📄 crack31.txt
字号:
00412792: 83BD5DB7400000 cmp dword ptr [ebp+0040B75D],00000000 <--413410
00412799: 7446 jz 004127E1
0041279B: E810010000 call 004128B0 <--输入Serial,Your Name并进行判断结果
004127A0: 6689857DB44000 mov word ptr [ebp+0040B47D],ax <--40B47D卷信息标志
004127A7: 50 push eax
004127A8: 663D0100 cmp ax,0001
004127AC: 7507 jnz 004127B5 <--不等,注册失败,跳转
004127AE: BBF5B84000 mov ebx,0040B8F5 <--4135A8,注册成功了
******************************************
Register Successfully
******************************************
004127B3: EB05 jmp 004127BA
004127B5: BB59B94000 mov ebx,0040B959
004127BA: 03DD add ebx,ebp <--41360C
**************************
Invalid Serial NO
**************************
004127BC: 66813B7C7C cmp word ptr [ebx],7C7C <--是否为没有内容显示的标志
004127C1: 7413 jz 004127D6 <--是,则跳转
004127C3: B8C0B94000 mov eax,0040B9C0
004127C8: 03C5 add eax,ebp <--413673 一个空格
004127CA: 6A30 push 00000030
004127CC: 50 push eax
004127CD: 53 push ebx
004127CE: 6A00 push 00000000
004127D0: FF9500BC4000 call dword ptr [ebp+0040BC00] <--MessageBoxA
004127D6: 58 pop eax
004127D7: 663D0100 cmp ax,0001
004127DB: 0F84E3FEFFFF jz 004126C4 <--注册成功,就回去继续工作
004127E1: C6855DBD400000 mov byte ptr [ebp+0040BD5D],00
004127E8: 8BC5 mov eax,ebp
004127EA: 5B pop ebx
004127EB: 59 pop ecx
004127EC: 5A pop edx
004127ED: 5E pop esi
004127EE: 5F pop edi
004127EF: 5D pop ebp
004127F0: 9D popfd
004127F1: E991110000 jmp 00413987 <--从这里跳走,怕是凶多吉少
*************************主程序结束****************************************************
-----------------------------------检查是否过期------------------------
004127F6: BEE1B94000 mov esi,0040B9E1
004127FB: 03F5 add esi,ebp <--413694
004127FD: 56 push esi
004127FE: FF959FBB4000 call dword ptr [ebp+0040BB9F] <--GetSystemTime
00412804: 668B8585B44000 mov ax,word ptr [ebp+0040B485] <--413138
0041280B: 668B9D81B44000 mov bx,word ptr [ebp+0040B481] <--413134
00412812: 663D0000 cmp ax,0000
00412816: 7430 jz 00412848
00412818: 663985E3B94000 cmp word ptr [ebp+0040B9E3],ax
0041281F: 7209 jb 0041282A
00412821: 66399DE1B94000 cmp word ptr [ebp+0040B9E1],bx
00412828: 7309 jnb 00412833
0041282A: 66399DE1B94000 cmp word ptr [ebp+0040B9E1],bx
00412831: 7606 jbe 00412839
00412833: 66B80000 mov ax,0000
00412837: EB0D jmp 00412846
00412839: 66C7857DB440000100 mov word ptr [ebp+0040B47D],0001 <--40B47D卷信息标志
00412842: 66B80100 mov ax,0001
00412846: EB04 jmp 0041284C
00412848: 66B80100 mov ax,0001
0041284C: C3 ret
--------------------------------------------------------------
------------------------对注册表查找创建注册信息----------------------------------------------
0041284D: 60 pushad
0041284E: 6683BD89B4400000 cmp word ptr [ebp+0040B489],0000 <--41313C 0x60
00412856: 750B jnz 00412863
00412858: 66C785FBAB40000100 mov word ptr [ebp+0040ABFB],0001 <--4128AE 过期标志
00412861: EB42 jmp 004128A5
00412863: E8CD030000 call 00412C35 <--找注册键
00412868: BE60B14000 mov esi,0040B160 <--ESI指向还原后的注册信息首地址
0041286D: 03F5 add esi,ebp
0041286F: 663D0100 cmp ax,0001
00412873: 7405 jz 0041287A <--找到则跳转
00412875: 66C7060000 mov word ptr [esi],0000
0041287A: 66833E00 cmp word ptr [esi],0000
0041287E: 7417 jz 00412897 <--没找到,或者错误则跳转
00412880: 66FF0E dec word ptr [esi]
00412883: 66C785FBAB40000100 mov word ptr [ebp+0040ABFB],0001 <--4128AE 过期标志
0041288C: 66C7857DB440000100 mov word ptr [ebp+0040B47D],0001 <--40B47D卷信息标志
00412895: EB09 jmp 004128A0
00412897: 66C785FBAB40000000 mov word ptr [ebp+0040ABFB],0000 <--4128AE 过期标志
004128A0: E84C040000 call 00412CF1 <--创建注册信息
004128A5: 61 popad
004128A6: 668B85FBAB4000 mov ax,word ptr [ebp+0040ABFB] <--4128AE 过期标志
004128AD: C3 ret
-----------------------------------------------------------------
----------------------------非代码区------------------------------
004128AE: 0000 add byte ptr [eax],al
-------------------------------------------------------------
---------------------------输入Serial并进行判断------------------------------------
004128B0: E8BB000000 call 00412970 <--根据卷信息来检测是否原版用户
004128B5: 8B85A8AD4000 mov eax,dword ptr [ebp+0040ADA8] lpTotalNumberOfBytes,
004128BB: BBB0AD4000 mov ebx,0040ADB0
004128C0: 03DD add ebx,ebp <--412A63 "%lX"
004128C2: B983B14000 mov ecx,0040B183
004128C7: 03CD add ecx,ebp
004128C9: 50 push eax
004128CA: 53 push ebx
**************
%lX
***************
004128CB: 51 push ecx
004128CC: FF9504BC4000 call dword ptr [ebp+0040BC04] <--wsprintfA
004128D2: 83C40C add esp,0000000C
004128D5: B865B14000 mov eax,0040B165 <--存放Your Name
004128DA: 03C5 add eax,ebp
004128DC: BB79B14000 mov ebx,0040B179 <--存放Serial No
004128E1: 03DD add ebx,ebp
004128E3: B983B14000 mov ecx,0040B183 <--转换后的序列号
004128E8: 03CD add ecx,ebp
004128EA: 51 push ecx
004128EB: 53 push ebx
004128EC: 50 push eax
004128ED: FF95BCBC4000 call dword ptr [ebp+0040BCBC] <--GetRegister
004128F3: E8F9030000 call 00412CF1 <--保存注册信息到注册表
004128F8: E873000000 call 00412970 <--根据卷信息来检测是否原版用户
004128FD: C3 ret
-------------------------------------------------------------------------
-----------------------------------------检测密码Password--------------------------
004128FE: 6683BD49B740007C cmp word ptr [ebp+0040B749],007C
00412906: 7505 jnz 0041290D
00412908: 66B80100 mov ax,0001
0041290C: C3 ret
0041290D: B89FAC4000 mov eax,0040AC9F
00412912: 03C5 add eax,ebp <--412952
00412914: 50 push eax
00412915: FF95B8BC4000 call dword ptr [ebp+0040BCB8] <--GetPassword
0041291B: BE49B74000 mov esi,0040B749
00412920: 03F5 add esi,ebp <--4133FC,保存的密码
00412922: BF9FAC4000 mov edi,0040AC9F <--412952
00412927: 03FD add edi,ebp
00412929: 668B8567B44000 mov ax,word ptr [ebp+0040B467]
00412930: 8A26 mov ah,byte ptr [esi]
00412932: 3A27 cmp ah,byte ptr [edi]
00412934: 7509 jnz 0041293F
00412936: 80FC00 cmp ah,00
00412939: 7409 jz 00412944
0041293B: 46 inc esi
0041293C: 47 inc edi
0041293D: EBF1 jmp 00412930
0041293F: 66B80000 mov ax,0000
00412943: C3 ret
00412944: 66C7857DB440000100 mov word ptr [ebp+0040B47D],0001 <--40B47D卷信息标志
0041294D: 66B80100 mov ax,0001
00412951: C3 ret
----------------------------------------------------------
----------------------------非代码区-----------------------------------
00412952: 0000 add byte ptr [eax],al
00412954: 0000 add byte ptr [eax],al
00412956: 0000 add byte ptr [eax],al
00412958: 0000 add byte ptr [eax],al
0041295A: 0000 add byte ptr [eax],al
0041295C: 0000 add byte ptr [eax],al
0041295E: 0000 add byte ptr [eax],al
00412960: 0000 add byte ptr [eax],al
00412962: 0000 add byte ptr [eax],al
00412964: 0000 add byte ptr [eax],al
00412966: 0000 add byte ptr [eax],al
00412968: 0000 add byte ptr [eax],al
0041296A: 0000 add byte ptr [eax],al
0041296C: 0000 add byte ptr [eax],al
0041296E: 0000 add byte ptr [eax],al
---------------------------------------------------------------
--------------------------根据卷信息保存到注册表----------------------
00412970: B810000000 mov eax,00000010
00412975: 50 push eax <--nFileSystemNameSize
00412976: B8B8AD4000 mov eax,0040ADB8
0041297B: 03C5 add eax,ebp
0041297D: 50 push eax <--lpFileSystemNameBuffer,
0041297E: B8C8AD4000 mov eax,0040ADC8
00412983: 03C5 add eax,ebp
00412985: 50 push eax <--lpFileSystemFlags,
00412986: B8CCAD4000 mov eax,0040ADCC
0041298B: 03C5 add eax,ebp
0041298D: 50 push eax <--lpMaximumComponentLength,
0041298E: B8D0AD4000 mov eax,0040ADD0
00412993: 03C5 add eax,ebp
00412995: 50 push eax <--lpVolumeSerialNumber,
00412996: B810000000 mov eax,00000010
0041299B: 50 push eax <--nVolumeNameSize,
0041299C: B8D4AD4000 mov eax,0040ADD4
004129A1: 03C5 add eax,ebp
004129A3: 50 push eax <--lpVolumeNameBuffer,
004129A4: B8B4AD4000 mov eax,0040ADB4
004129A9: 03C5 add eax,ebp <--412A67
004129AB: 50 push eax <--lpRootPathName, "C:\"
004129AC: FF95BFBB4000 call dword ptr [ebp+0040BBBF] <--GetVolumeInformationA
004129B2: B8A4AD4000 mov eax,0040ADA4
004129B7: 03C5 add eax,ebp
004129B9: BBA8AD4000 mov ebx,0040ADA8
004129BE: 03DD add ebx,ebp lpTotalNumberOfBytes,
004129C0: B9ACAD4000 mov ecx,0040ADAC
004129C5: 03CD add ecx,ebp
004129C7: C701633A5C00 mov dword ptr [ecx],005C3A63
004129CD: 50 push eax lpTotalNumberOfFreeBytes
004129CE: 53 push ebx lpTotalNumberOfBytes,
004129CF: 6A00 push 00000000 lpFreeBytesAvailableToCaller,
004129D1: 51 push ecx lpDirectoryName,"C:\"
004129D2: FF95B7BB4000 call dword ptr [ebp+0040BBB7] <--GetDiskFreeSpaceExA
004129D8: 8B85A8AD4000 mov eax,dword ptr [ebp+0040ADA8] lpTotalNumberOfBytes,
004129DE: F7D0 not eax
004129E0: 3385D0AD4000 xor eax,dword ptr [ebp+0040ADD0] lpVolumeSerialNumber,
004129E6: 8985A8AD4000 mov dword ptr [ebp+0040ADA8],eax lpTotalNumberOfBytes,
004129EC: E844020000 call 00412C35 <--查找注册表,提取数据
004129F1: B801000000 mov eax,00000001
004129F6: 33DB xor ebx,ebx
004129F8: BE65B14000 mov esi,0040B165
004129FD: 03F5 add esi,ebp <--412E18,存放Your Name
004129FF: 8A1E mov bl,byte ptr [esi]
00412A01: 80FB00 cmp bl,00
00412A04: 7405 jz 00412A0B
00412A06: F7E3 mul ebx
00412A08: 46 inc esi
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -