一款建立家谱的软件注册算法分析(附成品注册机)
本帖最后由 pj2020 于 2017-6-1 21:20 编辑【文章标题】:一款建立家谱的软件注册算法分析(附成品注册机)
【文章作者】:pj2020
【软件名称】:FamilyTree v9.0
【软件大小】:2.37MB
【保护方式】:注册码
【下载地址】:见附件
【加壳方式】:UPX 0.89.6 - 1.02 /1.05 - 1.24 (Delphi) stub -> Markus & Laszlo
【编写工具】:Borland Delphi 6.0 -7.0
【破解工具】:PEID、OD
【操作平台】:盗版XP3
【作者声明】:只是感兴趣,没有其他目的
【软件简介】: 俄毛子写的用于建立家谱的软件。你可以建立详细的家族谱系,可以增加照片和自传,本软件界面简洁美观。
【思路方法】:
一、查壳:UPX 0.89.6 - 1.02 /1.05 - 1.24 (Delphi) stub -> Markus & Laszlo
脱壳后:Borland Delphi 6.0 - 7.0
二、试注册:Login:abcde@123.comPassword:123456789试注册错误提示:The login or the password is incorrect
三、前面过程省略,直接进入算法部分:0054E40A 55 push ebp
0054E40B 68 D5E85400 push FamilyTr.0054E8D5
0054E410 64:FF30 push dword ptr fs:
0054E413 64:8920 mov dword ptr fs:,esp
0054E416 8D55 D0 lea edx,dword ptr ss:
0054E419 8B87 F0020000 mov eax,dword ptr ds:
0054E41F E8 A4D3EFFF call FamilyTr.0044B7C8
0054E424 8B45 D0 mov eax,dword ptr ss: ; 邮件名
0054E427 8D55 D4 lea edx,dword ptr ss:
0054E42A E8 65B3EBFF call FamilyTr.00409794
0054E42F 837D D4 00 cmp dword ptr ss:,0x0 ; 邮件名不能为空
0054E433 75 2E jnz short FamilyTr.0054E463
0054E435 8B15 BC995800 mov edx,dword ptr ds: ; FamilyTr.0058FBAC
0054E43B 8B12 mov edx,dword ptr ds:
0054E43D A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E442 8B00 mov eax,dword ptr ds:
0054E444 8B80 F4020000 mov eax,dword ptr ds:
0054E44A E8 A9D3EFFF call FamilyTr.0044B7F8
0054E44F A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E454 8B00 mov eax,dword ptr ds:
0054E456 8B10 mov edx,dword ptr ds:
0054E458 FF92 E8000000 call dword ptr ds:
0054E45E E9 1D040000 jmp FamilyTr.0054E880
0054E463 8D55 C8 lea edx,dword ptr ss:
0054E466 8B87 F4020000 mov eax,dword ptr ds:
0054E46C E8 EB69F3FF call FamilyTr.00484E5C
0054E471 8B45 C8 mov eax,dword ptr ss: ; 假码
0054E474 8D55 CC lea edx,dword ptr ss:
0054E477 E8 18B3EBFF call FamilyTr.00409794
0054E47C 837D CC 00 cmp dword ptr ss:,0x0 ; 注册码不能为空
0054E480 75 2E jnz short FamilyTr.0054E4B0
0054E482 8B15 BC995800 mov edx,dword ptr ds: ; FamilyTr.0058FBAC
0054E488 8B12 mov edx,dword ptr ds:
0054E48A A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E48F 8B00 mov eax,dword ptr ds:
0054E491 8B80 F4020000 mov eax,dword ptr ds:
0054E497 E8 5CD3EFFF call FamilyTr.0044B7F8
0054E49C A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E4A1 8B00 mov eax,dword ptr ds:
0054E4A3 8B10 mov edx,dword ptr ds:
0054E4A5 FF92 E8000000 call dword ptr ds:
0054E4AB E9 D0030000 jmp FamilyTr.0054E880
0054E4B0 8D55 C4 lea edx,dword ptr ss:
0054E4B3 8B87 F0020000 mov eax,dword ptr ds:
0054E4B9 E8 0AD3EFFF call FamilyTr.0044B7C8
0054E4BE 8B55 C4 mov edx,dword ptr ss: ; 读取邮箱名 "abcde@123.com"
0054E4C1 B8 ECE85400 mov eax,FamilyTr.0054E8EC
0054E4C6 E8 5D6EEBFF call FamilyTr.00405328 ; 检测邮箱名是否带“@”符号
0054E4CB 8945 EC mov dword ptr ss:,eax ; 符号“@”在邮件名中的位置,eax=0x6
0054E4CE 837D EC 00 cmp dword ptr ss:,0x0 ; 若邮箱名中无“@”符号,则提示输入正确的邮箱名
0054E4D2 75 2E jnz short FamilyTr.0054E502
0054E4D4 8B15 549A5800 mov edx,dword ptr ds: ; 胞X
0054E4DA 8B12 mov edx,dword ptr ds:
0054E4DC A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E4E1 8B00 mov eax,dword ptr ds:
0054E4E3 8B80 F4020000 mov eax,dword ptr ds:
0054E4E9 E8 0AD3EFFF call FamilyTr.0044B7F8
0054E4EE A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E4F3 8B00 mov eax,dword ptr ds:
0054E4F5 8B10 mov edx,dword ptr ds:
0054E4F7 FF92 E8000000 call dword ptr ds:
0054E4FD E9 7E030000 jmp FamilyTr.0054E880
0054E502 C745 E4 7A0D000>mov dword ptr ss:,0xD7A ; 第一次赋初始值0xD7A
0054E509 8B75 EC mov esi,dword ptr ss:
0054E50C 85F6 test esi,esi
0054E50E 7E 24 jle short FamilyTr.0054E534
0054E510 BB 01000000 mov ebx,0x1 ; ebx=0x1
0054E515 8D55 C0 lea edx,dword ptr ss:
0054E518 8B87 F0020000 mov eax,dword ptr ds:
0054E51E E8 A5D2EFFF call FamilyTr.0044B7C8
0054E523 8B45 C0 mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E526 0FB64418 FF movzx eax,byte ptr ds: ; 依次取邮箱名@及其前面字符ASC码
0054E52B F7EB imul ebx ; ASC码与对应位置相乘
0054E52D 0145 E4 add dword ptr ss:,eax ; 累加,结果为14D1
0054E530 43 inc ebx
0054E531 4E dec esi
0054E532^ 75 E1 jnz short FamilyTr.0054E515
0054E534 8D55 F8 lea edx,dword ptr ss:
0054E537 8B45 E4 mov eax,dword ptr ss: ; 第一次累加结果给eax=0x14D1(十进制5329)
0054E53A E8 71B5EBFF call FamilyTr.00409AB0
0054E53F 8D55 BC lea edx,dword ptr ss:
0054E542 8B87 F0020000 mov eax,dword ptr ds:
0054E548 E8 7BD2EFFF call FamilyTr.0044B7C8
0054E54D 8B45 BC mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E550 E8 976AEBFF call FamilyTr.00404FEC
0054E555 83F8 00 cmp eax,0x0 ; 邮箱名长度:eax=0xD
0054E558 7C 27 jl short FamilyTr.0054E581
0054E55A 8945 E8 mov dword ptr ss:,eax
0054E55D 8D55 B8 lea edx,dword ptr ss:
0054E560 8B87 F0020000 mov eax,dword ptr ds:
0054E566 E8 5DD2EFFF call FamilyTr.0044B7C8
0054E56B 8B45 B8 mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E56E 8B55 E8 mov edx,dword ptr ss: ; 邮箱名长度:eax=0xD
0054E571 807C10 FF 2E cmp byte ptr ds:,0x2E ; 倒序检测邮箱名点(.)的位置
0054E576 74 09 je short FamilyTr.0054E581
0054E578 FF4D E8 dec dword ptr ss: ; 邮箱名长度减1
0054E57B 837D E8 FF cmp dword ptr ss:,-0x1
0054E57F^ 75 DC jnz short FamilyTr.0054E55D ; 没完?继续
0054E581 837D E8 00 cmp dword ptr ss:,0x0 ; 没有检测到点(.)就提示输入正确的邮件名
0054E585 75 2E jnz short FamilyTr.0054E5B5
0054E587 8B15 549A5800 mov edx,dword ptr ds: ; 胞X
0054E58D 8B12 mov edx,dword ptr ds:
0054E58F A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E594 8B00 mov eax,dword ptr ds:
0054E596 8B80 F4020000 mov eax,dword ptr ds:
0054E59C E8 57D2EFFF call FamilyTr.0044B7F8
0054E5A1 A1 A4995800 mov eax,dword ptr ds: ; 帖X
0054E5A6 8B00 mov eax,dword ptr ds:
0054E5A8 8B10 mov edx,dword ptr ds:
0054E5AA FF92 E8000000 call dword ptr ds:
0054E5B0 E9 CB020000 jmp FamilyTr.0054E880
0054E5B5 C745 E0 B41C000>mov dword ptr ss:,0x1CB4 ; 第二次赋初始值0x1CB4
0054E5BC 8B5D EC mov ebx,dword ptr ss: ; 邮箱名符号@的位置
0054E5BF 8B75 E8 mov esi,dword ptr ss: ; 邮箱名点(.)的位置
0054E5C2 83EE 02 sub esi,0x2 ; 点(.)的位置-0x2=0xA-2=8
0054E5C5 2BF3 sub esi,ebx ; 上面的差-@的位置=8-6=2
0054E5C7 7C 20 jl short FamilyTr.0054E5E9
0054E5C9 46 inc esi
0054E5CA 8D55 B4 lea edx,dword ptr ss:
0054E5CD 8B87 F0020000 mov eax,dword ptr ds:
0054E5D3 E8 F0D1EFFF call FamilyTr.0044B7C8
0054E5D8 8B45 B4 mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E5DB 0FB64418 FF movzx eax,byte ptr ds: ; 依次取@及其后面二位ASC码
0054E5E0 F7EB imul ebx ; ASC码与对应位置相乘
0054E5E2 0145 E0 add dword ptr ss:,eax ; 累加,结果为211B
0054E5E5 43 inc ebx
0054E5E6 4E dec esi
0054E5E7^ 75 E1 jnz short FamilyTr.0054E5CA
0054E5E9 8D55 F4 lea edx,dword ptr ss:
0054E5EC 8B45 E0 mov eax,dword ptr ss: ; 第二次累加结果给eax=0x211B(十进制8475)
0054E5EF E8 BCB4EBFF call FamilyTr.00409AB0
0054E5F4 C745 DC E910000>mov dword ptr ss:,0x10E9 ; 第三次赋初始值0x10E9
0054E5FB 8B5D E8 mov ebx,dword ptr ss: ; 点(.)的位置
0054E5FE 83EB 02 sub ebx,0x2 ; 点(.)的位置-0x2=0xA-2=8
0054E601 8D55 B0 lea edx,dword ptr ss:
0054E604 8B87 F0020000 mov eax,dword ptr ds:
0054E60A E8 B9D1EFFF call FamilyTr.0044B7C8
0054E60F 8B45 B0 mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E612 E8 D569EBFF call FamilyTr.00404FEC
0054E617 8BF0 mov esi,eax ; 邮箱名长度:eax=0xD
0054E619 2BF3 sub esi,ebx ; esi-ebx=D-8=5
0054E61B 7C 20 jl short FamilyTr.0054E63D
0054E61D 46 inc esi ; esi=0x5+1=6
0054E61E 8D55 AC lea edx,dword ptr ss:
0054E621 8B87 F0020000 mov eax,dword ptr ds:
0054E627 E8 9CD1EFFF call FamilyTr.0044B7C8
0054E62C 8B45 AC mov eax,dword ptr ss: ; 邮箱名"abcde@123.com"
0054E62F 0FB64418 FF movzx eax,byte ptr ds: ; 依次取邮件名后六位ASC码
0054E634 F7EB imul ebx ; ASC码与对应位置相乘
0054E636 0145 DC add dword ptr ss:,eax ; 累加,结果为250E
0054E639 43 inc ebx
0054E63A 4E dec esi
0054E63B^ 75 E1 jnz short FamilyTr.0054E61E
0054E63D 8D55 F0 lea edx,dword ptr ss:
0054E640 8B45 DC mov eax,dword ptr ss: ; 第三次累加结果给eax=0x250E(十进制9486)
0054E643 E8 68B4EBFF call FamilyTr.00409AB0
0054E648 8D55 FC lea edx,dword ptr ss:
0054E64B 8B87 F4020000 mov eax,dword ptr ds:
0054E651 E8 0668F3FF call FamilyTr.00484E5C
0054E656 8B55 FC mov edx,dword ptr ss: ; 假码:(ASCII "123456789")
0054E659 B8 F8E85400 mov eax,FamilyTr.0054E8F8 ; 连接符号:“-”
0054E65E E8 C56CEBFF call FamilyTr.00405328
0054E663 8BD8 mov ebx,eax
0054E665 85DB test ebx,ebx
0054E667 75 04 jnz short FamilyTr.0054E66D
0054E669 33F6 xor esi,esi
0054E66B EB 32 jmp short FamilyTr.0054E69F
0054E66D 8D45 A8 lea eax,dword ptr ss:
0054E670 50 push eax
0054E671 8BCB mov ecx,ebx
0054E673 49 dec ecx
0054E674 BA 01000000 mov edx,0x1
0054E679 8B45 FC mov eax,dword ptr ss:
0054E67C E8 C36BEBFF call FamilyTr.00405244
0054E681 8B45 A8 mov eax,dword ptr ss:
0054E684 E8 8BB4EBFF call FamilyTr.00409B14
0054E689 8BF0 mov esi,eax
0054E68B 8D45 FC lea eax,dword ptr ss:
0054E68E 50 push eax
0054E68F 8D53 01 lea edx,dword ptr ds:
0054E692 B9 FF000000 mov ecx,0xFF
0054E697 8B45 FC mov eax,dword ptr ss:
0054E69A E8 A56BEBFF call FamilyTr.00405244
0054E69F 8B55 FC mov edx,dword ptr ss: ; 假码:(ASCII "123456789")
0054E6A2 B8 F8E85400 mov eax,FamilyTr.0054E8F8 ; 连接符号:“-”
0054E6A7 E8 7C6CEBFF call FamilyTr.00405328
0054E6AC 8BD8 mov ebx,eax
0054E6AE 85DB test ebx,ebx
0054E6B0 75 09 jnz short FamilyTr.0054E6BB
0054E6B2 33C0 xor eax,eax
0054E6B4 8945 D8 mov dword ptr ss:,eax
0054E6B7 33C0 xor eax,eax
0054E6B9 EB 3B jmp short FamilyTr.0054E6F6
0054E6BB 8D45 A4 lea eax,dword ptr ss:
0054E6BE 50 push eax
0054E6BF 8BCB mov ecx,ebx
0054E6C1 49 dec ecx
0054E6C2 BA 01000000 mov edx,0x1
0054E6C7 8B45 FC mov eax,dword ptr ss:
0054E6CA E8 756BEBFF call FamilyTr.00405244
0054E6CF 8B45 A4 mov eax,dword ptr ss:
0054E6D2 E8 3DB4EBFF call FamilyTr.00409B14
0054E6D7 8945 D8 mov dword ptr ss:,eax
0054E6DA 8D45 FC lea eax,dword ptr ss:
0054E6DD 50 push eax
0054E6DE 8D53 01 lea edx,dword ptr ds:
0054E6E1 B9 FF000000 mov ecx,0xFF
0054E6E6 8B45 FC mov eax,dword ptr ss:
0054E6E9 E8 566BEBFF call FamilyTr.00405244
0054E6EE 8B45 FC mov eax,dword ptr ss:
0054E6F1 E8 1EB4EBFF call FamilyTr.00409B14
0054E6F6 3B75 E4 cmp esi,dword ptr ss: ; 与第一次累加结果0x14D1(十进制5329)比较,不等就OVER
0054E6F9 0F85 53010000 jnz FamilyTr.0054E852 ; //跳向失败
0054E6FF 8B55 D8 mov edx,dword ptr ss:
0054E702 3B55 E0 cmp edx,dword ptr ss: ; 与第二次累加结果0x211B比较,不等就OVER
0054E705 0F85 47010000 jnz FamilyTr.0054E852 ; //跳向失败
0054E70B 3B45 DC cmp eax,dword ptr ss: ; 与第三次累加结果0x250E比较,不等就OVER
0054E70E 0F85 3E010000 jnz FamilyTr.0054E852 ; //跳向失败
0054E714 B2 01 mov dl,0x1 ; 若以上三次累加结果都相等,则下面的代码就开始把结果写入注册表并提示注册成功
【算法总结】:(以邮件名abcde@123.com为例)
邮件名(登陆名)和注册码(密码)不能为空,且邮件名格式必须正确。注册码由邮件名计算得出,非明码比较,分三段进行计算:
第一段:依次取@及其前面字符ASC码与其位置相乘:ebx=1/2/3/4/5/6,eax=61*1/62*2=C4/129//190/1F9/40*6=180再进行累加(初始值为0xD7A(十进制3450)):=D7A/DDB/E9F/FC8/1158/1351/14D1结果为0x14D1(十进制5329);
第二段:先计算取@后面ASC码的位数:点(.)的位置-2-@的位置=10-2-6=2依次取@及其后面二位ASC码:ds:=40 ('@')/31('1')/32('2')与其位置相乘:eax=eax*ebx,结果:ebx=6/7/8,eax=40*6=180/62*2=C4/157/190累加(初始值为0x1CB4(十进制7348)):=0x1CB4(7348)+180=1E34/1F8B/211B结果为0x211B(十进制8475);
第三段:先计算取ASC码需要的位数:esi-ebx=邮件名长度-[点(.)的位置-2]=13-=5,再加1=6依次取邮件名后六位:ds:=32('2')/33 ('3')/2E('.')/63 ('c')/6F ('o')/6D ('m')与其位置相乘:eax=eax*ebx,结果:ebx=8/9/A/B/C/D,eax=32*8=190/33*9=1CB/1CC/441/534/589累加(初始值为0x10E9(十进制4329)):=0x10E9(4329)+190=1279/1444/1610/1A51/1F85/250E结果为0x250E(十进制9486);
三段结果的十进制用“-”号相连接就是注册码(密码),即:5329-8475-9486
注册成功后会把信息写入注册表:HKEY_CURRENT_USER\Software\FamilyTree\FamilyTree,注册版的值为1。把值改为0,则为未注册版。
【体会】:
本程序为非明码比较,算法部分比较清晰,没有过多的干扰代码,适合吾等新手练习。
本程序是俄毛子的东西,原生不支持中文,需要中文版的可以网上搜索汉化版。本文旨在研究注册算法,至于是否实用易用好用则不在本文研究之列。
附上:FamilyTreev9.0 及 算法注册机
其实你如果仅仅是静态反编译去分析算法的话,用DeDe比OD更清晰一些。
0054E3F4 55 push ebp
0054E3F5 8BEC mov ebp, esp
0054E3F7 B90D000000 mov ecx, $0000000D
0054E3FC 6A00 push $00
0054E3FE 6A00 push $00
0054E400 49 dec ecx
0054E401 75F9 jnz 0054E3FC
0054E403 53 push ebx
0054E404 56 push esi
0054E405 57 push edi
0054E406 8BF8 mov edi, eax
0054E408 33C0 xor eax, eax
0054E40A 55 push ebp
* Possible String Reference to: '閊^?氡_^[嬪]?
|
0054E40B 68D5E85400 push $0054E8D5
***** TRY
|
0054E410 64FF30 push dword ptr fs:
0054E413 648920 mov fs:, esp
0054E416 8D55D0 lea edx,
0054E419 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E41F E8A4D3EFFF call 0044B7C8
0054E424 8B45D0 mov eax,
0054E427 8D55D4 lea edx,
* Reference to: SysUtils.Trim(AnsiString):AnsiString;overload;
|
0054E42A E865B3EBFF call 00409794
0054E42F 837DD400 cmp dword ptr , +$00
0054E433 752E jnz 0054E463
0054E435 8B15BC995800 mov edx, [$005899BC]
0054E43B 8B12 mov edx,
0054E43D A1A4995800 mov eax, dword ptr [$005899A4]
0054E442 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E444 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E44A E8A9D3EFFF call 0044B7F8
0054E44F A1A4995800 mov eax, dword ptr [$005899A4]
0054E454 8B00 mov eax,
0054E456 8B10 mov edx,
0054E458 FF92E8000000 call dword ptr
0054E45E E91D040000 jmp 0054E880
0054E463 8D55C8 lea edx,
0054E466 8B87F4020000 mov eax,
* Reference to: Mask.TCustomMaskEdit.GetText(TCustomMaskEdit):TMaskedText;
|
0054E46C E8EB69F3FF call 00484E5C
0054E471 8B45C8 mov eax,
0054E474 8D55CC lea edx,
* Reference to: SysUtils.Trim(AnsiString):AnsiString;overload;
|
0054E477 E818B3EBFF call 00409794
0054E47C 837DCC00 cmp dword ptr , +$00
0054E480 752E jnz 0054E4B0
0054E482 8B15BC995800 mov edx, [$005899BC]
0054E488 8B12 mov edx,
0054E48A A1A4995800 mov eax, dword ptr [$005899A4]
0054E48F 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E491 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E497 E85CD3EFFF call 0044B7F8
0054E49C A1A4995800 mov eax, dword ptr [$005899A4]
0054E4A1 8B00 mov eax,
0054E4A3 8B10 mov edx,
0054E4A5 FF92E8000000 call dword ptr
0054E4AB E9D0030000 jmp 0054E880
0054E4B0 8D55C4 lea edx,
0054E4B3 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E4B9 E80AD3EFFF call 0044B7C8
0054E4BE 8B55C4 mov edx,
0054E4C1 B8ECE85400 mov eax, $0054E8EC
* Reference to: System.@LStrPos;
|
0054E4C6 E85D6EEBFF call 00405328
0054E4CB 8945EC mov , eax
0054E4CE 837DEC00 cmp dword ptr , +$00
0054E4D2 752E jnz 0054E502
0054E4D4 8B15549A5800 mov edx, [$00589A54]
0054E4DA 8B12 mov edx,
0054E4DC A1A4995800 mov eax, dword ptr [$005899A4]
0054E4E1 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E4E3 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E4E9 E80AD3EFFF call 0044B7F8
0054E4EE A1A4995800 mov eax, dword ptr [$005899A4]
0054E4F3 8B00 mov eax,
0054E4F5 8B10 mov edx,
0054E4F7 FF92E8000000 call dword ptr
0054E4FD E97E030000 jmp 0054E880
0054E502 C745E47A0D0000 mov dword ptr , $00000D7A
0054E509 8B75EC mov esi,
0054E50C 85F6 test esi, esi
0054E50E 7E24 jle 0054E534
0054E510 BB01000000 mov ebx, $00000001
0054E515 8D55C0 lea edx,
0054E518 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E51E E8A5D2EFFF call 0044B7C8
0054E523 8B45C0 mov eax,
0054E526 0FB64418FF movzx eax, byte ptr
0054E52B F7EB imul ebx
0054E52D 0145E4 add , eax
0054E530 43 inc ebx
0054E531 4E dec esi
0054E532 75E1 jnz 0054E515
0054E534 8D55F8 lea edx,
0054E537 8B45E4 mov eax,
* Reference to: SysUtils.IntToStr(Integer):AnsiString;overload;
|
0054E53A E871B5EBFF call 00409AB0
0054E53F 8D55BC lea edx,
0054E542 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E548 E87BD2EFFF call 0044B7C8
0054E54D 8B45BC mov eax,
* Reference to: System.@LStrLen(String):Integer;
| or: System.@DynArrayLength;
| or: System.DynArraySize(Pointer):Integer;
| or: Variants.DynArraySize(Pointer):Integer;
|
0054E550 E8976AEBFF call 00404FEC
0054E555 83F800 cmp eax, +$00
0054E558 7C27 jl 0054E581
0054E55A 8945E8 mov , eax
0054E55D 8D55B8 lea edx,
0054E560 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E566 E85DD2EFFF call 0044B7C8
0054E56B 8B45B8 mov eax,
0054E56E 8B55E8 mov edx,
0054E571 807C10FF2E cmp byte ptr , $2E
0054E576 7409 jz 0054E581
0054E578 FF4DE8 dec dword ptr
0054E57B 837DE8FF cmp dword ptr , -$01
0054E57F 75DC jnz 0054E55D
0054E581 837DE800 cmp dword ptr , +$00
0054E585 752E jnz 0054E5B5
0054E587 8B15549A5800 mov edx, [$00589A54]
0054E58D 8B12 mov edx,
0054E58F A1A4995800 mov eax, dword ptr [$005899A4]
0054E594 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E596 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E59C E857D2EFFF call 0044B7F8
0054E5A1 A1A4995800 mov eax, dword ptr [$005899A4]
0054E5A6 8B00 mov eax,
0054E5A8 8B10 mov edx,
0054E5AA FF92E8000000 call dword ptr
0054E5B0 E9CB020000 jmp 0054E880
0054E5B5 C745E0B41C0000 mov dword ptr , $00001CB4
0054E5BC 8B5DEC mov ebx,
0054E5BF 8B75E8 mov esi,
0054E5C2 83EE02 sub esi, +$02
0054E5C5 2BF3 sub esi, ebx
0054E5C7 7C20 jl 0054E5E9
0054E5C9 46 inc esi
0054E5CA 8D55B4 lea edx,
0054E5CD 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E5D3 E8F0D1EFFF call 0044B7C8
0054E5D8 8B45B4 mov eax,
0054E5DB 0FB64418FF movzx eax, byte ptr
0054E5E0 F7EB imul ebx
0054E5E2 0145E0 add , eax
0054E5E5 43 inc ebx
0054E5E6 4E dec esi
0054E5E7 75E1 jnz 0054E5CA
0054E5E9 8D55F4 lea edx,
0054E5EC 8B45E0 mov eax,
* Reference to: SysUtils.IntToStr(Integer):AnsiString;overload;
|
0054E5EF E8BCB4EBFF call 00409AB0
0054E5F4 C745DCE9100000 mov dword ptr , $000010E9
0054E5FB 8B5DE8 mov ebx,
0054E5FE 83EB02 sub ebx, +$02
0054E601 8D55B0 lea edx,
0054E604 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E60A E8B9D1EFFF call 0044B7C8
0054E60F 8B45B0 mov eax,
* Reference to: System.@LStrLen(String):Integer;
| or: System.@DynArrayLength;
| or: System.DynArraySize(Pointer):Integer;
| or: Variants.DynArraySize(Pointer):Integer;
|
0054E612 E8D569EBFF call 00404FEC
0054E617 8BF0 mov esi, eax
0054E619 2BF3 sub esi, ebx
0054E61B 7C20 jl 0054E63D
0054E61D 46 inc esi
0054E61E 8D55AC lea edx,
0054E621 8B87F0020000 mov eax,
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
0054E627 E89CD1EFFF call 0044B7C8
0054E62C 8B45AC mov eax,
0054E62F 0FB64418FF movzx eax, byte ptr
0054E634 F7EB imul ebx
0054E636 0145DC add , eax
0054E639 43 inc ebx
0054E63A 4E dec esi
0054E63B 75E1 jnz 0054E61E
0054E63D 8D55F0 lea edx,
0054E640 8B45DC mov eax,
* Reference to: SysUtils.IntToStr(Integer):AnsiString;overload;
|
0054E643 E868B4EBFF call 00409AB0
0054E648 8D55FC lea edx,
0054E64B 8B87F4020000 mov eax,
* Reference to: Mask.TCustomMaskEdit.GetText(TCustomMaskEdit):TMaskedText;
|
0054E651 E80668F3FF call 00484E5C
0054E656 8B55FC mov edx,
0054E659 B8F8E85400 mov eax, $0054E8F8
* Reference to: System.@LStrPos;
|
0054E65E E8C56CEBFF call 00405328
0054E663 8BD8 mov ebx, eax
0054E665 85DB test ebx, ebx
0054E667 7504 jnz 0054E66D
0054E669 33F6 xor esi, esi
0054E66B EB32 jmp 0054E69F
0054E66D 8D45A8 lea eax,
0054E670 50 push eax
0054E671 8BCB mov ecx, ebx
0054E673 49 dec ecx
0054E674 BA01000000 mov edx, $00000001
0054E679 8B45FC mov eax,
* Reference to: System.@LStrCopy;
|
0054E67C E8C36BEBFF call 00405244
0054E681 8B45A8 mov eax,
* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
0054E684 E88BB4EBFF call 00409B14
0054E689 8BF0 mov esi, eax
0054E68B 8D45FC lea eax,
0054E68E 50 push eax
0054E68F 8D5301 lea edx,
0054E692 B9FF000000 mov ecx, $000000FF
0054E697 8B45FC mov eax,
* Reference to: System.@LStrCopy;
|
0054E69A E8A56BEBFF call 00405244
0054E69F 8B55FC mov edx,
0054E6A2 B8F8E85400 mov eax, $0054E8F8
* Reference to: System.@LStrPos;
|
0054E6A7 E87C6CEBFF call 00405328
0054E6AC 8BD8 mov ebx, eax
0054E6AE 85DB test ebx, ebx
0054E6B0 7509 jnz 0054E6BB
0054E6B2 33C0 xor eax, eax
0054E6B4 8945D8 mov , eax
0054E6B7 33C0 xor eax, eax
0054E6B9 EB3B jmp 0054E6F6
0054E6BB 8D45A4 lea eax,
0054E6BE 50 push eax
0054E6BF 8BCB mov ecx, ebx
0054E6C1 49 dec ecx
0054E6C2 BA01000000 mov edx, $00000001
0054E6C7 8B45FC mov eax,
* Reference to: System.@LStrCopy;
|
0054E6CA E8756BEBFF call 00405244
0054E6CF 8B45A4 mov eax,
* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
0054E6D2 E83DB4EBFF call 00409B14
0054E6D7 8945D8 mov , eax
0054E6DA 8D45FC lea eax,
0054E6DD 50 push eax
0054E6DE 8D5301 lea edx,
0054E6E1 B9FF000000 mov ecx, $000000FF
0054E6E6 8B45FC mov eax,
* Reference to: System.@LStrCopy;
|
0054E6E9 E8566BEBFF call 00405244
0054E6EE 8B45FC mov eax,
* Reference to: SysUtils.StrToInt(AnsiString):Integer;
|
0054E6F1 E81EB4EBFF call 00409B14
0054E6F6 3B75E4 cmp esi,
0054E6F9 0F8553010000 jnz 0054E852
0054E6FF 8B55D8 mov edx,
0054E702 3B55E0 cmp edx,
0054E705 0F8547010000 jnz 0054E852
0054E70B 3B45DC cmp eax,
0054E70E 0F853E010000 jnz 0054E852
0054E714 B201 mov dl, $01
0054E716 A144274700 mov eax, dword ptr [$00472744]
* Reference to: Registry.TRegistry.Create(TRegistry;boolean);overload;
|
0054E71B E82441F2FF call 00472844
0054E720 A3D8FB5800 mov dword ptr [$0058FBD8], eax
0054E725 BA01000080 mov edx, $80000001
0054E72A A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.SetRootKey(TRegistry;HKEY);
|
0054E72F E8B041F2FF call 004728E4
0054E734 6804E95400 push $0054E904
0054E739 A1309B5800 mov eax, dword ptr [$00589B30]
0054E73E FF30 push dword ptr
0054E740 6804E95400 push $0054E904
0054E745 8D45A0 lea eax,
0054E748 BA03000000 mov edx, $00000003
|
0054E74D E85A69EBFF call 004050AC
0054E752 8B55A0 mov edx,
0054E755 B101 mov cl, $01
0054E757 A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.OpenKey(TRegistry;AnsiString;Boolean):Boolean;
|
0054E75C E8C342F2FF call 00472A24
0054E761 6804E95400 push $0054E904
0054E766 A1309B5800 mov eax, dword ptr [$00589B30]
0054E76B FF30 push dword ptr
0054E76D 6804E95400 push $0054E904
0054E772 A1AC9B5800 mov eax, dword ptr [$00589BAC]
0054E777 FF30 push dword ptr
0054E779 8D459C lea eax,
0054E77C BA04000000 mov edx, $00000004
|
0054E781 E82669EBFF call 004050AC
0054E786 8B559C mov edx,
0054E789 A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.CreateKey(TRegistry;AnsiString):Boolean;
|
0054E78E E8B541F2FF call 00472948
0054E793 8B15AC9B5800 mov edx, [$00589BAC]
0054E799 8B12 mov edx,
0054E79B B101 mov cl, $01
0054E79D A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.OpenKey(TRegistry;AnsiString;Boolean):Boolean;
|
0054E7A2 E87D42F2FF call 00472A24
0054E7A7 A1C0A05800 mov eax, dword ptr [$0058A0C0]
0054E7AC C60001 mov byte ptr , $01
0054E7AF 8B0DC0A05800 mov ecx, [$0058A0C0]
0054E7B5 8A09 mov cl, byte ptr
0054E7B7 8B15AC9B5800 mov edx, [$00589BAC]
0054E7BD 8B12 mov edx,
0054E7BF A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.WriteBool(TRegistry;AnsiString;Boolean);
|
0054E7C4 E85F44F2FF call 00472C28
0054E7C9 A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: Registry.TRegistry.CloseKey(TRegistry);
|
0054E7CE E8E140F2FF call 004728B4
0054E7D3 A1D8FB5800 mov eax, dword ptr [$0058FBD8]
* Reference to: System.TObject.Free(TObject);
|
0054E7D8 E8C757EBFF call 00403FA4
0054E7DD A138995800 mov eax, dword ptr [$00589938]
0054E7E2 8B00 mov eax,
0054E7E4 8B806C050000 mov eax,
0054E7EA 33D2 xor edx, edx
* Reference to: Menus.TMenuItem.SetEnabled(TMenuItem;Boolean);
|
0054E7EC E8DBF4F0FF call 0045DCCC
0054E7F1 6810E95400 push $0054E910
0054E7F6 A144965800 mov eax, dword ptr [$00589644]
0054E7FB FF30 push dword ptr
0054E7FD 6810E95400 push $0054E910
0054E802 6810E95400 push $0054E910
0054E807 6810E95400 push $0054E910
0054E80C A1509F5800 mov eax, dword ptr [$00589F50]
0054E811 FF30 push dword ptr
0054E813 6810E95400 push $0054E910
0054E818 8D4598 lea eax,
0054E81B BA07000000 mov edx, $00000007
|
0054E820 E88768EBFF call 004050AC
0054E825 8B5598 mov edx,
0054E828 A1A4995800 mov eax, dword ptr [$005899A4]
0054E82D 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E82F 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E835 E8BECFEFFF call 0044B7F8
0054E83A A1A4995800 mov eax, dword ptr [$005899A4]
0054E83F 8B00 mov eax,
0054E841 8B10 mov edx,
0054E843 FF92E8000000 call dword ptr
0054E849 8BC7 mov eax, edi
* Reference to: Forms.TCustomForm.Close(TCustomForm);
|
0054E84B E8DCA3F1FF call 00468C2C
0054E850 EB2E jmp 0054E880
0054E852 8B1564985800 mov edx, [$00589864]
0054E858 8B12 mov edx,
0054E85A A1A4995800 mov eax, dword ptr [$005899A4]
0054E85F 8B00 mov eax,
* Reference to control MaskEdit1 : TMaskEdit
|
0054E861 8B80F4020000 mov eax,
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
0054E867 E88CCFEFFF call 0044B7F8
0054E86C A1A4995800 mov eax, dword ptr [$005899A4]
0054E871 8B00 mov eax,
0054E873 8B10 mov edx,
0054E875 FF92E8000000 call dword ptr
* Reference to: System.@Halt0;
|
0054E87B E8C463EBFF call 00404C44
0054E880 33C0 xor eax, eax
0054E882 5A pop edx
0054E883 59 pop ecx
0054E884 59 pop ecx
0054E885 648910 mov fs:, edx
****** FINALLY
|
* Possible String Reference to: '_^[嬪]?
|
0054E888 68DCE85400 push $0054E8DC
0054E88D 8D4598 lea eax,
0054E890 BA05000000 mov edx, $00000005
* Reference to: System.@LStrArrayClr(void;void;Integer);
|
0054E895 E8BE64EBFF call 00404D58
0054E89A 8D45AC lea eax,
0054E89D BA07000000 mov edx, $00000007
* Reference to: System.@LStrArrayClr(void;void;Integer);
|
0054E8A2 E8B164EBFF call 00404D58
0054E8A7 8D45C8 lea eax,
* Reference to: System.@LStrClr(void;void);
|
0054E8AA E88564EBFF call 00404D34
0054E8AF 8D45CC lea eax,
* Reference to: System.@LStrClr(void;void);
|
0054E8B2 E87D64EBFF call 00404D34
0054E8B7 8D45D0 lea eax,
* Reference to: System.@LStrClr(void;void);
|
0054E8BA E87564EBFF call 00404D34
0054E8BF 8D45D4 lea eax,
* Reference to: System.@LStrClr(void;void);
|
0054E8C2 E86D64EBFF call 00404D34
0054E8C7 8D45F0 lea eax,
0054E8CA BA04000000 mov edx, $00000004
* Reference to: System.@LStrArrayClr(void;void;Integer);
|
0054E8CF E88464EBFF call 00404D58
0054E8D4 C3 ret
* Reference to: System.@HandleFinally;
|
0054E8D5 E95E5EEBFF jmp 00404738
0054E8DA EBB1 jmp 0054E88D
****** END
|
0054E8DC 5F pop edi
0054E8DD 5E pop esi
0054E8DE 5B pop ebx
0054E8DF 8BE5 mov esp, ebp
0054E8E1 5D pop ebp
0054E8E2 C3 ret
虽然用不上,还是占个沙发,六一快乐,童鞋们! 感谢楼主分享! 学习一下。 多谢楼主的作品算法注册机。 关注一下 有时间去弄弄学习学习 学习了,谢谢