|
160个CrackMe[67 figugegl.2b]算法分析+注册机源码
160个crackme可以百度下载
算法分析+Delphi内联汇编流程跳转编写注册机
- 0040137B |. E8 98020000 call <jmp.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA
- 00401380 |. 89C3 mov ebx, eax ; 输入的假码长度
- 00401382 |. 09DB or ebx, ebx
- 00401384 |. 75 07 jnz short 0040138D
- 00401386 |. 31C0 xor eax, eax
- 00401388 |. E9 C3000000 jmp 00401450
- 0040138D |> 6A 28 push 0x28 ; /Count = 28 (40.)
- 0040138F |. 8D45 AE lea eax, dword ptr [ebp-0x52] ; |
- 00401392 |. 50 push eax ; |Buffer
- 00401393 |. 6A 65 push 0x65 ; |ControlID = 65 (101.)
- 00401395 |. FF75 08 push dword ptr [ebp+0x8] ; |hWnd
- 00401398 |. E8 7B020000 call <jmp.&USER32.GetDlgItemTextA> ; \GetDlgItemTextA
- 0040139D |. 89C6 mov esi, eax
- 0040139F |. 83FE 08 cmp esi, 0x8 ; 用户名长度要大于等于8小于等于20
- 004013A2 |. 7D 1D jge short 004013C1
- 004013A4 |. 6A 00 push 0x0 ; /Style = MB_OK|MB_APPLMODAL
- 004013A6 |. FF35 48204000 push dword ptr [0x402048] ; |Title = "Error"
- 004013AC |. FF35 4C204000 push dword ptr [0x40204C] ; |Text = "Name is too short!"
- 004013B2 |. FF75 08 push dword ptr [ebp+0x8] ; |hOwner
- 004013B5 |. E8 8E020000 call <jmp.&USER32.MessageBoxA> ; \MessageBoxA
- 004013BA |. 31C0 xor eax, eax
- 004013BC |. E9 8F000000 jmp 00401450
- 004013C1 |> 31FF xor edi, edi
- 004013C3 |. EB 6E jmp short 00401433
- 004013C5 |> 89F0 /mov eax, esi ; 用户名长度
- 004013C7 |. 29F8 |sub eax, edi ; EDI为循环变量0,1,2,3,4,5,6,7
- 004013C9 |. 0FB6543D AE |movzx edx, byte ptr [ebp+edi-0x52] ; 取用户名字符
- 004013CE |. 31FA |xor edx, edi
- 004013D0 |. 89D9 |mov ecx, ebx ; 注册码长度08
- 004013D2 |. 31F9 |xor ecx, edi
- 004013D4 |. 01CA |add edx, ecx ; 结果相加
- 004013D6 |. 885405 D6 |mov byte ptr [ebp+eax-0x2A], dl
- 004013DA |. 89F0 |mov eax, esi
- 004013DC |. 29F8 |sub eax, edi
- 004013DE |. 8A4405 D6 |mov al, byte ptr [ebp+eax-0x2A] ; 结果给AL
- 004013E2 |. 3C 20 |cmp al, 0x20 ; 比较是=0x20
- 004013E4 |. 73 0B |jnb short 004013F1
- 004013E6 |. 89F0 |mov eax, esi
- 004013E8 |. 29F8 |sub eax, edi
- 004013EA |. 8D4405 D6 |lea eax, dword ptr [ebp+eax-0x2A]
- 004013EE |. 8000 20 |add byte ptr [eax], 0x20 ; 如果小于0x20则+0x20
- 004013F1 |> 89F0 |mov eax, esi
- 004013F3 |. 29F8 |sub eax, edi
- 004013F5 |. 0FB64405 D6 |movzx eax, byte ptr [ebp+eax-0x2A] ; 继续跟0x80比较
- 004013FA |. 3D 80000000 |cmp eax, 0x80
- 004013FF |. 7C 09 |jl short 0040140A
- 00401401 |. 89F0 |mov eax, esi ; 如果大于0x80则让其结果等于0x20
- 00401403 |. 29F8 |sub eax, edi
- 00401405 |. C64405 D6 20 |mov byte ptr [ebp+eax-0x2A], 0x20
- 0040140A |> 89F0 |mov eax, esi
- 0040140C |. 29F8 |sub eax, edi
- 0040140E |. 8A5405 84 |mov dl, byte ptr [ebp+eax-0x7C] ; 输入的注册码最后一位字符
- 00401412 |. 3A5405 D6 |cmp dl, byte ptr [ebp+eax-0x2A] ; 跟结果比较
- 00401416 |. 74 1A |je short 00401432
- 00401418 |. 6A 00 |push 0x0 ; /Style = MB_OK|MB_APPLMODAL
- 0040141A |. FF35 40204000 |push dword ptr [0x402040] ; |Title = "NOP!"
- 00401420 |. FF35 44204000 |push dword ptr [0x402044] ; |Text = "Wrong Serial!"
- 00401426 |. FF75 08 |push dword ptr [ebp+0x8] ; |hOwner
- 00401429 |. E8 1A020000 |call <jmp.&USER32.MessageBoxA> ; \MessageBoxA
- 0040142E |. 31C0 |xor eax, eax
- 00401430 |. EB 1E |jmp short 00401450
- 00401432 |> 47 |inc edi
- 00401433 |> 39F7 cmp edi, esi
- 00401435 |.^ 7C 8E \jl short 004013C5
- 00401437 |. 6A 00 push 0x0 ; /Style = MB_OK|MB_APPLMODAL
- 00401439 |. FF35 38204000 push dword ptr [0x402038] ; |Title = "Success"
- 0040143F |. FF35 3C204000 push dword ptr [0x40203C] ; |Text = "Congratulations - you did it!"
- 00401445 |. FF75 08 push dword ptr [ebp+0x8] ; |hOwner
- 00401448 |. E8 FB010000 call <jmp.&USER32.MessageBoxA> ; \MessageBoxA
- 0040144D |. 31C0 xor eax, eax
复制代码
注册机源码
- {$R *.dfm}
- function strrev(lpData:string):string; //字符串反转函数
- var
- size,i,t:Integer;
- begin
- t:=0;
- size:=Length(lpData);
- SetLength(Result,size);
- for i:=1 to size do
- begin
- Result[size-t]:=lpData[i];
- Inc(t);
- end;
- end;
- procedure TForm1.Button1Click(Sender: TObject);
- var
- Name,Serial:String;
- i,l,s:Integer;
- begin
- Name:=Edit1.text;
- l:=length(Name);
- if (l<8) or (l>20) then ShowMessage('The name length must >=8 and <=20');
- for i:=0 to l-1 do
- begin
- asm
- pushad
- mov edx,i
- mov ebx,l
- mov eax,Name
- movzx edx, byte ptr [eax+edx]
- xor edx,i
- xor ebx,i
- add edx,ebx
- cmp edx,$20
- jnb @@cal1
- add edx,$20
- jmp @@cal2
- @@cal1:
- cmp edx,$80
- jl @@cal2
- mov edx,$20
- @@cal2:
- mov s,edx
- popad
- end;
- Serial:=Serial+char(s);
- end;
- Edit2.Text:=strrev(Serial);
- end;
复制代码
|
评分
-
参与人数 29 | 威望 +1 |
HB +57 |
THX +21 |
收起
理由
|
24567
| |
|
+ 1 |
|
一路走来不容易
| |
|
+ 1 |
|
Soul1999
| |
+ 1 |
|
|
渴望宁静
| |
+ 1 |
|
|
后学真
| |
+ 1 |
|
[吾爱汇编论坛52HB.COM]-感谢楼主热心分享,小小评分不成敬意! |
l278785481
| |
|
+ 1 |
|
在天一方
| |
|
+ 1 |
[吾爱汇编论坛52HB.COM]-感谢楼主热心分享,小小评分不成敬意! |
军工强国
| |
+ 1 |
|
|
叶落花开
| |
|
+ 1 |
-------- |
消逝的过去
| |
+ 2 |
|
[吾爱汇编论坛52HB.COM]-软件反汇编逆向分析,软件安全必不可少! |
jaunic
| |
|
+ 1 |
|
hnymsh
| |
+ 2 |
|
|
lies
| |
+ 1 |
|
|
Dean
| |
+ 10 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
xiaoxi
| |
+ 2 |
+ 1 |
因果报应:这么热心分享知识,以后活该你发财!!该!哈~ |
奥特曼
| |
+ 1 |
+ 1 |
支持恒大说的!评分又不扣自己的分,吝啬个蛋球????????? |
Scar-疤痕
| |
+ 4 |
+ 1 |
因果报应:这么热心分享知识,以后活该你发财!!该!哈~ |
梦游枪手
| |
+ 1 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
狮子
| |
+ 1 |
+ 1 |
支持恒大说的!评分又不扣自己的分,吝啬个蛋球????????? |
gjj520
| |
+ 1 |
+ 1 |
好人有好报!你的热心我永远不忘!谢谢! |
bigeorry
| |
+ 3 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
逍遥枷锁
| |
+ 2 |
+ 1 |
因果报应:这么热心分享知识,以后活该你发财!!该!哈~ |
十月
| |
+ 2 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
Shark恒
| + 1 |
+ 10 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
判官
| |
+ 5 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
Desire
| |
+ 1 |
+ 1 |
评分=感恩!简单却充满爱!感谢您的作品! |
我们要作死
| |
+ 2 |
+ 1 |
感谢!新技能get√ |
520Kelly
| |
+ 2 |
|
评分=感恩!简单却充满爱!感谢您的作品! |
起凡第一华佗
| |
+ 1 |
+ 1 |
我是蜡笔小小新,帅小伙 澎湃小伙最迷人, 请支持我 哟 |
查看全部评分
|