求助大神分析以下CM 算法想弄个注册机 - 吾爱破解 - 52pojie.cn - Powered by Discuz! Archiver

网站 › 『UnPackMe◇CrackMe◇KeyGenMe◇ReverseMe』 › 求助大神分析以下CM 算法想弄个注册机

ainddky 发表于 2014-8-3 04:46

求助大神分析以下CM 算法想弄个注册机

本帖最后由 ainddky 于 2014-8-3 04:47 编辑

求助大神分析以下CM 算法想弄个注册机
00409DC0/$53          push ebx
00409DC1|.56          push esi
00409DC2|.83C4 F4    add esp,-0xC    获取一个固定码
00409DC5|.8BD8       mov ebx,eax                            ;
00409DC7|.8BD4       mov edx,esp
00409DC9|.8BC3       mov eax,ebx
00409DCB|.E8 4C96FFFF call unpacked.0040341C 进入算法 1
00409DD0|.8BF0       mov esi,eax
00409DD2|.833C24 00 cmp dword ptr ss:,0x0
00409DD6|.74 19       je short unpacked.00409DF1
00409DD8|.895C24 04 mov dword ptr ss:,ebx
00409DDC|.C64424 08 0Bmov byte ptr ss:,0xB
00409DE1|.8D5424 04 lea edx,dword ptr ss:
00409DE5|.A1 0C4DCA00 mov eax,dword ptr ds:
00409DEA|.33C9       xor ecx,ecx
00409DEC|.E8 5BF7FFFF call unpacked.0040954C
00409DF1|>8BC6       mov eax,esi
00409DF3|.83C4 0C    add esp,0xC
00409DF6|.5E          pop esi
00409DF7|.5B          pop ebx
00409DF8\.C3          retn

00409DCB|.E8 4C96FFFF call unpacked.0040341C 进入算法 1
如下
0040341C/$53          push ebx
0040341D|.56          push esi
0040341E|.57          push edi
0040341F|.89C6       mov esi,eax
00403421|.50          push eax
00403422|.85C0       test eax,eax
00403424|.74 6C       je short unpacked.00403492
00403426|.31C0       xor eax,eax
00403428|.31DB       xor ebx,ebx
0040342A|.BF CCCCCC0C mov edi,0xCCCCCCC
0040342F|>8A1E       /mov bl,byte ptr ds:
00403431|.46          |inc esi
00403432|.80FB 20    |cmp bl,0x20                         ;
00403435|.^ 74 F8       \je short unpacked.0040342F
00403437|.B5 00       mov ch,0x0
00403439|.80FB 2D    cmp bl,0x2D
0040343C|.74 62       je short unpacked.004034A0
0040343E|.80FB 2B    cmp bl,0x2B
00403441|.74 5F       je short unpacked.004034A2
00403443|>80FB 24    cmp bl,0x24                            ;Switch (cases 0..78)
00403446|.74 5F       je short unpacked.004034A7
00403448|.80FB 78    cmp bl,0x78
0040344B|.74 5A       je short unpacked.004034A7
0040344D|.80FB 58    cmp bl,0x58
00403450|.74 55       je short unpacked.004034A7
00403452|.80FB 30    cmp bl,0x30
00403455|.75 13       jnz short unpacked.0040346A
00403457|.8A1E       mov bl,byte ptr ds:             ;Case 30 ('0') of switch 00403443
00403459|.46          inc esi
0040345A|.80FB 78    cmp bl,0x78
0040345D|.74 48       je short unpacked.004034A7
0040345F|.80FB 58    cmp bl,0x58
00403462|.74 43       je short unpacked.004034A7
00403464|.84DB       test bl,bl
00403466|.74 20       je short unpacked.00403488
00403468|.EB 04       jmp short unpacked.0040346E
0040346A|>84DB       test bl,bl
0040346C|.74 2D       je short unpacked.0040349B
0040346E|>80EB 30    /sub bl,0x30                         ;Default case of switch 00403443
00403471|.80FB 09    |cmp bl,0x9
00403474|.77 25       |ja short unpacked.0040349B
00403476|.39F8       |cmp eax,edi
00403478|.77 21       |ja short unpacked.0040349B
0040347A|.8D0480    |lea eax,dword ptr ds:
0040347D|.01C0       |add eax,eax
0040347F|.01D8       |add eax,ebx
00403481|.8A1E       |mov bl,byte ptr ds:
00403483|.46          |inc esi
00403484|.84DB       |test bl,bl
00403486|.^ 75 E6       \jnz short unpacked.0040346E
00403488|>FECD       dec ch
0040348A|.74 09       je short unpacked.00403495
0040348C|.85C0       test eax,eax
0040348E|.7D 54       jge short unpacked.004034E4
00403490|.EB 09       jmp short unpacked.0040349B
00403492|>46          inc esi
00403493|.EB 06       jmp short unpacked.0040349B
00403495|>F7D8       neg eax
00403497|.7E 4B       jle short unpacked.004034E4
00403499|.78 49       js short unpacked.004034E4
0040349B|>5B          pop ebx                               ;Default case of switch 004034BB
0040349C|.29DE       sub esi,ebx
0040349E|.EB 47       jmp short unpacked.004034E7
004034A0|>FEC5       inc ch
004034A2|>8A1E       mov bl,byte ptr ds:
004034A4|.46          inc esi
004034A5|.^ EB 9C       jmp short unpacked.00403443
004034A7|>BF FFFFFF0F mov edi,0xFFFFFFF                      ;Cases 24 ('$'),58 ('X'),78 ('x') of switch 00403443
004034AC|.8A1E       mov bl,byte ptr ds:
004034AE|.46          inc esi
004034AF|.84DB       test bl,bl
004034B1|.^ 74 DF       je short unpacked.00403492
004034B3|>80FB 61    /cmp bl,0x61
004034B6|.72 03       |jb short unpacked.004034BB
004034B8|.80EB 20    |sub bl,0x20
004034BB|>80EB 30    |sub bl,0x30                         ;Switch (cases 30..46)
004034BE|.80FB 09    |cmp bl,0x9
004034C1|.76 0B       |jbe short unpacked.004034CE
004034C3|.80EB 11    |sub bl,0x11
004034C6|.80FB 05    |cmp bl,0x5
004034C9|.^ 77 D0       |ja short unpacked.0040349B
004034CB|.80C3 0A    |add bl,0xA                            ;Cases 41 ('A'),42 ('B'),43 ('C'),44 ('D'),45 ('E'),46 ('F') of switch 004034BB
004034CE|>39F8       |cmp eax,edi                         ;Cases 30 ('0'),31 ('1'),32 ('2'),33 ('3'),34 ('4'),35 ('5'),36 ('6'),37 ('7'),38 ('8'),39 ('9') of switch 004034BB
004034D0|.^ 77 C9       |ja short unpacked.0040349B
004034D2|.C1E0 04    |shl eax,0x4
004034D5|.01D8       |add eax,ebx
004034D7|.8A1E       |mov bl,byte ptr ds:
004034D9|.46          |inc esi
004034DA|.84DB       |test bl,bl
004034DC|.^ 75 D5       \jnz short unpacked.004034B3
004034DE|.FECD       dec ch
004034E0|.75 02       jnz short unpacked.004034E4
004034E2|.F7D8       neg eax
004034E4|>59          pop ecx
004034E5|.31F6       xor esi,esi
004034E7|>8932       mov dword ptr ds:,esi
004034E9|.5F          pop edi
004034EA|.5E          pop esi
004034EB|.5B          pop ebx
004034EC\.C3          retn

ainddky 发表于 2014-8-4 02:02

嘿嘿大牛都去哪里了呢

L4Nce 发表于 2014-8-4 17:18

这样看好费劲啊。

页: [1]

查看完整版本: 求助大神分析以下CM 算法想弄个注册机

免责声明：
吾爱破解所发布的一切破解补丁、注册机和注册信息及软件的解密分析文章仅限用于学习和研究目的；不得将上述内容用于商业或者非法用途，否则，一切后果请用户自负。本站信息来自网络，版权争议与本站无关。您必须在下载后的24个小时之内，从您的电脑中彻底删除上述内容。如果您喜欢该程序，请支持正版软件，购买注册，得到更好的正版服务。如有侵权请邮件与我们联系处理。

Mail To:Service@52pojie.cn