.004A83D8
004A837F|.BB 01000000 mov ebx,0x1 ;ebx初始化为1
004A8384|>8B45 FC /mov eax,dword ptr ss: ;(ASCII "ChinaPYG")
004A8387|.0FB64418 FF |movzx eax,byte ptr ds: ;依次取注册名的每一位,AS入eax
004A838C|.B9 09000000 |mov ecx,0x9 ;0x9入ecx
004A8391|.33D2 |xor edx,edx ;edx清零
004A8393|.F7F1 |div ecx ;注册名每个字符AS与0x9取余
004A8395|.8955 F4 |mov dword ptr ss:,edx
004A8398|.8D45 E8 |lea eax,dword ptr ss:
004A839B|.8B55 EC |mov edx,dword ptr ss: ;(ASCII "47382528")
004A839E|.8A541A FF |mov dl,byte ptr ds: ;依次取字符串(ASCII "47382528")的每一位AS值入dl
004A83A2|.E8 95C3F5FF |call Colorsch.0040473C ;猜是A码转U码
004A83A7|.8B45 E8 |mov eax,dword ptr ss:
004A83AA|.E8 B103F6FF |call Colorsch.00408760
004A83AF|.8945 F0 |mov dword ptr ss:,eax ;eax= ,7,3,8,
004A83B2|.8B45 F4 |mov eax,dword ptr ss: ;余数入eax
004A83B5|.0345 F0 |add eax,dword ptr ss: ;注册名对应位AS值与0x9的余数+字符(ASCII "47382528")对应位数字
004A83B8|.B9 09000000 |mov ecx,0x9
004A83BD|.99 |cdq
004A83BE|.F7F9 |idiv ecx ;和取余
004A83C0|.8BC2 |mov eax,edx ;余数入eax= 8,3,0,1,0,4,1,7
004A83C2|.8D55 E4 |lea edx,dword ptr ss:
004A83C5|.E8 5A02F6FF |call Colorsch.00408624 ;猜是A码转U码
004A83CA|.8B55 E4 |mov edx,dword ptr ss: ;U码 8,3,0,1,0,4,1,7
004A83CD|.8BC7 |mov eax,edi
004A83CF|.E8 48C4F5FF |call Colorsch.0040481C ;
004A83D4|.43 |inc ebx
004A83D5|.4E |dec esi
004A83D6|.^ 75 AC \jnz short Colorsch.004A8384
004A83D8|>68 48844A00 push Colorsch.004A8448 ;CS3
004A83DD|.8D45 E0 lea eax,dword ptr ss:
004A83E0|.50 push eax
004A83E1|.B9 05000000 mov ecx,0x5 ;取的位数为5
004A83E6|.BA 02000000 mov edx,0x2 ;从第二位开始取
004A83EB|.8B45 EC mov eax,dword ptr ss: ;(ASCII "47382528")
004A83EE|.E8 81C6F5FF call Colorsch.00404A74 ;截取字符串
004A83F3|.FF75 E0 push dword ptr ss: ;(ASCII "73825")
004A83F6|.8D45 DC lea eax,dword ptr ss:
004A83F9|.50 push eax
004A83FA|.8B07 mov eax,dword ptr ds: ;(ASCII "83010417") 余数组成的字符串
004A83FC|.B9 08000000 mov ecx,0x8 ;取的长度为8位
004A8401|.33D2 xor edx,edx ;从第0们开始取
004A8403|.E8 6CC6F5FF call Colorsch.00404A74
004A8408|.FF75 DC push dword ptr ss: ;(ASCII "83010417")
004A840B|.8BC7 mov eax,edi ;(ASCII "83010417")
004A840D|.BA 03000000 mov edx,0x3
5、注册机源代码:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Color_Schemer_v3
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void btnKeygen_Click(object sender, EventArgs e)
{
if (txtName.Text.Trim().Length == 8)
{
//计算第一段注册码
string ordName = txtName.Text.Trim();
int sum = 0;
int i = 0;
int ASCIICode = 0;
double number1;
string str = "CS3";
for (i = 0; i < txtName.Text.Length; i++)
{
ASCIICode = (int)ordName;
sum += ASCIICode; //723
}
number1 = Math.Pow(2, 16) * sum; //左移动0x10即16位,2的16次方;用10进制直接计算(10进制:47382528)
txtKey1.Text = str + (number1.ToString()).Substring(1, 5);
//计算第二段注册码
int MODNum = 0;
string txtKey = "";
int p;
for (i = 0; i < txtName.Text.Length; i++)
{
MODNum = (int)ordName % 9;
int k = Convert.ToInt32((number1.ToString()).ToString());
int number = (MODNum + k) % 9;
txtKey += number.ToString();
}
txtKey2.Text = txtKey;
}
else
{
txtName.SelectAll(); //输入位数错误时选中框中的内容
txtName.Focus(); //让输入框获得焦点
MessageBox.Show("你输入的字符串位数错误,请输入8位字符串", "错误提示");
}
}
private void txtName_TextChanged(object sender, EventArgs e)
{
txtKey1.Text = ""; //注册名修改清空注册码框
txtKey2.Text = "";
}
private void linkPYG_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
System.Diagnostics.Process.Start("https://www.chinapyg.com");
}
private void txtName_DoubleClick(object sender, EventArgs e)
{
if (txtName.Text.Length == 8)
{
Clipboard.SetText(txtName.Text);
labCopy.Visible = true;
labCopy.Text = "注册名复制成功";
}
}
private void txtKey1_DoubleClick(object sender, EventArgs e)
{
if (txtKey1.Text.Length == 8)
{
Clipboard.SetText(txtKey1.Text);
labCopy.Visible = true;
labCopy.Text = "第一段复制成功";
}
}
private void txtKey2_DoubleClick(object sender, EventArgs e)
{
if (txtKey2.Text.Length == 8)
{
Clipboard.SetText(txtKey2.Text);
labCopy.Visible = true;
labCopy.Text = "第二段复制成功";
}
}
private void Form1_Load(object sender, EventArgs e)
{
labCopy.Visible = false;
}
private void txtName_TextChanged_1(object sender, EventArgs e)
{
txtKey1.Text = "";
txtKey2.Text = "";
labCopy.Visible = false;
}
private void txtName_MouseLeave(object sender, EventArgs e)
{
labCopy.Visible = false;
}
}
}
膜拜又一个算法牛的出现。。。 厉害 , C#写的注册机吗 crackvip 发表于 2015-8-14 10:19
膜拜又一个算法牛的出现。。。
让ABC大神看笑话了
有时间带带一起玩啊
alexwang 发表于 2015-8-14 10:44
支持极客猫加油哦
谢谢王版支持
大家一起加油~
GeekCat 发表于 2015-8-14 10:47
让ABC大神看笑话了
有时间带带一起玩啊
极客猫童鞋,你把妹子看成猴子了{:soso_e120:} GC斑竹 加油。我有幸见证了一个算法牛的崛起 版务督察 发表于 2015-8-14 11:07
极客猫童鞋,你把妹子看成猴子了
{:soso_e118:}{:soso_e118:}
真看错了,之前妹子的ID是红色的啊~~~
在这说声妹子不好意思哦~~~~
膜拜又一个算法牛的出现。。。 Rooking 发表于 2015-8-14 14:04
膜拜又一个算法牛的出现。。。
R大我还在学走路哦~~
你早已健步如飞~~
页:
[1]
2