网络填表终结者破解区分
时间:2024/8/21作者:未知来源:手揣网教程人气:
- [摘要]下载地址: http://www.onlinedown.net/soft/8912.htm -----------------------------------------------------...
下载地址:
http://www.onlinedown.net/soft/8912.htm
------------------------------------------------------------
破解工具:
w32Dasm OLLYDBG
破解目的:
学习~~~
------------------------------------------------------------
[破解过程]
用户输入:冷枫
假注册码:52225229
详细过程:
004ACA52 . 55 PUSH EBP
004ACA53 . 68 25CD4A00 PUSH 1.004ACD25
004ACA58 . 64:FF30 PUSH DWORD PTR FS:[EAX]
004ACA5B . 64:8920 MOV DWORD PTR FS:[EAX],ESP
004ACA5E . 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
004ACA61 . 8B83 F4020000 MOV EAX,DWORD PTR DS:[EBX+2F4]
004ACA67 . E8 BC40F9FF CALL 1.00440B28
↑__//取用户名的位数~~~~~
004ACA6C . 837 FC 00 CMP DWORD PTR SS:[EBP-4],0
↑__//比较是否输入~~eax=4 输入跳走去,不输入弹出提示~~~~~
004A70 . 75 29 JNZ SHORT 1.004ACA9B
004ACA72 . 68 30100000 PUSH 1030
004ACA77 . 68 34CD4A00 PUSH 1.004ACD34
004ACA7C . 68 3CCD4A00 PUSH 1.004ACD3C
004ACA81 . 6A 00 PUSH 0
004ACA83 . E8 B0ABF5FF CALL <JMP.&user32.MessageBoxA>
004ACA88 . 8B83 F4020000 MOV EAX,DWORD PTR DS:[EBX+2F4]
004ACA8E . 8B10 MOV EDX,DWORD PTR DS:[EAX]
004ACA90 . FF92 C0000000 CALL DWORD PTR DS:[EDX+C0]
004ACA96 . E9 3A020000 JMP 1.004ACCD5
↓--从上面到这,来比较注册码位数
004ACA9B > 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
004ACA9E . 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
004ACAA4 . E8 7F40F9FF CALL 1.00440B28
↑__//取注册码的位数~~~~~
004ACAA9 . 837D F8 00 CMP DWORD PTR SS:[EBP-8],0
↑__//比较是否输入~~eax=4 输入跳走去,不输入弹出提示~~
004ACAAD . 75 29 JNZ SHORT 1.004ACAD8
004ACAAF . 68 30100000 PUSH 1030
004ACAB4 . 68 34CD4A00 PUSH 1.004ACD34
004ACAB9 . 68 4CCD4A00 PUSH 1.004ACD4C
004ACABE . 6A 00 PUSH 0
004ACAC0 . E8 73ABF5FF CALL <JMP.&user32.MessageBoxA>
004ACAC5 . 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
004ACACB . 8B10 MOV EDX,DWORD PTR DS:[EAX]
004ACACD . FF92 C0000000 CALL DWORD PTR DS:[EDX+C0]
004ACAD3 . E9 FD010000 JMP 1.004ACCD5
↓--从上面到这,哈哈,终于来到要点了~~~睁大眼球哦
004ACAD8 > 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004ACADB . 50 PUSH EAX
004ACADC . 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
004ACADF . 8B83 FC020000 MOV EAX,DWORD PTR DS:[EBX+2FC]
004ACAE5 . E8 3E40F9FF CALL 1.00440B28
↑__//取机器码位数 0A [我的机器码1439138432]
004ACAEA . 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
↑__// 将机器码1439138432移到---eax
004ACAED . B9 08000000 MOV ECX,8
↑__//将8移到ecx
[从后面跟踪发现,是取机器码前8位,有时跟不懂,慢慢跟几次就会好了]
004ACAF2 . BA 01000000 MOV EDX,1
↑__//将8移到edx 应该是从机器码第一位开始取吧~~
004ACAF7 . E8 1C81F5FF CALL 1.00404C18
↑__//取机器码前8位到14391384----eax
004ACAFC . 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
004ACAFF . E8 44C4F5FF CALL 1.00408F48
↑__//将机器码前8位的16进制[DB9858]到eax
004ACB04 . 8BF0 MOV ESI,EAX
↑__// 将eax16进制[DB9858]到esi
004ACB06 . 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
004ACB09 . 8B83 F4020000 MOV EAX,DWORD PTR DS:[EBX+2F4]
004ACB0F . E8 1440F9FF CALL 1.00440B28
↑__//取用户的位数[4]
004ACB14 . 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
004ACB17 . E8 A47EF5FF CALL 1.004049C0
004ACB1C . 0FAFF0 IMUL ESI,EAX
↑__//用机器码前8位16进制乘用户位数=DB9858*4=36e6160
004ACB1F . 8BC6 MOV EAX,ESI
↑__//36e6160 --->eax
004ACB21 . 05 41C20B00 ADD EAX,0BC241
↑__// eax[36e6160 ] ADD 0BC241= 37A23A1 --->真正注册码
004ACB26 . 8D4D F4 LEA ECX,DWORD PTR SS:[EBP-C]
004ACB29 . 33D2 XOR EDX,EDX
004ACB2B . E8 DCC3F5FF CALL 1.00408F0C
004ACB30 . 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
004ACB33 . 50 PUSH EAX
004ACB34 . 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
↑__//将真注册码到eax[37A23A1]
004ACB37 . 8B83 F8020000 MOV EAX,DWORD PTR DS:[EBX+2F8]
004ACB3D . E8 E63FF9FF CALL 1.00440B28
004ACB42 . 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
↑__//我们输入的注册码[52225229]
004ACB45 . 58 POP EAX
004ACB46 . E8 B97FF5FF CALL 1.00404B04
↑__//比较真假注册码的地方
004ACB4B . 0F85 60010000 JNZ 1.004ACCB1
↑__//关键跳转,不跳则OK,跳则OVER
最后得:
冷枫
37A23A1
破解小结:
算法总结:
取机器码前8位,和用户位数,然后用前8位16进制和用户位数相乘,再ADD 0BC241 就得注册码。网络的神奇作用吸引着越来越多的用户加入其中,正因如此,网络的承受能力也面临着越来越严峻的考验―从硬件上、软件上、所用标准上......,各项技术都需要适时应势,对应发展,这正是网络迅速走向进步的催化剂。
关键词:网络填表终结者破解区分