接上篇,(汗,太长了,结果不能显示了,只好分2篇):
索引的取值,从下面的函数中,很容易看出:
004A4CF4 /$ 55 push ebp
004A4CF5 |. 8BEC mov ebp,esp
004A4CF7 |. B9 12000000 mov ecx,12
004A4CFC |> 6A 00 /push 0
004A4CFE |. 6A 00 |push 0
004A4D00 |. 49 |dec ecx
004A4D01 |.^ 75 F9 \jnz short Video_Co.004A4CFC
004A4D03 |. 51 push ecx
004A4D04 |. 53 push ebx
004A4D05 |. 56 push esi
004A4D06 |. 8955 FC mov dword ptr ss:[ebp-4],edx
004A4D09 |. 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A4D0C |. E8 17FFF5FF call Video_Co.00404C28
004A4D11 |. 33C0 xor eax,eax
004A4D13 |. 55 push ebp
004A4D14 |. 68 69524A00 push Video_Co.004A5269
004A4D19 |. 64:FF30 push dword ptr fs:[eax]
004A4D1C |. 64:8920 mov dword ptr fs:[eax],esp
004A4D1F |. 8D55 F8 lea edx,dword ptr ss:[ebp-8]
004A4D22 |. 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A4D25 |. E8 923EF6FF call Video_Co.00408BBC
004A4D2A |. 8B55 F8 mov edx,dword ptr ss:[ebp-8]
004A4D2D |. B8 80524A00 mov eax,Video_Co.004A5280 ; ASCII "dvd to avi"
004A4D3B |. 74 0A je short Video_Co.004A4D47 ; 判断,主程序里含有"dvd to avi"
004A4D3D |. BE 0E000000 mov esi,0E ; 则返回0xE
004A4D55 |. B8 94524A00 mov eax,Video_Co.004A5294 ; ASCII "rm"
004A4D6F |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4D81 |. BE 02000000 mov esi,2
004A4D99 |. B8 B0524A00 mov eax,Video_Co.004A52B0 ; ASCII "mp4"
004A4DB3 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4DC5 |. BE 03000000 mov esi,3
004A4DDD |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4DF7 |. B8 BC524A00 mov eax,Video_Co.004A52BC ; ASCII "avi"
004A4E09 |. BE 04000000 mov esi,4
004A4E21 |. B8 C8524A00 mov eax,Video_Co.004A52C8 ; ASCII "gphone"
004A4E3B |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4E4D |. BE 05000000 mov esi,5
004A4E65 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4E7F |. B8 D8524A00 mov eax,Video_Co.004A52D8 ; ASCII "wmv"
004A4E91 |. BE 06000000 mov esi,6
004A4EA9 |. B8 E4524A00 mov eax,Video_Co.004A52E4 ; ASCII "flv"
004A4EC3 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4ED5 |. BE 07000000 mov esi,7
004A4EED |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4F07 |. B8 F0524A00 mov eax,Video_Co.004A52F0 ; ASCII "ipod"
004A4F19 |. BE 08000000 mov esi,8
004A4F31 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4F4B |. B8 00534A00 mov eax,Video_Co.004A5300 ; ASCII "iphone"
004A4F5D |. BE 09000000 mov esi,9
004A4F75 |. B8 10534A00 mov eax,Video_Co.004A5310 ; ASCII "mpeg"
004A4F8F |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4FA1 |. BE 0A000000 mov esi,0A
004A4FB9 |. B8 20534A00 mov eax,Video_Co.004A5320 ; ASCII "psp"
004A4FD3 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A4FE5 |. BE 0B000000 mov esi,0B
004A4FFD |. B8 2C534A00 mov eax,Video_Co.004A532C ; ASCII "mkv"
004A5017 |. B8 A0524A00 mov eax,Video_Co.004A52A0 ; ASCII "video"
004A5029 |. BE 0C000000 mov esi,0C
004A5041 |. B8 38534A00 mov eax,Video_Co.004A5338 ; ASCII "dvd ripper"
004A5051 |. BE 0D000000 mov esi,0D
004A5069 |. B8 4C534A00 mov eax,Video_Co.004A534C ; ASCII "dvd to iphone"
004A5079 |. BE 0F000000 mov esi,0F
004A5091 |. B8 64534A00 mov eax,Video_Co.004A5364 ; ASCII "dvd to flv"
004A50A1 |. BE 10000000 mov esi,10
004A50B9 |. B8 78534A00 mov eax,Video_Co.004A5378 ; ASCII "dvd to 3gp"
004A50C9 |. BE 11000000 mov esi,11
004A50E1 |. B8 8C534A00 mov eax,Video_Co.004A538C ; ASCII "dvd to wmv"
004A50F1 |. BE 12000000 mov esi,12
004A5109 |. B8 A0534A00 mov eax,Video_Co.004A53A0 ; ASCII "dvd to mp3"
004A5119 |. BE 13000000 mov esi,13
004A5131 |. B8 B4534A00 mov eax,Video_Co.004A53B4 ; ASCII "dvd to mpeg"
004A5141 |. BE 14000000 mov esi,14
004A5159 |. B8 C8534A00 mov eax,Video_Co.004A53C8 ; ASCII "dvd to mp4"
004A5169 |. BE 15000000 mov esi,15
004A5187 |. B8 DC534A00 mov eax,Video_Co.004A53DC ; ASCII "dvd to psp"
004A5197 |. BE 16000000 mov esi,16
004A51B5 |. B8 F0534A00 mov eax,Video_Co.004A53F0 ; ASCII "dvd to zune"
004A51C5 |. BE 17000000 mov esi,17
004A51E0 |. B8 04544A00 mov eax,Video_Co.004A5404 ; ASCII "dvd to ipod"
004A51F0 |. BE 18000000 mov esi,18
004A520B |. B8 18544A00 mov eax,Video_Co.004A5418 ; ASCII "dvd to mkv"
004A521B |. BE 19000000 mov esi,19
004A5236 |. B8 2C544A00 mov eax,Video_Co.004A542C ; ASCII "video converter"
004A5246 |. BE 01000000 mov esi,1
004A5270 . 8BC6 mov eax,esi
004A5272 . 5E pop esi
004A5273 . 5B pop ebx
004A5274 . 8BE5 mov esp,ebp
004A5276 . 5D pop ebp
004A5277 . C3 retn
注册机制比较简单,分析就到结束了,下面是我写的一个简单的注册机实现:
[codes=cpp]
#include
#include
using namespace std;
int main(){
char strName[]=”VS88T6-Vs86″;
int nNameLen=strlen(strName);
int nSumName=0;
for(int i=0;i<=nNameLen;i++)
nSumName+=strName[i];
//提取的数组
int nNum[]={
0x000DB0D2,0x000549AF,0x000F0188,0x000D6CCF,0x000EDDF4,0x0003BF80,
0x000715C6,0x000DA20D,0x000548D4,0x000548D4,0x000548D4,0x0006994F,
0x000544ED,0x000B7F7E,0x00040886,0x00069A21,0x0006C380,0x00058AEE,
0x000B8442,0x000D0D8A,0x00074129,0x00041A91,0x000A857C,0x0003987B,
0x000D349B,0x000DB0D6,0x000549B4,0x000F018E,0x000D6CD4,0x000EDDF8,
0x0003BF86,0x000715C8,0x000DA212,0x000548D8,0x000548D8,0x000548D8,
0x00069954,0x000544F0,0x000B7F82,0x00040888,0x00069A26,0x0006C384,
0x00058AF0,0x000B8446,0x000D0D8E,0x0007412E,0x00041A94,0x000A8582,
0x00039880,0x000D349E};
//cout<
1:\tvideo converter\t\t\t2:\trm和video\n\
3:\tmp4和video\t\t\t4:\tavi和video\n\
5:\tgphone和video\t\t\t6:\twma和video\n\
7:\tflv和video\t\t\t8:\tipod和video\n\
9:\tiphone和video\t\t\t10:\tmpeg和video\n\
11:\tpsp和video\t\t\t12:\tmkv和video\n\
13:\tdvd ripper\t\t\t14:\tdvd to avi\n\
15:\tdvd to iphone\t\t\t16:\tdvd to flv\n\
17:\tdvd to 3gp\t\t\t18:\tdvd to wmv\n\
19:\tdvd to mp3\t\t\t20:\tdvd to mpeg\n\
21:\tdvd to mp4\t\t\t22:\tdvd to psp\n\
23:\tdvd to zune\t\t\t24:\tdvd to ipod\n\
25:\tdvd to mkv\n\n”;
cout<<"请输入你的主程序对应序号:";
int index;
cin>>index;
cout<<"请再次判断主程序名中是否含有 eztoo ??(输入0表示有,输入1表示没有)\n";
int nEztoo;
cin>>nEztoo;
if(nEztoo)
index+=24;
int nRet=nNum[index]*nSumName;
nRet+=0x20;
nRet=nRet>>1;
cout<<"你的用户名是:"<
cout<<"-----------------------------\n 按任意健退出\n";
getchar();
return 0;
}