一个Crackme
纯java编写,无混淆,无壳,什么阻碍都没有,不可以爆破,欢迎练手本帖最后由 lakshmi 于 2016-2-29 17:36 编辑
长度为15位数字,但是只取了前五位,后十位为任意数字均可,前五位采用爆破的方式:
public static void main(String[] args) {
long i=10000;
for(;i<99999; i++){
if(crack(i)){
System.out.println("Res: " + i);
}
}
}
public static boolean crack(long reg)
{
longv8 = 0;
int v3=0;
char[] v0 = new char;
String v1 = String.valueOf(((65362 ^ reg) + 1555) / 3 - 1555).trim();
v8 = ((long)v1.length());
v1.getChars(0, ((int)v8), v0, 0);
if(v8 < 4) {
long v6 = 4 - v8;
for(v3 = ((int)(v8 - 1)); v3 >= 0; --v3) {
v0[((int)((((long)v3)) + v6))] = v0;
}
for(v3 = 0; v3 < (((int)v6)); ++v3) {
v0 = '0';
}
}
String v2 = "104672819202";
for(v3 = 1; v3 <= 4; ++v3) {
if(v0 != v2.charAt(v3 - 1)) {
return false;
}
}
return true;
}
结果(在这些结果后边任意添加10位数字都能注册成功):
Res: 31104
Res: 31105
Res: 31106
Res: 31107
Res: 31108
Res: 31109
Res: 31110
Res: 31111
Res: 31120
Res: 31121
Res: 31122
Res: 31123
Res: 31124
Res: 31125
Res: 31126
Res: 31127
Res: 31128
Res: 31129
Res: 31130
Res: 31131
Res: 31132
Res: 31133
Res: 31134
Res: 31135
Res: 31208
Res: 31209
Res: 31212
Res: 31213
Res: 31214
Res: 31215
Res: 59192
Res: 59194
Res: 59195
取出输入的前五位进行次方运算
((65362 ^ reg) + 1555) / 3 - 1555)
在把运算结果变成六位数,
v8 = ((long)v1.length());
v1.getChars(0, ((int)v8), v0, 0);
if(v8 < 4) {
long v6 = 4 - v8;
for(v3 = ((int)(v8 - 1)); v3 >= 0; --v3) {
v0[((int)((((long)v3)) + v6))] = v0;
}
for(v3 = 0; v3 < (((int)v6)); ++v3) {
v0 = '0';
}
然后扔掉后两位,只是比较前4位。
如果不爆破,用逆推的方式, 丢掉的两位就有100种可能,除法取整(余数有0,1,2)有三种可能,目前就有了300中可能(大概运算哈), 然后剔除掉不满足次方运算的数,就是运算结果。
.class Lcom/example/crackme/MainActivity$1;
.super Ljava/lang/Object;
.source "MainActivity.java"
# interfaces
.implements Landroid/view/View$OnClickListener;
# annotations
.annotation system Ldalvik/annotation/EnclosingMethod;
value = Lcom/example/crackme/MainActivity;->onCreate(Landroid/os/Bundle;)V
.end annotation
.annotation system Ldalvik/annotation/InnerClass;
accessFlags = 0x0
name = null
.end annotation
# instance fields
.field final synthetic this$0:Lcom/example/crackme/MainActivity;
.field private final synthetic val$edt:Landroid/widget/EditText;
# direct methods
.method constructor <init>(Lcom/example/crackme/MainActivity;Landroid/widget/EditText;)V
.locals 0
.prologue
.line 1
iput-object p1, p0, Lcom/example/crackme/MainActivity$1;->this$0:Lcom/example/crackme/MainActivity;
iput-object p2, p0, Lcom/example/crackme/MainActivity$1;->val$edt:Landroid/widget/EditText;
.line 19
invoke-direct {p0}, Ljava/lang/Object;-><init>()V
return-void
.end method
# virtual methods
.method public onClick(Landroid/view/View;)V
.locals 6
.param p1, "v" # Landroid/view/View;
.prologue
const/16 v5, 0xf
const/16 v4, 0x3e8
.line 24
iget-object v2, p0, Lcom/example/crackme/MainActivity$1;->val$edt:Landroid/widget/EditText;
invoke-virtual {v2}, Landroid/widget/EditText;->getText()Landroid/text/Editable;
move-result-object v2
invoke-interface {v2}, Landroid/text/Editable;->toString()Ljava/lang/String;
move-result-object v2
invoke-virtual {v2}, Ljava/lang/String;->trim()Ljava/lang/String;
move-result-object v1
.line 25
.local v1, "regcode":Ljava/lang/String;
invoke-virtual {v1}, Ljava/lang/String;->length()I
move-result v2
.line 26
const/4 v0, 0x0
.line 27
.local v0, "i":I
:goto_0
.line 39
invoke-static {v1}, Lcom/example/crackme/MainActivity;->check(Ljava/lang/String;)Z
move-result v2
.line 40
iget-object v2, p0, Lcom/example/crackme/MainActivity$1;->this$0:Lcom/example/crackme/MainActivity;
const-string v3, "注册成功"
invoke-static {v2, v3, v4}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v2
invoke-virtual {v2}, Landroid/widget/Toast;->show()V
.line 45
.end local v0 # "i":I
:cond_0
:goto_1
return-void
.line 28
.restart local v0 # "i":I
:cond_1
invoke-virtual {v1, v0}, Ljava/lang/String;->charAt(I)C
move-result v2
const/16 v3, 0x30
if-lt v2, v3, :cond_0
invoke-virtual {v1, v0}, Ljava/lang/String;->charAt(I)C
move-result v2
const/16 v3, 0x39
if-gt v2, v3, :cond_0
.line 32
add-int/lit8 v0, v0, 0x1
goto :goto_0
.line 36
.end local v0 # "i":I
:cond_2
iget-object v2, p0, Lcom/example/crackme/MainActivity$1;->this$0:Lcom/example/crackme/MainActivity;
const-string v3, "请输入正确的注册码"
invoke-static {v2, v3, v4}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v2
invoke-virtual {v2}, Landroid/widget/Toast;->show()V
goto :goto_1
.line 42
.restart local v0 # "i":I
:cond_3
iget-object v2, p0, Lcom/example/crackme/MainActivity$1;->this$0:Lcom/example/crackme/MainActivity;
const-string v3, "注册失败"
invoke-static {v2, v3, v4}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v2
invoke-virtual {v2}, Landroid/widget/Toast;->show()V
goto :goto_1
.end method
啊!谢谢分享!! 大大们又开始玩java的了 59194+任意10位数字@世事繁华皆成空 windwing1883 发表于 2016-2-26 14:46
59194+任意10位数字@世事繁华皆成空
有这么快? 好专业的样子哦 windwing1883 发表于 2016-2-26 14:46
59194+任意10位数字@世事繁华皆成空
欢迎写出分析思路哦
算法确实够乱的,不让暴力破解就不会了 弄了半天还是搞不清思路
页:
[1]
2