下载页面: http://www.skycn.com/soft/11528.html
软件大小: 108 KB
软件语言: 简体中文
软件类别: 国产软件 / 共享版 / 文件分割
应用平台: Win9x/NT/2000/XP
加入时间: 2003-03-29 07:08:09
下载次数: 151
推荐等级: ***
开 发 商: http://www.websamba.com/morequick
【软件简介】: QuickSplit 可以帮助你切割大文件,并且也可以帮你把切割好的文件组合好.你想组合割好的文件时,只要运行自动生成的批处理文件就可以了。
【软件限制】:注册后提供更好的服务。
【作者声明】:初学Crack,只是感兴趣,没有其它目的。失误之处敬请诸位大侠赐教!
【破解工具】:TRW2000娃娃修改版、Ollydbg1.09、FI2.5、W32Dasm 10修改版
—————————————————————————————————
【过 程】:
QuickSplit.exe 无壳,VC++6.0编写。
机器码:23935472
试炼码:13572468
—————————————————————————————————
:00401DA0 6AFF push FFFFFFFF
:00401DA2 6818544200 push 00425418
:00401DA7 64A100000000 mov eax, dword ptr fs:[00000000]
:00401DAD 50 push eax
:00401DAE 64892500000000 mov dword ptr fs:[00000000], esp
:00401DB5 83EC0C sub esp, 0000000C
:00401DB8 A138124300 mov eax, dword ptr [00431238]
:00401DBD 55 push ebp
:00401DBE 56 push esi
:00401DBF 57 push edi
:00401DC0 8BF1 mov esi, ecx
:00401DC2 89442414 mov dword ptr [esp+14], eax
:00401DC6 C744242000000000 mov [esp+20], 00000000
:00401DCE 8944240C mov dword ptr [esp+0C], eax
:00401DD2 8D442414 lea eax, dword ptr [esp+14]
:00401DD6 8D8E98000000 lea ecx, dword ptr [esi+00000098]
:00401DDC 50 push eax
:00401DDD C644242401 mov [esp+24], 01
:00401DE2 E861A50100 call 0041C348
:00401DE7 8D4C240C lea ecx, dword ptr [esp+0C]
:00401DEB 51 push ecx
:00401DEC 8D4E5C lea ecx, dword ptr [esi+5C]
:00401DEF E854A50100 call 0041C348
:00401DF4 8B54240C mov edx, dword ptr [esp+0C]
====>EDX=13572468 试炼码
:00401DF8 837AF801 cmp dword ptr [edx-08], 00000001
====>至少要填2位注册码
S
:00401DFC 0F8EB2000000 jle 00401EB4
====>跳则OVER!
:00401E02 8B442414 mov eax, dword ptr [esp+14]
====>EAX=23935472 机器码
:00401E06 50 push eax
:00401E07 E89B980000 call 0040B6A7
====>把23935472转换成16进制值=16D39F0 入EAX
:00401E0C 8B4C2410 mov ecx, dword ptr [esp+10]
====>ECX=13572468
:00401E10 8BF8 mov edi, eax
====>EDI=EAX=16D39F0
:00401E12 51 push ecx
:00401E13 E88F980000 call 0040B6A7
====>把13572468转换成16进制值=00CF1974 入EAX
:00401E18 83C408 add esp, 00000008
:00401E1B 8BCE mov ecx, esi
:00401E1D 8BE8 mov ebp, eax
====>EBP=EAX=00CF1974
:00401E1F 57 push edi
:00401E20 E8EB020000 call 00402110
====>算法CALL!进入!
:00401E25 3BC5 cmp eax, ebp
====>比较注册码!
====>EAX=0306A515(H)=50767125(D)
====>EBP=00CF1974(H)=13572468(D)
:00401E27 0F8587000000 jne 00401EB4
====>不跳则OVER!
:00401E2D 6803040000 push 00000403
:00401E32 8BCE mov ecx, esi
:00401E34 E85CC10100 call 0041DF95
:00401E39 8BF8 mov edi, eax
:00401E3B 6A00 push 00000000
:00401E3D 8BCF mov ecx, edi
:00401E3F E853C30100 call 0041E197
:00401E44 8B1538124300 mov edx, dword ptr [00431238]
:00401E4A 89542410 mov dword ptr [esp+10], edx
* Possible Reference to String Resource ID=00014: "鑼�?
|
:00401E4E 6A0E push 0000000E
:00401E50 8D4C2414 lea ecx, dword ptr [esp+14]
:00401E54 C644242402 mov [esp+24], 02
:00401E59 E854C40100 call 0041E2B2
:00401E5E 8B442410 mov eax, dword ptr [esp+10]
:00401E62 8BCF mov ecx, edi
:00401E64 50 push eax
:00401E65 E8EAC10100 call 0041E054
:00401E6A 6802040000 push 00000402
:00401E6F 8BCE mov ecx, esi
:00401E71 E81FC10100 call 0041DF95
:00401E76 6A00 push 00000000
:00401E78 8BC8 mov ecx, eax
:00401E7A E818C30100 call 0041E197
:00401E7F E89E050200 call 00422422
:00401E84 8B4004 mov eax, dword ptr [eax+04]
:00401E87 55 push ebp
* Possible StringData Ref from Data Obj ->"RKey"
|
:00401E88 680C114300 push 0043110C
* Possible StringData Ref from Data Obj ->"Settings"
|
:00401E8D 6800114300 push 00431100
:00401E92 8BC8 mov ecx, eax
:00401E94 E807ED0100 call 00420BA0
:00401E99 6AFF push FFFFFFFF
:00401E9B 6A00 push 00000000
* Possible Reference to String Resource ID=00012: "�"`勮?�戾��:`袥魙??"
|
:00401E9D 6A0C push 0000000C
:00401E9F E8E2EA0100 call 00420986
====>呵呵,胜利女神!
:00401EA4 8D4C2410 lea ecx, dword ptr [esp+10]
:00401EA8 C644242001 mov [esp+20], 01
:00401EAD E8AF790100 call 00419861
:00401EB2 EB0B jmp 00401EBF
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00401DFC(C), :00401E27(C)
|
:00401EB4 6AFF push FFFFFFFF
:00401EB6 6A00 push 00000000
* Possible Reference to String Resource ID=00013: "鑼��?"
|
:00401EB8 6A0D push 0000000D
:00401EBA E8C7EA0100 call 00420986
====>BAD BOY!
—————————————————————————————————
进入算法CALL:401E20 call 00402110
* Referenced by a CALL at Addresses:
|:00401E20 , :0040207F
|
:00402110 8B442404 mov eax, dword ptr [esp+04]
====>EAX=[esp+04]=16D39F0
:00402114 35E548B401 xor eax, 01B448E5
====>EAX=16D39F0 XOR 01B448E5=00D97115
:00402119 0500342D02 add eax, 022D3400
====>EAX=00D97115 + 022D3400=0306A515
呵呵,把0306A515(H)转换成10进制值50767125(D)就是注册码了!
:0040211E 7905 jns 00402125
:00402120 99 cdq
:00402121 33C2 xor eax, edx
:00402123 2BC2 sub eax, edx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040211E(C)
|
:00402125 C20400 ret 0004
—————————————————————————————————
【算 法 总 结】:
机器码的16进制值异或01B448E5后再加上022D3400的结果的十进制值就是注册码了。
—————————————————————————————————
【C++ KeyGen】:
呵呵,刚看了几天的C++,偶然碰到了这个超级简单的算法。
呵呵,就用我这“超级蹩脚”的C++做 fly 的第二个算法注册机吧!诸位老师见笑了!
#include
#include
void main()
{
int m;
cout<<"\n★★★★QuickSplit V1.0.3212 KeyGen{3th}★★★★\n\n\n\n";
cout<<"请输入机器码:";
cin >>m;
m^=0X01B448E5;
m+=0X022D3400;
cout<<"\n呵呵,注册码:"<cout<<"\n\n\nCracked By 巢水工作坊——fly【OCN】 2003-4-4 18:44 编译";
cout<<"\n\n\n * * * 按回车退出!* * *";cin.get();cin.get();
}
—————————————————————————————————
【KeyMake之内存注册机】:
中断地址:401E25
中断次数:1
第一字节:3B
指令长度:2
寄存器方式:EAX
十进制
试炼码必须超过1位!
—————————————————————————————————
【注册信息保存】:
同文件夹下的QuickSplit.ini文件中:
[Setting]
DestSize=1.400000
SizeType=2
CreateBatFile=1
[Settings]
RKey=50767125
—————————————————————————————————
【整 理】:
机器码:23935472
注册码:50767125
—————————————————————————————————
Cracked By 巢水工作坊——fly【OCN】
2003-4-4 18:44
去除winrar注册框方法
比特币病毒怎么破解 比
查看所有0条评论>>