sergenrl.asm

破解很多程序的序列号算法程序

; Serial Number generator by Lord Soth. Version 1.0
; Generic Skeleton!! You must provide specific calculation routine
; and define specific data structures, then delete the unwanted!
; This is a DOS mode generator, using 32 bit registers
;-----------------------------------------------------------------
model compact
.data


querystr db 'Enter your soon to be registered name: $'
headline db '<YOUR CRACKED APP NAME GOES HERE!!!> serial number generator!$'
sernumstr db 'Your serial number is: $'
creditstr db 'Cracked and brought to you by <YOU NAME GOES HERE>!!$'
zerostr db 'ERROR: Zero length string.$'
username db 256 DUP (0)	; max length of string that can be brought by a dialog box (normally)

.code
.startup
.386C

MOV AH,0
MOV AL,3
INT 10h					; set normal text video mode.
MOV AX,0625h			; set 25 lines to scroll up
MOV BH,1Fh				; set color attribute for blank chars
MOV CX,0000				; set upper-left corner of window
MOV DX,184Fh			; set lower-right corner of window
INT 10h					; fill screen with blue death :)

push ds
pop es
mov ah,13h
mov al,1
mov bh,0
mov bl,0eh
mov cx,<HEADLINE STRING LENGTH!>
mov dx,0
mov ebp,offset es:headline		; this will print the headline string..
int 10h

MOV Ah,3
MOV BH,0
INT 10h							; get cursor position

ADD DH,2						; go down 2 lines
MOV AH,2
MOV DL,0
PUSH DX
MOV BH,0
INT 10h							; set cursor on new position

POP DX
MOV AH,13h
MOV AL,1
MOV BX,1Fh
MOV CX,27h						; 39 chars to print
MOV EBP,offset ES:querystr		; load offset of string
INT 10h							; print the damn string :)

; get the user name from the user, of course.. who did u think? :)

MOV CX,0FFh						; counter from 255 to 0 (bytes read)
mov bx,0						; pointer for memory
LEA DI,username

KBread:	MOV AH,0
	INT 16h						; get char from keyboard
	MOV BX,CX
	OR BX,0FF00h
	NOT BX						; BX will be used to point to the memory where char is stored
	CMP AH,1Ch					; check for Enter pressed
	JZ  CreateUserName 			; Bug outa here
	CMP AH,0Eh					; check for backspace
	JNZ store
	CALL delchar
	JMP Kbread

store:	MOV [DI+BX],AL 			; store ASCII byte in username buffer
		MOV AH,0Ah
		MOV BX,0
		PUSH CX					; store counter on stack
		MOV CX,1
		INT 10h					; print the char on screen
		MOV AH,3
		INT 10h					; get cursor position
		INC DL		 			; increase X pos by 1
		MOV AH,2
		MOV BH,0
		INT 10h					; set on new pos
		POP CX	
		LOOP KBread				; get another char (CX decreases)

; Create the REAL username the program has to calculate the serial from

CreateUserName : 

NOT CL							; reversing CX makes it the string length
CMP CL,0						; if no chars, get outa here :)
JNZ contuser					; 
JMP out_of_prog					; this is a fixed JMP, if your calculation routine is long
								; this might be needed

contuser:

ADD DI,CX 						; add CX counter to DI offset
; this meant so that DI points to right AFTER the entered username
; Here you must put the code that transforms the entered username
; to the REAL user name the prog calculates the serial by..

LEA SI,username
ADD SI,CX				; have SI point to start of REAL username

; calculate the damn serial number already!
; here you put the routine that takes the REAL username
; and calculates the serial number.
; This part is why you learned Reversing Code!! :)
	

		
	MOV AH,3
	MOV BX,0
	INT 10h				; get cursor position
	ADD DH,2
	MOV DL,0
	MOV AX,1301h
	MOV BX,1Fh
	MOV CX,17h			; 23 chars to print - "Your serial number...."
	MOV EBP,offset sernumstr
	INT 10h
	MOV AH,3
	MOV BX,0
	INT 10h				; get cursor position
	MOV CX,10h
	MOV AX,1301h
	MOV BX,1Fh
	MOV EBP,offset serialnum
	INT 10h				; print serial number
	MOV AH,3
	MOV BX,0
	INT 10h				; get cursor position
	ADD DH,3			; increase Y pos by 3
	MOV DL,0			; X pos = 0, start of line
	MOV AX,1301h
	MOV BX,1Fh
	MOV CX,<CREDIT STRING LENGTH HERE!>
	MOV EBP,offset creditstr
	INT 10h				; print my name
	POP BP
	MOV AX,4C00h
	INT 21h				; get da fuck outa here :)

out_of_prog : 
	MOV AH,3
	MOV BX,0
	INT 10h				; get cursor position
	MOV AX,1301h
	MOV DL,0
	ADD DH,3
	MOV BX,1Fh
	MOV CX,1Ah			; 26 chars to print, "ERROR: Zero length..."
	MOV EBP,offset ES:zerostr
	INT 10h
	POP BP
	MOV AX,4C00h
	INT 21h				; get outa here, no chars in username

delchar PROC near
	PUSH CX
	PUSH AX
	CMP BX,0
	JZ nochars
	MOV BYTE PTR [DI+BX],0		; store null char on the buffer
	DEC BX						; reduce memory pointer by 1
	PUSH BX
	MOV BH,0
	MOV AH,3
	INT 10h				; get cursor position
	DEC DL
	MOV AH,2
	MOV BH,0
	INT 10h				; set it on X-1 pos
	MOV AX,0A20h		; store "space" on screen pos
	MOV BX,0
	MOV CX,1
	INT 10H				; write space on screen
	POP BX			
	POP AX
	POP CX
	INC CX				; increase CX, coz it normally decreases
						; and we want to go back 1 char
	RET					; return to caller

nochars:MOV BX,0		; zero out BX, no chars to del
		POP AX
		POP CX			; free stack
		MOV CX,0FFh		; zero out counter, intial value is FFh
		RET
delchar	ENDP

.exit
END