- UID
- 26818
注册时间2007-2-13
阅读权限20
最后登录1970-1-1
以武会友
 
TA的每日心情 | 开心
2018-10-21 14:56 |
|---|
签到天数: 1 天 [LV.1]初来乍到
|
发表于 2007-3-6 00:24:16
|
显示全部楼层
楼主真不厚道,antidebug做的太那个了
解决办法bp TerminateProcess
然后跳过那个ZwTerminateProcess执行到程序代码就到关键地方了
一共四处antidebug,初始化一个,注册算法的那个函数里面竟然放了3个,放一个不就好了么?
检测父进程PID号是否等于explorer.exe,进程有两个explorer进程也不行,而且程序会执行一次系统explorer程序
算法不是很难,我都能分析出来肯定不难了,呵呵,丢个注册机
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\comctl32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\comctl32.lib
dlgproc proto :DWORD,:DWORD,:DWORD,:DWORD
.const
.data
szName db 040h dup (0)
szSerial db 0C0h dup (0)
szKey db 0,0,"EFBD45A79813C602P.Y.G_WW-JACK_2007_02",8Dh,40h,0
db "www.chinapyg.com7894561230",0
szTmp db 05h dup (0)
szFormat db "%d",0
.data?
hInstance dd ?
.code
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,eax,101,NULL,offset dlgproc,0
invoke ExitProcess,NULL
dlgproc proc hWnd:DWORD,wMsg:DWORD,wParam:DWORD,lParam:DWORD
mov eax,wMsg
.if eax == WM_CLOSE
invoke EndDialog,hWnd,NULL
.elseif eax == WM_INITDIALOG
invoke LoadIcon,hInstance,1
invoke SendMessage,hWnd,WM_SETICON,0,eax
.elseif eax == WM_COMMAND
mov eax,wParam
.if eax == 1002
invoke GetDlgItemText,hWnd,1001,addr szName,30h
mov esi,eax
mov ebx,offset szName
add ebx,eax
invoke GetDlgItemText,hWnd,1000,ebx,10h
add esi,eax
xor edi,edi
mov byte ptr ds:[szSerial],0
.while edi<esi
mov dl,byte ptr ds:[szName+edi]
xor dl,byte ptr ds:[szKey+edi]
and dl,byte ptr ds:[szKey+edi+18h]
invoke wsprintf,addr szTmp,addr szFormat,dl
invoke lstrcat,addr szSerial,addr szTmp
inc edi
.endw
invoke lstrlen,addr szSerial
.while eax
dec eax
mov dl,byte ptr ds:[szSerial+eax]
.if dl=='1'
mov byte ptr ds:[szSerial+eax],'8'
.elseif dl=='2'
mov byte ptr ds:[szSerial+eax],'9'
.elseif dl=='3'
mov byte ptr ds:[szSerial+eax],'4'
.elseif dl=='4'
mov byte ptr ds:[szSerial+eax],'5'
.elseif dl=='5'
mov byte ptr ds:[szSerial+eax],'6'
.elseif dl=='6'
mov byte ptr ds:[szSerial+eax],'1'
.elseif dl=='7'
mov byte ptr ds:[szSerial+eax],'2'
.elseif dl=='8'
mov byte ptr ds:[szSerial+eax],'3'
.elseif dl=='9'
mov byte ptr ds:[szSerial+eax],'0'
.elseif dl=='0'
mov byte ptr ds:[szSerial+eax],'7'
.endif
.endw
invoke SetDlgItemText,hWnd,1002,addr szSerial
.endif
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
dlgproc endp
end start
--------------------------------------------------
#include "\masm32\include\resource.h"
1 icon main.ico
101 DIALOG DISCARDABLE 300, 200, 120, 80
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Keygen for ww-jack crackme"
FONT 8, "新宋体"
BEGIN
LTEXT "Code:",-1,7,10,28,9
EDITTEXT 1000,35,7,78,12,ES_AUTOHSCROLL
LTEXT "Name:",-1,7,28,28,9
EDITTEXT 1001,35,25,78,12,ES_AUTOHSCROLL
LTEXT "Serial:",-1,7,46,28,9
EDITTEXT 1002,35,43,78,12,ES_AUTOHSCROLL
PUSHBUTTON "&KeyGen",1002,45,60,40,13
END
[ 本帖最后由 不懂算法 于 2007-3-6 00:27 编辑 ] |
|
楼主: ww-jack
IP卡
发表于 2007-3-2 08:23:44
显身卡
楼主
发表于 2007-3-6 07:25:27
