160crackme 92 算法分析汇编注册机源码
本帖最后由 whyida 于 2018-1-28 15:50 编辑这个crackme比较有意思,有一定难度但又可逆。练习算法分析恰到好处。
od 载入程序00401550/$8B4424 08 MOV EAX,DWORD PTR SS: ; HEX crackme1.00401550(猜 hWnd,Msg,wParam,lParam)
00401554|.83EC 40 SUB ESP,40
00401557|.83E8 10 SUB EAX,10 ; 替换 (消息 10..1114 退出)
0040155A|.56 PUSH ESI
0040155B|.0F84 7C010000 JZ 004016DD
00401561|.2D 00010000 SUB EAX,100
00401566|.0F84 FA000000 JZ 00401666
0040156C|.48 DEC EAX
0040156D|.0F85 77010000 JNZ 004016EA
00401573|.8B4424 50 MOV EAX,DWORD PTR SS: ; 案例 111 (WM_COMMAND) of switch crackme1.401557
00401577|.25 FFFF0000 AND EAX,0000FFFF
0040157C|.2D EA030000 SUB EAX,3EA ; 替换 (事例 3EE..3F83 退出)
00401581|.0F84 63010000 JZ 004016EA
00401587|.83E8 04 SUB EAX,4
0040158A|.0F84 B3000000 JZ 00401643
00401590|.83E8 0A SUB EAX,0A
00401593|.0F85 51010000 JNZ 004016EA
00401599|.8B7424 48 MOV ESI,DWORD PTR SS: ; 案例 3F8 of switch crackme1.40157C
0040159D|.8D4424 04 LEA EAX,
004015A1|.6A 40 PUSH 40 ; /MaxCount = 64.
004015A3|.50 PUSH EAX ; |String
004015A4|.68 EB030000 PUSH 3EB ; |ItemID = 1003.
004015A9|.56 PUSH ESI ; |hDialog
004015AA|.FF15 1C614000 CALL DWORD PTR DS:[<&USER32.GetDlgItemTe ; \USER32.GetDlgItemTextA
004015B0|.85C0 TEST EAX,EAX
004015B2|.0F84 32010000 JZ 004016EA
004015B8|.8D4C24 4C LEA ECX,
004015BC|.8D5424 48 LEA EDX,
004015C0|.51 PUSH ECX
004015C1|.52 PUSH EDX
004015C2|.8D4424 0C LEA EAX,
004015C6|.68 6C804000 PUSH OFFSET 0040806C ; ASCII "%08lX%08lX"
004015CB|.50 PUSH EAX
004015CC|.E8 1F020000 CALL 004017F0
004015D1|.8D4C24 5C LEA ECX,
004015D5|.8D5424 58 LEA EDX,
004015D9|.51 PUSH ECX ; /Arg3
004015DA|.52 PUSH EDX ; |Arg2
004015DB|.68 80894000 PUSH OFFSET 00408980 ; |Arg1 = crackme1.408980
004015E0|.E8 EBFAFFFF CALL 004010D0 ; \crackme1.004010D0
004015E5|.8B4424 64 MOV EAX,DWORD PTR SS:
004015E9|.8B0D F0994000 MOV ECX,DWORD PTR DS:
004015EF|.83C4 1C ADD ESP,1C
004015F2|.3BC1 CMP EAX,ECX
004015F4|.75 29 JNE SHORT 0040161F
004015F6|.8B4C24 4C MOV ECX,DWORD PTR SS:
004015FA|.A1 EC994000 MOV EAX,DWORD PTR DS:
004015FF|.3BC8 CMP ECX,EAX
00401601|.75 1C JNE SHORT 0040161F
00401603|.6A 30 PUSH 30 ; /Type = MB_OK|MB_ICONEXCLAMATION|MB_DEFBUTTON1|MB_APPLMODAL
00401605|.68 F0804000 PUSH OFFSET 004080F0 ; |Caption = "Success"
0040160A|.68 D4804000 PUSH OFFSET 004080D4 ; |Text = "You have done a good job."
0040160F|.56 PUSH ESI ; |hOwner
00401610|.FF15 20614000 CALL DWORD PTR DS:[<&USER32.MessageBoxA> ; \USER32.MessageBoxA
00401616|.33C0 XOR EAX,EAX
00401618|.5E POP ESI
00401619|.83C4 40 ADD ESP,40
0040161C|.C2 1000 RETN 10
0040161F|>6A 30 PUSH 30 ; /Type = MB_ICONEXCLAMATION
00401621|.FF15 24614000 CALL DWORD PTR DS:[<&USER32.MessageBeep> ; \USER32.MessageBeep
00401627|.6A 10 PUSH 10 ; /Type = MB_OK|MB_ICONHAND|MB_DEFBUTTON1|MB_APPLMODAL
00401629|.68 CC804000 PUSH OFFSET 004080CC ; |Caption = "Failed"
0040162E|.68 B0804000 PUSH OFFSET 004080B0 ; |Text = "Don't give up. Try agagin!"
00401633|.56 PUSH ESI ; |hOwner
00401634|.FF15 20614000 CALL DWORD PTR DS:[<&USER32.MessageBoxA> ; \USER32.MessageBoxA
关键call:004015E0|.E8 EBFAFFFF CALL 004010D0一目了然。内存地址 4099F0,4099EC是能否注册成功的关键。对 4099F0下内存写入断点
中断在这里:
.text:00401230 ; int __stdcall WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd)
.text:00401230 _WinMain@16 proc near ; CODE XREF: start+C9↓p
.text:00401230
.text:00401230 phkResult = dword ptr -18Ch
.text:00401230 cbData = dword ptr -188h
.text:00401230 ValueName = byte ptr -184h
.text:00401230 var_180 = dword ptr -180h
.text:00401230 var_17C = word ptr -17Ch
.text:00401230 var_178 = WNDCLASSEXA ptr -178h
.text:00401230 Msg = tagMSG ptr -148h
.text:00401230 SubKey = byte ptr -12Ch
.text:00401230 Data = byte ptr -100h
.text:00401230 hInstance = dword ptr4
.text:00401230 hPrevInstance = dword ptr8
.text:00401230 lpCmdLine = dword ptr0Ch
.text:00401230 nShowCmd = dword ptr10h
.text:00401230
.text:00401230 sub esp, 18Ch
.text:00401236 push ebx
.text:00401237 push esi
.text:00401238 mov eax, dword_4080A4
.text:0040123D push edi
.text:0040123E mov ecx, 0Ah
.text:00401243 mov esi, offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVe"...
.text:00401248 lea edi,
.text:0040124C mov dx, word_4080AC
.text:00401253 rep movsd
.text:00401255 mov ecx, dword_4080A8
.text:0040125B mov dword ptr , eax
.text:0040125F lea eax,
.text:00401263 mov , ecx
.text:00401267 push eax ; phkResult
.text:00401268 xor ebx, ebx
.text:0040126A push 0F003Fh ; samDesired
.text:0040126F lea ecx,
.text:00401273 push ebx ; ulOptions
.text:00401274 push ecx ; lpSubKey
.text:00401275 push 80000002h ; hKey
.text:0040127A mov , dx
.text:0040127F movsw
.text:00401281 call ds:RegOpenKeyExA
.text:00401287 mov esi, ds:lstrlenA
.text:0040128D test eax, eax
.text:0040128F jnz short loc_4012F9
.text:00401291 lea edx,
.text:00401295 lea eax,
.text:0040129C push edx ; lpcbData
.text:0040129D mov edx,
.text:004012A1 push eax ; lpData
.text:004012A2 push ebx ; lpType
.text:004012A3 lea ecx,
.text:004012A7 push ebx ; lpReserved
.text:004012A8 push ecx ; lpValueName
.text:004012A9 push edx ; hKey
.text:004012AA mov , 100h
.text:004012B2 call ds:RegQueryValueExA
.text:004012B8 test eax, eax
.text:004012BA jz short loc_4012CB
.text:004012BC lea eax,
.text:004012C3 push offset String2; "94940361391"
.text:004012C8 push eax
.text:004012C9 jmp short loc_4012E6
.text:004012CB ; ---------------------------------------------------------------------------
.text:004012CB
.text:004012CB loc_4012CB: ; CODE XREF: WinMain(x,x,x,x)+8A↑j
.text:004012CB lea ecx,
.text:004012D2 push ecx ; lpString
.text:004012D3 call esi ; lstrlenA
.text:004012D5 test eax, eax
.text:004012D7 jnz short loc_4012EC
.text:004012D9 lea edx,
.text:004012E0 push offset String2; "94940361391"
.text:004012E5 push edx ; lpString1
.text:004012E6
.text:004012E6 loc_4012E6: ; CODE XREF: WinMain(x,x,x,x)+99↑j
.text:004012E6 call ds:lstrcpyA
.text:004012EC
.text:004012EC loc_4012EC: ; CODE XREF: WinMain(x,x,x,x)+A7↑j
.text:004012EC mov eax,
.text:004012F0 push eax ; hKey
.text:004012F1 call ds:RegCloseKey
.text:004012F7 jmp short loc_40130C
.text:004012F9 ; ---------------------------------------------------------------------------
.text:004012F9
.text:004012F9 loc_4012F9: ; CODE XREF: WinMain(x,x,x,x)+5F↑j
.text:004012F9 lea ecx,
.text:00401300 push offset String2; "94940361391"
.text:00401305 push ecx ; lpString1
.text:00401306 call ds:lstrcpyA
.text:0040130C
.text:0040130C loc_40130C: ; CODE XREF: WinMain(x,x,x,x)+C7↑j
.text:0040130C lea edx,
.text:00401313 push edx ; lpString
.text:00401314 call esi ; lstrlenA
.text:00401316 push eax
.text:00401317 lea eax,
.text:0040131E push eax
.text:0040131F push offset unk_408980
.text:00401324 call sub_401130 ; BlowFish初始化函数
.text:00401329 push offset dword_4099EC
.text:0040132E push offset dword_4099F0
.text:00401333 push offset unk_408980
.text:00401338 mov dword_4099F0, 776F6C62h ; k1
.text:00401342 mov dword_4099EC, 68736966h ; k2
.text:0040134C call sub_401070 ; BlowFish加密算法函数
.text:00401351 mov ecx, dword_4099EC
.text:00401357 mov edx, dword_4099F0
.text:0040135D push ecx
.text:0040135E push edx
.text:0040135F push offset a08lx08lx ; "%08lX%08lX"
.text:00401364 push offset byte_4099C8 ; LPSTR
.text:00401369 call ds:wsprintfA
.text:0040136F mov edi,
.text:00401376 add esp, 28h
.text:00401379 mov , 30h
.text:00401381 mov , 3
.text:00401389 push 7F00h ; lpIconName
.text:0040138E push ebx ; hInstance
.text:0040138F mov , offset sub_4014B0
.text:00401397 mov , ebx
.text:0040139B mov , ebx
.text:0040139F mov , edi
.text:004013A3 call ds:LoadIconA
.text:004013A9 push 7F00h ; lpCursorName
.text:004013AE push ebx ; hInstance
.text:004013AF mov , eax
.text:004013B3 call ds:LoadCursorA
.text:004013B9 push ebx ; i
.text:004013BA mov , eax
.text:004013BE call ds:GetStockObject
.text:004013C4 mov , ebx
.text:004013C8 mov , offset ClassName ; "Win32APP"
.text:004013D0 mov , eax
.text:004013D4 lea eax,
.text:004013D8 push eax ; WNDCLASSEXA *
.text:004013D9 mov , ebx
.text:004013DD call ds:RegisterClassExA
.text:004013E3 push ebx ; lpParam
.text:004013E4 push edi ; hInstance
.text:004013E5 push ebx ; hMenu
.text:004013E6 push ebx ; hWndParent
.text:004013E7 push 80000000h ; nHeight
.text:004013EC push 80000000h ; nWidth
.text:004013F1 push 80000000h ; Y
.text:004013F6 push 80000000h ; X
.text:004013FB push 0CF0000h ; dwStyle
.text:00401400 push offset WindowName ; "Win32APP"
.text:00401405 push offset ClassName ; "Win32APP"
.text:0040140A push ebx ; dwExStyle
.text:0040140B call ds:CreateWindowExA
.text:00401411 push 6 ; nCmdShow
.text:00401413 push eax ; hWnd
.text:00401414 mov hWnd, eax
.text:00401419 call ds:ShowWindow
.text:0040141F mov ecx, hWnd
.text:00401425 push ecx ; hWnd
.text:00401426 call ds:UpdateWindow
.text:0040142C push offset String ; "ChinaCrackingGroup"
.text:00401431 call esi ; lstrlenA
.text:00401433 push eax
.text:00401434 push offset String ; "ChinaCrackingGroup"
.text:00401439 push offset unk_408980
.text:0040143E call sub_401130
.text:00401443 mov esi, ds:GetMessageA
.text:00401449 add esp, 0Ch
.text:0040144C lea edx,
.text:00401450 push ebx ; wMsgFilterMax
.text:00401451 push ebx ; wMsgFilterMin
.text:00401452 push ebx ; hWnd
.text:00401453 push edx ; lpMsg
.text:00401454 call esi ; GetMessageA
.text:00401456 test eax, eax
.text:00401458 jz short loc_401494
.text:0040145A mov edi, ds:TranslateMessage
.text:00401460 push ebp
.text:00401461 mov ebp, ds:DispatchMessageA
.text:00401467
.text:00401467 loc_401467: ; CODE XREF: WinMain(x,x,x,x)+251↓j
.text:00401467 lea eax,
.text:0040146B push eax ; lpMsg
.text:0040146C call edi ; TranslateMessage
.text:0040146E lea ecx,
.text:00401472 push ecx ; lpMsg
.text:00401473 call ebp ; DispatchMessageA
.text:00401475 push ebx ; wMsgFilterMax
.text:00401476 push ebx ; wMsgFilterMin
.text:00401477 lea edx,
.text:0040147B push ebx ; hWnd
.text:0040147C push edx ; lpMsg
.text:0040147D call esi ; GetMessageA
.text:0040147F test eax, eax
.text:00401481 jnz short loc_401467
.text:00401483 mov eax,
.text:00401487 pop ebp
.text:00401488 pop edi
.text:00401489 pop esi
.text:0040148A pop ebx
.text:0040148B add esp, 18Ch
.text:00401491 retn 10h
调试几次就明白这段代码的意思。取系统版本ID,如果得不到则用 "94940361391"代替。
401130(算法初始化)->401070(加密)->401000(s盒变换)->401070(加密)->401000(s盒变换)形成密文S1.
得到注册码->4010D0->401000形成密文S2.
.text:004010D0 sub_4010D0 proc near ; CODE XREF: DialogFunc+90↓p
.text:004010D0
.text:004010D0 arg_0 = dword ptr4
.text:004010D0 arg_4 = dword ptr8
.text:004010D0 arg_8 = dword ptr0Ch
.text:004010D0
.text:004010D0 mov eax,
.text:004010D4 mov ecx,
.text:004010D8 push ebx
.text:004010D9 push ebp
.text:004010DA mov eax,
.text:004010DC push esi
.text:004010DD mov esi,
.text:004010DF push edi
.text:004010E0 mov edi,
.text:004010E4 mov , 10h
.text:004010EC lea ebx,
.text:004010EF
.text:004010EF loc_4010EF: ; CODE XREF: sub_4010D0+3D↓j
.text:004010EF xor eax,
.text:004010F1 push eax
.text:004010F2 push edi
.text:004010F3 mov ebp, eax
.text:004010F5 call sub_401000
.text:004010FA mov ecx,
.text:004010FE add esp, 8
.text:00401101 xor eax, esi
.text:00401103 sub ebx, 4
.text:00401106 dec ecx
.text:00401107 mov esi, ebp
.text:00401109 mov , ecx
.text:0040110D jnz short loc_4010EF
.text:0040110F mov ecx,
.text:00401112 mov edx,
.text:00401114 xor ecx, eax
.text:00401116 mov eax,
.text:0040111A xor edx, esi
.text:0040111C pop edi
.text:0040111D mov , edx
.text:0040111F mov edx,
.text:00401123 pop esi
.text:00401124 pop ebp
.text:00401125 mov , ecx
.text:00401127 pop ebx
.text:00401128 retn
.text:00401128 sub_4010D0 endp
上面的代码形成密文S2,s1=s2则注册成功。
算法流程就是这样。解密基本就是对加密过程的逆序。其中的s盒,p盒可以在网上找,也可以从内存中扣数据。
下面是fasm 汇编注册机代码。
; DialogBox example
;fasm 1.73测试通过
format PE GUI 4.0
entry start
include 'win32a.inc'
ID_CAPTION = 101
ID_MESSAGE = 102
ID_ICONERROR = 201
ID_ICONINFORMATION = 202
ID_ICONQUESTION = 203
ID_ICONWARNING = 204
ID_TOPMOST = 301
section '.text' code readable executable
start:
invokeGetModuleHandle,0
invokeDialogBoxParam,eax,37,HWND_DESKTOP,DialogProc,0
or eax,eax
jz exit
;invokeMessageBox,HWND_DESKTOP,message,caption,
;invokeSetDlgItemText,HWND_DESKTOP,ID_MESSAGE,message,
exit:
invokeExitProcess,0
;##############################################################s盒变换函数
;s盒变换函数
proc BlowFish_FunBfNum
push ebx edi esi edx ecx
MOV ECX,
MOV AL,CL
AND EAX,0FFh
SHR ECX,08
MOV EDX,EAX
MOV AL,CL
MOV EDI,key
AND EAX,0FFh
SHR ECX,08
MOV ESI,EAX
MOV EAX,ECX
SHR EAX,08
AND EAX,0FFh
AND ECX,0FFh
AND ESI,0FFFFh
AND EDX,0FFFFh
MOV EAX,
MOV EBX,
MOV ECX,
ADD EAX,EBX
XOR EAX,ECX
MOV ECX,
ADD EAX,ECX
;popad
popecx edx esi edi ebx
leave
RET
endp
;############################################################
;BlowFish加密算法函数
proc BlowFish_En highbf,lowbf
local num :DWORD
push ebx edi esi edx ecx
;pushad
MOV EAX,
MOV ECX,
MOV EAX,
MOV ESI,
MOV EDI, key
MOV ,10h
MOV EBX,EDI
loc_40108E:
XOR EAX,
MOV EDX,EAX
push EAX
call BlowFish_Fun
;invoke,eax
;stdcall BlowFish_Fun,eax
add esp,4
MOV ECX,
XOR EAX,ESI
ADD EBX,4
DEC ECX
MOV ESI,EDX
MOV ,ECX
JNZ loc_40108E
MOV ECX,
MOV EDX,
XOR ECX,EAX
XOR EDX,ESI
MOV ,EDX
MOV ,ECX
;popad
pop ecx edx esi edi ebx
leave
RET
endp
;################################################################################
;BlowFish初始化函数
proc BlowFish_InitPWD,len_PWD
local pbox_num18 :DWORD
local pbox_num4:DWORD
local snum :DWORD
;初始化s盒
push ebx edi esi edx ecx
;pushad
MOV ESI,key
MOV EAX, sbox1
LEA ECX,
loc_401141:
MOV EDX,0100h
loc_401146:
MOV EDI,
ADD EAX,4
MOV ,EDI
ADD ECX,4
DEC EDX
JNZ loc_401146
CMP EAX,sbox1+1000h
JL loc_401141
;初始化p盒
;第一步:原p盒与PWD逐项异或
MOV EDX,
MOV EDI, pbox
XOR EAX,EAX
SUB EDI,ESI
MOV ,12h
loc_401173:
XOR ECX,ECX
MOV ,04
loc_40117D:
XOR EBX,EBX
MOV BL,
SHL ECX,08
OR ECX,EBX
INC EAX
CMP EAX,
JL loc_40118E
XOR EAX,EAX
loc_40118E:
MOV EBX,
DEC EBX
MOV ,EBX
JNZ loc_40117D
MOV EBX,
ADD ESI,4
XOR EBX,ECX
MOV ECX,
MOV ,EBX
DEC ECX
MOV ,ECX
JNZ loc_401173
;用连续的blowfish算法填充p盒
MOV EBX, key
XOR EAX,EAX
MOV ,EAX
MOV ,EAX
MOV ESI,EBX
MOV EDI,09
loc_4011C4:
LEA EAX,
LEA ECX,
push eax
push ecx
call BlowFish_En
MOV EAX,
MOV ECX,
MOV ,EAX
MOV ,ECX
ADD ESI,8
DEC EDI
JNZ loc_4011C4
;用连续的blowfish算法填充s盒
LEA ESI,
MOV ,04 ;4个s盒。
loc_4011F2:
MOV EDI,80H ;每个盒填充80h=128次(每次填充两个数)。
loc_4011F7:
LEA ECX,
LEA EDX,
push ecx
push edx
call BlowFish_En
MOV ECX,
MOV EDX,
MOV ,ECX
MOV ,EDX
ADD ESI,8
DEC EDI
JNZ loc_4011F7
DEC
JNZ loc_4011F2
;popad
pop ecx edx esi edi ebx
leave
RET
endp
;###########################################################################
proc getreg hwnddlg
; pushad
; 算法开始
;
push ebx edi esi edx ecx
invokeGetDlgItemText,,ID_CAPTION,szID,11h
xor ebx,ebx
xor eax,eax
mov esi, szID
mov ecx,8
@@33:
or ebx,eax
xor eax,eax
lodsb
cmp eax,39h
jle @@3
sub eax,7
@@3:
sub eax,30h
shl ebx,4
loop @@33
or ebx,eax
mov ,ebx
mov esi,szID+8
mov ecx,8
xor eax,eax
xor ebx,ebx
@@44:
or ebx,eax
lodsb
cmp eax,39h
jle @@4
sub eax,7
@@4:
sub eax,30h
shl ebx,4
loop @@44
or ebx,eax
mov ,ebx
;…………………………………………………………………………………………………………
;如果你直接用ComputerID产生序列号,这里后面的所有语句你都应将其激活
; invoke BlowFish_Init,offset PW_1,23
; invoke BlowFish_En,offset data1_p,offset data1_p+4
; MOV EAX,BFHIGH
; ;MOV MYBFHIGH,EAX
; MOV EAX,BFLOW
; MOV MYBFLOW,EAX
; push 12h
; push PW_2
; call BlowFish_Init
stdcallBlowFish_Init,PW_2,12h
;invokeBlowFish_Init,PW_2,18h
; push MYBFLOW
; push MYBFHIGH
; call BlowFish_En
stdcall BlowFish_En, MYBFHIGH , MYBFLOW
MOV EAX,
MOV ,EAX
MOV EAX,
MOV ,EAX
;push0Eh
;push PW_3
;call BlowFish_Init
stdcallBlowFish_Init,PW_3,0Eh
;push MYBFLOW
;push MYBFHIGH
;call BlowFish_En
stdcall BlowFish_En,MYBFHIGH,MYBFLOW
mov ebx,
mov eax,ebx
mov edi,szText
mov ecx,8
@@12:
mov eax,ebx
shl ebx,4
shr eax,1Ch
cmp eax,9
jle @@11
add eax,7
@@11: add eax,30h
and eax,0ffh
stosb
loop @@12
mov ebx,
mov eax,ebx
mov edi,szText+8
mov ecx,8
@@22:
mov eax,ebx
shl ebx,4
shr eax,1Ch
cmp eax,9
jle @@21
add eax,7
@@21:
add eax,30h
and eax,0ffh
stosb
loop @@22
xor eax,eax
mov ,eax
invoke SetDlgItemText,,ID_MESSAGE, szText
mov eax,FALSE
;popad
pop ecx edx esi edi ebx
;leave
ret
endp
;…
proc DialogProc hwnddlg,msg,wparam,lparam
push ebx esi edi
cmp ,WM_INITDIALOG
je .wminitdialog
cmp ,WM_COMMAND
je .wmcommand
cmp ,WM_CLOSE
je .wmclose
xor eax,eax
jmp .finish
.wminitdialog:
invokeCheckRadioButton,,ID_ICONERROR,ID_ICONWARNING,ID_ICONINFORMATION
jmp .processed
.wmcommand:
cmp ,BN_CLICKED shl 16 + IDCANCEL
je .wmclose
cmp ,BN_CLICKED shl 16 + IDOK
jne .processed
;###########################################################################################ueserID
;invokeGetDlgItemText,,ID_CAPTION,szID,40h
push
call getreg
jmp .processed
;invoke SetDlgItemText,hWnd,Edit2,offset szText
;#############################################################################
invokeGetDlgItemText,,ID_MESSAGE,message,100h
mov ,MB_OK
invokeIsDlgButtonChecked,,ID_ICONERROR
cmp eax,BST_CHECKED
jne .iconerror_ok
or ,MB_ICONERROR
.iconerror_ok:
invokeIsDlgButtonChecked,,ID_ICONINFORMATION
cmp eax,BST_CHECKED
jne .iconinformation_ok
or ,MB_ICONINFORMATION
.iconinformation_ok:
invokeIsDlgButtonChecked,,ID_ICONQUESTION
cmp eax,BST_CHECKED
jne .iconquestion_ok
or ,MB_ICONQUESTION
.iconquestion_ok:
invokeIsDlgButtonChecked,,ID_ICONWARNING
cmp eax,BST_CHECKED
jne .iconwarning_ok
or ,MB_ICONWARNING
.iconwarning_ok:
invokeIsDlgButtonChecked,,ID_TOPMOST
cmp eax,BST_CHECKED
jne .topmost_ok
or ,MB_TOPMOST
.topmost_ok:
invokeEndDialog,,1
jmp .processed
.wmclose:
invokeEndDialog,,0
.processed:
mov eax,1
.finish:
pop edi esi ebx
ret
endp
section '.bss' readable writeable
flags dd ?
caption rb 40h
message rb 100h
PW_2 db "ChinaCrackingGroup"
PW_3 db "CrackingForFun"
szID db 20 dup(0)
szText db 9 dup(0)
data1_p dd 0776f6c62h, 068736966h
key dd 1058 dup (0)
BFLOW dd 0
BFHIGH dd 0
MYBFLOW DD 0
MYBFHIGH DD 0
pbox dd 0243f6a88h, 085a308d3h, 013198a2eh, 003707344h, 0a4093822h, 0299f31d0h
dd 0082efa98h, 0ec4e6c89h, 0452821e6h, 038d01377h, 0be5466cfh, 034e90c6ch
dd 0c0ac29b7h, 0c97c50ddh, 03f84d5b5h, 0b5470917h, 09216d5d9h, 08979fb1bh
sbox1 dd 0d1310ba6h, 098dfb5ach, 02ffd72dbh, 0d01adfb7h, 0b8e1afedh, 06a267e96h
dd 0ba7c9045h, 0f12c7f99h, 024a19947h, 0b3916cf7h, 00801f2e2h, 0858efc16h
dd 0636920d8h, 071574e69h, 0a458fea3h, 0f4933d7eh, 00d95748fh, 0728eb658h
dd 0718bcd58h, 082154aeeh, 07b54a41dh, 0c25a59b5h, 09c30d539h, 02af26013h
dd 0c5d1b023h, 0286085f0h, 0ca417918h, 0b8db38efh, 08e79dcb0h, 0603a180eh
dd 06c9e0e8bh, 0b01e8a3eh, 0d71577c1h, 0bd314b27h, 078af2fdah, 055605c60h
dd 0e65525f3h, 0aa55ab94h, 057489862h, 063e81440h, 055ca396ah, 02aab10b6h
dd 0b4cc5c34h, 01141e8ceh, 0a15486afh, 07c72e993h, 0b3ee1411h, 0636fbc2ah
dd 02ba9c55dh, 0741831f6h, 0ce5c3e16h, 09b87931eh, 0afd6ba33h, 06c24cf5ch
dd 07a325381h, 028958677h, 03b8f4898h, 06b4bb9afh, 0c4bfe81bh, 066282193h
dd 061d809cch, 0fb21a991h, 0487cac60h, 05dec8032h, 0ef845d5dh, 0e98575b1h
dd 0dc262302h, 0eb651b88h, 023893e81h, 0d396acc5h, 00f6d6ff3h, 083f44239h
dd 02e0b4482h, 0a4842004h, 069c8f04ah, 09e1f9b5eh, 021c66842h, 0f6e96c9ah
dd 0670c9c61h, 0abd388f0h, 06a51a0d2h, 0d8542f68h, 0960fa728h, 0ab5133a3h
dd 06eef0b6ch, 0137a3be4h, 0ba3bf050h, 07efb2a98h, 0a1f1651dh, 039af0176h
dd 066ca593eh, 082430e88h, 08cee8619h, 0456f9fb4h, 07d84a5c3h, 03b8b5ebeh
dd 0e06f75d8h, 085c12073h, 0401a449fh, 056c16aa6h, 04ed3aa62h, 0363f7706h
dd 01bfedf72h, 0429b023dh, 037d0d724h, 0d00a1248h, 0db0fead3h, 049f1c09bh
dd 0075372c9h, 080991b7bh, 025d479d8h, 0f6e8def7h, 0e3fe501ah, 0b6794c3bh
dd 0976ce0bdh, 004c006bah, 0c1a94fb6h, 0409f60c4h, 05e5c9ec2h, 0196a2463h
dd 068fb6fafh, 03e6c53b5h, 01339b2ebh, 03b52ec6fh, 06dfc511fh, 09b30952ch
dd 0cc814544h, 0af5ebd09h, 0bee3d004h, 0de334afdh, 0660f2807h, 0192e4bb3h
dd 0c0cba857h, 045c8740fh, 0d20b5f39h, 0b9d3fbdbh, 05579c0bdh, 01a60320ah
dd 0d6a100c6h, 0402c7279h, 0679f25feh, 0fb1fa3cch, 08ea5e9f8h, 0db3222f8h
dd 03c7516dfh, 0fd616b15h, 02f501ec8h, 0ad0552abh, 0323db5fah, 0fd238760h
dd 053317b48h, 03e00df82h, 09e5c57bbh, 0ca6f8ca0h, 01a87562eh, 0df1769dbh
dd 0d542a8f6h, 0287effc3h, 0ac6732c6h, 08c4f5573h, 0695b27b0h, 0bbca58c8h
dd 0e1ffa35dh, 0b8f011a0h, 010fa3d98h, 0fd2183b8h, 04afcb56ch, 02dd1d35bh
dd 09a53e479h, 0b6f84565h, 0d28e49bch, 04bfb9790h, 0e1ddf2dah, 0a4cb7e33h
dd 062fb1341h, 0cee4c6e8h, 0ef20cadah, 036774c01h, 0d07e9efeh, 02bf11fb4h
dd 095dbda4dh, 0ae909198h, 0eaad8e71h, 06b93d5a0h, 0d08ed1d0h, 0afc725e0h
dd 08e3c5b2fh, 08e7594b7h, 08ff6e2fbh, 0f2122b64h, 08888b812h, 0900df01ch
dd 04fad5ea0h, 0688fc31ch, 0d1cff191h, 0b3a8c1adh, 02f2f2218h, 0be0e1777h
dd 0ea752dfeh, 08b021fa1h, 0e5a0cc0fh, 0b56f74e8h, 018acf3d6h, 0ce89e299h
dd 0b4a84fe0h, 0fd13e0b7h, 07cc43b81h, 0d2ada8d9h, 0165fa266h, 080957705h
dd 093cc7314h, 0211a1477h, 0e6ad2065h, 077b5fa86h, 0c75442f5h, 0fb9d35cfh
dd 0ebcdaf0ch, 07b3e89a0h, 0d6411bd3h, 0ae1e7e49h, 000250e2dh, 02071b35eh
dd 0226800bbh, 057b8e0afh, 02464369bh, 0f009b91eh, 05563911dh, 059dfa6aah
dd 078c14389h, 0d95a537fh, 0207d5ba2h, 002e5b9c5h, 083260376h, 06295cfa9h
dd 011c81968h, 04e734a41h, 0b3472dcah, 07b14a94ah, 01b510052h, 09a532915h
dd 0d60f573fh, 0bc9bc6e4h, 02b60a476h, 081e67400h, 008ba6fb5h, 0571be91fh
dd 0f296ec6bh, 02a0dd915h, 0b6636521h, 0e7b9f9b6h, 0ff34052eh, 0c5855664h
dd 053b02d5dh, 0a99f8fa1h, 008ba4799h, 06e85076ah
sbox2 dd 04b7a70e9h, 0b5b32944h
dd 0db75092eh, 0c4192623h, 0ad6ea6b0h, 049a7df7dh, 09cee60b8h, 08fedb266h
dd 0ecaa8c71h, 0699a17ffh, 05664526ch, 0c2b19ee1h, 0193602a5h, 075094c29h
dd 0a0591340h, 0e4183a3eh, 03f54989ah, 05b429d65h, 06b8fe4d6h, 099f73fd6h
dd 0a1d29c07h, 0efe830f5h, 04d2d38e6h, 0f0255dc1h, 04cdd2086h, 08470eb26h
dd 06382e9c6h, 0021ecc5eh, 009686b3fh, 03ebaefc9h, 03c971814h, 06b6a70a1h
dd 0687f3584h, 052a0e286h, 0b79c5305h, 0aa500737h, 03e07841ch, 07fdeae5ch
dd 08e7d44ech, 05716f2b8h, 0b03ada37h, 0f0500c0dh, 0f01c1f04h, 00200b3ffh
dd 0ae0cf51ah, 03cb574b2h, 025837a58h, 0dc0921bdh, 0d19113f9h, 07ca92ff6h
dd 094324773h, 022f54701h, 03ae5e581h, 037c2dadch, 0c8b57634h, 09af3dda7h
dd 0a9446146h, 00fd0030eh, 0ecc8c73eh, 0a4751e41h, 0e238cd99h, 03bea0e2fh
dd 03280bba1h, 0183eb331h, 04e548b38h, 04f6db908h, 06f420d03h, 0f60a04bfh
dd 02cb81290h, 024977c79h, 05679b072h, 0bcaf89afh, 0de9a771fh, 0d9930810h
dd 0b38bae12h, 0dccf3f2eh, 05512721fh, 02e6b7124h, 0501adde6h, 09f84cd87h
dd 07a584718h, 07408da17h, 0bc9f9abch, 0e94b7d8ch, 0ec7aec3ah, 0db851dfah
dd 063094366h, 0c464c3d2h, 0ef1c1847h, 03215d908h, 0dd433b37h, 024c2ba16h
dd 012a14d43h, 02a65c451h, 050940002h, 0133ae4ddh, 071dff89eh, 010314e55h
dd 081ac77d6h, 05f11199bh, 0043556f1h, 0d7a3c76bh, 03c11183bh, 05924a509h
dd 0f28fe6edh, 097f1fbfah, 09ebabf2ch, 01e153c6eh, 086e34570h, 0eae96fb1h
dd 0860e5e0ah, 05a3e2ab3h, 0771fe71ch, 04e3d06fah, 02965dcb9h, 099e71d0fh
dd 0803e89d6h, 05266c825h, 02e4cc978h, 09c10b36ah, 0c6150ebah, 094e2ea78h
dd 0a5fc3c53h, 01e0a2df4h, 0f2f74ea7h, 0361d2b3dh, 01939260fh, 019c27960h
dd 05223a708h, 0f71312b6h, 0ebadfe6eh, 0eac31f66h, 0e3bc4595h, 0a67bc883h
dd 0b17f37d1h, 0018cff28h, 0c332ddefh, 0be6c5aa5h, 065582185h, 068ab9802h
dd 0eecea50fh, 0db2f953bh, 02aef7dadh, 05b6e2f84h, 01521b628h, 029076170h
dd 0ecdd4775h, 0619f1510h, 013cca830h, 0eb61bd96h, 00334fe1eh, 0aa0363cfh
dd 0b5735c90h, 04c70a239h, 0d59e9e0bh, 0cbaade14h, 0eecc86bch, 060622ca7h
dd 09cab5cabh, 0b2f3846eh, 0648b1eafh, 019bdf0cah, 0a02369b9h, 0655abb50h
dd 040685a32h, 03c2ab4b3h, 0319ee9d5h, 0c021b8f7h, 09b540b19h, 0875fa099h
dd 095f7997eh, 0623d7da8h, 0f837889ah, 097e32d77h, 011ed935fh, 016681281h
dd 00e358829h, 0c7e61fd6h, 096dedfa1h, 07858ba99h, 057f584a5h, 01b227263h
dd 09b83c3ffh, 01ac24696h, 0cdb30aebh, 0532e3054h, 08fd948e4h, 06dbc3128h
dd 058ebf2efh, 034c6ffeah, 0fe28ed61h, 0ee7c3c73h, 05d4a14d9h, 0e864b7e3h
dd 042105d14h, 0203e13e0h, 045eee2b6h, 0a3aaabeah, 0db6c4f15h, 0facb4fd0h
dd 0c742f442h, 0ef6abbb5h, 0654f3b1dh, 041cd2105h, 0d81e799eh, 086854dc7h
dd 0e44b476ah, 03d816250h, 0cf62a1f2h, 05b8d2646h, 0fc8883a0h, 0c1c7b6a3h
dd 07f1524c3h, 069cb7492h, 047848a0bh, 05692b285h, 0095bbf00h, 0ad19489dh
dd 01462b174h, 023820e00h, 058428d2ah, 00c55f5eah, 01dadf43eh, 0233f7061h
dd 03372f092h, 08d937e41h, 0d65fecf1h, 06c223bdbh, 07cde3759h, 0cbee7460h
dd 04085f2a7h, 0ce77326eh, 0a6078084h, 019f8509eh, 0e8efd855h, 061d99735h
dd 0a969a7aah, 0c50c06c2h, 05a04abfch, 0800bcadch, 09e447a2eh, 0c3453484h
dd 0fdd56705h, 00e1e9ec9h, 0db73dbd3h, 0105588cdh, 0675fda79h, 0e3674340h
dd 0c5c43465h, 0713e38d8h, 03d28f89eh, 0f16dff20h, 0153e21e7h, 08fb03d4ah
dd 0e6e39f2bh, 0db83adf7h
sbox3 dd 0e93d5a68h, 0948140f7h, 0f64c261ch, 094692934h
dd 0411520f7h, 07602d4f7h, 0bcf46b2eh, 0d4a20068h, 0d4082471h, 03320f46ah
dd 043b7d4b7h, 0500061afh, 01e39f62eh, 097244546h, 014214f74h, 0bf8b8840h
dd 04d95fc1dh, 096b591afh, 070f4ddd3h, 066a02f45h, 0bfbc09ech, 003bd9785h
dd 07fac6dd0h, 031cb8504h, 096eb27b3h, 055fd3941h, 0da2547e6h, 0abca0a9ah
dd 028507825h, 0530429f4h, 00a2c86dah, 0e9b66dfbh, 068dc1462h, 0d7486900h
dd 0680ec0a4h, 027a18deeh, 04f3ffea2h, 0e887ad8ch, 0b58ce006h, 07af4d6b6h
dd 0aace1e7ch, 0d3375fech, 0ce78a399h, 0406b2a42h, 020fe9e35h, 0d9f385b9h
dd 0ee39d7abh, 03b124e8bh, 01dc9faf7h, 04b6d1856h, 026a36631h, 0eae397b2h
dd 03a6efa74h, 0dd5b4332h, 06841e7f7h, 0ca7820fbh, 0fb0af54eh, 0d8feb397h
dd 0454056ach, 0ba489527h, 055533a3ah, 020838d87h, 0fe6ba9b7h, 0d096954bh
dd 055a867bch, 0a1159a58h, 0cca92963h, 099e1db33h, 0a62a4a56h, 03f3125f9h
dd 05ef47e1ch, 09029317ch, 0fdf8e802h, 004272f70h, 080bb155ch, 005282ce3h
dd 095c11548h, 0e4c66d22h, 048c1133fh, 0c70f86dch, 007f9c9eeh, 041041f0fh
dd 0404779a4h, 05d886e17h, 0325f51ebh, 0d59bc0d1h, 0f2bcc18fh, 041113564h
dd 0257b7834h, 0602a9c60h, 0dff8e8a3h, 01f636c1bh, 00e12b4c2h, 002e1329eh
dd 0af664fd1h, 0cad18115h, 06b2395e0h, 0333e92e1h, 03b240b62h, 0eebeb922h
dd 085b2a20eh, 0e6ba0d99h, 0de720c8ch, 02da2f728h, 0d0127845h, 095b794fdh
dd 0647d0862h, 0e7ccf5f0h, 05449a36fh, 0877d48fah, 0c39dfd27h, 0f33e8d1eh
dd 00a476341h, 0992eff74h, 03a6f6eabh, 0f4f8fd37h, 0a812dc60h, 0a1ebddf8h
dd 0991be14ch, 0db6e6b0dh, 0c67b5510h, 06d672c37h, 02765d43bh, 0dcd0e804h
dd 0f1290dc7h, 0cc00ffa3h, 0b5390f92h, 0690fed0bh, 0667b9ffbh, 0cedb7d9ch
dd 0a091cf0bh, 0d9155ea3h, 0bb132f88h, 0515bad24h, 07b9479bfh, 0763bd6ebh
dd 037392eb3h, 0cc115979h, 08026e297h, 0f42e312dh, 06842ada7h, 0c66a2b3bh
dd 012754ccch, 0782ef11ch, 06a124237h, 0b79251e7h, 006a1bbe6h, 04bfb6350h
dd 01a6b1018h, 011caedfah, 03d25bdd8h, 0e2e1c3c9h, 044421659h, 00a121386h
dd 0d90cec6eh, 0d5abea2ah, 064af674eh, 0da86a85fh, 0bebfe988h, 064e4c3feh
dd 09dbc8057h, 0f0f7c086h, 060787bf8h, 06003604dh, 0d1fd8346h, 0f6381fb0h
dd 07745ae04h, 0d736fccch, 083426b33h, 0f01eab71h, 0b0804187h, 03c005e5fh
dd 077a057beh, 0bde8ae24h, 055464299h, 0bf582e61h, 04e58f48fh, 0f2ddfda2h
dd 0f474ef38h, 08789bdc2h, 05366f9c3h, 0c8b38e74h, 0b475f255h, 046fcd9b9h
dd 07aeb2661h, 08b1ddf84h, 0846a0e79h, 0915f95e2h, 0466e598eh, 020b45770h
dd 08cd55591h, 0c902de4ch, 0b90bace1h, 0bb8205d0h, 011a86248h, 07574a99eh
dd 0b77f19b6h, 0e0a9dc09h, 0662d09a1h, 0c4324633h, 0e85a1f02h, 009f0be8ch
dd 04a99a025h, 01d6efe10h, 01ab93d1dh, 00ba5a4dfh, 0a186f20fh, 02868f169h
dd 0dcb7da83h, 0573906feh, 0a1e2ce9bh, 04fcd7f52h, 050115e01h, 0a70683fah
dd 0a002b5c4h, 00de6d027h, 09af88c27h, 0773f8641h, 0c3604c06h, 061a806b5h
dd 0f0177a28h, 0c0f586e0h, 0006058aah, 030dc7d62h, 011e69ed7h, 02338ea63h
dd 053c2dd94h, 0c2c21634h, 0bbcbee56h, 090bcb6deh, 0ebfc7da1h, 0ce591d76h
dd 06f05e409h, 04b7c0188h, 039720a3dh, 07c927c24h, 086e3725fh, 0724d9db9h
dd 01ac15bb4h, 0d39eb8fch, 0ed545578h, 008fca5b5h, 0d83d7cd3h, 04dad0fc4h
dd 01e50ef5eh, 0b161e6f8h, 0a28514d9h, 06c51133ch, 06fd5c7e7h, 056e14ec4h
dd 0362abfceh, 0ddc6c837h, 0d79a3234h, 092638212h, 0670efa8eh, 0406000e0h
sbox4 dd 03a39ce37h, 0d3faf5cfh, 0abc27737h, 05ac52d1bh, 05cb0679eh, 04fa33742h
dd 0d3822740h, 099bc9bbeh, 0d5118e9dh, 0bf0f7315h, 0d62d1c7eh, 0c700c47bh
dd 0b78c1b6bh, 021a19045h, 0b26eb1beh, 06a366eb4h, 05748ab2fh, 0bc946e79h
dd 0c6a376d2h, 06549c2c8h, 0530ff8eeh, 0468dde7dh, 0d5730a1dh, 04cd04dc6h
dd 02939bbdbh, 0a9ba4650h, 0ac9526e8h, 0be5ee304h, 0a1fad5f0h, 06a2d519ah
dd 063ef8ce2h, 09a86ee22h, 0c089c2b8h, 043242ef6h, 0a51e03aah, 09cf2d0a4h
dd 083c061bah, 09be96a4dh, 08fe51550h, 0ba645bd6h, 02826a2f9h, 0a73a3ae1h
dd 04ba99586h, 0ef5562e9h, 0c72fefd3h, 0f752f7dah, 03f046f69h, 077fa0a59h
dd 080e4a915h, 087b08601h, 09b09e6adh, 03b3ee593h, 0e990fd5ah, 09e34d797h
dd 02cf0b7d9h, 0022b8b51h, 096d5ac3ah, 0017da67dh, 0d1cf3ed6h, 07c7d2d28h
dd 01f9f25cfh, 0adf2b89bh, 05ad6b472h, 05a88f54ch, 0e029ac71h, 0e019a5e6h
dd 047b0acfdh, 0ed93fa9bh, 0e8d3c48dh, 0283b57cch, 0f8d56629h, 079132e28h
dd 0785f0191h, 0ed756055h, 0f7960e44h, 0e3d35e8ch, 015056dd4h, 088f46dbah
dd 003a16125h, 00564f0bdh, 0c3eb9e15h, 03c9057a2h, 097271aech, 0a93a072ah
dd 01b3f6d9bh, 01e6321f5h, 0f59c66fbh, 026dcf319h, 07533d928h, 0b155fdf5h
dd 003563482h, 08aba3cbbh, 028517711h, 0c20ad9f8h, 0abcc5167h, 0ccad925fh
dd 04de81751h, 03830dc8eh, 0379d5862h, 09320f991h, 0ea7a90c2h, 0fb3e7bceh
dd 05121ce64h, 0774fbe32h, 0a8b6e37eh, 0c3293d46h, 048de5369h, 06413e680h
dd 0a2ae0810h, 0dd6db224h, 069852dfdh, 009072166h, 0b39a460ah, 06445c0ddh
dd 0586cdecfh, 01c20c8aeh, 05bbef7ddh, 01b588d40h, 0ccd2017fh, 06bb4e3bbh
dd 0dda26a7eh, 03a59ff45h, 03e350a44h, 0bcb4cdd5h, 072eacea8h, 0fa6484bbh
dd 08d6612aeh, 0bf3c6f47h, 0d29be463h, 0542f5d9eh, 0aec2771bh, 0f64e6370h
dd 0740e0d8dh, 0e75b1357h, 0f8721671h, 0af537d5dh, 04040cb08h, 04eb4e2cch
dd 034d2466ah, 00115af84h, 0e1b00428h, 095983a1dh, 006b89fb4h, 0ce6ea048h
dd 06f3f3b82h, 03520ab82h, 0011a1d4bh, 0277227f8h, 0611560b1h, 0e7933fdch
dd 0bb3a792bh, 0344525bdh, 0a08839e1h, 051ce794bh, 02f32c9b7h, 0a01fbac9h
dd 0e01cc87eh, 0bcc7d1f6h, 0cf0111c3h, 0a1e8aac7h, 01a908749h, 0d44fbd9ah
dd 0d0dadecbh, 0d50ada38h, 00339c32ah, 0c6913667h, 08df9317ch, 0e0b12b4fh
dd 0f79e59b7h, 043f5bb3ah, 0f2d519ffh, 027d9459ch, 0bf97222ch, 015e6fc2ah
dd 00f91fc71h, 09b941525h, 0fae59361h, 0ceb69cebh, 0c2a86459h, 012baa8d1h
dd 0b6c1075eh, 0e3056a0ch, 010d25065h, 0cb03a442h, 0e0ec6e0eh, 01698db3bh
dd 04c98a0beh, 03278e964h, 09f1f9532h, 0e0d392dfh, 0d3a0342bh, 08971f21eh
dd 01b0a7441h, 04ba3348ch, 0c5be7120h, 0c37632d8h, 0df359f8dh, 09b992f2eh
dd 0e60b6f47h, 00fe3f11dh, 0e54cda54h, 01edad891h, 0ce6279cfh, 0cd3e7e6fh
dd 01618b166h, 0fd2c1d05h, 0848fd2c5h, 0f6fb2299h, 0f523f357h, 0a6327623h
dd 093a83531h, 056cccd02h, 0acf08162h, 05a75ebb5h, 06e163697h, 088d273cch
dd 0de966292h, 081b949d0h, 04c50901bh, 071c65614h, 0e6c6c7bdh, 0327a140ah
dd 045e1d006h, 0c3f27b9ah, 0c9aa53fdh, 062a80f00h, 0bb25bfe2h, 035bdd2f6h
dd 071126905h, 0b2040222h, 0b6cbcf7ch, 0cd769c2bh, 053113ec0h, 01640e3d3h
dd 038abbd60h, 02547adf0h, 0ba38209ch, 0f746ce76h, 077afa1c5h, 020756060h
dd 085cbfe4eh, 08ae88dd8h, 07aaaf9b0h, 04cf9aa7eh, 01948c25ch, 002fb8a8ch
dd 001c36ae4h, 0d6ebe1f9h, 090d4f869h, 0a65cdea0h, 03f09252dh, 0c208e69fh
dd 0b74e6132h, 0ce77e25bh, 0578fdfe3h, 03ac372e6h
section '.idata' import data readable writeable
library kernel,'KERNEL32.DLL',\
user,'USER32.DLL'
import kernel,\
GetModuleHandle,'GetModuleHandleA',\
ExitProcess,'ExitProcess'
import user,\
DialogBoxParam,'DialogBoxParamA',\
CheckRadioButton,'CheckRadioButton',\
GetDlgItemText,'GetDlgItemTextA',\
SetDlgItemText,'SetDlgItemTextA',\
IsDlgButtonChecked,'IsDlgButtonChecked',\
MessageBox,'MessageBoxA',\
EndDialog,'EndDialog'
section '.rsrc' resource data readable
directory RT_DIALOG,dialogs
resource dialogs,\
37,LANG_ENGLISH+SUBLANG_DEFAULT,demonstration
dialog demonstration,'Create message box',100,150,250,90,WS_CAPTION+WS_POPUP+WS_SYSMENU+DS_MODALFRAME
dialogitem 'STATIC','&ID:',-1,10,13,40,17,WS_VISIBLE
dialogitem 'EDIT','',ID_CAPTION,30,13,150,13,WS_VISIBLE+WS_BORDER+WS_TABSTOP
dialogitem 'STATIC','SN:',-1,10,40,20,18,WS_VISIBLE
dialogitem 'EDIT','',ID_MESSAGE,30,40,150,13,WS_VISIBLE+WS_BORDER+WS_TABSTOP+ES_AUTOHSCROLL
; dialogitem 'BUTTON','&Icon',-1,10,70,80,70,WS_VISIBLE+BS_GROUPBOX
; dialogitem 'BUTTON','&Error',ID_ICONERROR,20,82,60,13,WS_VISIBLE+BS_AUTORADIOBUTTON+WS_TABSTOP+WS_GROUP
; dialogitem 'BUTTON','I&nformation',ID_ICONINFORMATION,20,95,60,13,WS_VISIBLE+BS_AUTORADIOBUTTON
; dialogitem 'BUTTON','&Question',ID_ICONQUESTION,20,108,60,13,WS_VISIBLE+BS_AUTORADIOBUTTON
; dialogitem 'BUTTON','&Warning',ID_ICONWARNING,20,121,60,13,WS_VISIBLE+BS_AUTORADIOBUTTON
; dialogitem 'BUTTON','&Style',-1,100,70,80,70,WS_VISIBLE+BS_GROUPBOX
;dialogitem 'BUTTON','&Top most',ID_TOPMOST,110,82,60,13,WS_VISIBLE+WS_TABSTOP+BS_AUTOCHECKBOX
dialogitem 'BUTTON','OK',IDOK,200,11,40,15,WS_VISIBLE+WS_TABSTOP+BS_DEFPUSHBUTTON
dialogitem 'BUTTON','C&ancel',IDCANCEL,200,36,41,14,WS_VISIBLE+WS_TABSTOP+BS_PUSHBUTTON
enddialog
redapple2015 发表于 2018-1-29 08:51
啊哦,你来晚了,分享的文件已经被删除了,下次要早点哟
能不能共享一下,谢谢了。
楼上已给出地址了。
链接: https://pan.baidu.com/s/1o9k8KLs 密码: w36d redapple2015 发表于 2018-1-29 08:51
啊哦,你来晚了,分享的文件已经被删除了,下次要早点哟
能不能共享一下,谢谢了。
链接: https://pan.baidu.com/s/1o9k8KLs 密码: w36d @朱朱你堕落了 你的水品也很高。 想问下160个CrackMe在哪里下载,谢谢了! whyida 发表于 2018-1-28 15:49
@朱朱你堕落了 你的水品也很高。
我是菜B。 redapple2015 发表于 2018-1-28 16:05
想问下160个CrackMe在哪里下载,谢谢了!
搜索 “适合破解新手的160个crackme练手.rar“ 朱朱你堕落了 发表于 2018-1-28 16:09
我是菜B。
太谦虚了。 楼主这弄得,一提到算法,我就感觉很是厉害 大佬,很强的样子 互相学习 向大神学习
页:
[1]
2