- UID
- 34236
注册时间2007-8-13
阅读权限10
最后登录1970-1-1
周游历练
该用户从未签到
|
没什么目的 主要是 加入学习小组有要求
30积分的那个CRACKME是我最讨厌的VB写的
只能看50积分的那个要求 数数看就差一篇了
就去看雪 捞了个简单的CRACKME
今明两天估计要刷分到50
0045006E |. 55 push ebp
0045006F |. 68 E3014500 push 004501E3
00450074 |. 64:FF30 push dword ptr fs:[eax]
00450077 |. 64:8920 mov dword ptr fs:[eax], esp
0045007A |. 8D45 F0 lea eax, dword ptr [ebp-10]
0045007D |. BA F8014500 mov edx, 004501F8 ; ASCII "~!@#$%^&*()_+|\=-/?.,><;:`"
00450082 |. E8 213EFBFF call 00403EA8 ; 注意上面的固定字符串
00450087 |. 8D45 EC lea eax, dword ptr [ebp-14]
0045008A |. E8 813DFBFF call 00403E10
0045008F |. 8D55 F8 lea edx, dword ptr [ebp-8]
00450092 |. 8B45 FC mov eax, dword ptr [ebp-4]
00450095 |. 8B80 00030000 mov eax, dword ptr [eax+300]
0045009B |. E8 B8F2FDFF call 0042F358 ; 读取用户名N
004500A0 |. 8B45 F8 mov eax, dword ptr [ebp-8]
004500A3 |. E8 2840FBFF call 004040D0
004500A8 |. 8945 E8 mov dword ptr [ebp-18], eax
004500AB |. 837D E8 04 cmp dword ptr [ebp-18], 4
004500AF |. 0F8C 06010000 jl 004501BB ; 用户名位数》4
004500B5 |. 8D55 F4 lea edx, dword ptr [ebp-C]
004500B8 |. 8B45 FC mov eax, dword ptr [ebp-4]
004500BB |. 8B80 08030000 mov eax, dword ptr [eax+308]
004500C1 |. E8 92F2FDFF call 0042F358 ; 读取注册码S
004500C6 |. 8B45 F4 mov eax, dword ptr [ebp-C] ; S送EAX
004500C9 |. E8 0240FBFF call 004040D0 ; S的位数
004500CE |. 8945 E4 mov dword ptr [ebp-1C], eax
004500D1 |. 837D E4 00 cmp dword ptr [ebp-1C], 0
004500D5 |. 0F84 E0000000 je 004501BB ; 检验S是否为空
004500DB |. 8B45 E8 mov eax, dword ptr [ebp-18] ; 用户名位数送EAX
004500DE |. 25 01000080 and eax, 80000001 ; 位与 80000001H
004500E3 |. 79 05 jns short 004500EA
004500E5 |. 48 dec eax
004500E6 |. 83C8 FE or eax, FFFFFFFE
004500E9 |. 40 inc eax
004500EA |> 85C0 test eax, eax
004500EC |. 74 0D je short 004500FB
004500EE |. 8D45 F8 lea eax, dword ptr [ebp-8]
004500F1 |. BA 1C024500 mov edx, 0045021C
004500F6 |. E8 DD3FFBFF call 004040D8
004500FB |> 8B45 F8 mov eax, dword ptr [ebp-8] ; N送EAX
004500FE |. E8 CD3FFBFF call 004040D0
00450103 |. 8945 E8 mov dword ptr [ebp-18], eax
00450106 |. 8B45 E8 mov eax, dword ptr [ebp-18]
00450109 |. D1E8 shr eax, 1 ; N的位数右移1位
0045010B |. 8945 D8 mov dword ptr [ebp-28], eax
0045010E |. 8B45 D8 mov eax, dword ptr [ebp-28]
00450111 |. 85C0 test eax, eax
00450113 |. 0F8E 82000000 jle 0045019B
00450119 |. 8945 D4 mov dword ptr [ebp-2C], eax
0045011C |. C745 E0 01000>mov dword ptr [ebp-20], 1
00450123 |> 33C0 /xor eax, eax
00450125 |. 8945 DC |mov dword ptr [ebp-24], eax
00450128 |. 8B45 F8 |mov eax, dword ptr [ebp-8]
0045012B |. 8B55 E0 |mov edx, dword ptr [ebp-20]
0045012E |. 0FB64410 FF |movzx eax, byte ptr [eax+edx-1] ; N[I]送EAX
00450133 |. C1E0 02 |shl eax, 2 ; N[I[的ASC值左移2位
00450136 |. B9 1A000000 |mov ecx, 1A
0045013B |. 33D2 |xor edx, edx
0045013D |. F7F1 |div ecx ; /1A H
0045013F |. 8955 DC |mov dword ptr [ebp-24], edx ; 余数入栈
00450142 |. 8D45 CC |lea eax, dword ptr [ebp-34]
00450145 |. 8B55 F0 |mov edx, dword ptr [ebp-10] ; 固定字符串
00450148 |. 8B4D DC |mov ecx, dword ptr [ebp-24]
0045014B |. 8A140A |mov dl, byte ptr [edx+ecx] ; 按余数 取固定字符串对应的数送DL
0045014E |. E8 A53EFBFF |call 00403FF8
00450153 |. 8B55 CC |mov edx, dword ptr [ebp-34]
00450156 |. 8D45 EC |lea eax, dword ptr [ebp-14]
00450159 |. E8 7A3FFBFF |call 004040D8
0045015E |. 8B45 F8 |mov eax, dword ptr [ebp-8]
00450161 |. 8B55 E0 |mov edx, dword ptr [ebp-20]
00450164 |. 0FB60410 |movzx eax, byte ptr [eax+edx] ; N[I+1]送EAX
00450168 |. 8D0440 |lea eax, dword ptr [eax+eax*2]
0045016B |. B9 1A000000 |mov ecx, 1A
00450170 |. 33D2 |xor edx, edx
00450172 |. F7F1 |div ecx ; /1A H
00450174 |. 8955 DC |mov dword ptr [ebp-24], edx ; 余数入栈
00450177 |. 8D45 C8 |lea eax, dword ptr [ebp-38]
0045017A |. 8B55 F0 |mov edx, dword ptr [ebp-10]
0045017D |. 8B4D DC |mov ecx, dword ptr [ebp-24]
00450180 |. 8A140A |mov dl, byte ptr [edx+ecx] ; 按余数 取固定字符串对应的数送DL
00450183 |. E8 703EFBFF |call 00403FF8
00450188 |. 8B55 C8 |mov edx, dword ptr [ebp-38]
0045018B |. 8D45 EC |lea eax, dword ptr [ebp-14]
0045018E |. E8 453FFBFF |call 004040D8
00450193 |. FF45 E0 |inc dword ptr [ebp-20]
00450196 |. FF4D D4 |dec dword ptr [ebp-2C]
00450199 |.^ 75 88 \jnz short 00450123
0045019B |> 8B45 EC mov eax, dword ptr [ebp-14] ; 内存注册机
0045019E |. 8B55 F4 mov edx, dword ptr [ebp-C]
004501A1 |. E8 7640FBFF call 0040421C ; 比较CALL
004501A6 |. 75 13 jnz short 004501BB ; 爆破点
004501A8 |. 6A 40 push 40 ; /Style = MB_OK|MB_ICONASTERISK|MB_APPLMODAL
004501AA |. 68 20024500 push 00450220 ; |Title = "Congratulations"
004501AF |. 68 30024500 push 00450230 ; |Text = "Good job,man!"
004501B4 |. 6A 00 push 0 ; |hOwner = NULL
004501B6 |. E8 E562FBFF call <jmp.&user32.MessageBoxA> ; \MessageBoxA |
|