Crackme一个
本帖最后由 GCM 于 2019-6-24 21:37 编辑今天写了一个CM,
感觉还有难度,
{:1_911:}欢迎各位破解{:1_927:}
地址:https://www.lanzouj.com/i4ooauh
64的呀,我32的系统运行不了 000000000041EE9C | E8 AF 67 | call <cm.fgetc> |
000000000041EEA1 | 48 8B 53 | mov rdx,qword ptr ds: | :&"uicui\n\n"
00007FF9C0D3F237 | 75 2D | jne msvcrt.7FF9C0D3F266 |
00007FF9C0D3F239 | E8 62 8B | call <msvcrt._errno> |
00007FF9C0D3F23E | C7 00 16 | mov dword ptr ds:,16 |
00007FF9C0D3F244 | 48 21 5C | and qword ptr ss:,rbx |
00007FF9C0D3F249 | 45 33 C9 | xor r9d,r9d | r9d:&"cuicui\n\n"
00007FF9C0D07EE0 | 48 8B F9 | mov rdi,rcx | rdi:"cls"
00007FF9C0D07EE3 | 4C 8D 05 | lea r8,qword ptr ds: | r8:"DriverData=C:\\Windows\\System32\\Drivers\\DriverData", 00007FF9C0D69D88:"COMSPEC"ta=C:\\Windows\\System32\\Drivers\\DriverData"
00007FF9C0D07EEA | 33 DB | xor ebx,ebx |
00007FF9C0D07EEC | 48 8D 4D | lea rcx,qword ptr ss: | :"C:\\WINDOWS\\system32\\cmd.exe"
00007FF9C0D07EF0 | 33 D2 | xor edx,edx |
00007FF9C0D07EF2 | 48 89 5D | mov qword ptr ss:,rbx | :"C:\\WINDOWS\\system32\\cmd.exe"
00007FF9C0D07EF6 | E8 65 76 | call msvcrt.7FF9C0D1F560 |
00007FF9C0D07EFB | 83 F8 16 | cmp eax,16 |
00007FF9C0D07EFE | 75 14 | jne msvcrt.7FF9C0D07F14 |
00007FF9C0D07F00 | 45 33 C9 | xor r9d,r9d |
00007FF9C0D07F03 | 48 89 5C | mov qword ptr ss:,rbx | :&"酗A"
00007FF9C0D07F08 | 45 33 C0 | xor r8d,r8d | r8d:"DriverData=C:\\Windows\\System32\\Drivers\\DriverData"
00007FF9C0D07F0B | 33 D2 | xor edx,edx |
00007FF9C0D07F0D | 33 C9 | xor ecx,ecx |
00007FF9C0D07F0F | E8 78 3D | call msvcrt.7FF9C0D1BC8C |
00007FF9C0D07F14 | 48 8B 4D | mov rcx,qword ptr ss: | :"C:\\WINDOWS\\system32\\cmd.exe"
00007FF9C0D07F18 | 48 89 4D | mov qword ptr ss:,rcx |
00007FF9C0D07F1C | 48 85 FF | test rdi,rdi | rdi:"cls"
00007FF9C0D07F1F | 75 17 | jne msvcrt.7FF9C0D07F38 |
00007FF9C0D07F21 | 48 85 C9 | test rcx,rcx |
00007FF9C0D07F24 | 0F 84 8B | je msvcrt.7FF9C0D07FB5 |
00007FF9C0D07F2A | 33 D2 | xor edx,edx |
00007FF9C0D07F2C | E8 0F 00 | call <msvcrt._access_s> |
00007FF9C0D07F31 | 85 C0 | test eax,eax |
00007FF9C0D07F33 | 0F 94 C3 | sete bl |
00007FF9C0D07F36 | EB 79 | jmp msvcrt.7FF9C0D07FB1 |
00007FF9C0D07F38 | 48 89 7D | mov qword ptr ss:,rdi |
00007FF9C0D07F3C | 48 8D 05 | lea rax,qword ptr ds: | 00007FF9C0D69D90:"/c"==L"振"
00007FF9C0D07F43 | 48 89 45 | mov qword ptr ss:,rax |
00007FF9C0D07F47 | 48 89 5D | mov qword ptr ss:,rbx |
00007FF9C0D07F4B | 48 85 C9 | test rcx,rcx |
00007FF9C0D07F4E | 74 46 | je msvcrt.7FF9C0D07F96 | 1111
0000000000463000 | EB 4B | jmp cm.46304D | 冥界3大法王 发表于 2019-6-23 15:54
000000000041EE9C | E8 AF 67 | call |
000000000041EEA1 | 48 8B 53 | mov r ...
so,最后找到算法了? 只会爆破,没有分析算法 int __cdecl main(int argc, const char **argv, const char **envp)
{
unsigned int v3; // eax
int v4; // ST2C_4
__int64 v5; // rax
_main();
v3 = time(0i64);
srand(v3);
v4 = (4500 * (8 * rand() / 2) - 100) / 2;
system("cls");
std::operator<<<std::char_traits<char>>((std::ostream *)&std::cout, "Input:");
std::istream::operator>>((std::istream *)&std::cin);
if ( 0 == v4 )
std::operator<<<std::char_traits<char>>((std::ostream *)&std::cout, "pass\a");
else
system("cls");
v5 = std::operator<<<std::char_traits<char>>((std::ostream *)&std::cout, "error\a");
std::ostream::operator<<(v5, std::endl<char,std::char_traits<char>>);
system("pause");
return 0;
} 随机数?开玩笑吗 monvvv 发表于 2019-6-23 21:51
随机数?开玩笑吗
被发现了.....
页:
[1]