- UID
- 28352
注册时间2007-2-21
阅读权限40
最后登录1970-1-1
独步武林
 
TA的每日心情 | 开心
2024-5-1 14:44 |
|---|
签到天数: 2 天 [LV.1]初来乍到
|
【破文标题】CDEdit V1.146算法分析
【破文作者】tianxj
【作者邮箱】[email protected]
【破解工具】PEiD,OD
【破解平台】Windows XP
【软件名称】CDEdit V1.146(2008-06-05版)
【软件大小】848 KB
【软件语言】英文
【软件类别】国外软件 / 共享软件 / 媒体制作
【原版下载】自己搜索下
【保护方式】注册码
【软件简介】帮助你设计CD-Audio,CD-Rom,CD-RW等的光盘盒封面,它允许你使用不同字形,色彩和影像,可调整字型大小,影像大小,使用了简单的操作界面,能让你迅速又容易的设计光盘盒封面。
【破解声明】我是一只小菜鸟,偶得一点心得,愿与大家分享:)
初学Crack,只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------
【破解内容】
--------------------------------------------------------------
**************************************************************
一、运行程序,进行注册,输入错误的注册信息进行检测,有提示信息
"Sorry, this registration code is invalid."
**************************************************************
二、用PEiD对这个软件查壳,为 Borland Delphi 6.0 - 7.0
**************************************************************
三、运行OD,打开CDEdit,F9运行,输入假注册信息注册,出现错误对话框,F12暂停,alt+K
调用堆栈 , 项目 19
地址=0013F220
堆栈=004CE9CC
程序过程 / 参数=? CDEdit.004540E4
调用来自=CDEdit.004CE9C7
结构=0013F21C
==============================================================- 004CE818 /. 55 PUSH EBP
- 004CE819 |. 8BEC MOV EBP,ESP
- 004CE81B |. B9 06000000 MOV ECX,6
- 004CE820 |> 6A 00 /PUSH 0
- 004CE822 |. 6A 00 |PUSH 0
- 004CE824 |. 49 |DEC ECX
- 004CE825 |.^ 75 F9 \JNZ SHORT CDEdit.004CE820
- 004CE827 |. 51 PUSH ECX
- 004CE828 |. 53 PUSH EBX
- 004CE829 |. 8BD8 MOV EBX,EAX
- 004CE82B |. 33C0 XOR EAX,EAX
- 004CE82D |. 55 PUSH EBP
- 004CE82E |. 68 1EEA4C00 PUSH CDEdit.004CEA1E
- 004CE833 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
- 004CE836 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
- 004CE839 |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
- 004CE83C |. 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
- 004CE842 |. E8 89C3F8FF CALL CDEdit.0045ABD0
- 004CE847 |. 837D FC 00 CMP DWORD PTR SS:[EBP-4],0
- 004CE84B |. 74 14 JE SHORT CDEdit.004CE861 ; //用户名为空则跳
- 004CE84D |. 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
- 004CE850 |. 8B83 00030000 MOV EAX,DWORD PTR DS:[EBX+300]
- 004CE856 |. E8 75C3F8FF CALL CDEdit.0045ABD0
- 004CE85B |. 837D F8 00 CMP DWORD PTR SS:[EBP-8],0
- 004CE85F |. 75 38 JNZ SHORT CDEdit.004CE899 ; //注册码不为空则跳
- 004CE861 |> 6A 40 PUSH 40
- 004CE863 |. 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
- 004CE866 |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE86B |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE86D |. E8 0A52F8FF CALL CDEdit.00453A7C
- 004CE872 |. 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
- 004CE875 |. E8 B267F3FF CALL CDEdit.0040502C
- 004CE87A |. 50 PUSH EAX
- 004CE87B |. A1 7C8E5100 MOV EAX,DWORD PTR DS:[518E7C]
- 004CE880 |. E8 A767F3FF CALL CDEdit.0040502C
- 004CE885 |. 8BD0 MOV EDX,EAX
- 004CE887 |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE88C |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE88E |. 59 POP ECX
- 004CE88F |. E8 5058F8FF CALL CDEdit.004540E4
- 004CE894 |. E9 33010000 JMP CDEdit.004CE9CC
- 004CE899 |> 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
- 004CE89C |. 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
- 004CE8A2 |. E8 29C3F8FF CALL CDEdit.0045ABD0
- 004CE8A7 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10] ; //EAX=[EBP-10]=用户名
- 004CE8AA |. BA 34EA4C00 MOV EDX,CDEdit.004CEA34 ; temporary cdedit code
- 004CE8AF |. E8 C466F3FF CALL CDEdit.00404F78
- 004CE8B4 |. 75 37 JNZ SHORT CDEdit.004CE8ED ; //用户名不为"Temporary CDEdit Code"则跳
- 004CE8B6 |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
- 004CE8B9 |. 8B83 00030000 MOV EAX,DWORD PTR DS:[EBX+300]
- 004CE8BF |. E8 0CC3F8FF CALL CDEdit.0045ABD0
- 004CE8C4 |. 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14] ; //EAX=[EBP-14]=试练码
- 004CE8C7 |. 50 PUSH EAX
- 004CE8C8 |. 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
- 004CE8CB |. 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
- 004CE8D1 |. E8 FAC2F8FF CALL CDEdit.0045ABD0
- 004CE8D6 |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
- 004CE8D9 |. 58 POP EAX
- 004CE8DA |. E8 9966F3FF CALL CDEdit.00404F78
- 004CE8DF |. 75 0C JNZ SHORT CDEdit.004CE8ED ; //试练码不为"Temporary CDEdit Code"则跳
- 004CE8E1 |. 8BC3 MOV EAX,EBX
- 004CE8E3 |. E8 301FF8FF CALL CDEdit.00450818
- 004CE8E8 |. E9 DF000000 JMP CDEdit.004CE9CC
- 004CE8ED |> 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
- 004CE8F0 |. 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
- 004CE8F6 |. E8 D5C2F8FF CALL CDEdit.0045ABD0
- 004CE8FB |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20] ; //EAX=EBP-20]=用户名
- 004CE8FE |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
- 004CE901 |. E8 4AE9FFFF CALL CDEdit.004CD250 ; //算法CALL
- 004CE906 |. 8B45 E4 MOV EAX,DWORD PTR SS:[EBP-1C] ; //EAX=[EBP-1C]=真码
- 004CE909 |. 50 PUSH EAX
- 004CE90A |. 8D55 DC LEA EDX,DWORD PTR SS:[EBP-24]
- 004CE90D |. 8B83 00030000 MOV EAX,DWORD PTR DS:[EBX+300]
- 004CE913 |. E8 B8C2F8FF CALL CDEdit.0045ABD0
- 004CE918 |. 8B55 DC MOV EDX,DWORD PTR SS:[EBP-24] ; //EDX=[EBP-24]=试练码
- 004CE91B |. 58 POP EAX ; //EAX=真码
- 004CE91C |. E8 5766F3FF CALL CDEdit.00404F78 ; //比较CALL
- 004CE921 |. 75 76 JNZ SHORT CDEdit.004CE999 ; //关键跳转
- 004CE923 |. 8D55 D8 LEA EDX,DWORD PTR SS:[EBP-28]
- 004CE926 |. 8B83 00030000 MOV EAX,DWORD PTR DS:[EBX+300]
- 004CE92C |. E8 9FC2F8FF CALL CDEdit.0045ABD0
- 004CE931 |. 8B45 D8 MOV EAX,DWORD PTR SS:[EBP-28]
- 004CE934 |. 50 PUSH EAX
- 004CE935 |. 8D55 D4 LEA EDX,DWORD PTR SS:[EBP-2C]
- 004CE938 |. 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
- 004CE93E |. E8 8DC2F8FF CALL CDEdit.0045ABD0
- 004CE943 |. 8B55 D4 MOV EDX,DWORD PTR SS:[EBP-2C]
- 004CE946 |. 8BC3 MOV EAX,EBX
- 004CE948 |. 59 POP ECX
- 004CE949 |. E8 96010000 CALL CDEdit.004CEAE4
- 004CE94E |. 6A 40 PUSH 40
- 004CE950 |. 8D55 D0 LEA EDX,DWORD PTR SS:[EBP-30]
- 004CE953 |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE958 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE95A |. E8 1D51F8FF CALL CDEdit.00453A7C
- 004CE95F |. 8B45 D0 MOV EAX,DWORD PTR SS:[EBP-30]
- 004CE962 |. E8 C566F3FF CALL CDEdit.0040502C
- 004CE967 |. 50 PUSH EAX
- 004CE968 |. A1 808E5100 MOV EAX,DWORD PTR DS:[518E80]
- 004CE96D |. E8 BA66F3FF CALL CDEdit.0040502C
- 004CE972 |. 8BD0 MOV EDX,EAX
- 004CE974 |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE979 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE97B |. 59 POP ECX
- 004CE97C |. E8 6357F8FF CALL CDEdit.004540E4
- 004CE981 |. A1 788E5100 MOV EAX,DWORD PTR DS:[518E78]
- 004CE986 |. E8 2D20F8FF CALL CDEdit.004509B8
- 004CE98B |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE990 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE992 |. E8 A956F8FF CALL CDEdit.00454040
- 004CE997 |. EB 33 JMP SHORT CDEdit.004CE9CC
- 004CE999 |> 6A 40 PUSH 40
- 004CE99B |. 8D55 CC LEA EDX,DWORD PTR SS:[EBP-34]
- 004CE99E |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE9A3 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE9A5 |. E8 D250F8FF CALL CDEdit.00453A7C
- 004CE9AA |. 8B45 CC MOV EAX,DWORD PTR SS:[EBP-34]
- 004CE9AD |. E8 7A66F3FF CALL CDEdit.0040502C
- 004CE9B2 |. 50 PUSH EAX
- 004CE9B3 |. A1 7C8E5100 MOV EAX,DWORD PTR DS:[518E7C]
- 004CE9B8 |. E8 6F66F3FF CALL CDEdit.0040502C
- 004CE9BD |. 8BD0 MOV EDX,EAX
- 004CE9BF |. A1 40675100 MOV EAX,DWORD PTR DS:[516740]
- 004CE9C4 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
- 004CE9C6 |. 59 POP ECX
- 004CE9C7 |. E8 1857F8FF CALL CDEdit.004540E4
- 004CE9CC |> 33C0 XOR EAX,EAX
- 004CE9CE |. 5A POP EDX
- 004CE9CF |. 59 POP ECX
- 004CE9D0 |. 59 POP ECX
- 004CE9D1 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
- 004CE9D4 |. 68 25EA4C00 PUSH CDEdit.004CEA25
- 004CE9D9 |> 8D45 CC LEA EAX,DWORD PTR SS:[EBP-34]
- 004CE9DC |. BA 02000000 MOV EDX,2
- 004CE9E1 |. E8 BA61F3FF CALL CDEdit.00404BA0
- 004CE9E6 |. 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
- 004CE9E9 |. BA 04000000 MOV EDX,4
- 004CE9EE |. E8 AD61F3FF CALL CDEdit.00404BA0
- 004CE9F3 |. 8D45 E4 LEA EAX,DWORD PTR SS:[EBP-1C]
- 004CE9F6 |. E8 8161F3FF CALL CDEdit.00404B7C
- 004CE9FB |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
- 004CE9FE |. BA 03000000 MOV EDX,3
- 004CEA03 |. E8 9861F3FF CALL CDEdit.00404BA0
- 004CEA08 |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
- 004CEA0B |. E8 6C61F3FF CALL CDEdit.00404B7C
- 004CEA10 |. 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
- 004CEA13 |. BA 02000000 MOV EDX,2
- 004CEA18 |. E8 8361F3FF CALL CDEdit.00404BA0
- 004CEA1D \. C3 RETN
- 004CEA1E .^ E9 5D5BF3FF JMP CDEdit.00404580
- 004CEA23 .^ EB B4 JMP SHORT CDEdit.004CE9D9
- 004CEA25 . 5B POP EBX
- 004CEA26 . 8BE5 MOV ESP,EBP
- 004CEA28 . 5D POP EBP
- 004CEA29 . C3 RETN
- ==============================================================
- 004CD250 $ 55 PUSH EBP
- 004CD251 . 8BEC MOV EBP,ESP
- 004CD253 . 81C4 E0FDFFFF ADD ESP,-220
- 004CD259 . 53 PUSH EBX
- 004CD25A . 56 PUSH ESI
- 004CD25B . 57 PUSH EDI
- 004CD25C . 33C9 XOR ECX,ECX
- 004CD25E . 898D E0FDFFFF MOV DWORD PTR SS:[EBP-220],ECX
- 004CD264 . 894D F0 MOV DWORD PTR SS:[EBP-10],ECX
- 004CD267 . 894D EC MOV DWORD PTR SS:[EBP-14],ECX
- 004CD26A . 8955 F8 MOV DWORD PTR SS:[EBP-8],EDX
- 004CD26D . 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
- 004CD270 . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD273 . E8 A47DF3FF CALL CDEdit.0040501C
- 004CD278 . 33C0 XOR EAX,EAX
- 004CD27A . 55 PUSH EBP
- 004CD27B . 68 F6D34C00 PUSH CDEdit.004CD3F6
- 004CD280 . 64:FF30 PUSH DWORD PTR FS:[EAX]
- 004CD283 . 64:8920 MOV DWORD PTR FS:[EAX],ESP
- 004CD286 . 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
- 004CD289 . E8 EE78F3FF CALL CDEdit.00404B7C
- 004CD28E . EB 0B JMP SHORT CDEdit.004CD29B
- 004CD290 > 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
- 004CD293 . 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
- 004CD296 . E8 A17BF3FF CALL CDEdit.00404E3C
- 004CD29B > 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD29E . E8 917BF3FF CALL CDEdit.00404E34
- 004CD2A3 . 85C0 TEST EAX,EAX
- 004CD2A5 . 7E 0D JLE SHORT CDEdit.004CD2B4
- 004CD2A7 . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD2AA . E8 857BF3FF CALL CDEdit.00404E34
- 004CD2AF . 83F8 09 CMP EAX,9
- 004CD2B2 .^ 7C DC JL SHORT CDEdit.004CD290 ; //取用户名长度与9比较,若小于9,则重复用户名,直到长度大于等于9
- 004CD2B4 > 8D85 E4FEFFFF LEA EAX,DWORD PTR SS:[EBP-11C]
- 004CD2BA . 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4] ; //重复后的用户名
- 004CD2BD . E8 A2C9F3FF CALL CDEdit.00409C64
- 004CD2C2 . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD2C5 . E8 6A7BF3FF CALL CDEdit.00404E34 ; //取重复后的用户名的长度
- 004CD2CA . 48 DEC EAX
- 004CD2CB . 85C0 TEST EAX,EAX
- 004CD2CD . 0F8C EA000000 JL CDEdit.004CD3BD
- 004CD2D3 . 40 INC EAX
- 004CD2D4 . 8945 E8 MOV DWORD PTR SS:[EBP-18],EAX ; //[EBP-18]=EAX=重复后的用户名的长度
- 004CD2D7 . C745 F4 00000>MOV DWORD PTR SS:[EBP-C],0 ; //[EBP-C]=0
- 004CD2DE . 8D85 E4FEFFFF LEA EAX,DWORD PTR SS:[EBP-11C]
- 004CD2E4 . 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
- 004CD2E7 > 8B45 E4 MOV EAX,DWORD PTR SS:[EBP-1C] ; //重复后的用户名
- 004CD2EA . 33DB XOR EBX,EBX ; //EBX=0
- 004CD2EC . 8A18 MOV BL,BYTE PTR DS:[EAX] ; //依次取重复后的用户名的ASC值
- 004CD2EE . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; //重复后的用户名
- 004CD2F1 . E8 3E7BF3FF CALL CDEdit.00404E34 ; //取重复后的用户名的长度
- 004CD2F6 . 2B45 F4 SUB EAX,DWORD PTR SS:[EBP-C] ; //EAX=EAX-[EBP-C],[EBP-C]初始值为0
- 004CD2F9 . 8D04C0 LEA EAX,DWORD PTR DS:[EAX+EAX*8] ; //EAX=[EAX+EAX*8]
- 004CD2FC . B9 03000000 MOV ECX,3 ; //ECX=3
- 004CD301 . 99 CDQ
- 004CD302 . F7F9 IDIV ECX ; //EAX/ECX,商送EAX,余送EDX
- 004CD304 . 03D8 ADD EBX,EAX ; //EBX=EBX+EAX
- 004CD306 . 83FB 09 CMP EBX,9 ; //EBX与9比较
- 004CD309 . 0F8E 83000000 JLE CDEdit.004CD392 ; //小于等于则跳
- 004CD30F . 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
- 004CD312 . 8BC3 MOV EAX,EBX ; //EAX=EBX
- 004CD314 . E8 17C0F3FF CALL CDEdit.00409330 ; //将EAX转为10进制字符形式
- 004CD319 . EB 77 JMP SHORT CDEdit.004CD392
- 004CD31B > 33FF XOR EDI,EDI ; //EDI=0
- 004CD31D . 8D85 E4FDFFFF LEA EAX,DWORD PTR SS:[EBP-21C]
- 004CD323 . 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14] ; //10进制字符串
- 004CD326 . E8 39C9F3FF CALL CDEdit.00409C64
- 004CD32B . 33D2 XOR EDX,EDX ; //EDX=0
- 004CD32D . 55 PUSH EBP
- 004CD32E . 68 81D34C00 PUSH CDEdit.004CD381
- 004CD333 . 64:FF32 PUSH DWORD PTR FS:[EDX]
- 004CD336 . 64:8922 MOV DWORD PTR FS:[EDX],ESP
- 004CD339 . 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14] ; //10进制字符串
- 004CD33C . E8 F37AF3FF CALL CDEdit.00404E34 ; //取10进制字符串的长度
- 004CD341 . 8BF0 MOV ESI,EAX ; //ESI=EAX=10进制字符串的长度
- 004CD343 . 4E DEC ESI ; //ESI=ESI-1
- 004CD344 . 85F6 TEST ESI,ESI
- 004CD346 . 7C 25 JL SHORT CDEdit.004CD36D ; //小于则跳
- 004CD348 . 46 INC ESI ; //ESI=ESI+1
- 004CD349 . 8D9D E4FDFFFF LEA EBX,DWORD PTR SS:[EBP-21C] ; //10进制字符串
- 004CD34F > 8D85 E0FDFFFF LEA EAX,DWORD PTR SS:[EBP-220]
- 004CD355 . 8A13 MOV DL,BYTE PTR DS:[EBX] ; //依次取10进制字符串ASC值
- 004CD357 . E8 007AF3FF CALL CDEdit.00404D5C
- 004CD35C . 8B85 E0FDFFFF MOV EAX,DWORD PTR SS:[EBP-220]
- 004CD362 . E8 69C0F3FF CALL CDEdit.004093D0 ; //将10进制字符串的数字送入EAX
- 004CD367 . 03F8 ADD EDI,EAX ; //EDI=EDI+EAX
- 004CD369 . 43 INC EBX ; //EBX=EBX+1
- 004CD36A . 4E DEC ESI ; //ESI=ESI-1
- 004CD36B .^ 75 E2 JNZ SHORT CDEdit.004CD34F ; //循环,将10进制字符串的数字逐个相加
- 004CD36D > 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
- 004CD370 . 8BC7 MOV EAX,EDI ; //EAX=EDI
- 004CD372 . E8 B9BFF3FF CALL CDEdit.00409330
- 004CD377 . 33C0 XOR EAX,EAX
- 004CD379 . 5A POP EDX
- 004CD37A . 59 POP ECX
- 004CD37B . 59 POP ECX
- 004CD37C . 64:8910 MOV DWORD PTR FS:[EAX],EDX
- 004CD37F . EB 11 JMP SHORT CDEdit.004CD392
- 004CD381 .^ E9 466FF3FF JMP CDEdit.004042CC
- 004CD386 . E8 A972F3FF CALL CDEdit.00404634
- 004CD38B . EB 3B JMP SHORT CDEdit.004CD3C8
- 004CD38D . E8 A272F3FF CALL CDEdit.00404634
- 004CD392 > 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14] ; //10进制字符串或累加值
- 004CD395 . E8 36C0F3FF CALL CDEdit.004093D0 ; //10进制字符转16进制或累加值送入EAX
- 004CD39A . 83F8 09 CMP EAX,9 ; //EAX与9比较
- 004CD39D .^ 0F8F 78FFFFFF JG CDEdit.004CD31B ; //大于则跳
- 004CD3A3 . 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
- 004CD3A6 . 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14]
- 004CD3A9 . E8 8E7AF3FF CALL CDEdit.00404E3C
- 004CD3AE . FF45 F4 INC DWORD PTR SS:[EBP-C] ; //[EBP-C]=[EBP-C]+1
- 004CD3B1 . FF45 E4 INC DWORD PTR SS:[EBP-1C] ; //[EBP-1C]=[EBP-1C]+1
- 004CD3B4 . FF4D E8 DEC DWORD PTR SS:[EBP-18] ; //[EBP-18]=[EBP-18]-1
- 004CD3B7 .^ 0F85 2AFFFFFF JNZ CDEdit.004CD2E7 ; //循环
- 004CD3BD > 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
- 004CD3C0 . 8B55 F0 MOV EDX,DWORD PTR SS:[EBP-10]
- 004CD3C3 . E8 0878F3FF CALL CDEdit.00404BD0
- 004CD3C8 > 33C0 XOR EAX,EAX
- 004CD3CA . 5A POP EDX
- 004CD3CB . 59 POP ECX
- 004CD3CC . 59 POP ECX
- 004CD3CD . 64:8910 MOV DWORD PTR FS:[EAX],EDX
- 004CD3D0 . 68 FDD34C00 PUSH CDEdit.004CD3FD
- 004CD3D5 > 8D85 E0FDFFFF LEA EAX,DWORD PTR SS:[EBP-220]
- 004CD3DB . E8 9C77F3FF CALL CDEdit.00404B7C
- 004CD3E0 . 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
- 004CD3E3 . BA 02000000 MOV EDX,2
- 004CD3E8 . E8 B377F3FF CALL CDEdit.00404BA0
- 004CD3ED . 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
- 004CD3F0 . E8 8777F3FF CALL CDEdit.00404B7C
- 004CD3F5 . C3 RETN
- 004CD3F6 .^ E9 8571F3FF JMP CDEdit.00404580
- 004CD3FB .^ EB D8 JMP SHORT CDEdit.004CD3D5
- 004CD3FD . 5F POP EDI
- 004CD3FE . 5E POP ESI
- 004CD3FF . 5B POP EBX
- 004CD400 . 8BE5 MOV ESP,EBP
- 004CD402 . 5D POP EBP
- 004CD403 . C3 RETN
- ==============================================================
- 右键—超级字串参考—查找ASCII.发现还有黑名单
- 004CD404 /$ 55 PUSH EBP
- 004CD405 |. 8BEC MOV EBP,ESP
- 004CD407 |. 33C9 XOR ECX,ECX
- 004CD409 |. 51 PUSH ECX
- 004CD40A |. 51 PUSH ECX
- 004CD40B |. 51 PUSH ECX
- 004CD40C |. 51 PUSH ECX
- 004CD40D |. 53 PUSH EBX
- 004CD40E |. 8BD8 MOV EBX,EAX
- 004CD410 |. 33C0 XOR EAX,EAX
- 004CD412 |. 55 PUSH EBP
- 004CD413 |. 68 AED54C00 PUSH CDEdit.004CD5AE
- 004CD418 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
- 004CD41B |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
- 004CD41E |. B2 01 MOV DL,1
- 004CD420 |. A1 A4534700 MOV EAX,DWORD PTR DS:[4753A4]
- 004CD425 |. E8 7A80FAFF CALL CDEdit.004754A4
- 004CD42A |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
- 004CD42D |. 33C0 XOR EAX,EAX
- 004CD42F |. 55 PUSH EBP
- 004CD430 |. 68 8CD54C00 PUSH CDEdit.004CD58C
- 004CD435 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
- 004CD438 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
- 004CD43B |. BA 02000080 MOV EDX,80000002
- 004CD440 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD443 |. E8 FC80FAFF CALL CDEdit.00475544
- 004CD448 |. B1 01 MOV CL,1
- 004CD44A |. BA C4D54C00 MOV EDX,CDEdit.004CD5C4 ; \software\stefano falda\cdedit
- 004CD44F |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD452 |. E8 2D82FAFF CALL CDEdit.00475684
- 004CD457 |. BA ECD54C00 MOV EDX,CDEdit.004CD5EC ; username
- 004CD45C |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD45F |. E8 A487FAFF CALL CDEdit.00475C08
- 004CD464 |. 84C0 TEST AL,AL
- 004CD466 |. 0F84 8F000000 JE CDEdit.004CD4FB
- 004CD46C |. BA 00D64C00 MOV EDX,CDEdit.004CD600 ; code
- 004CD471 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD474 |. E8 8F87FAFF CALL CDEdit.00475C08
- 004CD479 |. 84C0 TEST AL,AL
- 004CD47B |. 74 7E JE SHORT CDEdit.004CD4FB
- 004CD47D |. 8D4D F8 LEA ECX,DWORD PTR SS:[EBP-8]
- 004CD480 |. BA ECD54C00 MOV EDX,CDEdit.004CD5EC ; username
- 004CD485 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD488 |. E8 EF84FAFF CALL CDEdit.0047597C
- 004CD48D |. 8D4D F4 LEA ECX,DWORD PTR SS:[EBP-C]
- 004CD490 |. BA 00D64C00 MOV EDX,CDEdit.004CD600 ; code
- 004CD495 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD498 |. E8 DF84FAFF CALL CDEdit.0047597C
- 004CD49D |. 837D F8 00 CMP DWORD PTR SS:[EBP-8],0
- 004CD4A1 |. 0F84 85000000 JE CDEdit.004CD52C
- 004CD4A7 |. 837D F4 00 CMP DWORD PTR SS:[EBP-C],0
- 004CD4AB |. 74 7F JE SHORT CDEdit.004CD52C
- 004CD4AD |. 837D F8 00 CMP DWORD PTR SS:[EBP-8],0
- 004CD4B1 |. 74 79 JE SHORT CDEdit.004CD52C
- 004CD4B3 |. 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
- 004CD4B6 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
- 004CD4B9 |. E8 92FDFFFF CALL CDEdit.004CD250
- 004CD4BE |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
- 004CD4C1 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
- 004CD4C4 |. E8 AF7AF3FF CALL CDEdit.00404F78
- 004CD4C9 |. 75 1B JNZ SHORT CDEdit.004CD4E6
- 004CD4CB |. C603 01 MOV BYTE PTR DS:[EBX],1
- 004CD4CE |. 8D43 04 LEA EAX,DWORD PTR DS:[EBX+4]
- 004CD4D1 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8]
- 004CD4D4 |. E8 F776F3FF CALL CDEdit.00404BD0
- 004CD4D9 |. 8D43 08 LEA EAX,DWORD PTR DS:[EBX+8]
- 004CD4DC |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
- 004CD4DF |. E8 EC76F3FF CALL CDEdit.00404BD0
- 004CD4E4 |. EB 46 JMP SHORT CDEdit.004CD52C
- 004CD4E6 |> C603 00 MOV BYTE PTR DS:[EBX],0
- 004CD4E9 |. 8D43 04 LEA EAX,DWORD PTR DS:[EBX+4]
- 004CD4EC |. E8 8B76F3FF CALL CDEdit.00404B7C
- 004CD4F1 |. 8D43 08 LEA EAX,DWORD PTR DS:[EBX+8]
- 004CD4F4 |. E8 8376F3FF CALL CDEdit.00404B7C
- 004CD4F9 |. EB 31 JMP SHORT CDEdit.004CD52C
- 004CD4FB |> 33C9 XOR ECX,ECX
- 004CD4FD |. BA ECD54C00 MOV EDX,CDEdit.004CD5EC ; username
- 004CD502 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD505 |. E8 4684FAFF CALL CDEdit.00475950
- 004CD50A |. 33C9 XOR ECX,ECX
- 004CD50C |. BA 00D64C00 MOV EDX,CDEdit.004CD600 ; code
- 004CD511 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD514 |. E8 3784FAFF CALL CDEdit.00475950
- 004CD519 |. C603 00 MOV BYTE PTR DS:[EBX],0
- 004CD51C |. 8D43 04 LEA EAX,DWORD PTR DS:[EBX+4]
- 004CD51F |. E8 5876F3FF CALL CDEdit.00404B7C
- 004CD524 |. 8D43 08 LEA EAX,DWORD PTR DS:[EBX+8]
- 004CD527 |. E8 5076F3FF CALL CDEdit.00404B7C
- 004CD52C |> 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
- 004CD52F |. BA 10D64C00 MOV EDX,CDEdit.004CD610 ; frenzy [c4a]
- 004CD534 |. E8 3F7AF3FF CALL CDEdit.00404F78
- 004CD539 |. 74 1E JE SHORT CDEdit.004CD559
- 004CD53B |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
- 004CD53E |. BA 28D64C00 MOV EDX,CDEdit.004CD628 ; spider]pc98
- 004CD543 |. E8 307AF3FF CALL CDEdit.00404F78
- 004CD548 |. 74 0F JE SHORT CDEdit.004CD559
- 004CD54A |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
- 004CD54D |. BA 3CD64C00 MOV EDX,CDEdit.004CD63C ; the doctor
- 004CD552 |. E8 217AF3FF CALL CDEdit.00404F78
- 004CD557 |. 75 1D JNZ SHORT CDEdit.004CD576
- 004CD559 |> B8 50D64C00 MOV EAX,CDEdit.004CD650 ; instead of using a crack code, register your copy of cdedit!
- 004CD55E |. E8 2198F7FF CALL CDEdit.00446D84
- 004CD563 |. C603 00 MOV BYTE PTR DS:[EBX],0
- 004CD566 |. 8D43 04 LEA EAX,DWORD PTR DS:[EBX+4]
- 004CD569 |. E8 0E76F3FF CALL CDEdit.00404B7C
- 004CD56E |. 8D43 08 LEA EAX,DWORD PTR DS:[EBX+8]
- 004CD571 |. E8 0676F3FF CALL CDEdit.00404B7C
- 004CD576 |> 33C0 XOR EAX,EAX
- 004CD578 |. 5A POP EDX
- 004CD579 |. 59 POP ECX
- 004CD57A |. 59 POP ECX
- 004CD57B |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
- 004CD57E |. 68 93D54C00 PUSH CDEdit.004CD593
- 004CD583 |> 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
- 004CD586 |. E8 6168F3FF CALL CDEdit.00403DEC
- 004CD58B \. C3 RETN
- 004CD58C .^ E9 EF6FF3FF JMP CDEdit.00404580
- 004CD591 .^ EB F0 JMP SHORT CDEdit.004CD583
- 004CD593 . 33C0 XOR EAX,EAX
- 004CD595 . 5A POP EDX
- 004CD596 . 59 POP ECX
- 004CD597 . 59 POP ECX
- 004CD598 . 64:8910 MOV DWORD PTR FS:[EAX],EDX
- 004CD59B . 68 B5D54C00 PUSH CDEdit.004CD5B5
- 004CD5A0 > 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
- 004CD5A3 . BA 03000000 MOV EDX,3
- 004CD5A8 . E8 F375F3FF CALL CDEdit.00404BA0
- 004CD5AD . C3 RETN
- 004CD5AE .^ E9 CD6FF3FF JMP CDEdit.00404580
- 004CD5B3 .^ EB EB JMP SHORT CDEdit.004CD5A0
- 004CD5B5 . 5B POP EBX
- 004CD5B6 . 8BE5 MOV ESP,EBP
- 004CD5B8 . 5D POP EBP
- 004CD5B9 . C3 RETN
【破解总结】
明码比较,算法有点绕口
--------------------------------------------------------------
【算法总结】
1、用户名不能小于9,否则重复用户名到大于等于9为止
2、用变形后的用户名长度与循环次数做一系列运算,加上循环对应的用户名ASC值
3、将累加值各个位上的数字相加,若相加的值大于9,则继续将各个位上的数字相加,直到小于等于9
4、将所得的数字相连即为注册码
--------------------------------------------------------------
【算法注册机】
VB代码
Private Sub Command1_Click()
Dim Name As String
Dim i, a, b, c, d, n
If Len(Text1.Text) = 0 Then
Text2.Text = "请输入用户名!"
Else
If (Len(Text1.Text) = 1) Then
For i = 1 To 18
Name = Name & (Text1.Text)
Next
Else
If (Len(Text1.Text) = 2) Then
For i = 1 To 9
Name = Name & (Text1.Text)
Next
Else
If (Len(Text1.Text) = 3 Or Len(Text1.Text) = 4) Then
For i = 1 To 4
Name = Name & (Text1.Text)
Next
Else
If (Len(Text1.Text) > 4 And Len(Text1.Text) < 9) Then
For i = 1 To 2
Name = Name & (Text1.Text)
Next
Else
Name = Text1.Text
End If
End If
End If
End If
For i = 1 To Len(Name)
a = Len(Name) - (i - 1)
a = a * 9
a = a / 3
b = Asc(Mid(Name, i, 1)) + a
c = 0
For n = 1 To Len(b)
c = c + Mid(b, n, 1)
Next
b = c
If b < 10 Then
d = d & StrConv(b, 1)
Else
tianxj:
b = c
c = 0
For n = 1 To Len(StrConv(b, 1))
c = c + Mid(StrConv(b, 1), n, 1)
Next
If c < 10 Then
d = d & StrConv(c, 1)
Else
GoTo tianxj
End If
End If
Next
Text2.Text = d
End If
End Sub
--------------------------------------------------------------
【内存注册机】
中断地址 004CE91C
中断次数 1
第一字节 E8
指令长度 5
内存方式-寄存器-EAX
--------------------------------------------------------------
【注册信息】
用户名:abcdef
注册码:753186753186
--------------------------------------------------------------
感谢飘云老大、猫老大、Nisy老大以及很多前辈们的学习教程以及所有帮助过我的论坛兄弟姐妹们!谢谢
--------------------------------------------------------------
【版权声明】破文是学习的手记,兴趣是成功的源泉;本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!
。。。。。。。。。。。。。。。。。。。。。。。
今天是端午节,祝兄弟姐妹们平平安安、顺顺利利! |
|
IP卡
发表于 2008-6-9 00:28:55
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2008-6-9 00:45:24
发表于 2010-6-5 21:08:20
