XXXXX转换大师算法分析菜鸟找自信：)

wuhanqi · 发表于 2009-7-30 00:16

【文章标题】: XXXXX转换大师算法分析菜鸟找自信：)
【文章作者】: wuhanqi
【软件名称】: 都说了只是找自信而已!
【下载地址】: 自己搜索下载
【使用工具】: PEiD,OD.
【作者声明】: 菜鸟一个..
--------------------------------------------------------------------------------
【详细过程】

004BF640  /$  55          PUSH EBP
004BF641  |.  8BEC       MOV EBP,ESP
004BF643  |.  51          PUSH ECX
004BF644  |.  B9 04000000 MOV ECX,4
004BF649  |>  6A 00       /PUSH 0
004BF64B  |.  6A 00       |PUSH 0
004BF64D  |.  49          |DEC ECX
004BF64E  |.^ 75 F9       \JNZ SHORT 004BF649
004BF650  |.  51          PUSH ECX
004BF651  |.  874D FC    XCHG DWORD PTR SS:[EBP-4],ECX
004BF654  |.  53          PUSH EBX
004BF655  |.  56          PUSH ESI
004BF656  |.  57          PUSH EDI
004BF657  |.  8BF9       MOV EDI,ECX
004BF659  |.  8955 FC    MOV DWORD PTR SS:[EBP-4],EDX
004BF65C  |.  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004BF65F  |.  E8 3858F4FF CALL 00404E9C
004BF664  |.  33C0       XOR EAX,EAX
004BF666  |.  55          PUSH EBP
004BF667  |.  68 01F84B00 PUSH 004BF801
004BF66C  |.  64:FF30    PUSH DWORD PTR FS:[EAX]
004BF66F  |.  64:8920    MOV DWORD PTR FS:[EAX],ESP
004BF672  |.  8BC7       MOV EAX,EDI
004BF674  |.  E8 7353F4FF CALL 004049EC
004BF679  |.  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]          ;  用户名到eax
004BF67C  |.  E8 2B56F4FF CALL 00404CAC                         ;  算用户名位数
004BF681  |.  8BF0       MOV ESI,EAX                            ;  位数到esi
004BF683  |.  85F6       TEST ESI,ESI                            ;  是否输入。没输入就跳。
004BF685  |.  7E 26       JLE SHORT 004BF6AD
004BF687  |.  BB 01000000 MOV EBX,1                               ;  ebx=1
004BF68C  |>  8D4D EC    /LEA ECX,DWORD PTR SS:[EBP-14]
004BF68F  |.  8B45 FC    |MOV EAX,DWORD PTR SS:[EBP-4]          ;  用户名到eax
004BF692  |.  0FB64418 FF |MOVZX EAX,BYTE PTR DS:[EAX+EBX-1]    ;  逐位取用户名ASCII码
004BF697  |.  33D2       |XOR EDX,EDX
004BF699  |.  E8 6AABF4FF |CALL 0040A208                         ;  把ASCII码放到堆栈里
004BF69E  |.  8B55 EC    |MOV EDX,DWORD PTR SS:[EBP-14]
004BF6A1  |.  8D45 F8    |LEA EAX,DWORD PTR SS:[EBP-8]
004BF6A4  |.  E8 0B56F4FF |CALL 00404CB4                         ;  把ASCII码首尾相连，结果记为A
004BF6A9  |.  43          |INC EBX
004BF6AA  |.  4E          |DEC ESI
004BF6AB  |.^ 75 DF       \JNZ SHORT 004BF68C
004BF6AD  |>  8B45 F8    MOV EAX,DWORD PTR SS:[EBP-8]          ;  A到eax
004BF6B0  |.  E8 F755F4FF CALL 00404CAC                         ;  计算A的位数到eax
004BF6B5  |.  8BF0       MOV ESI,EAX                            ;  eax到esi
004BF6B7  |.  85F6       TEST ESI,ESI                            ;  比较是否大于零
004BF6B9  |.  7E 2C       JLE SHORT 004BF6E7
004BF6BB  |.  BB 01000000 MOV EBX,1                               ;  ebx=1
004BF6C0  |>  8B45 F8    /MOV EAX,DWORD PTR SS:[EBP-8]          ;  A到eax
004BF6C3  |.  E8 E455F4FF |CALL 00404CAC
004BF6C8  |.  2BC3       |SUB EAX,EBX                            ;  eax-ebx
004BF6CA  |.  8B55 F8    |MOV EDX,DWORD PTR SS:[EBP-8]          ;  从最后一位开始逐位取ASCII码
004BF6CD  |.  8A1402       |MOV DL,BYTE PTR DS:[EDX+EAX]
004BF6D0  |.  8D45 E8    |LEA EAX,DWORD PTR SS:[EBP-18]
004BF6D3  |.  E8 FC54F4FF |CALL 00404BD4                         ;  取得的ASCII码到堆栈里了
004BF6D8  |.  8B55 E8    |MOV EDX,DWORD PTR SS:[EBP-18]
004BF6DB  |.  8D45 F4    |LEA EAX,DWORD PTR SS:[EBP-C]
004BF6DE  |.  E8 D155F4FF |CALL 00404CB4                         ;  把取到的ASCII码倒序排列
004BF6E3  |.  43          |INC EBX
004BF6E4  |.  4E          |DEC ESI
004BF6E5  |.^ 75 D9       \JNZ SHORT 004BF6C0
004BF6E7  |>  8D45 F8    LEA EAX,DWORD PTR SS:[EBP-8]
004BF6EA  |.  50          PUSH EAX
004BF6EB  |.  B9 04000000 MOV ECX,4                               ;  ecx=4
004BF6F0  |.  BA 01000000 MOV EDX,1                               ;  edx=1
004BF6F5  |.  8B45 F4    MOV EAX,DWORD PTR SS:[EBP-C]          ;  倒序好的ASCII码到eax
004BF6F8  |.  E8 0F58F4FF CALL 00404F0C                         ;  取其前四位
004BF6FD  |.  8D45 F4    LEA EAX,DWORD PTR SS:[EBP-C]
004BF700  |.  50          PUSH EAX
004BF701  |.  B9 04000000 MOV ECX,4                               ;  ecx=4
004BF706  |.  BA 05000000 MOV EDX,5                               ;  edx=5
004BF70B  |.  8B45 F4    MOV EAX,DWORD PTR SS:[EBP-C]          ;  倒序好的ASCII码到eax
004BF70E  |.  E8 F957F4FF CALL 00404F0C                         ;  取其从第五位开始的四位
004BF713  |.  8B45 F8    MOV EAX,DWORD PTR SS:[EBP-8]          ;  1-4位入栈
004BF716  |.  E8 9155F4FF CALL 00404CAC                         ;  计算位数
004BF71B  |.  83F8 04    CMP EAX,4                               ;  看看是不是四位
004BF71E  |.  7D 2F       JGE SHORT 004BF74F                      ;  是的话就闪人
004BF720  |.  8B45 F8    MOV EAX,DWORD PTR SS:[EBP-8]
004BF723  |.  E8 8455F4FF CALL 00404CAC
004BF728  |.  8BD8       MOV EBX,EAX
004BF72A  |.  83FB 03    CMP EBX,3
004BF72D  |.  7F 20       JG SHORT 004BF74F
004BF72F  |>  8D4D E4    /LEA ECX,DWORD PTR SS:[EBP-1C]
004BF732  |.  8BC3       |MOV EAX,EBX
004BF734  |.  C1E0 02    |SHL EAX,2
004BF737  |.  33D2       |XOR EDX,EDX
004BF739  |.  E8 CAAAF4FF |CALL 0040A208
004BF73E  |.  8B55 E4    |MOV EDX,DWORD PTR SS:[EBP-1C]
004BF741  |.  8D45 F8    |LEA EAX,DWORD PTR SS:[EBP-8]
004BF744  |.  E8 6B55F4FF |CALL 00404CB4
004BF749  |.  43          |INC EBX
004BF74A  |.  83FB 04    |CMP EBX,4
004BF74D  |.^ 75 E0       \JNZ SHORT 004BF72F
004BF74F  |>  8B45 F4    MOV EAX,DWORD PTR SS:[EBP-C]          ;  取其5-9位
004BF752  |.  E8 5555F4FF CALL 00404CAC                         ;  计算位数
004BF757  |.  83F8 04    CMP EAX,4                               ;  看看是不是四位
004BF75A  |.  7D 2F       JGE SHORT 004BF78B                      ;  是的话就闪人
004BF75C  |.  8B45 F4    MOV EAX,DWORD PTR SS:[EBP-C]
004BF75F  |.  E8 4855F4FF CALL 00404CAC
004BF764  |.  8BD8       MOV EBX,EAX
004BF766  |.  83FB 03    CMP EBX,3
004BF769  |.  7F 20       JG SHORT 004BF78B
004BF76B  |>  8D4D E0    /LEA ECX,DWORD PTR SS:[EBP-20]
004BF76E  |.  8BC3       |MOV EAX,EBX
004BF770  |.  C1E0 02    |SHL EAX,2
004BF773  |.  33D2       |XOR EDX,EDX
004BF775  |.  E8 8EAAF4FF |CALL 0040A208
004BF77A  |.  8B55 E0    |MOV EDX,DWORD PTR SS:[EBP-20]
004BF77D  |.  8D45 F4    |LEA EAX,DWORD PTR SS:[EBP-C]
004BF780  |.  E8 2F55F4FF |CALL 00404CB4
004BF785  |.  43          |INC EBX
004BF786  |.  83FB 04    |CMP EBX,4
004BF789  |.^ 75 E0       \JNZ SHORT 004BF76B
004BF78B  |>  8D45 F0    LEA EAX,DWORD PTR SS:[EBP-10]
004BF78E  |.  BA 18F84B00 MOV EDX,004BF818                      ;  出现固定字串"lenomp4888"
004BF793  |.  E8 EC52F4FF CALL 00404A84                         ;  压栈了
004BF798  |.  8D45 DC    LEA EAX,DWORD PTR SS:[EBP-24]
004BF79B  |.  50          PUSH EAX
004BF79C  |.  B9 04000000 MOV ECX,4
004BF7A1  |.  BA 01000000 MOV EDX,1
004BF7A6  |.  8B45 F0    MOV EAX,DWORD PTR SS:[EBP-10]
004BF7A9  |.  E8 5E57F4FF CALL 00404F0C                         ;  代码差不多.取固定字串1-4位
004BF7AE  |.  FF75 DC    PUSH DWORD PTR SS:[EBP-24]             ;  压栈
004BF7B1  |.  68 2CF84B00 PUSH 004BF82C                         ;  压固定字符"-"
004BF7B6  |.  FF75 F8    PUSH DWORD PTR SS:[EBP-8]             ;  压倒序好的ASCII码1-4位入栈
004BF7B9  |.  8D45 D8    LEA EAX,DWORD PTR SS:[EBP-28]
004BF7BC  |.  50          PUSH EAX
004BF7BD  |.  B9 05000000 MOV ECX,5
004BF7C2  |.  BA 05000000 MOV EDX,5
004BF7C7  |.  8B45 F0    MOV EAX,DWORD PTR SS:[EBP-10]
004BF7CA  |.  E8 3D57F4FF CALL 00404F0C                         ;  取固定字串5-9位
004BF7CF  |.  FF75 D8    PUSH DWORD PTR SS:[EBP-28]             ;  压栈
004BF7D2  |.  68 2CF84B00 PUSH 004BF82C                         ;  压固定字符"-"
004BF7D7  |.  FF75 F4    PUSH DWORD PTR SS:[EBP-C]             ;  压倒序好的ASCII码5-9位入栈
004BF7DA  |.  8BC7       MOV EAX,EDI
004BF7DC  |.  BA 06000000 MOV EDX,6
004BF7E1  |.  E8 8655F4FF CALL 00404D6C                         ;  相连就是正确注册码.
004BF7E6  |.  33C0       XOR EAX,EAX
004BF7E8  |.  5A          POP EDX
004BF7E9  |.  59          POP ECX
004BF7EA  |.  59          POP ECX
004BF7EB  |.  64:8910    MOV DWORD PTR FS:[EAX],EDX
004BF7EE  |.  68 08F84B00 PUSH 004BF808
004BF7F3  |>  8D45 D8    LEA EAX,DWORD PTR SS:[EBP-28]
004BF7F6  |.  BA 0A000000 MOV EDX,0A
004BF7FB  |.  E8 1052F4FF CALL 00404A10
004BF800  \.  C3          RETN
004BF801 .^ E9 464BF4FF JMP 0040434C
004BF806 .^ EB EB       JMP SHORT 004BF7F3
004BF808 .  5F          POP EDI
004BF809 .  5E          POP ESI
004BF80A .  5B          POP EBX
004BF80B .  8BE5       MOV ESP,EBP
004BF80D .  5D          POP EBP
004BF80E .  C3          RETN

【经验总结】
  这么简单的算法..纯粹找自信用..
  论坛积分规则变了..NEWbie日子苦咯..

--------------------------------------------------------------------------------
【版权声明】: 没啥版权...
                                                   2009年07月29日 23:56:45

daihu37 · 发表于 2009-7-30 11:09

不是视频转换大师把，呵呵，没有看到好多jmp么

wuqing1501 · 发表于 2009-7-30 12:22

偶来学习的想楼主致敬

帐号		自动登录	找回密码
密码			注册[Register]

[分享] XXXXX转换大师算法分析菜鸟找自信：)

免费评分

[分享] XXXXX转换大师 算法分析 菜鸟找自信：)

免费评分

[分享] XXXXX转换大师算法分析菜鸟找自信：)