官方bilibiliWindows破解入门Android逆向入门
【网络诊断修复工具】切换到窄版

吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

吾爱破解 - 52pojie.cn»网站 【 软件安全 】 『脱壳破解区』 『UnPackMe◇CrackMe◇KeyGenMe◇ReverseMe』 一个写的很菜的Crack,大多时间都在混淆吧。。。(小菜)
12下一页
返回列表 发新帖
查看: 3484|回复: 15
收起左侧

[CrackMe] 一个写的很菜的Crack,大多时间都在混淆吧。。。(小菜)

  [复制链接]
不愿鞠躬车马前
不愿鞠躬车马前 发表于 2020-12-30 22:59
CM是什么?Crackme是什么?这是什么东西?楼主发的什么?
他们都是一些公开给别人尝试破解的小程序,制作 Crackme 的人可能是程序员,想测试一下自己的软件保护技术,也可能是一位 Cracker,想挑战一下其它 Cracker 的破解实力,也可能是一些正在学习破解的人,自己编一些小程序给自己破解,KeyGenMe是要求别人做出它的 keygen (序号产生器), ReverseMe 要求别人把它的算法做出逆向分析, UnpackMe 是要求别人把它成功脱壳,本版块禁止回复非技术无关水贴。
小菜的Crack。。。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?注册[Register]

x

免费评分

参与人数 1吾爱币 +1 热心值 +1 收起 理由
星海流浪 + 1 + 1 我很赞同!

查看全部评分

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。
回复

举报

solly
solly 发表于 2020-12-31 14:50
本帖最后由 solly 于 2020-12-31 14:55 编辑

[Asm] 纯文本查看 复制代码
0040124E   .  33C0                      xor eax,eax
00401250   .  33F6                      xor esi,esi
00401252   .  8985 64FEFFFF             mov dword ptr ss:[ebp-0x19C],eax
00401258   .  8985 58FEFFFF             mov dword ptr ss:[ebp-0x1A8],eax
0040125E   .  89B5 5CFEFFFF             mov dword ptr ss:[ebp-0x1A4],esi
00401264   .  8985 68FEFFFF             mov dword ptr ss:[ebp-0x198],eax
0040126A   .  8985 60FEFFFF             mov dword ptr ss:[ebp-0x1A0],eax
00401270   .  8975 FC                   mov dword ptr ss:[ebp-0x4],esi
00401273   .  89B5 98FEFFFF             mov dword ptr ss:[ebp-0x168],esi
00401279   .  C785 9CFEFFFF 0F000000    mov dword ptr ss:[ebp-0x164],0xF
00401283   .  8885 88FEFFFF             mov byte ptr ss:[ebp-0x178],al
00401289   .  C645 FC 01                mov byte ptr ss:[ebp-0x4],0x1
0040128D   .  BA 00424000               mov edx,Crack.00404200                                         ;  "请输入注册码"
00401292   .  8B0D 74404000             mov ecx,dword ptr ds:[<&MSVCP140.std::cout>]                   ;  msvcp140.std::cout
00401298   .  E8 030B0000               call Crack.00401DA0
0040129D   .  8B0D 68404000             mov ecx,dword ptr ds:[<&MSVCP140.std::cin>]                    ;  msvcp140.std::cin
004012A3   .  8D95 88FEFFFF             lea edx,dword ptr ss:[ebp-0x178]
004012A9   .  E8 C2110000               call Crack.00402470
004012AE   .  83BD 98FEFFFF 0A          cmp dword ptr ss:[ebp-0x168],0xA                               ;  len == 10 ??
004012B5   .  74 1B                     je short Crack.004012D2
004012B7   .  8B0D 74404000             mov ecx,dword ptr ds:[<&MSVCP140.std::cout>]                   ;  msvcp140.std::cout
004012BD   .  8D95 6CFEFFFF             lea edx,dword ptr ss:[ebp-0x194]
004012C3   .  C785 6CFEFFFF CAA7B0DC    mov dword ptr ss:[ebp-0x194],0xDCB0A7CA                        ;  "失败"
004012CD   .  E8 CE0A0000               call Crack.00401DA0
004012D2   >  8D7D ED                   lea edi,dword ptr ss:[ebp-0x13]
004012D5   .  BB 9B000000               mov ebx,0x9B
004012DA   .  66:0f1f4400 00            nop word ptr ds:[eax+eax]
004012E0   >  B8 CDCCCCCC               mov eax,0xCCCCCCCD                                             ;  /10
004012E5   .  4F                        dec edi                                                        ;  (n / 10) * 4
004012E6   .  F7E3                      mul ebx
004012E8   .  C1EA 03                   shr edx,0x3                                                    ;  (n / 10) * 5
004012EB   .  8AC2                      mov al,dl                                                      ;  ((n / 10) * 10
004012ED   .  C0E0 02                   shl al,0x2                                                     ;  n - (n /10) * 10
004012F0   .  8D0C10                    lea ecx,dword ptr ds:[eax+edx]
004012F3   .  02C9                      add cl,cl
004012F5   .  2AD9                      sub bl,cl
004012F7   .  80C3 30                   add bl,0x30
004012FA   .  881F                      mov byte ptr ds:[edi],bl
004012FC   .  8BDA                      mov ebx,edx
004012FE   .  85DB                      test ebx,ebx
00401300   .^ 75 DE                     jnz short Crack.004012E0
00401302   .  8D45 ED                   lea eax,dword ptr ss:[ebp-0x13]
00401305   .  899D C8FEFFFF             mov dword ptr ss:[ebp-0x138],ebx                               ;  len = 0
0040130B   .  C785 CCFEFFFF 0F000000    mov dword ptr ss:[ebp-0x134],0xF
00401315   .  889D B8FEFFFF             mov byte ptr ss:[ebp-0x148],bl                                 ;  buff[0] = '\0'
0040131B   .  3BF8                      cmp edi,eax
0040131D   .  74 15                     je short Crack.00401334
0040131F   .  2BC7                      sub eax,edi
00401321   .  8D8D B8FEFFFF             lea ecx,dword ptr ss:[ebp-0x148]                               ;  dst
00401327   .  50                        push eax                                                       ;  len = 3
00401328   .  57                        push edi                                                       ;  "155"
00401329   .  E8 F2070000               call <Crack.String::new(char *, int size)>
0040132E   .  8B9D C8FEFFFF             mov ebx,dword ptr ss:[ebp-0x138]
00401334   >  C645 FC 02                mov byte ptr ss:[ebp-0x4],0x2
00401338   .  8D8D E8FEFFFF             lea ecx,dword ptr ss:[ebp-0x118]
0040133E   .  6A 04                     push 0x4
00401340   .  68 10424000               push Crack.00404210                                            ;  "zero"
00401345   .  C785 F8FEFFFF 00000000    mov dword ptr ss:[ebp-0x108],0x0
0040134F   .  C785 FCFEFFFF 0F000000    mov dword ptr ss:[ebp-0x104],0xF
00401359   .  C685 E8FEFFFF 00          mov byte ptr ss:[ebp-0x118],0x0
00401360   .  E8 BB070000               call <Crack.String::new(char *, int size)>
00401365   .  C645 FC 03                mov byte ptr ss:[ebp-0x4],0x3
00401369   .  8D8D 00FFFFFF             lea ecx,dword ptr ss:[ebp-0x100]
0040136F   .  6A 03                     push 0x3
00401371   .  68 18424000               push Crack.00404218                                            ;  "one"
00401376   .  C785 10FFFFFF 00000000    mov dword ptr ss:[ebp-0xF0],0x0
00401380   .  C785 14FFFFFF 0F000000    mov dword ptr ss:[ebp-0xEC],0xF
0040138A   .  C685 00FFFFFF 00          mov byte ptr ss:[ebp-0x100],0x0
00401391   .  E8 8A070000               call <Crack.String::new(char *, int size)>
00401396   .  C645 FC 04                mov byte ptr ss:[ebp-0x4],0x4
0040139A   .  8D8D 18FFFFFF             lea ecx,dword ptr ss:[ebp-0xE8]
004013A0   .  6A 03                     push 0x3
004013A2   .  68 1C424000               push Crack.0040421C                                            ;  "two"
004013A7   .  C785 28FFFFFF 00000000    mov dword ptr ss:[ebp-0xD8],0x0
004013B1   .  C785 2CFFFFFF 0F000000    mov dword ptr ss:[ebp-0xD4],0xF
004013BB   .  C685 18FFFFFF 00          mov byte ptr ss:[ebp-0xE8],0x0
004013C2   .  E8 59070000               call <Crack.String::new(char *, int size)>
004013C7   .  C645 FC 05                mov byte ptr ss:[ebp-0x4],0x5
004013CB   .  8D8D 30FFFFFF             lea ecx,dword ptr ss:[ebp-0xD0]
004013D1   .  6A 05                     push 0x5
004013D3   .  68 20424000               push Crack.00404220                                            ;  "three"
004013D8   .  C785 40FFFFFF 00000000    mov dword ptr ss:[ebp-0xC0],0x0
004013E2   .  C785 44FFFFFF 0F000000    mov dword ptr ss:[ebp-0xBC],0xF
004013EC   .  C685 30FFFFFF 00          mov byte ptr ss:[ebp-0xD0],0x0
004013F3   .  E8 28070000               call <Crack.String::new(char *, int size)>
004013F8   .  C645 FC 06                mov byte ptr ss:[ebp-0x4],0x6
004013FC   .  8D8D 48FFFFFF             lea ecx,dword ptr ss:[ebp-0xB8]
00401402   .  6A 04                     push 0x4
00401404   .  68 28424000               push Crack.00404228                                            ;  "four"
00401409   .  C785 58FFFFFF 00000000    mov dword ptr ss:[ebp-0xA8],0x0
00401413   .  C785 5CFFFFFF 0F000000    mov dword ptr ss:[ebp-0xA4],0xF
0040141D   .  C685 48FFFFFF 00          mov byte ptr ss:[ebp-0xB8],0x0
00401424   .  E8 F7060000               call <Crack.String::new(char *, int size)>
00401429   .  C645 FC 07                mov byte ptr ss:[ebp-0x4],0x7
0040142D   .  8D8D 60FFFFFF             lea ecx,dword ptr ss:[ebp-0xA0]
00401433   .  6A 04                     push 0x4
00401435   .  68 30424000               push Crack.00404230                                            ;  "five"
0040143A   .  C785 70FFFFFF 00000000    mov dword ptr ss:[ebp-0x90],0x0
00401444   .  C785 74FFFFFF 0F000000    mov dword ptr ss:[ebp-0x8C],0xF
0040144E   .  C685 60FFFFFF 00          mov byte ptr ss:[ebp-0xA0],0x0
00401455   .  E8 C6060000               call <Crack.String::new(char *, int size)>
0040145A   .  C645 FC 08                mov byte ptr ss:[ebp-0x4],0x8
0040145E   .  8D8D 78FFFFFF             lea ecx,dword ptr ss:[ebp-0x88]
00401464   .  6A 03                     push 0x3
00401466   .  68 38424000               push Crack.00404238                                            ;  "six"
0040146B   .  C745 88 00000000          mov dword ptr ss:[ebp-0x78],0x0
00401472   .  C745 8C 0F000000          mov dword ptr ss:[ebp-0x74],0xF
00401479   .  C685 78FFFFFF 00          mov byte ptr ss:[ebp-0x88],0x0
00401480   .  E8 9B060000               call <Crack.String::new(char *, int size)>
00401485   .  C645 FC 09                mov byte ptr ss:[ebp-0x4],0x9
00401489   .  8D4D 90                   lea ecx,dword ptr ss:[ebp-0x70]
0040148C   .  6A 05                     push 0x5
0040148E   .  68 3C424000               push Crack.0040423C                                            ;  "seven"
00401493   .  C745 A0 00000000          mov dword ptr ss:[ebp-0x60],0x0
0040149A   .  C745 A4 0F000000          mov dword ptr ss:[ebp-0x5C],0xF
004014A1   .  C645 90 00                mov byte ptr ss:[ebp-0x70],0x0
004014A5   .  E8 76060000               call <Crack.String::new(char *, int size)>
004014AA   .  C645 FC 0A                mov byte ptr ss:[ebp-0x4],0xA
004014AE   .  8D4D A8                   lea ecx,dword ptr ss:[ebp-0x58]
004014B1   .  6A 05                     push 0x5
004014B3   .  68 44424000               push Crack.00404244                                            ;  "eight"
004014B8   .  C745 B8 00000000          mov dword ptr ss:[ebp-0x48],0x0
004014BF   .  C745 BC 0F000000          mov dword ptr ss:[ebp-0x44],0xF
004014C6   .  C645 A8 00                mov byte ptr ss:[ebp-0x58],0x0
004014CA   .  E8 51060000               call <Crack.String::new(char *, int size)>
004014CF   .  C645 FC 0B                mov byte ptr ss:[ebp-0x4],0xB
004014D3   .  8D4D C0                   lea ecx,dword ptr ss:[ebp-0x40]
004014D6   .  6A 04                     push 0x4
004014D8   .  68 4C424000               push Crack.0040424C                                            ;  "nine"
004014DD   .  C745 D0 00000000          mov dword ptr ss:[ebp-0x30],0x0
004014E4   .  C745 D4 0F000000          mov dword ptr ss:[ebp-0x2C],0xF
004014EB   .  C645 C0 00                mov byte ptr ss:[ebp-0x40],0x0
004014EF   .  E8 2C060000               call <Crack.String::new(char *, int size)>
004014F4   .  BF 01000000               mov edi,0x1                                                    ;  int i = 1
004014F9   .  C645 FC 0C                mov byte ptr ss:[ebp-0x4],0xC
004014FD   .  8B8D B8FEFFFF             mov ecx,dword ptr ss:[ebp-0x148]                               ;  "155"
00401503   .  3BDF                      cmp ebx,edi
00401505   .  76 7C                     jbe short Crack.00401583
00401507   .  66:0f1f8400 00000000      nop word ptr ds:[eax+eax]                                      ;  start loop
00401510   >  83BD CCFEFFFF 10          cmp dword ptr ss:[ebp-0x134],0x10                              ;  "155".max_len
00401517   .  8D85 B8FEFFFF             lea eax,dword ptr ss:[ebp-0x148]                               ;  "155"
0040151D   .  0F43C1                    cmovnb eax,ecx
00401520   .  0FBE0438                  movsx eax,byte ptr ds:[eax+edi]                                ;  "155"[i]
00401524   .  83E8 30                   sub eax,0x30                                                   ;  int idx = "155"[i] - 0x30
00401527   .  8D0440                    lea eax,dword ptr ds:[eax+eax*2]
0040152A   .  8D84C5 E8FEFFFF           lea eax,dword ptr ss:[ebp+eax*8-0x118]                         ;  String[j], j = idx * 24
00401531   .  50                        push eax
00401532   .  3BB5 68FEFFFF             cmp esi,dword ptr ss:[ebp-0x198]
00401538   .  74 12                     je short Crack.0040154C
0040153A   .  8BCE                      mov ecx,esi
0040153C   .  E8 1F050000               call <Crack.String::copy()>
00401541   .  83C6 18                   add esi,0x18
00401544   .  89B5 5CFEFFFF             mov dword ptr ss:[ebp-0x1A4],esi
0040154A   .  EB 1E                     jmp short Crack.0040156A
0040154C   >  56                        push esi
0040154D   .  8D8D 58FEFFFF             lea ecx,dword ptr ss:[ebp-0x1A8]
00401553   .  E8 880A0000               call Crack.00401FE0
00401558   .  8B85 60FEFFFF             mov eax,dword ptr ss:[ebp-0x1A0]
0040155E   .  8BB5 5CFEFFFF             mov esi,dword ptr ss:[ebp-0x1A4]
00401564   .  8985 68FEFFFF             mov dword ptr ss:[ebp-0x198],eax
0040156A   >  8B8D B8FEFFFF             mov ecx,dword ptr ss:[ebp-0x148]
00401570   .  47                        inc edi                                                        ;  i++
00401571   .  3BFB                      cmp edi,ebx
00401573   .^ 72 9B                     jb short Crack.00401510                                        ;  if i<"155".len goto loop
00401575   .  8B85 58FEFFFF             mov eax,dword ptr ss:[ebp-0x1A8]
0040157B   .  8985 64FEFFFF             mov dword ptr ss:[ebp-0x19C],eax                               ;  string[1]
00401581   .  EB 02                     jmp short Crack.00401585
00401583   >  33C0                      xor eax,eax
00401585   >  50                        push eax
00401586   .  8D8D 70FEFFFF             lea ecx,dword ptr ss:[ebp-0x190]
0040158C   .  E8 CF040000               call <Crack.String::copy()>
00401591   .  C645 FC 0D                mov byte ptr ss:[ebp-0x4],0xD
00401595   .  8D8D D0FEFFFF             lea ecx,dword ptr ss:[ebp-0x130]
0040159B   .  6A 06                     push 0x6
0040159D   .  68 54424000               push Crack.00404254                                            ;  "louzhu"
004015A2   .  C785 E0FEFFFF 00000000    mov dword ptr ss:[ebp-0x120],0x0
004015AC   .  C785 E4FEFFFF 0F000000    mov dword ptr ss:[ebp-0x11C],0xF
004015B6   .  C685 D0FEFFFF 00          mov byte ptr ss:[ebp-0x130],0x0
004015BD   .  E8 5E050000               call <Crack.String::new(char *, int size)>
004015C2   .  C645 FC 0E                mov byte ptr ss:[ebp-0x4],0xE
004015C6   .  B8 FFFFFF7F               mov eax,0x7FFFFFFF                                             ;  MAX_INT
004015CB   .  8B8D E0FEFFFF             mov ecx,dword ptr ss:[ebp-0x120]                               ;  "louzhu".len = 6
004015D1   .  2BC1                      sub eax,ecx
004015D3   .  8B95 80FEFFFF             mov edx,dword ptr ss:[ebp-0x180]                               ;  "five".len = 4
004015D9   .  3BC2                      cmp eax,edx
004015DB   .  0F82 96030000             jb Crack.00401977
004015E1   .  83BD E4FEFFFF 10          cmp dword ptr ss:[ebp-0x11C],0x10
004015E8   .  8D85 D0FEFFFF             lea eax,dword ptr ss:[ebp-0x130]                               ;  "louzhu"
004015EE   .  8D9D 70FEFFFF             lea ebx,dword ptr ss:[ebp-0x190]                               ;  "five"
004015F4   .  BF 0F000000               mov edi,0xF
004015F9   .  0F4385 D0FEFFFF           cmovnb eax,dword ptr ss:[ebp-0x130]
00401600   .  83BD 84FEFFFF 10          cmp dword ptr ss:[ebp-0x17C],0x10
00401607   .  8985 54FEFFFF             mov dword ptr ss:[ebp-0x1AC],eax
0040160D   .  0F439D 70FEFFFF           cmovnb ebx,dword ptr ss:[ebp-0x190]
00401614   .  03D1                      add edx,ecx                                                    ;  "louzhufive".len = 6 + 4 = 10
00401616   .  899D 50FEFFFF             mov dword ptr ss:[ebp-0x1B0],ebx                               ;  "five"
0040161C   .  8D9D A0FEFFFF             lea ebx,dword ptr ss:[ebp-0x160]                               ;  [ebx] == 6
00401622   .  8995 6CFEFFFF             mov dword ptr ss:[ebp-0x194],edx                               ;  edx = 10
00401628   .  3BD7                      cmp edx,edi
0040162A   .  0F86 8B000000             jbe Crack.004016BB
00401630   .  8BFA                      mov edi,edx
00401632   .  83CF 0F                   or edi,0xF
00401635   .  81FF FFFFFF7F             cmp edi,0x7FFFFFFF
0040163B   .  76 32                     jbe short Crack.0040166F
0040163D   .  BF FFFFFF7F               mov edi,0x7FFFFFFF
00401642   .  B9 23000080               mov ecx,0x80000023
00401647   >  51                        push ecx
00401648   .  E8 69110000               call Crack.004027B6
0040164D   .  83C4 04                   add esp,0x4
00401650   .  85C0                      test eax,eax
00401652   .  0F84 F1020000             je Crack.00401949
00401658   .  8B8D E0FEFFFF             mov ecx,dword ptr ss:[ebp-0x120]
0040165E   .  8D58 23                   lea ebx,dword ptr ds:[eax+0x23]
00401661   .  8B95 6CFEFFFF             mov edx,dword ptr ss:[ebp-0x194]
00401667   .  83E3 E0                   and ebx,-0x20
0040166A   .  8943 FC                   mov dword ptr ds:[ebx-0x4],eax
0040166D   .  EB 40                     jmp short Crack.004016AF
0040166F   >  B8 16000000               mov eax,0x16
00401674   .  3BF8                      cmp edi,eax
00401676   .  0F42F8                    cmovb edi,eax
00401679   .  8D47 01                   lea eax,dword ptr ds:[edi+0x1]
0040167C   .  3D 00100000               cmp eax,0x1000
00401681   .  72 0D                     jb short Crack.00401690
00401683   .  8D48 23                   lea ecx,dword ptr ds:[eax+0x23]
00401686   .  3BC8                      cmp ecx,eax
00401688   .  0F86 EE020000             jbe Crack.0040197C
0040168E   .^ EB B7                     jmp short Crack.00401647
00401690   >  85C0                      test eax,eax
00401692   .  74 19                     je short Crack.004016AD
00401694   .  50                        push eax
00401695   .  E8 1C110000               call Crack.004027B6
0040169A   .  8B8D E0FEFFFF             mov ecx,dword ptr ss:[ebp-0x120]
004016A0   .  83C4 04                   add esp,0x4
004016A3   .  8B95 6CFEFFFF             mov edx,dword ptr ss:[ebp-0x194]                               ;  ntdll_1n.7DEE1ECD
004016A9   .  8BD8                      mov ebx,eax
004016AB   .  EB 02                     jmp short Crack.004016AF
004016AD   >  33DB                      xor ebx,ebx
004016AF   >  8B85 54FEFFFF             mov eax,dword ptr ss:[ebp-0x1AC]
004016B5   .  899D A0FEFFFF             mov dword ptr ss:[ebp-0x160],ebx
004016BB   >  51                        push ecx                                                       ; /n
004016BC   .  50                        push eax                                                       ; |src
004016BD   .  53                        push ebx                                                       ; |dest
004016BE   .  8995 B0FEFFFF             mov dword ptr ss:[ebp-0x150],edx                               ; |
004016C4   .  89BD B4FEFFFF             mov dword ptr ss:[ebp-0x14C],edi                               ; |
004016CA   .  E8 501F0000               call <jmp.&VCRUNTIME140.memcpy>                                ; \memcpy
004016CF   .  FFB5 80FEFFFF             push dword ptr ss:[ebp-0x180]                                  ; /n
004016D5   .  8B85 E0FEFFFF             mov eax,dword ptr ss:[ebp-0x120]                               ; |
004016DB   .  FFB5 50FEFFFF             push dword ptr ss:[ebp-0x1B0]                                  ; |src
004016E1   .  03C3                      add eax,ebx                                                    ; |
004016E3   .  50                        push eax                                                       ; |dest
004016E4   .  E8 361F0000               call <jmp.&VCRUNTIME140.memcpy>                                ; \memcpy
004016E9   .  8B85 6CFEFFFF             mov eax,dword ptr ss:[ebp-0x194]                               ;  len = 10
004016EF   .  8D8D A0FEFFFF             lea ecx,dword ptr ss:[ebp-0x160]                               ;  "louzhufive"
004016F5   .  8BBD 88FEFFFF             mov edi,dword ptr ss:[ebp-0x178]
004016FB   .  8D95 88FEFFFF             lea edx,dword ptr ss:[ebp-0x178]                               ;  sn
00401701   .  83C4 18                   add esp,0x18
00401704   .  C60403 00                 mov byte ptr ds:[ebx+eax],0x0
00401708   .  83BD B4FEFFFF 10          cmp dword ptr ss:[ebp-0x14C],0x10
0040170F   .  8B9D 98FEFFFF             mov ebx,dword ptr ss:[ebp-0x168]                               ;  len = 10
00401715   .  0F438D A0FEFFFF           cmovnb ecx,dword ptr ss:[ebp-0x160]
0040171C   .  83BD 9CFEFFFF 10          cmp dword ptr ss:[ebp-0x164],0x10
00401723   .  0F43D7                    cmovnb edx,edi
00401726   .  3B9D B0FEFFFF             cmp ebx,dword ptr ss:[ebp-0x150]                               ;  "louzhufive".len == sn.len ??
0040172C   .  75 59                     jnz short Crack.00401787
0040172E   .  83EB 04                   sub ebx,0x4
00401731   .  72 11                     jb short Crack.00401744
00401733   >  8B02                      mov eax,dword ptr ds:[edx]                                     ;  sn[i] == "louzhufive"[i]
00401735   .  3B01                      cmp eax,dword ptr ds:[ecx]                                     ;  compare
00401737   .  75 10                     jnz short Crack.00401749
00401739   .  83C2 04                   add edx,0x4
0040173C   .  83C1 04                   add ecx,0x4
0040173F   .  83EB 04                   sub ebx,0x4
00401742   .^ 73 EF                     jnb short Crack.00401733
00401744   >  83FB FC                   cmp ebx,-0x4
00401747   .  74 34                     je short Crack.0040177D
00401749   >  8A02                      mov al,byte ptr ds:[edx]
0040174B   .  3A01                      cmp al,byte ptr ds:[ecx]
0040174D   .  75 27                     jnz short Crack.00401776
0040174F   .  83FB FD                   cmp ebx,-0x3
00401752   .  74 29                     je short Crack.0040177D
00401754   .  8A42 01                   mov al,byte ptr ds:[edx+0x1]
00401757   .  3A41 01                   cmp al,byte ptr ds:[ecx+0x1]
0040175A   .  75 1A                     jnz short Crack.00401776
0040175C   .  83FB FE                   cmp ebx,-0x2
0040175F   .  74 1C                     je short Crack.0040177D
00401761   .  8A42 02                   mov al,byte ptr ds:[edx+0x2]
00401764   .  3A41 02                   cmp al,byte ptr ds:[ecx+0x2]
00401767   .  75 0D                     jnz short Crack.00401776
00401769   .  83FB FF                   cmp ebx,-0x1
0040176C   .  74 0F                     je short Crack.0040177D
0040176E   .  8A42 03                   mov al,byte ptr ds:[edx+0x3]
00401771   .  3A41 03                   cmp al,byte ptr ds:[ecx+0x3]
00401774   .  74 07                     je short Crack.0040177D
00401776   >  1BC0                      sbb eax,eax                                                    ;  error
00401778   .  83C8 01                   or eax,0x1
0040177B   .  EB 02                     jmp short Crack.0040177F
0040177D   >  33C0                      xor eax,eax                                                    ;  OK
0040177F   >  85C0                      test eax,eax
00401781   .  75 04                     jnz short Crack.00401787
00401783   .  B3 01                     mov bl,0x1                                                     ;  OK
00401785   .  EB 02                     jmp short Crack.00401789
00401787   >  32DB                      xor bl,bl                                                      ;  error
00401789   >  8B85 B4FEFFFF             mov eax,dword ptr ss:[ebp-0x14C]
0040178F   .  83F8 10                   cmp eax,0x10
00401792   .  72 31                     jb short Crack.004017C5
00401794   .  8B95 A0FEFFFF             mov edx,dword ptr ss:[ebp-0x160]
0040179A   .  8D48 01                   lea ecx,dword ptr ds:[eax+0x1]
0040179D   .  8BC2                      mov eax,edx
0040179F   .  81F9 00100000             cmp ecx,0x1000
004017A5   .  72 14                     jb short Crack.004017BB
004017A7   .  8B52 FC                   mov edx,dword ptr ds:[edx-0x4]
004017AA   .  83C1 23                   add ecx,0x23
004017AD   .  2BC2                      sub eax,edx
004017AF   .  83C0 FC                   add eax,-0x4
004017B2   .  83F8 1F                   cmp eax,0x1F
004017B5   .  0F87 8E010000             ja Crack.00401949
004017BB   >  51                        push ecx
004017BC   .  52                        push edx
004017BD   .  E8 39110000               call Crack.004028FB
004017C2   .  83C4 08                   add esp,0x8
004017C5   >  84DB                      test bl,bl                                                     ;  isOK == 1 ??
004017C7   .  74 1B                     je short Crack.004017E4
004017C9   .  8B0D 74404000             mov ecx,dword ptr ds:[<&MSVCP140.std::cout>]                   ;  msvcp140.std::cout
004017CF   .  8D95 6CFEFFFF             lea edx,dword ptr ss:[ebp-0x194]
004017D5   .  C785 6CFEFFFF B3C9B9A6    mov dword ptr ss:[ebp-0x194],0xA6B9C9B3                        ;  "成功"
004017DF   .  E8 BC050000               call Crack.00401DA0
004017E4   >  68 5C424000               push Crack.0040425C                                            ; /command = "pause"
004017E9   .  FF15 28414000             call dword ptr ds:[<&api-ms-win-crt-runtime-l1-1-0.system>]    ; \system
004017EF   .  C645 FC 0D                mov byte ptr ss:[ebp-0x4],0xD
004017F3   .  83C4 04                   add esp,0x4
【吾爱破解论坛总版规】 - [让你充分了解吾爱破解论坛行为规则]
回复 支持 1

举报

solly
solly 发表于 2020-12-31 14:11
吾爱破解论坛没有任何官方QQ群,禁止留联系方式,禁止任何商业交易。
不愿鞠躬车马前 发表于 2020-12-31 13:17
我的我的,第一个判断是字符串长度9而正确的长度确没有达到9.。。。导致大家出不来。。。并且也把里面的不 ...

好象有两个问题:
1、长度9,与后面对不上。
2、0x9B,也就是 "155",太小了,生成不了4个数组元素,产生内存访问错误。
如何升级?如何获得积分?积分对应解释说明!
回复 支持 1

举报

不愿鞠躬车马前
 楼主| 不愿鞠躬车马前 发表于 2020-12-30 23:29
《站点帮助文档》有什么问题来这里看看吧,这里有你想知道的内容!
输入正确他就会跳出成功,输入错误就会跳出失败
呼吁大家发布原创作品添加吾爱破解论坛标识!
回复 支持

举报

刀大喵
刀大喵 发表于 2020-12-31 08:32
最好上个正确的图
如何快速判断一个文件是否为病毒!
回复 支持

举报

小菜鸟一枚
小菜鸟一枚 发表于 2020-12-31 08:57
用IDA F5大法401220函数之后不知道干啥了,找不到成功的字符串:

[C] 纯文本查看 复制代码
int sub_401220()
{
  int v0; // esi
  char *v1; // edi
  unsigned int v2; // ebx
  unsigned int v3; // edi
  void **v4; // ecx
  void **v5; // eax
  char *v6; // edi
  char *v7; // ecx
  char *v8; // edx
  unsigned int v9; // ebx
  bool v10; // cf
  unsigned __int8 v11; // al
  unsigned __int8 v12; // al
  unsigned __int8 v13; // al
  int v14; // eax
  _BYTE *v15; // ecx
  int v16; // edx
  int v17; // ecx
  char *v18; // eax
  unsigned int v19; // ecx
  char *v21; // [esp-4h] [ebp-200h]
  void *v22; // [esp+10h] [ebp-1ECh]
  int v23; // [esp+14h] [ebp-1E8h]
  int v24; // [esp+18h] [ebp-1E4h]
  int v25; // [esp+1Ch] [ebp-1E0h]
  int v26; // [esp+20h] [ebp-1DCh]
  void *v27; // [esp+24h] [ebp-1D8h]
  unsigned int v28; // [esp+38h] [ebp-1C4h]
  void *v29; // [esp+3Ch] [ebp-1C0h]
  unsigned int v30; // [esp+50h] [ebp-1ACh]
  void *v31; // [esp+54h] [ebp-1A8h]
  unsigned int v32; // [esp+68h] [ebp-194h]
  void *v33; // [esp+6Ch] [ebp-190h]
  unsigned int v34; // [esp+80h] [ebp-17Ch]
  void *Memory; // [esp+84h] [ebp-178h]
  int v36; // [esp+94h] [ebp-168h]
  unsigned int v37; // [esp+98h] [ebp-164h]
  void *v38; // [esp+9Ch] [ebp-160h]
  int v39; // [esp+ACh] [ebp-150h]
  unsigned int v40; // [esp+B0h] [ebp-14Ch]
  void *v41; // [esp+B4h] [ebp-148h]
  unsigned int v42; // [esp+C4h] [ebp-138h]
  unsigned int v43; // [esp+C8h] [ebp-134h]
  void *Dst; // [esp+CCh] [ebp-130h]
  unsigned int v45; // [esp+DCh] [ebp-120h]
  unsigned int v46; // [esp+E0h] [ebp-11Ch]
  char Src[16]; // [esp+E4h] [ebp-118h]
  int v48; // [esp+F4h] [ebp-108h]
  int v49; // [esp+F8h] [ebp-104h]
  char v50; // [esp+FCh] [ebp-100h]
  int v51; // [esp+10Ch] [ebp-F0h]
  int v52; // [esp+110h] [ebp-ECh]
  char v53; // [esp+114h] [ebp-E8h]
  int v54; // [esp+124h] [ebp-D8h]
  int v55; // [esp+128h] [ebp-D4h]
  char v56; // [esp+12Ch] [ebp-D0h]
  int v57; // [esp+13Ch] [ebp-C0h]
  int v58; // [esp+140h] [ebp-BCh]
  char v59; // [esp+144h] [ebp-B8h]
  int v60; // [esp+154h] [ebp-A8h]
  int v61; // [esp+158h] [ebp-A4h]
  char v62; // [esp+15Ch] [ebp-A0h]
  int v63; // [esp+16Ch] [ebp-90h]
  int v64; // [esp+170h] [ebp-8Ch]
  char v65; // [esp+174h] [ebp-88h]
  int v66; // [esp+184h] [ebp-78h]
  int v67; // [esp+188h] [ebp-74h]
  char v68; // [esp+18Ch] [ebp-70h]
  int v69; // [esp+19Ch] [ebp-60h]
  int v70; // [esp+1A0h] [ebp-5Ch]
  char v71; // [esp+1A4h] [ebp-58h]
  int v72; // [esp+1B4h] [ebp-48h]
  int v73; // [esp+1B8h] [ebp-44h]
  char v74; // [esp+1BCh] [ebp-40h]
  int v75; // [esp+1CCh] [ebp-30h]
  int v76; // [esp+1D0h] [ebp-2Ch]
  char v77[3]; // [esp+1E9h] [ebp-13h]
  int v78; // [esp+1F8h] [ebp-4h]

  v22 = 0;
  v0 = 0;
  v25 = 0;
  v23 = 0;
  v24 = 0;
  v78 = 0;
  v42 = 0;
  v43 = 15;
  LOBYTE(v41) = 0;
  LOBYTE(v78) = 1;
  sub_401D40(std::cout, "请输入注册码");
  sub_402410(std::cin, &v41);
  if ( v42 != 9 )
  {
    v26 = -592402486;
    sub_401D40(std::cout, (const char *)&v26);
  }
  v1 = v77;
  v2 = 155;
  do
  {
    *--v1 = v2 % 0xA + 48;
    v2 /= 0xAu;
  }
  while ( v2 );
  v45 = 0;
  v46 = 15;
  LOBYTE(Dst) = 0;
  if ( v1 != v77 )
  {
    sub_401AC0(&Dst, v1, v77 - v1);
    v2 = v45;
  }
  LOBYTE(v78) = 2;
  v48 = 0;
  v49 = 15;
  Src[0] = 0;
  sub_401AC0(Src, "zero", 4u);
  LOBYTE(v78) = 3;
  v51 = 0;
  v52 = 15;
  v50 = 0;
  sub_401AC0(&v50, "one", 3u);
  LOBYTE(v78) = 4;
  v54 = 0;
  v55 = 15;
  v53 = 0;
  sub_401AC0(&v53, "two", 3u);
  LOBYTE(v78) = 5;
  v57 = 0;
  v58 = 15;
  v56 = 0;
  sub_401AC0(&v56, "three", 5u);
  LOBYTE(v78) = 6;
  v60 = 0;
  v61 = 15;
  v59 = 0;
  sub_401AC0(&v59, "破你麻痹", 8u);
  LOBYTE(v78) = 7;
  v63 = 0;
  v64 = 15;
  v62 = 0;
  sub_401AC0(&v62, "five", 4u);
  LOBYTE(v78) = 8;
  v66 = 0;
  v67 = 15;
  v65 = 0;
  sub_401AC0(&v65, "six6666", 7u);
  LOBYTE(v78) = 9;
  v69 = 0;
  v70 = 15;
  v68 = 0;
  sub_401AC0(&v68, "seven", 5u);
  LOBYTE(v78) = 10;
  v72 = 0;
  v73 = 15;
  v71 = 0;
  sub_401AC0(&v71, &unk_40424C, 0xFu);
  LOBYTE(v78) = 11;
  v75 = 0;
  v76 = 15;
  v74 = 0;
  sub_401AC0(&v74, "哈哈哈哈", 8u);
  v3 = 1;
  LOBYTE(v78) = 12;
  v4 = (void **)Dst;
  if ( v2 <= 1 )
  {
    v6 = 0;
  }
  else
  {
    do
    {
      v5 = &Dst;
      if ( v46 >= 0x10 )
        v5 = v4;
      v21 = &Src[24 * (*((char *)v5 + v3) - 48)];
      if ( v0 == v25 )
      {
        sub_401F80((int *)&v22, v0, v21);
        v0 = v23;
        v25 = v24;
      }
      else
      {
        sub_401A00(v21);
        v0 += 24;
        v23 = v0;
      }
      v4 = (void **)Dst;
      ++v3;
    }
    while ( v3 < v2 );
    v6 = (char *)v22;
  }
  sub_401A00(v6);
  LOBYTE(v78) = 13;
  sub_401A00(v6 + 24);
  LOBYTE(v78) = 14;
  sub_401A00(v6 + 48);
  LOBYTE(v78) = 15;
  sub_401A00(v6 + 96);
  LOBYTE(v78) = 16;
  sub_401A00(v6 + 120);
  LOBYTE(v78) = 17;
  v36 = 0;
  v37 = 15;
  LOBYTE(Memory) = 0;
  sub_401AC0(&Memory, &unk_404268, 0xAu);
  LOBYTE(v78) = 18;
  v7 = (char *)&v38;
  v8 = (char *)&v41;
  if ( v40 >= 0x10 )
    v7 = (char *)v38;
  if ( v43 >= 0x10 )
    v8 = (char *)v41;
  if ( v42 == v39 )
  {
    v9 = v42 - 4;
    if ( v42 < 4 )
    {
LABEL_24:
      if ( v9 == -4 )
        goto LABEL_33;
    }
    else
    {
      while ( *(_DWORD *)v8 == *(_DWORD *)v7 )
      {
        v8 += 4;
        v7 += 4;
        v10 = v9 < 4;
        v9 -= 4;
        if ( v10 )
          goto LABEL_24;
      }
    }
    v10 = (unsigned __int8)*v8 < (unsigned __int8)*v7;
    if ( *v8 != *v7
      || v9 != -3
      && ((v11 = v8[1], v10 = v11 < (unsigned __int8)v7[1], v11 != v7[1])
       || v9 != -2
       && ((v12 = v8[2], v10 = v12 < (unsigned __int8)v7[2], v12 != v7[2])
        || v9 != -1 && (v13 = v8[3], v10 = v13 < (unsigned __int8)v7[3], v13 != v7[3]))) )
    {
      v14 = -v10 | 1;
      goto LABEL_34;
    }
LABEL_33:
    v14 = 0;
LABEL_34:
    if ( !v14 )
    {
      v26 = -1497773645;
      sub_401D40(std::cout, (const char *)&v26);
    }
  }
  system("pause");
  LOBYTE(v78) = 17;
  if ( v37 >= 0x10 )
  {
    v15 = Memory;
    if ( v37 + 1 >= 0x1000 )
    {
      v15 = (_BYTE *)*((_DWORD *)Memory - 1);
      v16 = v37 + 36;
      if ( (unsigned int)((_BYTE *)Memory - v15 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B(v15);
  }
  LOBYTE(v78) = 16;
  if ( v34 >= 0x10 )
  {
    v15 = v33;
    if ( v34 + 1 >= 0x1000 )
    {
      v15 = (_BYTE *)*((_DWORD *)v33 - 1);
      v16 = v34 + 36;
      if ( (unsigned int)((_BYTE *)v33 - v15 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B(v15);
  }
  LOBYTE(v78) = 15;
  if ( v32 >= 0x10 )
  {
    v15 = v31;
    if ( v32 + 1 >= 0x1000 )
    {
      v15 = (_BYTE *)*((_DWORD *)v31 - 1);
      v16 = v32 + 36;
      if ( (unsigned int)((_BYTE *)v31 - v15 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B(v15);
  }
  LOBYTE(v78) = 14;
  if ( v30 >= 0x10 )
  {
    v15 = v29;
    if ( v30 + 1 >= 0x1000 )
    {
      v15 = (_BYTE *)*((_DWORD *)v29 - 1);
      v16 = v30 + 36;
      if ( (unsigned int)((_BYTE *)v29 - v15 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B(v15);
  }
  LOBYTE(v78) = 13;
  if ( v28 >= 0x10 )
  {
    v15 = v27;
    if ( v28 + 1 >= 0x1000 )
    {
      v15 = (_BYTE *)*((_DWORD *)v27 - 1);
      v16 = v28 + 36;
      if ( (unsigned int)((_BYTE *)v27 - v15 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B(v15);
  }
  LOBYTE(v78) = 12;
  if ( v40 >= 0x10 )
  {
    v16 = (int)v38;
    if ( v40 + 1 >= 0x1000 )
    {
      v16 = *((_DWORD *)v38 - 1);
      v15 = (_BYTE *)(v40 + 36);
      if ( (unsigned int)((char *)v38 - v16 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B((void *)v16);
  }
  LOBYTE(v78) = 2;
  sub_402786(Src, 24, 10, sub_4019B0);
  if ( v46 >= 0x10 )
  {
    v16 = (int)Dst;
    if ( v46 + 1 >= 0x1000 )
    {
      v16 = *((_DWORD *)Dst - 1);
      v15 = (_BYTE *)(v46 + 36);
      if ( (unsigned int)((char *)Dst - v16 - 4) > 0x1F )
        goto LABEL_71;
    }
    sub_40289B((void *)v16);
  }
  if ( v43 < 0x10 )
    goto LABEL_68;
  v16 = (int)v41;
  if ( v43 + 1 >= 0x1000 )
  {
    v16 = *((_DWORD *)v41 - 1);
    v15 = (_BYTE *)(v43 + 36);
    if ( (unsigned int)((char *)v41 - v16 - 4) > 0x1F )
    {
LABEL_71:
      invalid_parameter_noinfo_noreturn(v15, v16);
LABEL_72:
      sub_40289B(v6);
      return 0;
    }
  }
  sub_40289B((void *)v16);
LABEL_68:
  if ( v6 )
  {
    sub_4022C0(v6, v0, v17);
    v16 = (signed int)((unsigned __int64)(715827883i64 * (v25 - (signed int)v6)) >> 32) >> 2;
    v18 = v6;
    v19 = 24 * ((v25 - (signed int)v6) / 24);
    if ( v19 < 0x1000 )
      goto LABEL_72;
    v6 = (char *)*((_DWORD *)v6 - 1);
    v15 = (_BYTE *)(v19 + 35);
    if ( (unsigned int)(v18 - v6 - 4) <= 0x1F )
      goto LABEL_72;
    goto LABEL_71;
  }
  return 0;
}
回复 支持

举报

jy04468108
jy04468108 发表于 2020-12-31 09:10
好歹给个成功截图吧,输入任意9位数就直接闪退了
回复 支持

举报

byh3025
byh3025 发表于 2020-12-31 10:15
看到6楼的字符串,就不想试了
回复 支持

举报

涛之雨
涛之雨 发表于 2020-12-31 10:56
请楼主尽快补上成功的截图
(虽然6楼字符串有了。。。)

免费评分

参与人数 1吾爱币 +1 热心值 +1 收起 理由
小菜鸟一枚 + 1 + 1 大佬当上版主了,恭喜!

查看全部评分

回复 支持

举报

jy04468108
jy04468108 发表于 2020-12-31 12:46
爆破算不算



关键位置

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?注册[Register]

x

免费评分

参与人数 1吾爱币 +1 热心值 +1 收起 理由
不愿鞠躬车马前 + 1 + 1 可以

查看全部评分

回复 支持

举报

huaishion
huaishion 发表于 2020-12-31 12:47
还是看了6楼的字符串,你又想要人破 ,然后你又在里面搞个字符串骂人家啥意思
回复 支持

举报

不愿鞠躬车马前
 楼主| 不愿鞠躬车马前 发表于 2020-12-31 13:17
我的我的,第一个判断是字符串长度9而正确的长度确没有达到9.。。。导致大家出不来。。。并且也把里面的不好的话去除了,起初发给朋友玩那时候没注意,,,。。这版更新了,应该很简单。附上成功截图。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?注册[Register]

x
回复 支持

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则


免责声明:
吾爱破解所发布的一切破解补丁、注册机和注册信息及软件的解密分析文章仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。

Mail To:Service@52pojie.cn

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-11-24 13:29

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表