Computer Alarm Clock V2.2 算法分析 + 注册机源代码
本帖最后由 GeekCat 于 2015-8-18 15:24 编辑1、软件没有加壳;
2、字符串查找、工具找按键事件切入关键点
3、软柿子算法简单,主要是为了学写注册机;
4、请不要用中文名注册会失败的,你问为什么啊~~~~,我是刚学会简单C#语法的小菜中文还不会玩,希望懂的教我一下,先谢过了~~
5、算法分析代码:
00483A9D|.8945 FC mov dword ptr ss:,eax
00483AA0|.837D F4 00 cmp dword ptr ss:,0x0 ;注册名不为空
00483AA4|.74 5B je short cac.00483B01
00483AA6|.8D4D EC lea ecx,dword ptr ss:
00483AA9|.BA 03000000 mov edx,0x3
00483AAE|.8B45 F0 mov eax,dword ptr ss: ;(ASCII "1234567890qwertyuiop")
00483AB1|.E8 024CFBFF call cac.004386B8
00483AB6|.8D8D 08FEFFFF lea ecx,dword ptr ss: ;取注册码前3位
00483ABC|.BA 0E000000 mov edx,0xE
00483AC1|.8B45 F0 mov eax,dword ptr ss: ;(ASCII "1234567890qwertyuiop")
00483AC4|.E8 EF4BFBFF call cac.004386B8 ;取注册码前14位
00483AC9|.8B85 08FEFFFF mov eax,dword ptr ss: ;(ASCII "1234567890qwer")注册码前14位
00483ACF|.8D4D E8 lea ecx,dword ptr ss:
00483AD2|.BA 02000000 mov edx,0x2
00483AD7|.E8 F84BFBFF call cac.004386D4 ;前14位中的后两位“er”即注册码13、14两位
00483ADC|.8B45 F4 mov eax,dword ptr ss: ;(ASCII "GeekCat921")
00483ADF|.E8 B40FF8FF call cac.00404A98 ;计算注册名长度
00483AE4|.85C0 test eax,eax
00483AE6|.7E 19 jle short cac.00483B01
00483AE8|.BA 01000000 mov edx,0x1 ;edx初始化为1
00483AED|>8B4D F4 /mov ecx,dword ptr ss: ;(ASCII "GeekCat921")
00483AF0|.8A4C11 FF |mov cl,byte ptr ds: ;依次取注册名的每一位AS值入cl
00483AF4|.81E1 FF000000 |and ecx,0xFF ;高24位清零
00483AFA|.014D FC |add dword ptr ss:,ecx ;累加和入=0x330
00483AFD|.42 |inc edx
00483AFE|.48 |dec eax
00483AFF|.^ 75 EC \jnz short cac.00483AED
00483B01|>8D55 F4 lea edx,dword ptr ss: ;(ASCII "GeekCat921")
00483B04|.8B45 FC mov eax,dword ptr ss: ;0x330
00483B07|.E8 A052F8FF call cac.00408DAC ;16进制转10进制
00483B0C|.8D4D E4 lea ecx,dword ptr ss:
00483B0F|.BA 01000000 mov edx,0x1
00483B14|.8B45 F4 mov eax,dword ptr ss: ;累加和0x330=(ASCII "816")
00483B17|.E8 B84BFBFF call cac.004386D4 ;取累加10进制的最后一位
00483B1C|.8D4D E0 lea ecx,dword ptr ss:
00483B1F|.BA 01000000 mov edx,0x1
00483B24|.8B45 F4 mov eax,dword ptr ss: ;累加和0x330=(ASCII "816")
00483B27|.E8 8C4BFBFF call cac.004386B8 ;取累加10进制的第一位
00483B2C|.8D8D 04FEFFFF lea ecx,dword ptr ss:
00483B32|.BA 04000000 mov edx,0x4
00483B37|.8B45 F0 mov eax,dword ptr ss: ;(ASCII "1234567890qwertyuiop")
00483B3A|.E8 794BFBFF call cac.004386B8 ;取注册码的前4位
00483B3F|.8B85 04FEFFFF mov eax,dword ptr ss: ;(ASCII "1234")
00483B45|.8D4D DC lea ecx,dword ptr ss:
00483B48|.BA 01000000 mov edx,0x1
00483B4D|.E8 824BFBFF call cac.004386D4 ;取注册码前四位的最后一位,即第4位
00483B52|.8D8D 00FEFFFF lea ecx,dword ptr ss:
00483B58|.BA 09000000 mov edx,0x9
00483B5D|.8B45 F0 mov eax,dword ptr ss: ;(ASCII "1234567890qwertyuiop")
00483B60|.E8 534BFBFF call cac.004386B8 ;取注册码的前9位
00483B65|.8B85 00FEFFFF mov eax,dword ptr ss:
00483B6B|.8D4D D8 lea ecx,dword ptr ss:
00483B6E|.BA 01000000 mov edx,0x1
00483B73|.E8 5C4BFBFF call cac.004386D4 ;取注册码前9位的最后一位,即第9位
00483B78|.C683 38040000>mov byte ptr ds:,0x0
00483B7F|.8B45 E4 mov eax,dword ptr ss: ;(UNICODE "6")累加和10进制的最后一位
00483B82|.8B55 DC mov edx,dword ptr ss: ;(UNICODE "4")注册码的第4位
00483B85|.E8 5210F8FF call cac.00404BDC ;累加和的10进制最后一位与注册的第4位
00483B8A|.75 32 jnz short cac.00483BBE
00483B8C|.8B45 E0 mov eax,dword ptr ss: ;取累加10进制的第1位“8”
00483B8F|.8B55 D8 mov edx,dword ptr ss: ;取注册码第9位"9"
00483B92|.E8 4510F8FF call cac.00404BDC ;累加和的10进制第1位与注册的第9位相等
00483B97|.75 25 jnz short cac.00483BBE
00483B99|.8B45 EC mov eax,dword ptr ss: ;注册码前3位(ASCII "123")
00483B9C|.BA 243C4800 mov edx,cac.00483C24 ;e3k
00483BA1|.E8 3610F8FF call cac.00404BDC ;注册码前三位跟“e3k”相等
00483BA6|.75 16 jnz short cac.00483BBE
00483BA8|.8B45 E8 mov eax,dword ptr ss: ;注册码13、14两位“er”
00483BAB|.BA 303C4800 mov edx,cac.00483C30 ;n3
00483BB0|.E8 2710F8FF call cac.00404BDC ;注册码13、14两位跟“n3”相等
00483BB5|.75 07 jnz short cac.00483BBE
00483BB7|.C683 38040000>mov byte ptr ds:,0x1
6、算法总结:
1、注册名每个字符AS值累加,累加值16转10进制
2、注册码的第4位为累加值16转10进制后的个位
3、注册码的第9位为累加值16转10进制后的第1位
4、注册码的前3位必需为“e3k”
5、注册码的前13、14两位必需为“n3”
7、注册机源代码:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Computer_Alarm_Clock
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void btnKeygen_Click(object sender, EventArgs e)
{
if (txtName.Text.Trim() != "")
{
string str123 = "e3k";
string str1314 = "n3";
int total = 0;
for (int i = 0; i < txtName.Text.Trim().Length; i++)
{
total = total + Convert.ToInt32(txtName.Text.Trim());
}
string fourStr = (total % 10).ToString(); //注册码第4位
string nineStr = (total.ToString()).Substring(0, 1);//注册码第9位
Random randomKey = new Random();
string randomFour = randomKey.Next(1000, 9999).ToString();//注册码5至8位
string randomThree = randomKey.Next(100, 999).ToString(); //注册码的10至12位
string Key = str123 + fourStr + randomFour + nineStr + randomThree + str1314;
txtKey.Text = Key;
labCopy.Visible = true;
labCopy.Text = "注册码复制成功";
}
else
{
MessageBox.Show("请输入你的注册名", "错误", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private void Form1_Load(object sender, EventArgs e)
{
labCopy.Visible = false;
}
private void linkPYG_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
System.Diagnostics.Process.Start("https://www.chinapyg.com");
}
private void txtName_TextChanged(object sender, EventArgs e)
{
labCopy.Visible = false; //订单号修改“复制成功”隐藏
txtKey.Text = ""; //订单号修改清空注册码框
}
private void txtName_MouseLeave(object sender, EventArgs e)
{
labCopy.Visible = false;
}
private void txtName_DoubleClick(object sender, EventArgs e)
{
if (txtName.Text != "")
{
Clipboard.SetText(txtName.Text);
labCopy.Visible = true;
labCopy.Text = "注册名复制成功";
}
}
private void txtKey_DoubleClick(object sender, EventArgs e)
{
if (txtKey.Text != "")
{
Clipboard.SetText(txtKey.Text);
labCopy.Visible = true;
labCopy.Text = "注册码复制成功";
}
}
}
}
坐着沙发,前排学习 见证又一算法牛的崛起。 这是算法帝的节奏么 {:victory:} wgz001 发表于 2015-8-18 20:41
这是算法帝的节奏么
软柿子哦,你们都不想搞了,我只能玩这个了~~
很不错,分析到位。 C#这么给力啊。我还在玩我的C++ 哈哈,Geekcat大婶越来越给力,辛苦了收下学习了
页:
[1]