PPTCM算法分析
本帖最后由 a13639875277 于 2009-5-29 15:19 编辑00401010|> \55 PUSH EBP
00401011|.8BEC MOV EBP,ESP
00401013|.83EC 6C SUB ESP,6C
00401016|.53 PUSH EBX
00401017|.56 PUSH ESI
00401018|.57 PUSH EDI
00401019|.C745 E8 00000>MOV DWORD PTR SS:,0
00401020|.A1 B4304200 MOV EAX,DWORD PTR DS:
00401025|.8945 D4 MOV DWORD PTR SS:,EAX
00401028|.8B0D B8304200 MOV ECX,DWORD PTR DS:
0040102E|.894D D8 MOV DWORD PTR SS:,ECX
00401031|.66:8B15 BC304>MOV DX,WORD PTR DS:
00401038|.66:8955 DC MOV WORD PTR SS:,DX
0040103C|.A0 BE304200 MOV AL,BYTE PTR DS:
00401041|.8845 DE MOV BYTE PTR SS:,AL
00401044|.68 8C304200 PUSH Crackme2.0042308C ; /This Crackme2 is made by pptppt\n
00401049|.E8 62040000 CALL Crackme2.004014B0 ; \Crackme2.004014B0
0040104E|.83C4 04 ADD ESP,4
00401051|.68 6C304200 PUSH Crackme2.0042306C ; /请输入你的用户码和序列号:\n
00401056|.E8 55040000 CALL Crackme2.004014B0 ; \Crackme2.004014B0
0040105B|.83C4 04 ADD ESP,4
0040105E|.8B4D FC MOV ECX,DWORD PTR SS:
00401061|.51 PUSH ECX ; /Arg1
00401062|.E8 79030000 CALL Crackme2.004013E0 ; \Crackme2.004013E0
00401067|.83C4 04 ADD ESP,4
0040106A|.8B55 FC MOV EDX,DWORD PTR SS:
0040106D|.52 PUSH EDX
0040106E|.E8 ED020000 CALL Crackme2.00401360
00401073|.83C4 04 ADD ESP,4
00401076|.8945 F8 MOV DWORD PTR SS:,EAX
00401079|.837D F8 05 CMP DWORD PTR SS:,5
0040107D|.7F 17 JG SHORT Crackme2.00401096
0040107F|.68 48304200 PUSH Crackme2.00423048 ; /提醒:用户名必须大于等于6位!\n
00401084|.E8 27040000 CALL Crackme2.004014B0 ; \Crackme2.004014B0
00401089|.83C4 04 ADD ESP,4
0040108C|.E8 5FCB0000 CALL Crackme2.0040DBF0
00401091|.E9 E3000000 JMP Crackme2.00401179
00401096|>8D45 F4 LEA EAX,DWORD PTR SS:
00401099|.50 PUSH EAX ; /Arg2
0040109A|.68 44304200 PUSH Crackme2.00423044 ; |%d
0040109F|.E8 5C020000 CALL Crackme2.00401300 ; \Crackme2.00401300
004010A4|.83C4 08 ADD ESP,8
004010A7|.8B4D F4 MOV ECX,DWORD PTR SS: ;注册码送到ECX
004010AA|.81C1 19190000 ADD ECX,1919 ;注册码+1919
004010B0|.81F1 6F1D0000 XOR ECX,1D6F ;得到的值与1D6F XOR
004010B6|.894D F4 MOV DWORD PTR SS:,ECX ;得到的值送到ECX
004010B9|.8D55 D4 LEA EDX,DWORD PTR SS: ;以下计算用户名
004010BC|.52 PUSH EDX
004010BD|.8B45 FC MOV EAX,DWORD PTR SS:
004010C0|.50 PUSH EAX
004010C1|.E8 5A010000 CALL Crackme2.00401220
004010C6|.83C4 08 ADD ESP,8
004010C9|.8945 FC MOV DWORD PTR SS:,EAX
004010CC|.8B4D FC MOV ECX,DWORD PTR SS:
004010CF|.51 PUSH ECX
004010D0|.E8 8B020000 CALL Crackme2.00401360
004010D5|.83C4 04 ADD ESP,4
004010D8|.8945 F0 MOV DWORD PTR SS:,EAX
004010DB|.C745 E0 00000>MOV DWORD PTR SS:,0
004010E2|.EB 09 JMP SHORT Crackme2.004010ED
004010E4|>8B55 E0 /MOV EDX,DWORD PTR SS:
004010E7|.83C2 01 |ADD EDX,1
004010EA|.8955 E0 |MOV DWORD PTR SS:,EDX
004010ED|>8B45 E0 MOV EAX,DWORD PTR SS:
004010F0|.3B45 F0 |CMP EAX,DWORD PTR SS:
004010F3|.7F 38 |JG SHORT Crackme2.0040112D
004010F5|.8B4D FC |MOV ECX,DWORD PTR SS:
004010F8|.034D E0 |ADD ECX,DWORD PTR SS:
004010FB|.0FBE01 |MOVSX EAX,BYTE PTR DS:
004010FE|.99 |CDQ
004010FF|.F77D F0 |IDIV DWORD PTR SS:
00401102|.8955 EC |MOV DWORD PTR SS:,EDX
00401105|.8B55 EC |MOV EDX,DWORD PTR SS:
00401108|.52 |PUSH EDX ; /Arg1
00401109|.E8 D2000000 |CALL Crackme2.004011E0 ; \Crackme2.004011E0
0040110E|.83C4 04 |ADD ESP,4
00401111|.8945 EC |MOV DWORD PTR SS:,EAX
00401114|.8B45 FC |MOV EAX,DWORD PTR SS:
00401117|.0345 EC |ADD EAX,DWORD PTR SS:
0040111A|.0FBE08 |MOVSX ECX,BYTE PTR DS:
0040111D|.8B55 EC |MOV EDX,DWORD PTR SS:
00401120|.0FAFD1 |IMUL EDX,ECX
00401123|.8B45 E8 |MOV EAX,DWORD PTR SS:
00401126|.03C2 |ADD EAX,EDX
00401128|.8945 E8 |MOV DWORD PTR SS:,EAX
0040112B|.^ EB B7 \JMP SHORT Crackme2.004010E4
0040112D|>8B4D E8 MOV ECX,DWORD PTR SS: ;计算用户名的值送到ECX
00401130|.81E9 31150000 SUB ECX,1531 ;其值-1531
00401136|.894D E8 MOV DWORD PTR SS:,ECX ;记住ECX得值
00401139|.8B55 F4 MOV EDX,DWORD PTR SS: ;计算过注册码的值放到EDX
0040113C|.81C2 6D010000 ADD EDX,16D ;注册码计算的值+16D
00401142|.8955 F4 MOV DWORD PTR SS:,EDX ;
00401145|.8B45 F4 MOV EAX,DWORD PTR SS: ;计算注册码的值送到EAX
00401148|.35 41040000 XOR EAX,441 ;与441 XOR
0040114D|.8945 F4 MOV DWORD PTR SS:,EAX ;得到注册码
00401150|.8B4D E8 MOV ECX,DWORD PTR SS: ;计算用户名的值送到ECX
00401153 3B4D F4 CMP ECX,DWORD PTR SS: ;注册码的值与用户名的值比较
00401156 75 0F JNZ SHORT Crackme2.00401167
00401158 68 30304200 PUSH Crackme2.00423030 ;恭喜注册成功!\n
0040115D|.E8 4E030000 CALL Crackme2.004014B0 ; \Crackme2.004014B0
00401162|.83C4 04 ADD ESP,4
00401165|.EB 0D JMP SHORT Crackme2.00401174
00401167|>68 1C304200 PUSH Crackme2.0042301C ; /抱歉继续努力哦!
0040116C|.E8 3F030000 CALL Crackme2.004014B0 ; \Crackme2.004014B0
00401171|.83C4 04 ADD ESP,4
00401174|>E8 77CA0000 CALL Crackme2.0040DBF0
00401179|>5F POP EDI
0040117A|.5E POP ESI
0040117B|.5B POP EBX
0040117C|.8BE5 MOV ESP,EBP
0040117E|.5D POP EBP
0040117F\.C3 RETN
写的不好,请谅解 学习一下。呵呵,楼主的头像和ID很熟悉啊,以前在8185呆过的吧。:handshake 恩,是类... 学习下。。!!!~~~
页:
[1]