QQ聊天记录强行查看器 9.0_注册码(含原版软
大唐通讯录 V1.30_算法注册机
2008/08/29 17:50 | by
【文章标题】: Quick Budget V1.14注册算法简单分析
【文章作者】: 蚊香
【作者邮箱】: xpi386com@gmail.com
【作者主页】: http://www.xpi386.com
【下载地址】: http://www.justapps.com/download/quickbudget_setup.exe
【保护方式】: 用户名 + 注册码
【使用工具】: OD,计算器
【操作平台】: D版XP-SP3
【软件介绍】: 是一款快速预算财政的软件.
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
下载安装,试注册,有弹框错误提示.于是首先想到用F12暂停查看堆栈调用的方法,,很快可以定位到关键.
为方便说明,假注册时统一使用用户名'abcde'和假码'123456789'.出现的计算数字均为16进制形式.
进入006908D9
内文分页: [1] [2]
【文章作者】: 蚊香
【作者邮箱】: xpi386com@gmail.com
【作者主页】: http://www.xpi386.com
【下载地址】: http://www.justapps.com/download/quickbudget_setup.exe
【保护方式】: 用户名 + 注册码
【使用工具】: OD,计算器
【操作平台】: D版XP-SP3
【软件介绍】: 是一款快速预算财政的软件.
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
下载安装,试注册,有弹框错误提示.于是首先想到用F12暂停查看堆栈调用的方法,,很快可以定位到关键.
为方便说明,假注册时统一使用用户名'abcde'和假码'123456789'.出现的计算数字均为16进制形式.
00690804 /. 55 push ebp ; F2下断,F9运行,F8单步往下。
00690805 |. 8BEC mov ebp, esp
00690807 |. 81C4 ECFEFFFF add esp, -114
0069080D |. 53 push ebx
0069080E |. 33C9 xor ecx, ecx
00690810 |. 898D ECFEFFFF mov dword ptr [ebp-114], ecx
00690816 |. 898D F4FEFFFF mov dword ptr [ebp-10C], ecx
0069081C |. 898D F0FEFFFF mov dword ptr [ebp-110], ecx
00690822 |. 894D FC mov dword ptr [ebp-4], ecx
00690825 |. 894D F8 mov dword ptr [ebp-8], ecx
00690828 |. 8BD8 mov ebx, eax
0069082A |. 33C0 xor eax, eax
0069082C |. 55 push ebp
0069082D |. 68 8B096900 push 0069098B
00690832 |. 64:FF30 push dword ptr fs:[eax]
00690835 |. 64:8920 mov dword ptr fs:[eax], esp
00690838 |. 8D55 F8 lea edx, dword ptr [ebp-8]
0069083B |. 8B83 FC020000 mov eax, dword ptr [ebx+2FC]
00690841 |. E8 CEFDDDFF call 00470614 ; 用户名
00690846 |. 8B45 F8 mov eax, dword ptr [ebp-8]
00690849 |. 8D55 FC lea edx, dword ptr [ebp-4]
0069084C |. E8 7B95D7FF call 00409DCC
00690851 |. 8B55 FC mov edx, dword ptr [ebp-4]
00690854 |. A1 A4EC6900 mov eax, dword ptr [69ECA4]
00690859 |. E8 2247D7FF call 00404F80
0069085E |. 8D95 F0FEFFFF lea edx, dword ptr [ebp-110]
00690864 |. 8B83 00030000 mov eax, dword ptr [ebx+300]
0069086A |. E8 A5FDDDFF call 00470614 ; 假码
0069086F |. 8B85 F0FEFFFF mov eax, dword ptr [ebp-110]
00690875 |. 8D95 F4FEFFFF lea edx, dword ptr [ebp-10C]
0069087B |. E8 4C95D7FF call 00409DCC
00690880 |. 8B95 F4FEFFFF mov edx, dword ptr [ebp-10C]
00690886 |. 8D85 F8FEFFFF lea eax, dword ptr [ebp-108]
0069088C |. B9 FF000000 mov ecx, 0FF ; ? 不知道1
00690891 |. E8 3249D7FF call 004051C8
00690896 |. 8D95 F8FEFFFF lea edx, dword ptr [ebp-108]
0069089C |. A1 24F36900 mov eax, dword ptr [69F324]
006908A1 |. B1 1E mov cl, 1E ; ? 不知道2
006908A3 |. E8 C02DD7FF call 00403668 ; 不知道上面两个mov是干什么的 ???
006908A8 |. 68 62040000 push 462 ; 后面表现英勇的常数462压栈
006908AD |. 8D85 ECFEFFFF lea eax, dword ptr [ebp-114]
006908B3 |. 8B15 24F36900 mov edx, dword ptr [69F324] ; QuickBud.006A2B14
006908B9 |. E8 D248D7FF call 00405190
006908BE |. 8B8D ECFEFFFF mov ecx, dword ptr [ebp-114]
006908C4 |. 8B15 A4EC6900 mov edx, dword ptr [69ECA4] ; QuickBud.006A2B0C
006908CA |. 8B12 mov edx, dword ptr [edx]
006908CC |. A1 20ED6900 mov eax, dword ptr [69ED20]
006908D1 |. 8B00 mov eax, dword ptr [eax]
006908D3 |. 8B80 A8030000 mov eax, dword ptr [eax+3A8]
006908D9 |. E8 DACCE4FF call 004DD5B8 ; 关键CALL,F7进
006908DE |. 84C0 test al, al
006908E0 |. 75 29 jnz short 0069090B ; 关键跳转
006908E2 |. 6A 00 push 0
006908E4 |. 66:8B0D 98096>mov cx, word ptr [690998]
006908EB |. B2 01 mov dl, 1
006908ED |. B8 A4096900 mov eax, 006909A4 ; ASCII "The Registration Code that you provided does not",CR,"match the Name entered."
006908F2 |. E8 09C1DAFF call 0043CA00
006908F7 |. 48 dec eax
006908F8 |. 75 52 jnz short 0069094C
006908FA |. A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
006908FF |. C780 4C020000>mov dword ptr [eax+24C], 1
00690909 |. EB 41 jmp short 0069094C
0069090B |> 803D 302D6A00>cmp byte ptr [6A2D30], 0
00690912 |. 75 29 jnz short 0069093D
00690914 |. 6A 00 push 0
00690916 |. 66:8B0D 98096>mov cx, word ptr [690998]
0069091D |. B2 03 mov dl, 3
0069091F |. B8 F8096900 mov eax, 006909F8 ; ASCII "Thank you for Registering Quick Budget."
00690924 |. E8 D7C0DAFF call 0043CA00
00690929 |. 48 dec eax
0069092A |. 75 20 jnz short 0069094C
0069092C |. A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
00690931 |. C780 4C020000>mov dword ptr [eax+24C], 1
0069093B |. EB 0F jmp short 0069094C
0069093D |> A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
00690942 |. C780 4C020000>mov dword ptr [eax+24C], 1
0069094C |> 33C0 xor eax, eax
0069094E |. 5A pop edx
0069094F |. 59 pop ecx
00690950 |. 59 pop ecx
00690951 |. 64:8910 mov dword ptr fs:[eax], edx
00690954 |. 68 92096900 push 00690992
00690959 |> 8D85 ECFEFFFF lea eax, dword ptr [ebp-114]
0069095F |. E8 C845D7FF call 00404F2C
00690964 |. 8D85 F0FEFFFF lea eax, dword ptr [ebp-110]
0069096A |. E8 BD45D7FF call 00404F2C
0069096F |. 8D85 F4FEFFFF lea eax, dword ptr [ebp-10C]
00690975 |. E8 B245D7FF call 00404F2C
0069097A |. 8D45 F8 lea eax, dword ptr [ebp-8]
0069097D |. E8 AA45D7FF call 00404F2C
00690982 |. 8D45 FC lea eax, dword ptr [ebp-4]
00690985 |. E8 A245D7FF call 00404F2C
0069098A \. C3 retn
0069098B .^ E9 D43ED7FF jmp 00404864
00690990 .^ EB C7 jmp short 00690959
00690992 . 5B pop ebx
00690993 . 8BE5 mov esp, ebp
00690995 . 5D pop ebp
00690996 . C3 retn
00690805 |. 8BEC mov ebp, esp
00690807 |. 81C4 ECFEFFFF add esp, -114
0069080D |. 53 push ebx
0069080E |. 33C9 xor ecx, ecx
00690810 |. 898D ECFEFFFF mov dword ptr [ebp-114], ecx
00690816 |. 898D F4FEFFFF mov dword ptr [ebp-10C], ecx
0069081C |. 898D F0FEFFFF mov dword ptr [ebp-110], ecx
00690822 |. 894D FC mov dword ptr [ebp-4], ecx
00690825 |. 894D F8 mov dword ptr [ebp-8], ecx
00690828 |. 8BD8 mov ebx, eax
0069082A |. 33C0 xor eax, eax
0069082C |. 55 push ebp
0069082D |. 68 8B096900 push 0069098B
00690832 |. 64:FF30 push dword ptr fs:[eax]
00690835 |. 64:8920 mov dword ptr fs:[eax], esp
00690838 |. 8D55 F8 lea edx, dword ptr [ebp-8]
0069083B |. 8B83 FC020000 mov eax, dword ptr [ebx+2FC]
00690841 |. E8 CEFDDDFF call 00470614 ; 用户名
00690846 |. 8B45 F8 mov eax, dword ptr [ebp-8]
00690849 |. 8D55 FC lea edx, dword ptr [ebp-4]
0069084C |. E8 7B95D7FF call 00409DCC
00690851 |. 8B55 FC mov edx, dword ptr [ebp-4]
00690854 |. A1 A4EC6900 mov eax, dword ptr [69ECA4]
00690859 |. E8 2247D7FF call 00404F80
0069085E |. 8D95 F0FEFFFF lea edx, dword ptr [ebp-110]
00690864 |. 8B83 00030000 mov eax, dword ptr [ebx+300]
0069086A |. E8 A5FDDDFF call 00470614 ; 假码
0069086F |. 8B85 F0FEFFFF mov eax, dword ptr [ebp-110]
00690875 |. 8D95 F4FEFFFF lea edx, dword ptr [ebp-10C]
0069087B |. E8 4C95D7FF call 00409DCC
00690880 |. 8B95 F4FEFFFF mov edx, dword ptr [ebp-10C]
00690886 |. 8D85 F8FEFFFF lea eax, dword ptr [ebp-108]
0069088C |. B9 FF000000 mov ecx, 0FF ; ? 不知道1
00690891 |. E8 3249D7FF call 004051C8
00690896 |. 8D95 F8FEFFFF lea edx, dword ptr [ebp-108]
0069089C |. A1 24F36900 mov eax, dword ptr [69F324]
006908A1 |. B1 1E mov cl, 1E ; ? 不知道2
006908A3 |. E8 C02DD7FF call 00403668 ; 不知道上面两个mov是干什么的 ???
006908A8 |. 68 62040000 push 462 ; 后面表现英勇的常数462压栈
006908AD |. 8D85 ECFEFFFF lea eax, dword ptr [ebp-114]
006908B3 |. 8B15 24F36900 mov edx, dword ptr [69F324] ; QuickBud.006A2B14
006908B9 |. E8 D248D7FF call 00405190
006908BE |. 8B8D ECFEFFFF mov ecx, dword ptr [ebp-114]
006908C4 |. 8B15 A4EC6900 mov edx, dword ptr [69ECA4] ; QuickBud.006A2B0C
006908CA |. 8B12 mov edx, dword ptr [edx]
006908CC |. A1 20ED6900 mov eax, dword ptr [69ED20]
006908D1 |. 8B00 mov eax, dword ptr [eax]
006908D3 |. 8B80 A8030000 mov eax, dword ptr [eax+3A8]
006908D9 |. E8 DACCE4FF call 004DD5B8 ; 关键CALL,F7进
006908DE |. 84C0 test al, al
006908E0 |. 75 29 jnz short 0069090B ; 关键跳转
006908E2 |. 6A 00 push 0
006908E4 |. 66:8B0D 98096>mov cx, word ptr [690998]
006908EB |. B2 01 mov dl, 1
006908ED |. B8 A4096900 mov eax, 006909A4 ; ASCII "The Registration Code that you provided does not",CR,"match the Name entered."
006908F2 |. E8 09C1DAFF call 0043CA00
006908F7 |. 48 dec eax
006908F8 |. 75 52 jnz short 0069094C
006908FA |. A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
006908FF |. C780 4C020000>mov dword ptr [eax+24C], 1
00690909 |. EB 41 jmp short 0069094C
0069090B |> 803D 302D6A00>cmp byte ptr [6A2D30], 0
00690912 |. 75 29 jnz short 0069093D
00690914 |. 6A 00 push 0
00690916 |. 66:8B0D 98096>mov cx, word ptr [690998]
0069091D |. B2 03 mov dl, 3
0069091F |. B8 F8096900 mov eax, 006909F8 ; ASCII "Thank you for Registering Quick Budget."
00690924 |. E8 D7C0DAFF call 0043CA00
00690929 |. 48 dec eax
0069092A |. 75 20 jnz short 0069094C
0069092C |. A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
00690931 |. C780 4C020000>mov dword ptr [eax+24C], 1
0069093B |. EB 0F jmp short 0069094C
0069093D |> A1 2C2D6A00 mov eax, dword ptr [6A2D2C]
00690942 |. C780 4C020000>mov dword ptr [eax+24C], 1
0069094C |> 33C0 xor eax, eax
0069094E |. 5A pop edx
0069094F |. 59 pop ecx
00690950 |. 59 pop ecx
00690951 |. 64:8910 mov dword ptr fs:[eax], edx
00690954 |. 68 92096900 push 00690992
00690959 |> 8D85 ECFEFFFF lea eax, dword ptr [ebp-114]
0069095F |. E8 C845D7FF call 00404F2C
00690964 |. 8D85 F0FEFFFF lea eax, dword ptr [ebp-110]
0069096A |. E8 BD45D7FF call 00404F2C
0069096F |. 8D85 F4FEFFFF lea eax, dword ptr [ebp-10C]
00690975 |. E8 B245D7FF call 00404F2C
0069097A |. 8D45 F8 lea eax, dword ptr [ebp-8]
0069097D |. E8 AA45D7FF call 00404F2C
00690982 |. 8D45 FC lea eax, dword ptr [ebp-4]
00690985 |. E8 A245D7FF call 00404F2C
0069098A \. C3 retn
0069098B .^ E9 D43ED7FF jmp 00404864
00690990 .^ EB C7 jmp short 00690959
00690992 . 5B pop ebx
00690993 . 8BE5 mov esp, ebp
00690995 . 5D pop ebp
00690996 . C3 retn
进入006908D9
004DD5B8 /$ 55 push ebp
004DD5B9 |. 8BEC mov ebp, esp
004DD5BB |. 83C4 F4 add esp, -0C
004DD5BE |. 53 push ebx
004DD5BF |. 56 push esi
004DD5C0 |. 57 push edi
004DD5C1 |. 33DB xor ebx, ebx
004DD5C3 |. 895D F4 mov dword ptr [ebp-C], ebx
004DD5C6 |. 894D F8 mov dword ptr [ebp-8], ecx
004DD5C9 |. 8955 FC mov dword ptr [ebp-4], edx
004DD5CC |. 8BF8 mov edi, eax
004DD5CE |. 8B75 08 mov esi, dword ptr [ebp+8] ; ESI=常数462
004DD5D1 |. 8B45 FC mov eax, dword ptr [ebp-4]
004DD5D4 |. E8 037EF2FF call 004053DC
004DD5D9 |. 8B45 F8 mov eax, dword ptr [ebp-8]
004DD5DC |. E8 FB7DF2FF call 004053DC
004DD5E1 |. 33C0 xor eax, eax
004DD5E3 |. 55 push ebp
004DD5E4 |. 68 37D64D00 push 004DD637
004DD5E9 |. 64:FF30 push dword ptr fs:[eax]
004DD5EC |. 64:8920 mov dword ptr fs:[eax], esp
004DD5EF |. 33DB xor ebx, ebx
004DD5F1 |. 837D FC 00 cmp dword ptr [ebp-4], 0
004DD5F5 |. 74 25 je short 004DD61C
004DD5F7 |. 85F6 test esi, esi
004DD5F9 |. 74 21 je short 004DD61C
004DD5FB |. 8D45 F4 lea eax, dword ptr [ebp-C]
004DD5FE |. 50 push eax
004DD5FF |. 8BCE mov ecx, esi
004DD601 |. 8B55 FC mov edx, dword ptr [ebp-4]
004DD604 |. 8BC7 mov eax, edi
004DD606 |. E8 8DFEFFFF call 004DD498 ; 经过此CALL后真码现身,F7进
004DD60B |. 8B45 F4 mov eax, dword ptr [ebp-C]
004DD60E |. 8B55 F8 mov edx, dword ptr [ebp-8]
004DD611 |. E8 9EF1FFFF call 004DC7B4 ; 真假码比较
004DD616 |. 84C0 test al, al
004DD618 |. 74 02 je short 004DD61C ; 关键跳转
004DD61A |. B3 01 mov bl, 1 ; 关键赋值
004DD61C |> 33C0 xor eax, eax
004DD61E |. 5A pop edx
004DD61F |. 59 pop ecx
004DD620 |. 59 pop ecx
004DD621 |. 64:8910 mov dword ptr fs:[eax], edx
004DD624 |. 68 3ED64D00 push 004DD63E
004DD629 |> 8D45 F4 lea eax, dword ptr [ebp-C]
004DD62C |. BA 03000000 mov edx, 3
004DD631 |. E8 1A79F2FF call 00404F50
004DD636 \. C3 retn
004DD637 .^ E9 2872F2FF jmp 00404864
004DD63C .^ EB EB jmp short 004DD629
004DD63E . 8BC3 mov eax, ebx ; 关键传递
004DD640 . 5F pop edi
004DD641 . 5E pop esi
004DD642 . 5B pop ebx
004DD643 . 8BE5 mov esp, ebp
004DD645 . 5D pop ebp
004DD646 . C2 0400 retn 4
004DD5B9 |. 8BEC mov ebp, esp
004DD5BB |. 83C4 F4 add esp, -0C
004DD5BE |. 53 push ebx
004DD5BF |. 56 push esi
004DD5C0 |. 57 push edi
004DD5C1 |. 33DB xor ebx, ebx
004DD5C3 |. 895D F4 mov dword ptr [ebp-C], ebx
004DD5C6 |. 894D F8 mov dword ptr [ebp-8], ecx
004DD5C9 |. 8955 FC mov dword ptr [ebp-4], edx
004DD5CC |. 8BF8 mov edi, eax
004DD5CE |. 8B75 08 mov esi, dword ptr [ebp+8] ; ESI=常数462
004DD5D1 |. 8B45 FC mov eax, dword ptr [ebp-4]
004DD5D4 |. E8 037EF2FF call 004053DC
004DD5D9 |. 8B45 F8 mov eax, dword ptr [ebp-8]
004DD5DC |. E8 FB7DF2FF call 004053DC
004DD5E1 |. 33C0 xor eax, eax
004DD5E3 |. 55 push ebp
004DD5E4 |. 68 37D64D00 push 004DD637
004DD5E9 |. 64:FF30 push dword ptr fs:[eax]
004DD5EC |. 64:8920 mov dword ptr fs:[eax], esp
004DD5EF |. 33DB xor ebx, ebx
004DD5F1 |. 837D FC 00 cmp dword ptr [ebp-4], 0
004DD5F5 |. 74 25 je short 004DD61C
004DD5F7 |. 85F6 test esi, esi
004DD5F9 |. 74 21 je short 004DD61C
004DD5FB |. 8D45 F4 lea eax, dword ptr [ebp-C]
004DD5FE |. 50 push eax
004DD5FF |. 8BCE mov ecx, esi
004DD601 |. 8B55 FC mov edx, dword ptr [ebp-4]
004DD604 |. 8BC7 mov eax, edi
004DD606 |. E8 8DFEFFFF call 004DD498 ; 经过此CALL后真码现身,F7进
004DD60B |. 8B45 F4 mov eax, dword ptr [ebp-C]
004DD60E |. 8B55 F8 mov edx, dword ptr [ebp-8]
004DD611 |. E8 9EF1FFFF call 004DC7B4 ; 真假码比较
004DD616 |. 84C0 test al, al
004DD618 |. 74 02 je short 004DD61C ; 关键跳转
004DD61A |. B3 01 mov bl, 1 ; 关键赋值
004DD61C |> 33C0 xor eax, eax
004DD61E |. 5A pop edx
004DD61F |. 59 pop ecx
004DD620 |. 59 pop ecx
004DD621 |. 64:8910 mov dword ptr fs:[eax], edx
004DD624 |. 68 3ED64D00 push 004DD63E
004DD629 |> 8D45 F4 lea eax, dword ptr [ebp-C]
004DD62C |. BA 03000000 mov edx, 3
004DD631 |. E8 1A79F2FF call 00404F50
004DD636 \. C3 retn
004DD637 .^ E9 2872F2FF jmp 00404864
004DD63C .^ EB EB jmp short 004DD629
004DD63E . 8BC3 mov eax, ebx ; 关键传递
004DD640 . 5F pop edi
004DD641 . 5E pop esi
004DD642 . 5B pop ebx
004DD643 . 8BE5 mov esp, ebp
004DD645 . 5D pop ebp
004DD646 . C2 0400 retn 4
内文分页: [1] [2]
相关日志
Mp3标签修改器 3.2_绿色破解免注册版
七彩蝶影 MP4转换大师 V7.0_绿色注册破解版
MP3 AMR 手机音乐铃声转换专家 1.3_绿色破解免注册版
局域网助手(LanHelper) v1.82_绿色破解版
Xilisoft 3GP Video Converter 5.1.2.0919_绿色破解注册版
Mp3标签修改器 3.2_绿色破解免注册版
七彩蝶影 MP4转换大师 V7.0_绿色注册破解版
MP3 AMR 手机音乐铃声转换专家 1.3_绿色破解免注册版
局域网助手(LanHelper) v1.82_绿色破解版
Xilisoft 3GP Video Converter 5.1.2.0919_绿色破解注册版
收藏本文到网摘:
.text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://my.poco.cn/fav/storeIt.php?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t)+'&img=http://www.h-strong.com/blog/logo.gif','keyit','scrollbars=no,width=475,height=575,left=50,top=50status=no,resizable=yes'));keyit.focus();){kind=logo}
