1. 加密狗破解网首页
  2. 新闻资讯

4U WMA MP3 Converter 6.0.2算法分析

新闻资讯 2

0049488C /$ 55 PUSH EBP
0049488D |. 8BEC MOV EBP,ESP
0049488F |. 6A 00 PUSH 0
00494891 |. 6A 00 PUSH 0
00494893 |. 6A 00 PUSH 0
00494895 |. 6A 00 PUSH 0
00494897 |. 6A 00 PUSH 0
00494899 |. 53 PUSH EBX
0049489A |. 56 PUSH ESI
0049489B |. 894D F8 MOV DWORD PTR SS:[EBP-8],ECX
0049489E |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX
004948A1 |. 8BF0 MOV ESI,EAX
004948A3 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004948A6 |. E8 D502F7FF CALL WMAMP3Co.00404B80
004948AB |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004948AE |. E8 CD02F7FF CALL WMAMP3Co.00404B80
004948B3 |. 33C0 XOR EAX,EAX
004948B5 |. 55 PUSH EBP
004948B6 |. 68 83494900 PUSH WMAMP3Co.00494983
004948BB |. 64:FF30 PUSH DWORD PTR FS:[EAX]
004948BE |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
004948C1 |. 33DB XOR EBX,EBX
004948C3 |. 33D2 XOR EDX,EDX
004948C5 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004948C8 |. E8 0704F7FF CALL WMAMP3Co.00404CD4
004948CD |. 85C0 TEST EAX,EAX
004948CF |. 7E 0B JLE SHORT WMAMP3Co.004948DC
004948D1 |. 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
004948D4 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004948D7 |. E8 9CFEF6FF CALL WMAMP3Co.00404778
004948DC |> 8D4D F4 LEA ECX,DWORD PTR SS:[EBP-C]
004948DF |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004948E2 |. 8BC6 MOV EAX,ESI
004948E4 |. E8 2F010000 CALL WMAMP3Co.00494A18 ; 算法call,F7
004948E9 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
004948EC |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004948EF |. E8 B041F7FF CALL WMAMP3Co.00408AA4
004948F4 |. 85C0 TEST EAX,EAX ; 比较EAX
004948F6 |. 75 41 JNZ SHORT WMAMP3Co.00494939 ; 关键跳
004948F8 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004948FB |. 8BC6 MOV EAX,ESI
004948FD |. E8 DAF3FFFF CALL WMAMP3Co.00493CDC
00494902 |. 84C0 TEST AL,AL
00494904 |. 74 62 JE SHORT WMAMP3Co.00494968
00494906 |. B3 01 MOV BL,1
00494908 |. 6A 40 PUSH 40
0049490A |. 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
0049490D |. A1 ECEF4B00 MOV EAX,DWORD PTR DS:[4BEFEC]
00494912 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00494914 |. E8 DF28FDFF CALL WMAMP3Co.004671F8
00494919 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
0049491C |. E8 6F02F7FF CALL WMAMP3Co.00404B90
00494921 |. 50 PUSH EAX ; |Title
00494922 |. 68 94494900 PUSH WMAMP3Co.00494994 ; |registered successfully, thanks for your registration.
00494927 |. A1 ECEF4B00 MOV EAX,DWORD PTR DS:[4BEFEC] ; |
0049492C |. 8B00 MOV EAX,DWORD PTR DS:[EAX] ; |
0049492E |. 8B40 30 MOV EAX,DWORD PTR DS:[EAX+30] ; |
00494931 |. 50 PUSH EAX ; |hOwner
00494932 |. E8 212DF7FF CALL ; \MessageBoxA
00494937 |. EB 2F JMP SHORT WMAMP3Co.00494968
00494939 |> 6A 10 PUSH 10
0049493B |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
0049493E |. A1 ECEF4B00 MOV EAX,DWORD PTR DS:[4BEFEC]
00494943 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00494945 |. E8 AE28FDFF CALL WMAMP3Co.004671F8
0049494A |. 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
0049494D |. E8 3E02F7FF CALL WMAMP3Co.00404B90
00494952 |. 50 PUSH EAX ; |Title
00494953 |. 68 CC494900 PUSH WMAMP3Co.004949CC ; |invalid registration code! \r\nplease enter an available registration code.
00494958 |. A1 ECEF4B00 MOV EAX,DWORD PTR DS:[4BEFEC] ; |
0049495D |. 8B00 MOV EAX,DWORD PTR DS:[EAX] ; |
0049495F |. 8B40 30 MOV EAX,DWORD PTR DS:[EAX+30] ; |
00494962 |. 50 PUSH EAX ; |hOwner
00494963 |. E8 F02CF7FF CALL ; \MessageBoxA
00494968 |> 33C0 XOR EAX,EAX
0049496A |. 5A POP EDX
0049496B |. 59 POP ECX
0049496C |. 59 POP ECX
0049496D |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
00494970 |. 68 8A494900 PUSH WMAMP3Co.0049498A
00494975 |> 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00494978 |. BA 05000000 MOV EDX,5
0049497D |. E8 82FDF6FF CALL WMAMP3Co.00404704
00494982 . C3 RETN

00494A18 /$ 55 PUSH EBP
00494A19 |. 8BEC MOV EBP,ESP
00494A1B |. 6A 00 PUSH 0
00494A1D |. 6A 00 PUSH 0
00494A1F |. 6A 00 PUSH 0
00494A21 |. 6A 00 PUSH 0
00494A23 |. 6A 00 PUSH 0
00494A25 |. 6A 00 PUSH 0
00494A27 |. 6A 00 PUSH 0
00494A29 |. 6A 00 PUSH 0
00494A2B |. 53 PUSH EBX
00494A2C |. 56 PUSH ESI
00494A2D |. 57 PUSH EDI
00494A2E |. 8BD9 MOV EBX,ECX
00494A30 |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX ; EDX=用户名
00494A33 |. 8BF8 MOV EDI,EAX
00494A35 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00494A38 |. E8 4301F7FF CALL WMAMP3Co.00404B80
00494A3D |. 33C0 XOR EAX,EAX ; EAX=0
00494A3F |. 55 PUSH EBP
00494A40 |. 68 734B4900 PUSH WMAMP3Co.00494B73
00494A45 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
00494A48 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
00494A4B |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00494A4E |. BA 8C4B4900 MOV EDX,WMAMP3Co.00494B8C ; 固定字符串“Lb)a6Fcw9K9”
00494A53 |. E8 48FFF6FF CALL WMAMP3Co.004049A0 ; 将用户名与固定字符串连接起来=xiaoziLb)a6Fcw9K9
00494A58 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; EAX=xiaoziLb)a6Fcw9K9
00494A5B |. E8 38FFF6FF CALL WMAMP3Co.00404998
00494A60 |. 8BF0 MOV ESI,EAX ; ESI=EAX=固定字符串的位数
00494A62 |. D1FE SAR ESI,1 ; 右移一位
00494A64 |. 79 03 JNS SHORT WMAMP3Co.00494A69
00494A66 |. 83D6 00 ADC ESI,0
00494A69 |> 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00494A6C |. 50 PUSH EAX
00494A6D |. 8BCE MOV ECX,ESI ; ECX=ESI=8
00494A6F |. BA 01000000 MOV EDX,1 ; EDX=1
00494A74 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; EAX=xiaoziLb)a6Fcw9K9
00494A77 |. E8 7401F7FF CALL WMAMP3Co.00404BF0
00494A7C |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10] ; 取前8位
00494A7F |. 50 PUSH EAX
00494A80 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00494A83 |. 50 PUSH EAX
00494A84 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00494A87 |. E8 0CFFF6FF CALL WMAMP3Co.00404998
00494A8C |. 8BC8 MOV ECX,EAX ; EAX=ECX=11
00494A8E |. 8D56 01 LEA EDX,DWORD PTR DS:[ESI+1]
00494A91 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00494A94 |. E8 5701F7FF CALL WMAMP3Co.00404BF0
00494A99 |. 8B55 EC MOV EDX,DWORD PTR SS:[EBP-14] ; EDX=后9位
00494A9C |. 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00494A9F |. 59 POP ECX
00494AA0 |. E8 3FFFF6FF CALL WMAMP3Co.004049E4 ; EAX=字符串A的长度
00494AA5 |. 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00494AA8 |. 50 PUSH EAX
00494AA9 |. B9 0A000000 MOV ECX,0A
00494AAE |. BA 01000000 MOV EDX,1
00494AB3 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; EAX=)a6Fcw9K9xiaoziLb
00494AB6 |. E8 3501F7FF CALL WMAMP3Co.00404BF0
00494ABB |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
00494ABE |. 50 PUSH EAX
00494ABF |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00494AC2 |. E8 D1FEF6FF CALL WMAMP3Co.00404998
00494AC7 |. 8BC8 MOV ECX,EAX
00494AC9 |. BA 06000000 MOV EDX,6 ; EDX=6这里要注意下,下面要取字符串的
00494ACE |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00494AD1 |. E8 1A01F7FF CALL WMAMP3Co.00404BF0 ; 从第六位开始取字符串
00494AD6 |. 837D F4 00 CMP DWORD PTR SS:[EBP-C],0
00494ADA |. 75 10 JNZ SHORT WMAMP3Co.00494AEC
00494ADC |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
00494ADF |. BA 8C4B4900 MOV EDX,WMAMP3Co.00494B8C ; ASCII “Lb)a6Fcw9K9”
00494AE4 |. 8B4D F8 MOV ECX,DWORD PTR SS:[EBP-8]
00494AE7 |. E8 F8FEF6FF CALL WMAMP3Co.004049E4
00494AEC |> 53 PUSH EBX
00494AED |. 8B4D F4 MOV ECX,DWORD PTR SS:[EBP-C] ; c=ECX=w9K9xiaoziLb
00494AF0 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8] ; b=EDX=)a6Fcw9K9x
00494AF3 |. 8BC7 MOV EAX,EDI
00494AF5 |. E8 92F0FFFF CALL WMAMP3Co.00493B8C ; 关键call
00494AFA |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
00494AFD |. 50 PUSH EAX
00494AFE |. 8B03 MOV EAX,DWORD PTR DS:[EBX]
00494B00 |. B9 05000000 MOV ECX,5
00494B05 |. BA 01000000 MOV EDX,1
00494B0A |. E8 E100F7FF CALL WMAMP3Co.00404BF0
00494B0F |. FF75 E8 PUSH DWORD PTR SS:[EBP-18]
00494B12 |. 68 A04B4900 PUSH WMAMP3Co.00494BA0
00494B17 |. 8D45 E4 LEA EAX,DWORD PTR SS:[EBP-1C]
00494B1A |. 50 PUSH EAX
00494B1B |. 8B03 MOV EAX,DWORD PTR DS:[EBX]
00494B1D |. B9 05000000 MOV ECX,5
00494B22 |. BA 06000000 MOV EDX,6
00494B27 |. E8 C400F7FF CALL WMAMP3Co.00404BF0
00494B2C |. FF75 E4 PUSH DWORD PTR SS:[EBP-1C]
00494B2F |. 68 A04B4900 PUSH WMAMP3Co.00494BA0
00494B34 |. 8D45 E0 LEA EAX,DWORD PTR SS:[EBP-20]
00494B37 |. 50 PUSH EAX
00494B38 |. 8B03 MOV EAX,DWORD PTR DS:[EBX]
00494B3A |. B9 05000000 MOV ECX,5
00494B3F |. BA 0B000000 MOV EDX,0B
00494B44 |. E8 A700F7FF CALL WMAMP3Co.00404BF0
00494B49 |. FF75 E0 PUSH DWORD PTR SS:[EBP-20]
00494B4C |. 8BC3 MOV EAX,EBX
00494B4E |. BA 05000000 MOV EDX,5
00494B53 |. E8 00FFF6FF CALL WMAMP3Co.00404A58
00494B58 |. 33C0 XOR EAX,EAX
00494B5A |. 5A POP EDX
00494B5B |. 59 POP ECX
00494B5C |. 59 POP ECX
00494B5D |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
00494B60 |. 68 7A4B4900 PUSH WMAMP3Co.00494B7A
00494B65 |> 8D45 E0 LEA EAX,DWORD PTR SS:[EBP-20]
00494B68 |. BA 08000000 MOV EDX,8
00494B6D |. E8 92FBF6FF CALL WMAMP3Co.00404704
00494B72 . C3 RETN
00494B73 .^ E9 ECF4F6FF JMP WMAMP3Co.00404064
00494B78 .^ EB EB JMP SHORT WMAMP3Co.00494B65
00494B7A . 5F POP EDI
00494B7B . 5E POP ESI
00494B7C . 5B POP EBX
00494B7D . 8BE5 MOV ESP,EBP
00494B7F . 5D POP EBP
00494B80 . C3 RETN

00493B8C /$ 55 PUSH EBP
00493B8D |. 8BEC MOV EBP,ESP
00493B8F |. 83C4 E0 ADD ESP,-20
00493B92 |. 53 PUSH EBX
00493B93 |. 56 PUSH ESI
00493B94 |. 57 PUSH EDI
00493B95 |. 33DB XOR EBX,EBX
00493B97 |. 895D E0 MOV DWORD PTR SS:[EBP-20],EBX
00493B9A |. 895D F0 MOV DWORD PTR SS:[EBP-10],EBX
00493B9D |. 894D F8 MOV DWORD PTR SS:[EBP-8],ECX
00493BA0 |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX
00493BA3 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00493BA6 |. E8 D50FF7FF CALL WMAMP3Co.00404B80
00493BAB |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00493BAE |. E8 CD0FF7FF CALL WMAMP3Co.00404B80
00493BB3 |. 33C0 XOR EAX,EAX
00493BB5 |. 55 PUSH EBP
00493BB6 |. 68 A83C4900 PUSH WMAMP3Co.00493CA8
00493BBB |. 64:FF30 PUSH DWORD PTR FS:[EAX]
00493BBE |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
00493BC1 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00493BC4 |. E8 CF0DF7FF CALL WMAMP3Co.00404998
00493BC9 |. 8945 F4 MOV DWORD PTR SS:[EBP-C],EAX
00493BCC |. 837D F4 00 CMP DWORD PTR SS:[EBP-C],0
00493BD0 |. 75 0D JNZ SHORT WMAMP3Co.00493BDF
00493BD2 |. 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00493BD5 |. BA C03C4900 MOV EDX,WMAMP3Co.00493CC0 ; think space
00493BDA |. E8 990BF7FF CALL WMAMP3Co.00404778
00493BDF |> 33F6 XOR ESI,ESI
00493BE1 |. BB 00010000 MOV EBX,100
00493BE6 |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00493BE9 |. 50 PUSH EAX ; /Arg1
00493BEA |. C745 E4 00010>MOV DWORD PTR SS:[EBP-1C],100 ; |
00493BF1 |. C645 E8 00 MOV BYTE PTR SS:[EBP-18],0 ; |
00493BF5 |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C] ; |
00493BF8 |. 33C9 XOR ECX,ECX ; |
00493BFA |. B8 D43C4900 MOV EAX,WMAMP3Co.00493CD4 ; |%1.2x
00493BFF |. E8 0461F7FF CALL WMAMP3Co.00409D08 ; \WMAMP3Co.00409D08
00493C04 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
00493C07 |. E8 8C0DF7FF CALL WMAMP3Co.00404998
00493C0C |. 8BF8 MOV EDI,EAX
00493C0E |. 85FF TEST EDI,EDI
00493C10 |. 7E 60 JLE SHORT WMAMP3Co.00493C72
00493C12 |. C745 EC 01000>MOV DWORD PTR SS:[EBP-14],1
00493C19 |> 8B45 FC /MOV EAX,DWORD PTR SS:[EBP-4]
00493C1C |. 8B55 EC |MOV EDX,DWORD PTR SS:[EBP-14]
00493C1F |. 0FB64410 FF |MOVZX EAX,BYTE PTR DS:[EAX+EDX-1] ; EAX=取b的ASCII
00493C24 |. 03C3 |ADD EAX,EBX ; 累加值放到EAX
00493C26 |. B9 FF000000 |MOV ECX,0FF
00493C2B |. 99 |CDQ
00493C2C |. F7F9 |IDIV ECX ; 与$FF取余
00493C2E |. 8BDA |MOV EBX,EDX ; 放到EBX里
00493C30 |. 3B75 F4 |CMP ESI,DWORD PTR SS:[EBP-C]
00493C33 |. 7D 03 |JGE SHORT WMAMP3Co.00493C38
00493C35 |. 46 |INC ESI
00493C36 |. EB 05 |JMP SHORT WMAMP3Co.00493C3D
00493C38 |> BE 01000000 |MOV ESI,1
00493C3D |> 8B45 F8 |MOV EAX,DWORD PTR SS:[EBP-8]
00493C40 |. 0FB64430 FF |MOVZX EAX,BYTE PTR DS:[EAX+ESI-1] ; EAX=取c的ASCII
00493C45 |. 33D8 |XOR EBX,EAX ; EBX XOR EAX
00493C47 |. 8D45 E0 |LEA EAX,DWORD PTR SS:[EBP-20]
00493C4A |. 50 |PUSH EAX ; /Arg1
00493C4B |. 895D E4 |MOV DWORD PTR SS:[EBP-1C],EBX ; |
00493C4E |. C645 E8 00 |MOV BYTE PTR SS:[EBP-18],0 ; |
00493C52 |. 8D55 E4 |LEA EDX,DWORD PTR SS:[EBP-1C] ; |
00493C55 |. 33C9 |XOR ECX,ECX ; |
00493C57 |. B8 D43C4900 |MOV EAX,WMAMP3Co.00493CD4 ; |%1.2x
00493C5C |. E8 A760F7FF |CALL WMAMP3Co.00409D08 ; \WMAMP3Co.00409D08
00493C61 |. 8B55 E0 |MOV EDX,DWORD PTR SS:[EBP-20]
00493C64 |. 8D45 F0 |LEA EAX,DWORD PTR SS:[EBP-10]
00493C67 |. E8 340DF7FF |CALL WMAMP3Co.004049A0
00493C6C |. FF45 EC |INC DWORD PTR SS:[EBP-14]
00493C6F |. 4F |DEC EDI
00493C70 |.^ 75 A7 \JNZ SHORT WMAMP3Co.00493C19 ; 循环length(b)次
00493C72 |> 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
00493C75 |. 8B55 F0 MOV EDX,DWORD PTR SS:[EBP-10]
00493C78 |. E8 B70AF7FF CALL WMAMP3Co.00404734
00493C7D |. 33C0 XOR EAX,EAX
00493C7F |. 5A POP EDX
00493C80 |. 59 POP ECX
00493C81 |. 59 POP ECX
00493C82 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
00493C85 |. 68 AF3C4900 PUSH WMAMP3Co.00493CAF
00493C8A |> 8D45 E0 LEA EAX,DWORD PTR SS:[EBP-20]
00493C8D |. E8 4E0AF7FF CALL WMAMP3Co.004046E0
00493C92 |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00493C95 |. E8 460AF7FF CALL WMAMP3Co.004046E0
00493C9A |. 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00493C9D |. BA 02000000 MOV EDX,2
00493CA2 |. E8 5D0AF7FF CALL WMAMP3Co.00404704
00493CA7 . C3 RETN
00493CA8 .^ E9 B703F7FF JMP WMAMP3Co.00404064
00493CAD .^ EB DB JMP SHORT WMAMP3Co.00493C8A
00493CAF . 5F POP EDI
00493CB0 . 5E POP ESI
00493CB1 . 5B POP EBX
00493CB2 . 8BE5 MOV ESP,EBP
00493CB4 . 5D POP EBP
00493CB5 . C2 0400 RETN 4

【经验总结】
=算法=

1.用户名name + “Lb)a6Fcw9K9″=新字符串string
2.取string长度length(string)
取string的前sar(length(string))个字符,作为新的字符串a,另一部分为b
3.重新组成新的字符串sN = b + a
在sN中,从第六位开始取起,得到新的字符串c
4.取b的Ascii,与$FF取余,累加到d里;取c的Ascii,和d异或,放到e里,累加起来,取15位,中间用“-”连接

上一篇:

下一篇:

相关推荐

发表评论

您的电子邮箱地址不会被公开。

QQ点我咨询