[Asm] 纯文本查看 复制代码
004544DA <keygenme1 | 8B C0 | MOV EAX,EAX |
004544DC | 55 | PUSH EBP |
004544DD | 8B EC | MOV EBP,ESP |
004544DF | 33 C9 | XOR ECX,ECX |
004544E1 | 51 | PUSH ECX |
004544E2 | 51 | PUSH ECX |
004544E3 | 51 | PUSH ECX |
004544E4 | 51 | PUSH ECX |
004544E5 | 51 | PUSH ECX |
004544E6 | 53 | PUSH EBX |
004544E7 | 56 | PUSH ESI | esi:"<BE"
004544E8 | 8B F0 | MOV ESI,EAX | esi:"<BE"
004544EA | 33 C0 | XOR EAX,EAX |
004544EC | 55 | PUSH EBP |
004544ED | 68 0F 46 45 00 | PUSH <keygenme1.sub_45460F> |
004544F2 | 64 FF 30 | PUSH DWORD PTR FS:[EAX] |
004544F5 | 64 89 20 | MOV DWORD PTR FS:[EAX],ESP |
004544F8 | 8D 55 F4 | LEA EDX,DWORD PTR SS:[EBP-C] | [ebp-C]:"chixiaojie"
004544FB | 8B 86 00 03 00 00 | MOV EAX,DWORD PTR DS:[ESI+300] |
00454501 | E8 BA D6 FD FF | CALL <keygenme1.sub_431BC0> |
00454506 | 8B 55 F4 | MOV EDX,DWORD PTR SS:[EBP-C] | [ebp-C]:"chixiaojie"
00454509 | 8B C6 | MOV EAX,ESI | esi:"<BE"
0045450B | 8B 08 | MOV ECX,DWORD PTR DS:[EAX] |
0045450D | FF 51 18 | CALL DWORD PTR DS:[ECX+18] |
00454510 | 8B 45 FC | MOV EAX,DWORD PTR SS:[EBP-4] |
00454513 | E8 F4 FB FA FF | CALL <keygenme1.sub_40410C> |
00454518 | 33 DB | XOR EBX,EBX |
0045451A | 8B 46 08 | MOV EAX,DWORD PTR DS:[ESI+8] | [esi+8]:"chixiaojie" <- 将用户名给 eax
0045451D | E8 EA FB FA FF | CALL <keygenme1.sub_40410C> |
00454522 | 85 C0 | TEST EAX,EAX |
00454524 | 7E 13 | JLE keygenme1.454539 |
00454526 | BA 01 00 00 00 | MOV EDX,1 | <- 设循环次数的初始值为1
0045452B | 8B 4E 08 | MOV ECX,DWORD PTR DS:[ESI+8] | <- [esi+8] 里存放着用户名传递给 ECX
0045452E | 0F B6 4C 11 FF | MOVZX ECX,BYTE PTR DS:[ECX+EDX-1] | <- 逐位获取用户名 ASCII
00454533 | 03 D9 | ADD EBX,ECX | <- EBX=EBX+ECX EBX初始值为0,用户名 ascii 的累加和
00454535 | 42 | INC EDX | <- 循环次数
00454536 | 48 | DEC EAX | <- 用户名长度递减,直到减完为止。
00454537 | 75 F2 | JNE keygenme1.45452B | <- 一直循环,直到完毕才执行下一步
00454539 | 83 C3 53 | ADD EBX,53 |
0045453C | 81 C3 2A C6 87 47 | ADD EBX,4787C62A |
00454542 | 8B C3 | MOV EAX,EBX | <- EAX = (用户名 ascii 累加和) + 53 + 0x4787C62A
00454544 | B9 19 00 00 00 | MOV ECX,19 | <- 设 ECX 初始值为 0x19
00454549 | 99 | CDQ | <- 将双字数据扩展为四字节,该指令先把edx的每一位置成eax的最高位(若eax>=0x80000000, 则edx=0xFFFFFFFF;若eax<0x80000000,则edx=0x00000000) ,再把edx扩展为eax的高位。
0045454A | F7 F9 | IDIV ECX | <- IDIV ECX 就是 EAX / ECX,商数放在 EAX,余数放在 EDX (这里的 ECX 初始值 = 19)
0045454C | 8B D8 | MOV EBX,EAX | <- EBX = EAX
0045454E | 81 C3 78 A4 6A D7 | ADD EBX,D76AA478 | <- EBX = EBX + 0xD76AA478
00454554 | C1 E3 03 | SHL EBX,3 | <- 将 EBX 的值左移3位,相当于 EBX = EBX * 8 (左移1位 * 2,左移2位 * 4,左移3位 * 8,以此类推,就是 2 的平方)
00454557 | D1 EB | SHR EBX,1 | <- 将 EBX 的值右移1位,相当于 EBX = EBX / 2
00454559 | 69 C3 05 84 08 08 | IMUL EAX,EBX,8088405 | <- EAX = EBX * 0x8088405
0045455F | 8B D8 | MOV EBX,EAX |
00454561 | 8B C3 | MOV EAX,EBX |
00454563 | B9 9F 86 01 00 | MOV ECX,1869F | <- 设 ECX 初始值 = 0x1869F
00454568 | 99 | CDQ | <- 将双字数据扩展为四字节,该指令先把edx的每一位置成eax的最高位(若eax>=0x80000000, 则edx=0xFFFFFFFF;若eax<0x80000000,则edx=0x00000000) ,再把edx扩展为eax的高位。
00454569 | F7 F9 | IDIV ECX | <- IDIV ECX 就是 EAX / ECX,商数放在 EAX,余数放在 EDX (这里的 ECX 初始值 = 0x1869F,余数 = EAX Mod ECX)
0045456B | 8B D8 | MOV EBX,EAX | <- 将 EAX 传递给 EBX
0045456D | 81 C3 78 A4 6A D7 | ADD EBX,D76AA478 | <- EBX = EBX + 0xD76AA478
00454573 | 8B C3 | MOV EAX,EBX | <- 将 EBX 传递给 EAX
00454575 | F7 EB | IMUL EBX | <- EBX = EBX * EAX
00454577 | 69 C0 13 46 30 A8 | IMUL EAX,EAX,A8304613 | <- EAX = EAX * 0xA8304613
0045457D | 8B D8 | MOV EBX,EAX | <- 将 EAX 值传递给 EBX
0045457F | 8D 55 F0 | LEA EDX,DWORD PTR SS:[EBP-10] | [ebp-10]:"-1735924981"
00454582 | 8B C3 | MOV EAX,EBX | 77171854E137A7F89887E30B
00454584 | E8 C7 36 FB FF | CALL <keygenme1.sub_407C50> | <- 这个暂时不知道什么 Call,目测可能是固定字符串
00454589 | 8B 4D F0 | MOV ECX,DWORD PTR SS:[EBP-10] | <- 有符号 "-1735924981" 存放在 [ebp-10]
0045458C | 8D 45 F8 | LEA EAX,DWORD PTR SS:[EBP-8] | [ebp-8]:"43694E31-1735924981"
0045458F | BA 24 46 45 00 | MOV EDX,keygenme1.454624 | <- 固定字符串 "43694E31"
00454594 | E8 BF FB FA FF | CALL <keygenme1.sub_404158> |
00454599 | 8D 55 EC | LEA EDX,DWORD PTR SS:[EBP-14] | <- 假码 "abcdefghijklmn" 存放在 [ebp-14]
0045459C | 8B 86 04 03 00 00 | MOV EAX,DWORD PTR DS:[ESI+304] |
004545A2 | E8 19 D6 FD FF | CALL <keygenme1.sub_431BC0> | <- 路过此地,可能是固定字符 "43694E31" 连接上面的 "-1735924981"
004545A7 | 8B 55 EC | MOV EDX,DWORD PTR SS:[EBP-14] | <- 获取假唐僧 "abcdefghijklmn"
004545AA | 8B 45 F8 | MOV EAX,DWORD PTR SS:[EBP-8] | <- 哟西真码佛现身 "43694E31-1735924981"
004545AD | E8 A6 FC FA FF | CALL <keygenme1.sub_404258> | <- 这个还用说,真假码比较 Call
004545B2 | 75 15 | JNE keygenme1.4545C9 | <- 相等继续运行上天堂,不相符阻止上天堂只能跳下地狱。
004545B4 | 6A 40 | PUSH 40 | <- 天堂门入口,玉皇大帝欢迎你!
004545B6 | 68 30 46 45 00 | PUSH <keygenme1.sub_454630> | 454630:L"Congratulation"
004545BB | 68 50 46 45 00 | PUSH <keygenme1.sub_454650> | 454650:L"Congratulation !! ,Now Write Keygen "
004545C0 | 6A 00 | PUSH 0 |
004545C2 | E8 A5 1F FB FF | CALL <keygenme1.MessageBoxW> |
004545C7 | EB 13 | JMP keygenme1.4545DC |
004545C9 | 6A 10 | PUSH 10 | <- 地狱门入口,阎王等着你!
004545CB | 68 9C 46 45 00 | PUSH keygenme1.45469C | 45469C:L"Oh no no ..."
004545D0 | 68 B8 46 45 00 | PUSH <keygenme1.sub_4546B8> | 4546B8:L"Wrong Code! Try Again !"
004545D5 | 6A 00 | PUSH 0 |
004545D7 | E8 90 1F FB FF | CALL <keygenme1.MessageBoxW> |
004545DC | 33 C0 | XOR EAX,EAX |
004545DE | 5A | POP EDX |
004545DF | 59 | POP ECX |
004545E0 | 59 | POP ECX |
004545E1 | 64 89 10 | MOV DWORD PTR FS:[EAX],EDX |
004545E4 | 68 16 46 45 00 | PUSH <keygenme1.sub_454616> |
004545E9 | 8D 45 EC | LEA EAX,DWORD PTR SS:[EBP-14] | [ebp-14]:"abcdefghijklmn"
004545EC | E8 5B F8 FA FF | CALL <keygenme1.sub_403E4C> |
004545F1 | 8D 45 F0 | LEA EAX,DWORD PTR SS:[EBP-10] | [ebp-10]:"-1735924981"
004545F4 | E8 53 F8 FA FF | CALL <keygenme1.sub_403E4C> |
004545F9 | 8D 45 F4 | LEA EAX,DWORD PTR SS:[EBP-C] | [ebp-C]:"chixiaojie"
004545FC | E8 4B F8 FA FF | CALL <keygenme1.sub_403E4C> |
00454601 | 8D 45 F8 | LEA EAX,DWORD PTR SS:[EBP-8] | [ebp-8]:"43694E31-1735924981"
00454604 | BA 02 00 00 00 | MOV EDX,2 |
00454609 | E8 62 F8 FA FF | CALL <keygenme1.sub_403E70> |
0045460E | C3 | RET |
IP卡
发表于 2016-10-14 10:46:02
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2016-10-14 14:16:37
发表于 2016-10-14 14:23:16
发表于 2016-12-1 13:08:35