|erorr 004010D9 I. 68 4C604000 push 0040604C ; |name can not be empty. 004010DE I. 56 push esi ! |hOwner 004010DF I. FF15 A0504000 call dword ptr [<&USER32.MessageBoxA>>; \MessageBoxA 004010E5 I. 5F pop edi 004010E6 I. 5E pop esi 004010E7 I. 83C4 lC add esp, lC 004010EA I. C3 retn 004010EB I> 8D4C24 14 lea ecx, dword ptr [esp+14] 004010EF I. 6A 07 push 7 004010F1 |. 51 push ecx ;// 存放密码 004Q1QF2 L 68 F3Q30000 nush 3F3 004010F7 |. 56 push esi 004010F8 |. FFD7 call edi //edi 为 GetDlgItemTextA,获取 Serial 的内容 004010FA |. 85C0 test eax, eax //判断3打化1是否为空 004010FC |. 75 19 jnz short 00401117 ! 004010FE |. 6A 40 push 40 ', /Style = MB_OK|MB_ .ICONASTERISK|MB_APPLMODAL 00401100 |. 68 64604000 push 00406064 ; |erorr 00401105 |. 68 30604000 push 00406030 ', |serial can not be empty. 0040110A |. 56 push esi ', |hOwner 0040110B |. FF15 A0504000 call dword ptr [<&USER32.MessageBoxA>>; \MessageBoxA 00401111 |. 5F pop edi 00401112 |. 5E pop esi 00401113 |. 83C4 lC add esp, lC 00401116 |. C3 retn //以下是关键 00401117 |> 8D7C24 08 lea edi, dword ptr [esp+8] ) "保存Name地址 0040111B |. 83C9 FF or ecx, FFFFFFFF ', //清 ecx 为 FFFFFFFF 0040111E |. 33C0 xor eax, eax ) //清零eax 00401120 |. F2:AE repne scas byte ptr es:[edi] ', //Name中有无空字符 00401122 |. F7D1 not ecx ) //ecx取反 00401124 |. 49 dec ecx 00401125 |. 83F9 06 cmp ecx, 6 ) //Nmae>=6,如果小于6则失败 00401128 |. 75 23 jnz short 0040114D 0040112A |. 8D7C24 14 lea edi, dword ptr [esp+14] ', //处理 Serial 0040112E |. 83C9 FF or ecx, FFFFFFFF ) //ecx异或 00401131 |. F2:AE repne scas byte ptr es:[edi] 00401133 |. F7D1 not ecx 00401135 |. 49 dec ecx 00401136 |. 83FE 06 cmp ecx, 6 //Serial>=6如果小于6则失败 00401139 I. 75 12 jnz short 0040114D 0040113B I. 8D5424 14 lea edx, dword ptr [esp+14] ; //Serial 0040113F I. 8D4424 08 lea eax, dword ptr [esp+8] ; //Name 00401143 I. 52 push edx 00401144 I. 50 push eax 00401145 I. E8 46000000 call 00401190 j //^ Name, Serial 带入仏11进行对比处理, 是算法关键call 0040114A I. 83C4 08 add esp, 8 0040114D I> 5F pop edi 0040114E I. 5E pop esi 0040114F I. 83C4 lC add esp, lC 00401152 V C3 retn 以上是判断注册码的结构,比较清晰,我们要写出注册机来必须要搞清楚算法,跟进
0x00401190 ^b,进入看下: '^^^ ^^ |