当前位置:免费黑客网-黑客技术,黑客工具,黑客联盟,黑客基地,黑客网站,黑客论坛DDOS黑客技术加密解密
日期:2016-04-26 22:13:46  来源:网络

一个注册软件的算法反汇编(测试软件为:Splish.exe)

测试软件为:Splish.exe------------------------------------------------------------------------------------------找算法的开始部分想必大家都知道,在这里我就不说了,下面直接上算法部分的汇编代码和自己的注释------------------------------------------------------------------------------------------------004015E4 55 PUSH EBP ; 算法开始004015E5 8BEC MOV EBP,ESP004015E7 6A 20 PUSH 20004015E9 68 42324000 PUSH Splish.00403242004015EE FF75 0C PUSH DWORD PTR SS:[EBP+C]004015F1 E8 34010000 CALL <JMP.&USER32.GetWindowTextA> ; 取得序列号长度004015F6 85C0 TEST EAX,EAX004015F8 0F84 95000000 JE Splish.00401693004015FE A3 67344000 MOV DWORD PTR DS:[403467],EAX00401603 6A 0B PUSH 0B00401605 68 36324000 PUSH Splish.004032360040160A FF75 08 PUSH DWORD PTR SS:[EBP+8]0040160D E8 18010000 CALL <JMP.&USER32.GetWindowTextA> ; 取得用户名长度00401612 85C0 TEST EAX,EAX00401614 74 68 JE SHORT Splish.0040167E00401616 A3 63344000 MOV DWORD PTR DS:[403463],EAX0040161B 33C9 XOR ECX,ECX ; 清零0040161D 33DB XOR EBX,EBX0040161F 33D2 XOR EDX,EDX00401621 8D35 36324000 LEA ESI,DWORD PTR DS:[403236] ; 用户名的首地址给esi00401627 8D3D 58324000 LEA EDI,DWORD PTR DS:[403258] ; 放置计算好的用户名0040162D B9 0A000000 MOV ECX,0A ; ecx=1000401632 0FBE041E MOVSX EAX,BYTE PTR DS:[ESI+EBX] ; eax=用户名的第一个字符00401636 99 CDQ00401637 F7F9 IDIV ECX ; 除法操作,eax=122/10=12=ch,取edx(余数)122%10=200401639 33D3 XOR EDX,EBX ; 异或操作edx=2^0=20040163B 83C2 02 ADD EDX,2 ; edx+2=40040163E 80FA 0A CMP DL,0A ; edx与10比较00401641 7C 03 JL SHORT Splish.00401646 ; 小于则跳,大于等于则edx-1000401643 80EA 0A SUB DL,0A00401646 88141F MOV BYTE PTR DS:[EDI+EBX],DL ; [edi+ebx]=edx=4,把edx放在计算好的用户名的地址里面00401649 43 INC EBX ; ebx++0040164A 3B1D 63344000 CMP EBX,DWORD PTR DS:[403463] ; ebx与用户名长度比较00401650 ^ 75 E0 JNZ SHORT Splish.00401632 ; 循环语句00401652 33C9 XOR ECX,ECX ; 清零00401654 33DB XOR EBX,EBX00401656 33D2 XOR EDX,EDX00401658 8D35 42324000 LEA ESI,DWORD PTR DS:[403242] ; 注册码首地址给esi0040165E 8D3D 4D324000 LEA EDI,DWORD PTR DS:[40324D] ; 放置计算好的注册码00401664 B9 0A000000 MOV ECX,0A ; ecx=1000401669 0FBE041E MOVSX EAX,BYTE PTR DS:[ESI+EBX] ; eax=注册码第一个字符0040166D 99 CDQ0040166E F7F9 IDIV ECX ; eax=eax/ecx=49/10=4 edx=eax%10=900401670 88141F MOV BYTE PTR DS:[EDI+EBX],DL ; [edi+ebx]=edx=900401673 43 INC EBX ; ebx++00401674 3B1D 67344000 CMP EBX,DWORD PTR DS:[403467] ; ebx与注册码长度比较0040167A ^ 75 ED JNZ SHORT Splish.00401669 ; 循环0040167C EB 2A JMP SHORT Splish.004016A80040167E 6A 00 PUSH 000401680 68 0A304000 PUSH Splish.0040300A ; Splish, Splash00401685 68 A0304000 PUSH Splish.004030A0 ; Please enter your name.0040168A 6A 00 PUSH 00040168C E8 B7000000 CALL <JMP.&USER32.MessageBoxA>00401691 EB 62 JMP SHORT Splish.004016F500401693 6A 00 PUSH 000401695 68 0A304000 PUSH Splish.0040300A ; Splish, Splash0040169A 68 B8304000 PUSH Splish.004030B8 ; Please enter your serial number.0040169F 6A 00 PUSH 0004016A1 E8 A2000000 CALL <JMP.&USER32.MessageBoxA>004016A6 EB 4D JMP SHORT Splish.004016F5004016A8 8D35 4D324000 LEA ESI,DWORD PTR DS:[40324D] ; 计算后的注册码004016AE 8D3D 58324000 LEA EDI,DWORD PTR DS:[403258] ; 计算后的用户名004016B4 33DB XOR EBX,EBX ; 清零004016B6 3B1D 63344000 CMP EBX,DWORD PTR DS:[403463] ; ebx与用户名长度004016BC 74 0F JE SHORT Splish.004016CD004016BE 0FBE041F MOVSX EAX,BYTE PTR DS:[EDI+EBX] ; eax=username[i]004016C2 0FBE0C1E MOVSX ECX,BYTE PTR DS:[ESI+EBX] ; ecx=serials[i]004016C6 3BC1 CMP EAX,ECX ; 比较004016C8 75 18 JNZ SHORT Splish.004016E2004016CA 43 INC EBX004016CB ^ EB E9 JMP SHORT Splish.004016B6004016CD 6A 00 PUSH 0004016CF 68 0A304000 PUSH Splish.0040300A ; Splish, Splash004016D4 68 42304000 PUSH Splish.00403042 ; Good job, now keygen it.004016D9 6A 00 PUSH 0004016DB E8 68000000 CALL <JMP.&USER32.MessageBoxA>004016E0 EB 13 JMP SHORT Splish.004016F5004016E2 6A 00 PUSH 0004016E4 68 0A304000 PUSH Splish.0040300A ; Splish, Splash004016E9 68 67304000 PUSH Splish.00403067 ; Sorry, please try again.004016EE 6A 00 PUSH 0004016F0 E8 53000000 CALL <JMP.&USER32.MessageBoxA>004016F5 C9 LEAVE004016F6 C2 0800 RETN 8------------------------------------------------------------------------------------------------------下面是反汇编之后算法的C语言代码-----------------------------------------------------------------------------------------------------#include<stdio.h>#include<string.h>#include<stdlib.h>int main(){ char username[50]; int namelenghth; int i; int a=10; int c; printf("请输入用户名:\n"); gets(username); namelenghth=strlen(username); for(i=0;i<namelenghth;i++){ c=username[i]%10; c=c^i; c=c+2; if(c>=10) { c=c-10; } c=c*11%256; printf("%c",c);}printf("\n");return 0;}-----------------------------------------------------------------------------------------------------运行C代码,输入用户名,然后复制注册码,OK,注册成功,,和IQ讨论的时候,IQ哥还用其他算法得到了注册码,所以这个软件的注册码算法很多,大家下来慢慢研究。。。。。。。。。。 本文章原创来源:http://www.hackwd.com/

Tags:[db:关键词]

作者:Hacker

文章评论评论内容只代表网友观点,与本站立场无关!

   评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
关于本站 - 网站帮助 - 广告合作 - 下载声明 - 友情连接- 网站地图
Copyright © 2015-2016 Hackwd.Com. All Rights Reserved .
本站内容来源网络收集,仅供用于黑客技术安全学习参考,请遵守相关法律法规
打造国内最大的黑客技术资源免费发布站
提供最权威的黑客攻防教程,黑客安全工具
免费黑客网-黑客技术,黑客工具,黑客联盟,黑客基地,黑客网站,黑客论坛