📄 chap9-3-2.htm.primary
字号:
<html>
<head>
<title>Crack Tutorial</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="style/css.css" type="text/css">
<link rel="stylesheet" href="../STYLE/Css.css" type="text/css">
</head>
<body bgcolor="white" text="#000000" link="#004080" vlink="#004080" background="../image/Back.gif">
<p><a href="../catalog.htm">目录</a>>>第9章</p>
<p align="center" class="shadow1Copy"><b class="p3">第9章 注册机和补丁制作</b></p>
<table width="80%" border="0" cellspacing="0" cellpadding="3" align="center" bgcolor="#bcbcbc" bordercolor="#111111" class="shadow1">
<tr>
<td class="shadow1" width="33%">
<div align="center"><a href="Chap9-1.htm"><font color="#FFFFFF">第一节 概念介绍</font></a></div>
</td>
<td class="shadow1" width="33%">
<div align="center"><a href="Chap9-2-1.htm"><font color="#FFFFFF">第二节 补丁制作
</font></a></div>
</td>
<td class="shadow1" colspan="3" width="34%">
<div align="center">
<div align="center"><a href="Chap9-3-1.htm"><font color="#FFFFFF">第三节
注册机</font></a></div>
</div>
</td>
</tr>
</table>
<p align="center"><span class="p9"><b>第三节 注册机制作工具</b></span></p>
<table border="1" width="80%" cellpadding="5" bordercolor="#111111" bgcolor="#efefef" align="center" cellspacing="0">
<tr>
<td width="51%" valign="middle" align="center" class="p9" height="23"><span class="p9"><font color="#000000">1、<a href="Chap9-3-1.htm">CrackCode2000使用介绍</a></font></span></td>
<td colspan="2" valign="middle" align="center" class="p9" height="23" width="49%">2、<a href="Chap9-3-2.htm">Keymake使用</a></td>
</tr>
</table>
<p align="center"><span class="p9"><font color="#000000"><b>2、Keymake使用</b>(作者:刘健英
<a href="http://www.365hz.net/" target="_blank">知软网</a>)</font></span></p>
<blockquote>
<p> 这个注册机编写器以前一直是我自己为写注册机而编写的,通过它只要略有汇编基础很快就能写出一个注册机。而不需要再过多的了解程序的指令算法。 整个程序体实际上只是我用汇编写的一个模板。所以大家也可以在其中自定义自己的界面和提示信息。可以用VC++或BC++等资源编辑工具自行修改key1.res资源文件,但请不要修改它们对应的ID号。
</p>
<p> <a href="Exercise/chap9-3-2.zip">点击此下载</a>例子程序,主要用来举例说明这个程序的使用(我先假设自己并不太懂Win32汇编)。</p>
<p> 通过动态调试或反汇编例子程序可以得到以下注册码的计算过程: </p>
<p>xxxx:00401077 CALL GetCommandLineA <br>
xxxx:0040107C CMP BYTE PTR [EAX],22 <br>
xxxx:0040107F JNZ 401082 <br>
xxxx:00401081 INC EAX <br>
xxxx:00401082 MOV CX,WORD PTR [EAX] <br>
xxxx:00401085 MOV WORD PTR [0040306C],CX <br>
xxxx:0040108C MOV WORD PTR [0040306E],5C <br>
xxxx:00401095 PUSH 0 <br>
xxxx:00401097 PUSH 0 <br>
xxxx:00401099 PUSH 0 <br>
xxxx:0040109B PUSH 0 <br>
xxxx:0040109D PUSH DWORD 00403058 <br>
xxxx:004010A2 PUSH 0 <br>
xxxx:004010A4 PUSH 0 <br>
xxxx:004010A6 PUSH DWORD 0040306C <br>
xxxx:004010AB CALL GetVolumeInformationA <br>
………… ………… <br>
………… ………… <br>
xxxx:0040111E MOV EAX,1 <br>
xxxx:00401123 CPUID <br>
xxxx:00401125 MOV ECX,DWORD PTR [00403058] <br>
xxxx:0040112B XOR EDX,EDX <br>
xxxx:0040112D MUL ECX <br>
xxxx:0040112F ADD EAX,EDX <br>
xxxx:00401131 PUSH EAX <br>
xxxx:00401132 PUSH DWORD 0040303E ; 在这里下D 40303E可以看到数据窗口中显示为“%1X”<br>
xxxx:00401137 PUSH DWORD 0040305C <br>
xxxx:0040113C CALL wsprintfA</p>
<p> 对于以上的指令并不需要过多的了解它在干什么,只要将其中的每个地址改成一个变量地址的声明,然后再原封不动的抄到注册机编写器的代码窗口中即可。 </p>
<p> 这是写好的声明:</p>
<table width="80%" border="0" cellspacing="0" cellpadding="0" height="38" align="center">
<tr>
<td width="200" align="left" valign="top">a1 dd 0</td>
<td width="500">; 这是一个双字的内存空间,对应于上面的403058。<br>
;(因为40109D处的指令是DWORD 403058,所以用dd,如果是WORD就用dw,如果是BYTE就用db)</td>
</tr>
<tr>
<td width="200">a2 dd 0</td>
<td width="500">; 对应于上面的40306C</td>
</tr>
<tr>
<td width="200">a3 db "%1X",0</td>
<td width="500">; 对应于上面的40303E指向的字符串</td>
</tr>
<tr>
<td width="200" height="14">
<p>a4 db 20 dup (0)</p>
</td>
<td width="500" height="14">; 这是20个字节的内存空间,用来存放输出的注册码,对应于上面的40305C</td>
</tr>
</table>
<p align="left"> 输入如图所示:</p>
<p align="center"><img src="Image/5.GIF" width="520" height="400" align="middle"></p>
<p> 这是写好的程序代码:</p>
<table width="87%" border="0" cellspacing="0" cellpadding="0" height="38" align="center">
<tr>
<td width="270" align="left" valign="top">CALL GetCommandLineA CMP BYTE
PTR [EAX],22h</td>
<td width="341" valign="bottom" align="left">; 后面加h表示是十六进制</td>
</tr>
<tr>
<td width="270" align="left" valign="top">JNZ n1</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">INC EAX</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">n1:</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">MOV CX,WORD PTR [EAX]</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">MOV WORD PTR a2,CX</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">MOV WORD PTR a2+2,5Ch</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">LEA EAX,a1</td>
<td width="341" valign="bottom" align="left">; 令EAX指向a1</td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH EAX</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">PUSH 0</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" align="left" valign="top">LEA EAX,a2</td>
<td width="341" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" valign="top" align="left">PUSH EAX</td>
<td width="341" valign="bottom" align="left">; 令EAX指向a2</td>
</tr>
<tr>
<td width="270" valign="top" align="left">CALL GetVolumeInformationA</td>
<td width="341" valign="bottom" align="left">; 当然这几条语句也可以直接写成<br>
invoke GetVolumeInformationA,addr a2,0,0,addr a1,0,0,0,0<br>
的形式</td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">MOV EAX,1</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">CPUID</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">MOV ECX,a1</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">XOR EDX,EDX</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">MUL ECX</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
</tr>
<tr>
<td width="270" height="14" valign="top" align="left">ADD EAX,EDX</td>
<td width="341" height="14" valign="bottom" align="left"> </td>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -