tianxj 发表于 2008-10-15 11:46

PrintBar 1.1算法分析

【破文标题】PrintBar 1.1算法分析
【破文作者】tianxj
【作者邮箱】tianxj_2007@126.com
【作者主页】WwW.ChiNaPYG.CoM
【破解工具】PEiD,OD
【破解平台】Windows XP
【软件名称】PrintBar 1.1
【软件大小】868KB
【软件类别】国外软件/打印工具
【软件语言】英文
【更新时间】2007-4-3
【原版下载】华军软件园
【保护方式】注册码
【软件简介】
PrintBar是一款条形码标签设计和打印工具。主要功能包括:
方便友好的用户界面;
支持多种条形码类型:EAN, UPC, Code 128, ISBN, Code 39, Interleaved 2 of 5, Codabar, MSI;
支持将多个不同类型的条形码在同一页中打印。
【破解声明】我是一只小菜鸟,偶得一点心得,愿与大家分享:)
--------------------------------------------------------------
【破解内容】
--------------------------------------------------------------
**************************************************************
一、运行程序,进行注册,输入错误的注册信息进行检测,有提示信息
"Wrong registration number."
**************************************************************
二、用PEiD对PrintBar.exe查壳,为 Borland C++ 1999
**************************************************************
三、用DeDe查找按钮事件,运行OD,打开PrintBar.exe,
==============================================================

0040C3B8/.55PUSHEBP
0040C3B9|.8BECMOV EBP, ESP
0040C3BB|.83C4 90 ADD ESP, -70
0040C3BE|.53PUSHEBX
0040C3BF|.8955 94 MOV DWORD PTR , EDX
0040C3C2|.8945 98 MOV DWORD PTR , EAX
0040C3C5|.B8 F80D4F00 MOV EAX, PrintBar.004F0DF8
0040C3CA|.E8 F9060A00 CALLPrintBar.004ACAC8
0040C3CF|.66:C745 AC 08>MOV WORD PTR , 8
0040C3D5|.8D45 FC LEA EAX, DWORD PTR
0040C3D8|.E8 4355FFFF CALLPrintBar.00401920
0040C3DD|.8BD0MOV EDX, EAX
0040C3DF|.FF45 B8 INC DWORD PTR
0040C3E2|.8B4D 98 MOV ECX, DWORD PTR
0040C3E5|.8B81 E4020000 MOV EAX, DWORD PTR
0040C3EB|.E8 C0C60600 CALLPrintBar.00478AB0
0040C3F0|.8D45 FC LEA EAX, DWORD PTR
0040C3F3|.E8 1871FFFF CALLPrintBar.00403510
0040C3F8|.50PUSHEAX
0040C3F9|.8D45 F8 LEA EAX, DWORD PTR
0040C3FC|.E8 1F55FFFF CALLPrintBar.00401920
0040C401|.8BD0MOV EDX, EAX
0040C403|.FF45 B8 INC DWORD PTR
0040C406|.8B4D 98 MOV ECX, DWORD PTR
0040C409|.8B81 E0020000 MOV EAX, DWORD PTR
0040C40F|.E8 9CC60600 CALLPrintBar.00478AB0
0040C414|.8D45 F8 LEA EAX, DWORD PTR
0040C417|.E8 F470FFFF CALLPrintBar.00403510;//取用户名
0040C41C|.50PUSHEAX; |Arg2
0040C41D|.8B15 A0725000 MOV EDX, DWORD PTR ; |PrintBar._MainForm
0040C423|.FF32PUSHDWORD PTR ; |Arg1
0040C425|.E8 5269FFFF CALLPrintBar.00402D7C; \//关键CALL
0040C42A|.83C4 0C ADD ESP, 0C
0040C42D|.50PUSHEAX
0040C42E|.FF4D B8 DEC DWORD PTR
0040C431|.8D45 F8 LEA EAX, DWORD PTR
0040C434|.BA 02000000 MOV EDX, 2
0040C439|.E8 52EA0A00 CALLPrintBar.004BAE90
0040C43E|.FF4D B8 DEC DWORD PTR ; |
0040C441|.8D45 FC LEA EAX, DWORD PTR ; |
0040C444|.BA 02000000 MOV EDX, 2 ; |
0040C449|.E8 42EA0A00 CALLPrintBar.004BAE90; \PrintBar.004BAE90
0040C44E|.59POP ECX
0040C44F|.84C9TESTCL, CL
0040C451|.0F84 55020000 JEPrintBar.0040C6AC;//关键跳转
0040C457|.66:C745 AC 14>MOV WORD PTR , 14
0040C45D|.8D45 F4 LEA EAX, DWORD PTR
0040C460|.E8 BB54FFFF CALLPrintBar.00401920
0040C465|.8BD0MOV EDX, EAX
0040C467|.FF45 B8 INC DWORD PTR
0040C46A|.8B4D 98 MOV ECX, DWORD PTR
0040C46D|.8B81 E0020000 MOV EAX, DWORD PTR
0040C473|.E8 38C60600 CALLPrintBar.00478AB0
0040C478|.8D55 F4 LEA EDX, DWORD PTR
0040C47B|.52PUSHEDX
0040C47C|.8D45 F0 LEA EAX, DWORD PTR
0040C47F|.E8 9C54FFFF CALLPrintBar.00401920
0040C484|.8BC8MOV ECX, EAX
0040C486|.FF45 B8 INC DWORD PTR
0040C489|.B8 C40C4F00 MOV EAX, PrintBar.004F0CC4 ;ASCII "PrintBar - "
0040C48E|.5APOP EDX
0040C48F|.E8 ECEC0A00 CALLPrintBar.004BB180
0040C494|.8D55 F0 LEA EDX, DWORD PTR
0040C497|.8B12MOV EDX, DWORD PTR
0040C499|.A1 A0725000 MOV EAX, DWORD PTR
0040C49E|.8B00MOV EAX, DWORD PTR
0040C4A0|.E8 3BC60600 CALLPrintBar.00478AE0
0040C4A5|.FF4D B8 DEC DWORD PTR
0040C4A8|.8D45 F0 LEA EAX, DWORD PTR
0040C4AB|.BA 02000000 MOV EDX, 2
0040C4B0|.E8 DBE90A00 CALLPrintBar.004BAE90
0040C4B5|.FF4D B8 DEC DWORD PTR
0040C4B8|.8D45 F4 LEA EAX, DWORD PTR
0040C4BB|.BA 02000000 MOV EDX, 2
0040C4C0|.E8 CBE90A00 CALLPrintBar.004BAE90
0040C4C5|.66:C745 AC 2C>MOV WORD PTR , 2C
0040C4CB|.8D45 E8 LEA EAX, DWORD PTR
0040C4CE|.E8 4D54FFFF CALLPrintBar.00401920
0040C4D3|.50PUSHEAX
0040C4D4|.FF45 B8 INC DWORD PTR
0040C4D7|.BA D00C4F00 MOV EDX, PrintBar.004F0CD0 ;ASCII "printbar.ini"
0040C4DC|.8D45 EC LEA EAX, DWORD PTR
0040C4DF|.E8 98E80A00 CALLPrintBar.004BAD7C
0040C4E4|.FF45 B8 INC DWORD PTR
0040C4E7|.8D55 EC LEA EDX, DWORD PTR
0040C4EA|.8B0D A0725000 MOV ECX, DWORD PTR ;PrintBar._MainForm
0040C4F0|.8B01MOV EAX, DWORD PTR
0040C4F2|.05 B0060000 ADD EAX, 6B0
0040C4F7|.59POP ECX
0040C4F8|.E8 EBE90A00 CALLPrintBar.004BAEE8
0040C4FD|.8D4D E8 LEA ECX, DWORD PTR
0040C500|.8B09MOV ECX, DWORD PTR
0040C502|.B2 01 MOV DL, 1
0040C504|.A1 5C094500 MOV EAX, DWORD PTR
0040C509|.E8 0A7BFFFF CALLPrintBar.00404018
0040C50E|.8945 90 MOV DWORD PTR , EAX
0040C511|.FF4D B8 DEC DWORD PTR
0040C514|.8D45 E8 LEA EAX, DWORD PTR
0040C517|.BA 02000000 MOV EDX, 2
0040C51C|.E8 6FE90A00 CALLPrintBar.004BAE90
0040C521|.FF4D B8 DEC DWORD PTR
0040C524|.8D45 EC LEA EAX, DWORD PTR
0040C527|.BA 02000000 MOV EDX, 2
0040C52C|.E8 5FE90A00 CALLPrintBar.004BAE90
0040C531|.66:C745 AC 20>MOV WORD PTR , 20
0040C537|.8D45 DC LEA EAX, DWORD PTR
0040C53A|.E8 E153FFFF CALLPrintBar.00401920
0040C53F|.8BD0MOV EDX, EAX
0040C541|.FF45 B8 INC DWORD PTR
0040C544|.8B4D 98 MOV ECX, DWORD PTR
0040C547|.8B81 E0020000 MOV EAX, DWORD PTR
0040C54D|.E8 5EC50600 CALLPrintBar.00478AB0
0040C552|.8D55 DC LEA EDX, DWORD PTR
0040C555|.FF32PUSHDWORD PTR
0040C557|.BA E50C4F00 MOV EDX, PrintBar.004F0CE5 ;ASCII "RegName"
0040C55C|.8D45 E0 LEA EAX, DWORD PTR
0040C55F|.E8 18E80A00 CALLPrintBar.004BAD7C
0040C564|.FF45 B8 INC DWORD PTR
0040C567|.FF30PUSHDWORD PTR
0040C569|.66:C745 AC 38>MOV WORD PTR , 38
0040C56F|.BA DD0C4F00 MOV EDX, PrintBar.004F0CDD ;ASCII "general"
0040C574|.8D45 E4 LEA EAX, DWORD PTR
0040C577|.E8 00E80A00 CALLPrintBar.004BAD7C
0040C57C|.FF45 B8 INC DWORD PTR
0040C57F|.8B10MOV EDX, DWORD PTR
0040C581|.8B45 90 MOV EAX, DWORD PTR
0040C584|.59POP ECX
0040C585|.8B18MOV EBX, DWORD PTR
0040C587|.FF53 04 CALLDWORD PTR
0040C58A|.FF4D B8 DEC DWORD PTR
0040C58D|.8D45 DC LEA EAX, DWORD PTR
0040C590|.BA 02000000 MOV EDX, 2
0040C595|.E8 F6E80A00 CALLPrintBar.004BAE90
0040C59A|.FF4D B8 DEC DWORD PTR
0040C59D|.8D45 E0 LEA EAX, DWORD PTR
0040C5A0|.BA 02000000 MOV EDX, 2
0040C5A5|.E8 E6E80A00 CALLPrintBar.004BAE90
0040C5AA|.FF4D B8 DEC DWORD PTR
0040C5AD|.8D45 E4 LEA EAX, DWORD PTR
0040C5B0|.BA 02000000 MOV EDX, 2
0040C5B5|.E8 D6E80A00 CALLPrintBar.004BAE90
0040C5BA|.8D45 D0 LEA EAX, DWORD PTR
0040C5BD|.E8 5E53FFFF CALLPrintBar.00401920
0040C5C2|.8BD0MOV EDX, EAX
0040C5C4|.FF45 B8 INC DWORD PTR
0040C5C7|.8B4D 98 MOV ECX, DWORD PTR
0040C5CA|.8B81 E4020000 MOV EAX, DWORD PTR
0040C5D0|.E8 DBC40600 CALLPrintBar.00478AB0
0040C5D5|.8D55 D0 LEA EDX, DWORD PTR
0040C5D8|.FF32PUSHDWORD PTR
0040C5DA|.BA F50C4F00 MOV EDX, PrintBar.004F0CF5 ;ASCII "RegNum"
0040C5DF|.8D45 D4 LEA EAX, DWORD PTR
0040C5E2|.E8 95E70A00 CALLPrintBar.004BAD7C
0040C5E7|.FF45 B8 INC DWORD PTR
0040C5EA|.FF30PUSHDWORD PTR
0040C5EC|.66:C745 AC 44>MOV WORD PTR , 44
0040C5F2|.BA ED0C4F00 MOV EDX, PrintBar.004F0CED ;ASCII "general"
0040C5F7|.8D45 D8 LEA EAX, DWORD PTR
0040C5FA|.E8 7DE70A00 CALLPrintBar.004BAD7C
0040C5FF|.FF45 B8 INC DWORD PTR
0040C602|.8B10MOV EDX, DWORD PTR
0040C604|.8B45 90 MOV EAX, DWORD PTR
0040C607|.59POP ECX
0040C608|.8B18MOV EBX, DWORD PTR
0040C60A|.FF53 04 CALLDWORD PTR
0040C60D|.FF4D B8 DEC DWORD PTR
0040C610|.8D45 D0 LEA EAX, DWORD PTR
0040C613|.BA 02000000 MOV EDX, 2
0040C618|.E8 73E80A00 CALLPrintBar.004BAE90
0040C61D|.FF4D B8 DEC DWORD PTR
0040C620|.8D45 D4 LEA EAX, DWORD PTR
0040C623|.BA 02000000 MOV EDX, 2
0040C628|.E8 63E80A00 CALLPrintBar.004BAE90
0040C62D|.FF4D B8 DEC DWORD PTR
0040C630|.8D45 D8 LEA EAX, DWORD PTR
0040C633|.BA 02000000 MOV EDX, 2
0040C638|.E8 53E80A00 CALLPrintBar.004BAE90
0040C63D|.8B4D 90 MOV ECX, DWORD PTR
0040C640|.894D C8 MOV DWORD PTR , ECX
0040C643|.837D C8 00CMP DWORD PTR , 0
0040C647|.74 21 JESHORT PrintBar.0040C66A
0040C649|.8B45 C8 MOV EAX, DWORD PTR
0040C64C|.8B10MOV EDX, DWORD PTR
0040C64E|.8955 CC MOV DWORD PTR , EDX
0040C651|.66:C745 AC 5C>MOV WORD PTR , 5C
0040C657|.BA 03000000 MOV EDX, 3
0040C65C|.8B45 C8 MOV EAX, DWORD PTR
0040C65F|.8B08MOV ECX, DWORD PTR
0040C661|.FF51 FC CALLDWORD PTR
0040C664|.66:C745 AC 50>MOV WORD PTR , 50
0040C66A|>66:C745 AC 68>MOV WORD PTR , 68
0040C670|.6A 57 PUSH57 ; /Arg1 = 00000057
0040C672|.E8 0165FFFF CALLPrintBar.00402B78; \PrintBar.00402B78
0040C677|.59POP ECX
0040C678|.8BD0MOV EDX, EAX
0040C67A|.8D45 C4 LEA EAX, DWORD PTR
0040C67D|.E8 FAE60A00 CALLPrintBar.004BAD7C
0040C682|.FF45 B8 INC DWORD PTR
0040C685|.8B00MOV EAX, DWORD PTR
0040C687|.E8 94730600 CALLPrintBar.00473A20
0040C68C|.FF4D B8 DEC DWORD PTR
0040C68F|.8D45 C4 LEA EAX, DWORD PTR
0040C692|.BA 02000000 MOV EDX, 2
0040C697|.E8 F4E70A00 CALLPrintBar.004BAE90
0040C69C|.8B45 98 MOV EAX, DWORD PTR
0040C69F|.E8 08D70500 CALLPrintBar.00469DAC
0040C6A4|.66:C745 AC 00>MOV WORD PTR , 0
0040C6AA|.EB 32 JMP SHORT PrintBar.0040C6DE
0040C6AC|>66:C745 AC 74>MOV WORD PTR , 74
0040C6B2|.6A 58 PUSH58 ; /Arg1 = 00000058
0040C6B4|.E8 BF64FFFF CALLPrintBar.00402B78; \PrintBar.00402B78
0040C6B9|.59POP ECX
0040C6BA|.8BD0MOV EDX, EAX
0040C6BC|.8D45 C0 LEA EAX, DWORD PTR
0040C6BF|.E8 B8E60A00 CALLPrintBar.004BAD7C
0040C6C4|.FF45 B8 INC DWORD PTR
0040C6C7|.8B00MOV EAX, DWORD PTR
0040C6C9|.E8 52730600 CALLPrintBar.00473A20
0040C6CE|.FF4D B8 DEC DWORD PTR
0040C6D1|.8D45 C0 LEA EAX, DWORD PTR
0040C6D4|.BA 02000000 MOV EDX, 2
0040C6D9|.E8 B2E70A00 CALLPrintBar.004BAE90
0040C6DE|>8B4D 9C MOV ECX, DWORD PTR
0040C6E1|.64:890D 00000>MOV DWORD PTR FS:, ECX
0040C6E8|.5BPOP EBX
0040C6E9|.8BE5MOV ESP, EBP
0040C6EB|.5DPOP EBP
0040C6EC\.C3RETN
==============================================================
00402D7C/$55PUSHEBP
00402D7D|.8BECMOV EBP, ESP
00402D7F|.83C4 8C ADD ESP, -74
00402D82|.8D45 A8 LEA EAX, DWORD PTR
00402D85|.50PUSHEAX; /Arg1
00402D86|.E8 B9FF0000 CALLPrintBar.00412D44; \//MD5初始化
00402D8B|.59POP ECX
00402D8C|.FF75 0C PUSHDWORD PTR
00402D8F|.E8 109A0A00 CALLPrintBar.004AC7A4
00402D94|.59POP ECX
00402D95|.50PUSHEAX; /Arg3
00402D96|.FF75 0C PUSHDWORD PTR ; |Arg2
00402D99|.8D55 A8 LEA EDX, DWORD PTR ; |
00402D9C|.52PUSHEDX; |Arg1
00402D9D|.E8 EE0E0100 CALLPrintBar.00413C90; \PrintBar.00413C90
00402DA2|.83C4 0C ADD ESP, 0C
00402DA5|.8D4D 98 LEA ECX, DWORD PTR
00402DA8|.51PUSHECX; /Arg2
00402DA9|.8D45 A8 LEA EAX, DWORD PTR ; |
00402DAC|.50PUSHEAX; |Arg1
00402DAD|.E8 B20F0100 CALLPrintBar.00413D64; \//以上过程为标准MD5运算
00402DB2|.83C4 08 ADD ESP, 8
00402DB5|.33D2XOR EDX, EDX
00402DB7|.8A55 9E MOV DL, BYTE PTR
00402DBA|.52PUSHEDX; /Arg7
00402DBB|.33C9XOR ECX, ECX ; |
00402DBD|.8A4D 9D MOV CL, BYTE PTR ; |
00402DC0|.51PUSHECX; |Arg6
00402DC1|.33C0XOR EAX, EAX ; |
00402DC3|.8A45 9B MOV AL, BYTE PTR ; |
00402DC6|.50PUSHEAX; |Arg5
00402DC7|.33D2XOR EDX, EDX ; |
00402DC9|.8A55 9A MOV DL, BYTE PTR ; |
00402DCC|.52PUSHEDX; |Arg4
00402DCD|.33C9XOR ECX, ECX ; |
00402DCF|.8A4D 9F MOV CL, BYTE PTR ; |
00402DD2|.51PUSHECX; |Arg3
00402DD3|.68 34D34E00 PUSHPrintBar.004ED334; |Arg2 = 004ED334 ASCII "%X%X%X%X%X"
00402DD8|.8D45 8C LEA EAX, DWORD PTR ; |
00402DDB|.50PUSHEAX; |Arg1
00402DDC|.E8 A3CF0A00 CALLPrintBar.004AFD84; \//以上抽取MD5相关数值输出
00402DE1|.83C4 1C ADD ESP, 1C
00402DE4|.8D55 8C LEA EDX, DWORD PTR
00402DE7|.52PUSHEDX;//真码
00402DE8|.FF75 10 PUSHDWORD PTR ;//假码
00402DEB|.E8 38990A00 CALLPrintBar.004AC728;//比较CALL
00402DF0|.83C4 08 ADD ESP, 8
00402DF3|.85C0TESTEAX, EAX
00402DF5|.75 0C JNZ SHORT PrintBar.00402E03;//关键跳转
00402DF7|.8B4D 08 MOV ECX, DWORD PTR
00402DFA|.C681 D0060000>MOV BYTE PTR , 1
00402E01|.EB 0A JMP SHORT PrintBar.00402E0D
00402E03|>8B45 08 MOV EAX, DWORD PTR
00402E06|.C680 D0060000>MOV BYTE PTR , 0
00402E0D|>8B55 08 MOV EDX, DWORD PTR
00402E10|.8A82 D0060000 MOV AL, BYTE PTR
00402E16|.8BE5MOV ESP, EBP
00402E18|.5DPOP EBP
00402E19\.C3RETN

**************************************************************
【破解总结】
--------------------------------------------------------------
【算法总结】
标准MD5运算,输出时作了点变化
--------------------------------------------------------------
【算法注册机】
〖KeyGen.rek〗
.const

.data
szHomePage db "http://www.chinapyg.com",0
szEmaildb "mailto:tianxj_2007@126.com",0
szErrMessdb "请输入字符!",0
szHex db "%X%X%X%X%X",0
szBuffer db 100 dup (0)
szKey db 100 dup (0)
hShow db 100 dup (0)
len dd 0
a1 dd 0
a2 dd 0
a3 dd 0
a4 dd 0
a5 dd 0

.code
mov edi,eax
invoke lstrlen,edi
mov len,eax
MOV EAX,len
LEA EBP,szKey
MOV DWORD PTR SS:,EAX
MOV DWORD PTR SS:,EDI
INC EAX
ADD EDI,EAX
MOV BYTE PTR DS:,80h
XOR EDX,EDX
MOV EBX,40h
DIV EBX
NEG EDX
ADD EDX,40h
CMP EDX,8h
JNB n1
ADD EDX,40h
n1:
MOV ECX,EDX
XOR AL,AL
REP STOS BYTE PTR ES:
MOV EAX,DWORD PTR SS:
INC EDX
ADD DWORD PTR SS:,EDX
XOR EDX,EDX
MOV EBX,8h
MUL EBX
MOV DWORD PTR DS:,EAX
MOV DWORD PTR DS:,EDX
MOV EDX,DWORD PTR SS:
MOV EDI,DWORD PTR SS:
LEA ESI,szBuffer
MOV DWORD PTR DS:,67452301h
MOV DWORD PTR DS:,0EFCDAB89h
MOV DWORD PTR DS:,98BADCFEh
MOV DWORD PTR DS:,10325476h
begin:
MOV EAX,DWORD PTR DS:
MOV DWORD PTR SS:,EAX
MOV EAX,DWORD PTR DS:
MOV DWORD PTR SS:,EAX
MOV EAX,DWORD PTR DS:
MOV DWORD PTR SS:,EAX
MOV EAX,DWORD PTR DS:
MOV DWORD PTR SS:,EAX
PUSH 0D76AA478h
PUSH 7h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0E8C7B756h
PUSH 0Ch
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 242070DBh
PUSH 11h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0C1BDCEEEh
PUSH 16h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0F57C0FAFh
PUSH 7h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 4787C62Ah
PUSH 0Ch
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0A8304613h
PUSH 11h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0FD469501h
PUSH 16h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 698098D8h
PUSH 7h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 8B44F7AFh
PUSH 0Ch
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0FFFF5BB1h
PUSH 11h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 895CD7BEh
PUSH 16h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 6B901122h
PUSH 7h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0FD987193h
PUSH 0Ch
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0A679438Eh
PUSH 11h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 49B40821h
PUSH 16h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL PYG
MOV DWORD PTR SS:,EAX
PUSH 0F61E2562h
PUSH 5h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0C040B340h
PUSH 9h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 265E5A51h
PUSH 0Eh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0E9B6C7AAh
PUSH 14h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0D62F105Dh
PUSH 5h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 2441453h
PUSH 9h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0D8A1E681h
PUSH 0Eh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0E7D3FBC8h
PUSH 14h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 21E1CDE6h
PUSH 5h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0C33707D6h
PUSH 9h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0F4D50D87h
PUSH 0Eh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 455A14EDh
PUSH 14h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0A9E3E905h
PUSH 5h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0FCEFA3F8h
PUSH 9h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 676F02D9h
PUSH 0Eh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 8D2A4C8Ah
PUSH 14h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL tianxj
MOV DWORD PTR SS:,EAX
PUSH 0FFFA3942h
PUSH 4h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 8771F681h
PUSH 0Bh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 6D9D6122h
PUSH 10h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0FDE5380Ch
PUSH 17h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0A4BEEA44h
PUSH 4h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 4BDECFA9h
PUSH 0Bh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0F6BB4B60h
PUSH 10h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0BEBFBC70h
PUSH 17h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 289B7EC6h
PUSH 4h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0EAA127FAh
PUSH 0Bh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0D4EF3085h
PUSH 10h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 4881D05h
PUSH 17h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0D9D4D039h
PUSH 4h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0E6DB99E5h
PUSH 0Bh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 1FA27CF8h
PUSH 10h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0C4AC5665h
PUSH 17h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL MD5
MOV DWORD PTR SS:,EAX
PUSH 0F4292244h
PUSH 6h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 432AFF97h
PUSH 0Ah
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0AB9423A7h
PUSH 0Fh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0FC93A039h
PUSH 15h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 655B59C3h
PUSH 6h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 8F0CCC92h
PUSH 0Ah
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0FFEFF47Dh
PUSH 0Fh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 85845DD1h
PUSH 15h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 6FA87E4Fh
PUSH 6h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0FE2CE6E0h
PUSH 0Ah
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0A3014314h
PUSH 0Fh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 4E0811A1h
PUSH 15h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0F7537E82h
PUSH 6h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0BD3AF235h
PUSH 0Ah
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 2AD7D2BBh
PUSH 0Fh
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
PUSH 0EB86D391h
PUSH 15h
PUSH DWORD PTR DS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
PUSH DWORD PTR SS:
CALL Calc
MOV DWORD PTR SS:,EAX
MOV EAX,DWORD PTR SS:
ADD DWORD PTR DS:,EAX
MOV EAX,DWORD PTR SS:
ADD DWORD PTR DS:,EAX
MOV EAX,DWORD PTR SS:
ADD DWORD PTR DS:,EAX
MOV EAX,DWORD PTR SS:
ADD DWORD PTR DS:,EAX
ADD EDI,40h
SUB EDX,40h
JNZ begin
XOR EDX,EDX
MOV DL, BYTE PTR DS:
MOV a1, EDX
MOV DL, BYTE PTR DS:
MOV a2, EDX
MOV DL, BYTE PTR DS:
MOV a3, EDX
MOV DL, BYTE PTR DS:
MOV a4, EDX
MOV DL, BYTE PTR DS:
MOV a5, EDX
invoke wsprintf,addr hShow,addr szHex,a5,a4,a3,a2,a1
LEA EAX,hShow
JMP nobody
;======================
PYG:
PUSH EBP
MOV EBP,ESP
PUSH EBX
PUSH ECX
MOV EAX,DWORD PTR SS:
MOV EBX,DWORD PTR SS:
MOV ECX,DWORD PTR SS:
AND EBX,EAX
NOT EAX
AND EAX,ECX
OR EAX,EBX
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
MOV CL,BYTE PTR SS:
ROL EAX,CL
ADD EAX,DWORD PTR SS:
POP ECX
POP EBX
LEAVE
RETN 0
;====================
tianxj:
PUSH EBP
MOV EBP,ESP
PUSH EBX
PUSH ECX
MOV EAX,DWORD PTR SS:
MOV EBX,DWORD PTR SS:
MOV ECX,DWORD PTR SS:
AND EAX,ECX
NOT ECX
AND ECX,EBX
OR EAX,ECX
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
MOV CL,BYTE PTR SS:
ROL EAX,CL
ADD EAX,DWORD PTR SS:
POP ECX
POP EBX
LEAVE
RETN 0
;====================
MD5:
PUSH EBP
MOV EBP,ESP
PUSH EBX
PUSH ECX
MOV EAX,DWORD PTR SS:
MOV EBX,DWORD PTR SS:
MOV ECX,DWORD PTR SS:
XOR EAX,EBX
XOR EAX,ECX
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
MOV CL,BYTE PTR SS:
ROL EAX,CL
ADD EAX,DWORD PTR SS:
POP ECX
POP EBX
LEAVE
RETN 0
;====================
Calc:
PUSH EBP
MOV EBP,ESP
PUSH EBX
PUSH ECX
MOV EAX,DWORD PTR SS:
MOV EBX,DWORD PTR SS:
MOV ECX,DWORD PTR SS:
NOT ECX
OR EAX,ECX
XOR EAX,EBX
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
ADD EAX,DWORD PTR SS:
MOV CL,BYTE PTR SS:
ROL EAX,CL
ADD EAX,DWORD PTR SS:
POP ECX
POP EBX
LEAVE
RETN 0
;====================
nobody:
〖易语言代码〗
.版本 2
.支持库 dp1

.子程序 _按钮1_被单击
.局部变量 MD5, 文本型

.判断开始 (编辑框1.内容 = “”)
编辑框2.内容 = “输入有误,请重新输入。”
.默认

MD5 = 到大写 (取数据摘要 (到字节集 (编辑框1.内容)))
编辑框2.内容 = 取文本中间 (MD5, 15, 2) + 取文本中间 (MD5, 5, 2) + 取文本中间 (MD5, 7, 2) + 取文本中间 (MD5, 11, 2) +

取文本中间 (MD5, 13, 2)

.判断结束
--------------------------------------------------------------
【内存注册机】
中断地址 00402DEB
中断次数 1
第一字节 E8
指令长度 5

内存方式-寄存器-EDX
--------------------------------------------------------------
【注册信息】
用户名:abcdef
注册码:FC50178950
保存在安装目录下printbar.ini里
--------------------------------------------------------------
感谢飘云老大、猫老大、Nisy老大以及很多前辈们的学习教程以及徐超等所有帮助过我的论坛兄弟姐妹们!谢谢
--------------------------------------------------------------
【版权声明】破文是学习的手记,兴趣是成功的源泉;本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!

_/_/_/ _/ _/ _/_/_/
_/ _/_/_/_/
_/_/_/_/_/ _/_/_/_/
_/ _/_/_/
_/ _/_/_/_/ _/tianxj

shaopeng 发表于 2008-10-15 12:38

这也是算法分析??
一点也不详细。。。。

wesley 发表于 2008-10-15 12:38

好强大的注册机。。。。爱死你了。。。

tjxiaowu 发表于 2008-10-15 13:52

很好很强大

yunfeng 发表于 2008-10-15 16:21

用几种方法写注册机,真的是很强很强
页: [1]
查看完整版本: PrintBar 1.1算法分析