160个crackme第45
明码比较,比较简单的crackmedelphi 程序。利用按钮事件很容易找到算法call,用asm 编写注册机很简单直接抄代码。00421DCD|.6A 00 push 0x0
00421DCF|.6A 00 push 0x0
00421DD1|.53 push ebx
00421DD2|.56 push esi
00421DD3|.57 push edi
00421DD4|.8BF0 mov esi,eax
00421DD6|.33C0 xor eax,eax
00421DD8|.55 push ebp
00421DD9|.68 861E4200 push Dope2112.00421E86
00421DDE|.64:FF30 push dword ptr fs:
00421DE1|.64:8920 mov dword ptr fs:,esp
00421DE4|.BB 37000000 mov ebx,0x37
00421DE9|.8D55 F8 lea edx,
00421DEC|.8B86 B0010000 mov eax,dword ptr ds:
00421DF2|.E8 89FAFEFF call Dope2112.00411880
00421DF7|.8D55 FC lea edx, ;;用户名长度
00421DFA|.8B86 AC010000 mov eax,dword ptr ds:
00421E00|.E8 7BFAFEFF call Dope2112.00411880
00421E05|.8B45 FC mov eax,
00421E08|.E8 5715FEFF call Dope2112.00403364
00421E0D|.83F8 04 cmp eax,0x4
00421E10|.7D 0C jge short Dope2112.00421E1E
00421E12|.A1 64464200 mov eax,dword ptr ds:
00421E17|.E8 C8BAFFFF call Dope2112.0041D8E4
00421E1C|.EB 4D jmp short Dope2112.00421E6B
00421E1E|>8B45 FC mov eax,
00421E21|.E8 3E15FEFF call Dope2112.00403364
00421E26|.85C0 test eax,eax
00421E28|.7C 14 jl short Dope2112.00421E3E
00421E2A|.40 inc eax
00421E2B|.33D2 xor edx,edx
00421E2D|>8B4D FC /mov ecx,
00421E30|.0FB64C11 FF |movzx ecx,byte ptr ds: ;;取用户名
00421E35|.C1E1 09 |shl ecx,0x9
00421E38|.03D9 |add ebx,ecx
00421E3A|.42 |inc edx
00421E3B|.48 |dec eax
00421E3C|.^ 75 EF \jnz short Dope2112.00421E2D
00421E3E|>8D55 F4 lea edx,
00421E41|.8BC3 mov eax,ebx ;;十六进制明码
00421E43|.E8 E834FEFF call Dope2112.00405330
ebx 值转换为十进制就是密码。
asm 代码
Reg Proc hWin:dword
mov ebx,37h
inc eax
xor edx,edx
_00421E2d:
mov ecx,offset username
movzx ecx,byte ptr
shl ecx,9
add ebx,ecx
inc edx
dec eax
jnz _00421E2d
ret
Reg endp
radasm 工程文件
页:
[1]