- UID
- 21288
注册时间2006-10-1
阅读权限40
最后登录1970-1-1
独步武林
 
该用户从未签到
|
【文章标题】: 英汉翻译王 2007's算法分析
【文章作者】: Musoft
【作者邮箱】: [email protected]
【作者主页】: http://musoft.blog.sohu.com/
【下载地址】: http://bj.onlinedown.net/soft/50649.htm
【加壳方式】: 无壳
【编写语言】: Borland Delphi 6.0 - 7.0
【软件介绍】: 一款快速高效的英汉翻译软件[Google在线翻译]
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!算法很简单,跟的时候需要细心啊!
--------------------------------------------------------------------------------
【详细过程】
1.搜索字符串,下断,这里就不多说了,直接进入正题
004B1FE4 /. 55 PUSH EBP //开始
004B1FE5 |. 8BEC MOV EBP,ESP
004B1FE7 |. B9 05000000 MOV ECX,5
004B1FEC |> 6A 00 /PUSH 0
004B1FEE |. 6A 00 |PUSH 0
004B1FF0 |. 49 |DEC ECX
004B1FF1 |.^ 75 F9 \JNZ SHORT ectk.004B1FEC
004B1FF3 |. 51 PUSH ECX
004B1FF4 |. 56 PUSH ESI
004B1FF5 |. 8BF0 MOV ESI,EAX
004B1FF7 |. 33C0 XOR EAX,EAX
004B1FF9 |. 55 PUSH EBP
004B1FFA |. 68 C2214B00 PUSH ectk.004B21C2
004B1FFF |. 64:FF30 PUSH DWORD PTR FS:[EAX]
004B2002 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
004B2005 |. 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
004B2008 |. 8B86 00030000 MOV EAX,DWORD PTR DS:[ESI+300]
004B200E |. E8 8998F9FF CALL ectk.0044B89C ; 取注册码位数
004B2013 |. 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C] ; 注册码入EAX
004B2016 |. 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
004B2019 |. E8 FA64F5FF CALL ectk.00408518
004B201E |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004B2021 |. 50 PUSH EAX
004B2022 |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
004B2025 |. 8B86 0C030000 MOV EAX,DWORD PTR DS:[ESI+30C]
004B202B |. E8 6C98F9FF CALL ectk.0044B89C ; 取机器码位数
004B2030 |. 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14] ; 机器码入EAX
004B2033 |. 8D4D F0 LEA ECX,DWORD PTR SS:[EBP-10]
004B2036 |. BA D8214B00 MOV EDX,ectk.004B21D8 ; 固定值t674入EDX
004B203B |. E8 88FAFFFF CALL ectk.004B1AC8 ; 算法Call
004B2040 |. 8B55 F0 MOV EDX,DWORD PTR SS:[EBP-10] ; 真码浮现
004B2043 |. 58 POP EAX
004B2044 |. E8 4B24F5FF CALL ectk.00404494 ; 比较
004B2049 |. 0F85 E2000000 JNZ ectk.004B2131 ; 不等则over
004B204F |. A1 3CDE4B00 MOV EAX,DWORD PTR DS:[4BDE3C]
004B2054 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B2056 |. 8B80 4C050000 MOV EAX,DWORD PTR DS:[EAX+54C]
004B205C |. 33D2 XOR EDX,EDX
004B205E |. E8 3912F8FF CALL ectk.0043329C
004B2063 |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
004B2066 |. 8B86 00030000 MOV EAX,DWORD PTR DS:[ESI+300]
004B206C |. E8 2B98F9FF CALL ectk.0044B89C
004B2071 |. 8B45 E4 MOV EAX,DWORD PTR SS:[EBP-1C]
004B2074 |. 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
004B2077 |. E8 9C64F5FF CALL ectk.00408518
004B207C |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
004B207F |. A1 3CDE4B00 MOV EAX,DWORD PTR DS:[4BDE3C]
004B2084 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B2086 |. 8B80 50050000 MOV EAX,DWORD PTR DS:[EAX+550]
004B208C |. E8 3B98F9FF CALL ectk.0044B8CC
004B2091 |. 8D55 DC LEA EDX,DWORD PTR SS:[EBP-24]
004B2094 |. A1 7CE04B00 MOV EAX,DWORD PTR DS:[4BE07C]
004B2099 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B209B |. E8 209EFBFF CALL ectk.0046BEC0
004B20A0 |. 8B45 DC MOV EAX,DWORD PTR SS:[EBP-24]
004B20A3 |. 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
004B20A6 |. E8 516DF5FF CALL ectk.00408DFC
004B20AB |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
004B20AE |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
004B20B1 |. E8 4E62F5FF CALL ectk.00408304
004B20B6 |. 8D4D D8 LEA ECX,DWORD PTR SS:[EBP-28]
004B20B9 |. 33D2 XOR EDX,EDX
004B20BB |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004B20BE |. E8 A56CF5FF CALL ectk.00408D68
004B20C3 |. 8B55 D8 MOV EDX,DWORD PTR SS:[EBP-28]
004B20C6 |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004B20C9 |. E8 5220F5FF CALL ectk.00404120
004B20CE |. A1 3CDE4B00 MOV EAX,DWORD PTR DS:[4BDE3C]
004B20D3 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B20D5 |. FFB0 5C050000 PUSH DWORD PTR DS:[EAX+55C]
004B20DB |. 68 E8214B00 PUSH ectk.004B21E8 ; \
004B20E0 |. FF75 FC PUSH DWORD PTR SS:[EBP-4]
004B20E3 |. 68 F4214B00 PUSH ectk.004B21F4 ; .dll
004B20E8 |. 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
004B20EB |. BA 04000000 MOV EDX,4
004B20F0 |. E8 1323F5FF CALL ectk.00404408
004B20F5 |. 8B55 D4 MOV EDX,DWORD PTR SS:[EBP-2C]
004B20F8 |. A1 3CDE4B00 MOV EAX,DWORD PTR DS:[4BDE3C]
004B20FD |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B20FF |. 8B80 50050000 MOV EAX,DWORD PTR DS:[EAX+550]
004B2105 |. 8B80 20020000 MOV EAX,DWORD PTR DS:[EAX+220]
004B210B |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
004B210D |. FF51 74 CALL DWORD PTR DS:[ECX+74]
004B2110 |. 6A 40 PUSH 40
004B2112 |. B9 FC214B00 MOV ECX,ectk.004B21FC ; 提示
004B2117 |. BA 04224B00 MOV EDX,ectk.004B2204 ; 恭喜您,注册成功!
004B211C |. A1 7CE04B00 MOV EAX,DWORD PTR DS:[4BE07C]
004B2121 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
004B2123 |. E8 1899FBFF CALL ectk.0046BA40
004B2128 |. 8BC6 MOV EAX,ESI
004B212A |. E8 3560FBFF CALL ectk.00468164
004B212F |. EB 41 JMP SHORT ectk.004B2172
004B2131 |> 6A 10 PUSH 10
004B2133 |. B9 FC214B00 MOV ECX,ectk.004B21FC ; 提示
004B2138 |. BA 18224B00 MOV EDX,ectk.004B2218
...
-----------------------------------------------------------------------------------------------------------
2.进入算法call
004B1AC8 /$ 55 PUSH EBP //算法开始
004B1AC9 |. 8BEC MOV EBP,ESP
004B1ACB |. 51 PUSH ECX
004B1ACC |. B9 07000000 MOV ECX,7
004B1AD1 |> 6A 00 /PUSH 0
004B1AD3 |. 6A 00 |PUSH 0
004B1AD5 |. 49 |DEC ECX
004B1AD6 |.^ 75 F9 \JNZ SHORT ectk.004B1AD1
004B1AD8 |. 874D FC XCHG DWORD PTR SS:[EBP-4],ECX
004B1ADB |. 53 PUSH EBX
004B1ADC |. 56 PUSH ESI
004B1ADD |. 57 PUSH EDI
004B1ADE |. 894D F8 MOV DWORD PTR SS:[EBP-8],ECX
004B1AE1 |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX
004B1AE4 |. 8BD8 MOV EBX,EAX
004B1AE6 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004B1AE9 |. E8 4A2AF5FF CALL ectk.00404538
004B1AEE |. 33C0 XOR EAX,EAX ; 清EAX
004B1AF0 |. 55 PUSH EBP
004B1AF1 |. 68 CA1C4B00 PUSH ectk.004B1CCA
004B1AF6 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
004B1AF9 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
004B1AFC |. 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
004B1AFF |. 8BC3 MOV EAX,EBX
004B1B01 |. E8 26FFFFFF CALL ectk.004B1A2C ; 将机器码的ASC码连接起来设为A
004B1B06 |. 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
004B1B09 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004B1B0C |. E8 1BFFFFFF CALL ectk.004B1A2C ; 将固定字符t467的ASC码连接起来设为B
004B1B11 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
004B1B14 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C] ; A入EDX
004B1B17 |. E8 0426F5FF CALL ectk.00404120
004B1B1C |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10] ; B入EAX
004B1B1F |. E8 2428F5FF CALL ectk.00404348 ; 计算B位数
004B1B24 |. D1F8 SAR EAX,1 ; 右移1-也就是除以2的一次方
004B1B26 |. 79 03 JNS SHORT ectk.004B1B2B
004B1B28 |. 83D0 00 ADC EAX,0
004B1B2B |> 85C0 TEST EAX,EAX
004B1B2D |. 0F8E 54010000 JLE ectk.004B1C87
004B1B33 |. 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX
004B1B36 |. BE 01000000 MOV ESI,1 ; ESI=1
004B1B3B |> 83FE 01 /CMP ESI,1
004B1B3E |. 74 0B |JE SHORT ectk.004B1B4B
004B1B40 |. 8D45 EC |LEA EAX,DWORD PTR SS:[EBP-14]
004B1B43 |. 8B55 E8 |MOV EDX,DWORD PTR SS:[EBP-18]
004B1B46 |. E8 D525F5FF |CALL ectk.00404120
004B1B4B |> 8D45 E8 |LEA EAX,DWORD PTR SS:[EBP-18]
004B1B4E |. E8 3525F5FF |CALL ectk.00404088
004B1B53 |. 8B45 EC |MOV EAX,DWORD PTR SS:[EBP-14] ; A值[2次A*,3次A**,4次A***]入EAX,
004B1B56 |. E8 ED27F5FF |CALL ectk.00404348 ; 计算位数
004B1B5B |. 8BF8 |MOV EDI,EAX ; EAX进EDI
004B1B5D |. D1FF |SAR EDI,1 ; 右移1
004B1B5F |. 79 03 |JNS SHORT ectk.004B1B64
004B1B61 |. 83D7 00 |ADC EDI,0
004B1B64 |> 85FF |TEST EDI,EDI
004B1B66 |. 0F8E 11010000 |JLE ectk.004B1C7D
004B1B6C |. BB 01000000 |MOV EBX,1 ; EBX=1
004B1B71 |> BA D81C4B00 |/MOV EDX,ectk.004B1CD8
004B1B76 |. 8D45 D8 ||LEA EAX,DWORD PTR SS:[EBP-28]
004B1B79 |. E8 B210F5FF ||CALL ectk.00402C30
004B1B7E |. 8D45 D4 ||LEA EAX,DWORD PTR SS:[EBP-2C]
004B1B81 |. 8BD3 ||MOV EDX,EBX ; EBX入EDX
004B1B83 |. 03D2 ||ADD EDX,EDX ; EDX=EDX+EDX
004B1B85 |. 8B4D EC ||MOV ECX,DWORD PTR SS:[EBP-14] ; A值入ECX
004B1B88 |. 8A5411 FE ||MOV DL,BYTE PTR DS:[ECX+EDX-2] ; 首位开始,隔位取值
004B1B8C |. 8850 01 ||MOV BYTE PTR DS:[EAX+1],DL ; DL入DS:[EAX+1]
004B1B8F |. C600 01 ||MOV BYTE PTR DS:[EAX],1 ; DS:[EAX]=1
004B1B92 |. 8D55 D4 ||LEA EDX,DWORD PTR SS:[EBP-2C]
004B1B95 |. 8D45 D8 ||LEA EAX,DWORD PTR SS:[EBP-28]
004B1B98 |. B1 02 ||MOV CL,2 ; CL=2
004B1B9A |. E8 6110F5FF ||CALL ectk.00402C00
004B1B9F |. 8D55 D8 ||LEA EDX,DWORD PTR SS:[EBP-28]
004B1BA2 |. 8D45 D0 ||LEA EAX,DWORD PTR SS:[EBP-30]
004B1BA5 |. E8 8610F5FF ||CALL ectk.00402C30
004B1BAA |. 8D45 D4 ||LEA EAX,DWORD PTR SS:[EBP-2C]
004B1BAD |. 8BD3 ||MOV EDX,EBX
004B1BAF |. 03D2 ||ADD EDX,EDX
004B1BB1 |. 8B4D EC ||MOV ECX,DWORD PTR SS:[EBP-14] ; A入ECX
004B1BB4 |. 8A5411 FF ||MOV DL,BYTE PTR DS:[ECX+EDX-1] ; 从A的第2位开始隔位取值
004B1BB8 |. 8850 01 ||MOV BYTE PTR DS:[EAX+1],DL
004B1BBB |. C600 01 ||MOV BYTE PTR DS:[EAX],1
004B1BBE |. 8D55 D4 ||LEA EDX,DWORD PTR SS:[EBP-2C]
004B1BC1 |. 8D45 D0 ||LEA EAX,DWORD PTR SS:[EBP-30]
004B1BC4 |. B1 03 ||MOV CL,3 ; CL=3
004B1BC6 |. E8 3510F5FF ||CALL ectk.00402C00
004B1BCB |. 8D55 D0 ||LEA EDX,DWORD PTR SS:[EBP-30]
004B1BCE |. 8D45 DC ||LEA EAX,DWORD PTR SS:[EBP-24]
004B1BD1 |. E8 1627F5FF ||CALL ectk.004042EC
004B1BD6 |. 8B45 DC ||MOV EAX,DWORD PTR SS:[EBP-24]
004B1BD9 |. E8 2E6DF5FF ||CALL ectk.0040890C ; 将前两步取值连接
004B1BDE |. 8845 E7 ||MOV BYTE PTR SS:[EBP-19],AL ; AL入[EBP-19]
004B1BE1 |. BA D81C4B00 ||MOV EDX,ectk.004B1CD8
004B1BE6 |. 8D45 D8 ||LEA EAX,DWORD PTR SS:[EBP-28]
004B1BE9 |. E8 4210F5FF ||CALL ectk.00402C30
004B1BEE |. 8D45 D4 ||LEA EAX,DWORD PTR SS:[EBP-2C]
004B1BF1 |. 8BD6 ||MOV EDX,ESI ; ESI入EDX
004B1BF3 |. 03D2 ||ADD EDX,EDX
004B1BF5 |. 8B4D F0 ||MOV ECX,DWORD PTR SS:[EBP-10] ; B值入ECX
004B1BF8 |. 8A5411 FE ||MOV DL,BYTE PTR DS:[ECX+EDX-2] ; 取B的第一位ASC码
004B1BFC |. 8850 01 ||MOV BYTE PTR DS:[EAX+1],DL
004B1BFF |. C600 01 ||MOV BYTE PTR DS:[EAX],1
004B1C02 |. 8D55 D4 ||LEA EDX,DWORD PTR SS:[EBP-2C]
004B1C05 |. 8D45 D8 ||LEA EAX,DWORD PTR SS:[EBP-28]
004B1C08 |. B1 02 ||MOV CL,2 ; CL=2
004B1C0A |. E8 F10FF5FF ||CALL ectk.00402C00
004B1C0F |. 8D55 D8 ||LEA EDX,DWORD PTR SS:[EBP-28]
004B1C12 |. 8D45 D0 ||LEA EAX,DWORD PTR SS:[EBP-30]
004B1C15 |. E8 1610F5FF ||CALL ectk.00402C30
004B1C1A |. 8D45 D4 ||LEA EAX,DWORD PTR SS:[EBP-2C]
004B1C1D |. 8BD6 ||MOV EDX,ESI
004B1C1F |. 03D2 ||ADD EDX,EDX
004B1C21 |. 8B4D F0 ||MOV ECX,DWORD PTR SS:[EBP-10] ; B入ECX
004B1C24 |. 8A5411 FF ||MOV DL,BYTE PTR DS:[ECX+EDX-1] ; 取B的第2位ASC码
004B1C28 |. 8850 01 ||MOV BYTE PTR DS:[EAX+1],DL
004B1C2B |. C600 01 ||MOV BYTE PTR DS:[EAX],1
004B1C2E |. 8D55 D4 ||LEA EDX,DWORD PTR SS:[EBP-2C]
004B1C31 |. 8D45 D0 ||LEA EAX,DWORD PTR SS:[EBP-30]
004B1C34 |. B1 03 ||MOV CL,3 ; CL=3
004B1C36 |. E8 C50FF5FF ||CALL ectk.00402C00
004B1C3B |. 8D55 D0 ||LEA EDX,DWORD PTR SS:[EBP-30]
004B1C3E |. 8D45 CC ||LEA EAX,DWORD PTR SS:[EBP-34]
004B1C41 |. E8 A626F5FF ||CALL ectk.004042EC
004B1C46 |. 8B45 CC ||MOV EAX,DWORD PTR SS:[EBP-34]
004B1C49 |. E8 BE6CF5FF ||CALL ectk.0040890C
004B1C4E |. 3245 E7 ||XOR AL,BYTE PTR SS:[EBP-19] ; AL与[EBP-19]异或,4次运算,分别与t674各字符异或
004B1C51 |. 8845 E6 ||MOV BYTE PTR SS:[EBP-1A],AL ; AL入[EBP-1A]
004B1C54 |. 8D45 C4 ||LEA EAX,DWORD PTR SS:[EBP-3C]
004B1C57 |. 8A55 E6 ||MOV DL,BYTE PTR SS:[EBP-1A] ; [EBP-1A]入DL
004B1C5A |. E8 1126F5FF ||CALL ectk.00404270
004B1C5F |. 8B45 C4 ||MOV EAX,DWORD PTR SS:[EBP-3C]
004B1C62 |. 8D55 C8 ||LEA EDX,DWORD PTR SS:[EBP-38]
004B1C65 |. E8 C2FDFFFF ||CALL ectk.004B1A2C
004B1C6A |. 8B55 C8 ||MOV EDX,DWORD PTR SS:[EBP-38]
004B1C6D |. 8D45 E8 ||LEA EAX,DWORD PTR SS:[EBP-18]
004B1C70 |. E8 DB26F5FF ||CALL ectk.00404350
004B1C75 |. 43 ||INC EBX
004B1C76 |. 4F ||DEC EDI
004B1C77 |.^ 0F85 F4FEFFFF |\JNZ ectk.004B1B71
004B1C7D |> 46 |INC ESI
004B1C7E |. FF4D E0 |DEC DWORD PTR SS:[EBP-20]
004B1C81 |.^ 0F85 B4FEFFFF \JNZ ectk.004B1B3B
004B1C87 |> 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004B1C8A |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18] //真码浮现
004B1C8D |. E8 4A24F5FF CALL ectk.004040DC
004B1C92 |. 33C0 XOR EAX,EAX
004B1C94 |. 5A POP EDX
004B1C95 |. 59 POP ECX
004B1C96 |. 59 POP ECX
004B1C97 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
004B1C9A |. 68 D11C4B00 PUSH ectk.004B1CD1
004B1C9F |> 8D45 C4 LEA EAX,DWORD PTR SS:[EBP-3C]
004B1CA2 |. BA 03000000 MOV EDX,3
004B1CA7 |. E8 0024F5FF CALL ectk.004040AC
004B1CAC |. 8D45 DC LEA EAX,DWORD PTR SS:[EBP-24]
004B1CAF |. E8 D423F5FF CALL ectk.00404088
004B1CB4 |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
004B1CB7 |. BA 04000000 MOV EDX,4
004B1CBC |. E8 EB23F5FF CALL ectk.004040AC
004B1CC1 |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004B1CC4 |. E8 BF23F5FF CALL ectk.00404088
004B1CC9 \. C3 RETN
004B1CCA .^ E9 BD1DF5FF JMP ectk.00403A8C
004B1CCF .^ EB CE JMP SHORT ectk.004B1C9F
004B1CD1 . 5F POP EDI
004B1CD2 . 5E POP ESI
004B1CD3 . 5B POP EBX
004B1CD4 . 8BE5 MOV ESP,EBP
004B1CD6 . 5D POP EBP
004B1CD7 . C3 RETN
--------------------------------------------------------------------------------
【算法分析】
1.将机器码的ASCII码连接起来组成A
2.从A中首位起隔位取值,每次取一个数,从A中第2位隔位取值,每次取一个数,连接为B
3.B与固定字符t674(每一次循环运算取一位)异或,结果连接起来组成A*
4.A*经过上面的步骤计算得到A**,再次运算得到A***,继续运算,得到即为真码!
例如我的机器码为:BFED572F004005447EB1
机器码的ASCii码连接成
A:4246454435373246303034303035343437454231
第一次运算得到A* :3632313041434632444440444441404043313645
第二次运算得到A** :0004070677757004727276727277767675070073
第三次运算得到A***:3733303140424733454541454540414142303744
第四次运算得到真码:0307040574767307717175717174757576040370
【经验总结】:小菜一个,算法注册机略,没写过算法分析,写的很乱,学习ING~,花了快一个小时,眼睛疼,草草收尾~
--------------------------------------------------------------------------------
【版权声明】: 没版权,要版权做甚?
2007年02月26日 21:44:25 |
|
IP卡
发表于 2007-2-26 21:52:50
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2007-4-28 07:57:54