帮忙看看这段汇编语句!!(200分)

zhengxionglai · 2002-09-27

刚进一个新公司(不是软件企业),我的上一任在他走的时候在他给公司做的软件中加了注册
功能,界面上有四个Edit,其中两个显示从电脑本机取得的系列号(系列号不清楚是取cpu,硬盘还是其他什么),另外两个用于填写根据某种算法由系列号推算出来的注册码.

问题:有了系列号怎样推算他的注册码?
下面是我用dede反汇编出来的"注册"按钮的操作, 请各位大哥帮忙, 这将严重的影响到试用期后的工资问题!!!

procedure TRegForm.BtnOKClick(Sender : TObject);
begin
(*
0059EABC 55 push ebp
0059EABD 8BEC mov ebp, esp
0059EABF 33C9 xor ecx, ecx
0059EAC1 51 push ecx
0059EAC2 51 push ecx
0059EAC3 51 push ecx
0059EAC4 51 push ecx
0059EAC5 53 push ebx
0059EAC6 56 push esi
0059EAC7 57 push edi
0059EAC8 8BD8 mov ebx, eax
0059EACA 33C0 xor eax, eax
0059EACC 55 push ebp

* Possible String Reference to: '閨Z?腚_^[嬪]?
|
0059EACD 68B7EB5900 push $0059EBB7

***** TRY
|
0059EAD2 64FF30 push dword ptr fs:[eax]
0059EAD5 648920 mov fs:[eax], esp
0059EAD8 33C0 xor eax, eax
0059EADA 55 push ebp
0059EADB 687CEB5900 push $0059EB7C

***** TRY
|
0059EAE0 64FF30 push dword ptr fs:[eax]
0059EAE3 648920 mov fs:[eax], esp
0059EAE6 8D55FC lea edx, [ebp-$04]

* Reference to control TRegForm.Reg1Edit : TEdit
|
0059EAE9 8B8318030000 mov eax, [ebx+$0318]

* Reference to: Controls.Proc_00453F30
|
0059EAEF E83C54EBFF call 00453F30
0059EAF4 8B45FC mov eax, [ebp-$04]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059EAF7 E8D0B1E6FF call 00409CCC
0059EAFC 8BF0 mov esi, eax
0059EAFE 8D55F8 lea edx, [ebp-$08]

* Reference to control TRegForm.Reg2Edit : TEdit
|
0059EB01 8B831C030000 mov eax, [ebx+$031C]

* Reference to: Controls.Proc_00453F30
|
0059EB07 E82454EBFF call 00453F30
0059EB0C 8B45F8 mov eax, [ebp-$08]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059EB0F E8B8B1E6FF call 00409CCC
0059EB14 8BF8 mov edi, eax
0059EB16 57 push edi
0059EB17 8D55F4 lea edx, [ebp-$0C]

* Reference to control TRegForm.Key2Edit : TEdit
|
0059EB1A 8B8314030000 mov eax, [ebx+$0314]

* Reference to: Controls.Proc_00453F30
|
0059EB20 E80B54EBFF call 00453F30
0059EB25 8B45F4 mov eax, [ebp-$0C]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059EB28 E89FB1E6FF call 00409CCC
0059EB2D 50 push eax
0059EB2E 8D55F0 lea edx, [ebp-$10]

* Reference to control TRegForm.Key1Edit : TEdit
|
0059EB31 8B8310030000 mov eax, [ebx+$0310]

* Reference to: Controls.Proc_00453F30
|
0059EB37 E8F453EBFF call 00453F30
0059EB3C 8B45F0 mov eax, [ebp-$10]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059EB3F E888B1E6FF call 00409CCC
0059EB44 8BCE mov ecx, esi
0059EB46 5A pop edx

* Reference to: DBTables.Proc_00526418
|
0059EB47 E8CC78F8FF call 00526418
0059EB4C 84C0 test al, al
0059EB4E 740C jz 0059EB5C

* Reference to field TRegForm.ModalResult : TModalResult
|
0059EB50 C7834C02000001000000 mov dword ptr [ebx+$024C], $00000001
0059EB5A EB16 jmp 0059EB72

* Possible String Reference to: '您的注册码不正确'
|
0059EB5C B9D0EB5900 mov ecx, $0059EBD0
0059EB61 B201 mov dl, $01

* Reference to class Exception
|
0059EB63 A1348A4000 mov eax, dword ptr [$00408A34]

* Reference to: Unit_00408A04.Proc_0040DDAC
|
0059EB68 E83FF2E6FF call 0040DDAC

* Reference to: System.Proc_00404734
|
0059EB6D E8C25BE6FF call 00404734
0059EB72 33C0 xor eax, eax
0059EB74 5A pop edx
0059EB75 59 pop ecx
0059EB76 59 pop ecx
0059EB77 648910 mov fs:[eax], edx
0059EB7A EB20 jmp 0059EB9C

****** EXCEPT
|
0059EB7C E90358E6FF jmp 00404384

* Possible String Reference to: '您的注册码不正确'
|
0059EB81 B9D0EB5900 mov ecx, $0059EBD0
0059EB86 B201 mov dl, $01

* Reference to class Exception
|
0059EB88 A1348A4000 mov eax, dword ptr [$00408A34]

* Reference to: Unit_00408A04.Proc_0040DDAC
|
0059EB8D E81AF2E6FF call 0040DDAC

* Reference to: System.Proc_00404734
|
0059EB92 E89D5BE6FF call 00404734

* Reference to: System.Proc_004047B0
|
0059EB97 E8145CE6FF call 004047B0

****** END
|
0059EB9C 33C0 xor eax, eax
0059EB9E 5A pop edx
0059EB9F 59 pop ecx
0059EBA0 59 pop ecx
0059EBA1 648910 mov fs:[eax], edx

****** FINALLY
|

* Possible String Reference to: '_^[嬪]?
|
0059EBA4 68BEEB5900 push $0059EBBE
0059EBA9 8D45F0 lea eax, [ebp-$10]
0059EBAC BA04000000 mov edx, $00000004

* Reference to: System.Proc_00404D98
|
0059EBB1 E8E261E6FF call 00404D98
0059EBB6 C3 ret

0059EBB7 E97C5AE6FF jmp 00404638
0059EBBC EBEB jmp 0059EBA9

****** END
|
0059EBBE 5F pop edi
0059EBBF 5E pop esi
0059EBC0 5B pop ebx
0059EBC1 8BE5 mov esp, ebp
0059EBC3 5D pop ebp
0059EBC4 C3 ret

*)
end;

qwei · 2002-09-27

zhengxionglai · 2002-09-27

怎样取得系列号不理了,关键怎样由系列好推算注册码.

在程序的某个地方发现有以下代码被{ }了,但发现用这种算法结果不对. 但也把它贴出来, 提供点思路:
function GetSerialNumber(const S: string):string;
var
i: int64;
begin
i := StrToInt64(S);
i := ( (i div 3) + (i div 4) + (i div 7) + (i div 11) );
Inc(i, 86665282);
Result := IntToStr(i);
if Length(Result) > 10 then
Result := Copy(Result,1,10);
end;}

lilofox · 2002-09-27

好象是用了一个数据表，是不是数据表中有一个种子数了。可能还有外面的一个单元调用了

喜玛拉雅 · 2002-09-27

为何要去反汇编，你们老板能到没有叫他留下口令什么，你们老板不是白痴吧
我想可能是一个软件的注册方式把，你想破了？因为验证的话不会
‘您的注册码不正确'

zhengxionglai · 2002-09-27

谁知道里面的恩恩怨怨,只愿自己能找到破解的方法, 但又实在不是很想花时间在汇编上了,

各位有经验的dfw请援手

zhengxionglai · 2002-09-28

下面是程序初始化时的asm代码, 看看能不能找出判断程序有没有注册的方法.

{
0059F1FC 55 push ebp
0059F1FD 8BEC mov ebp, esp
0059F1FF B910000000 mov ecx, $00000010
0059F204 6A00 push $00
0059F206 6A00 push $00
0059F208 49 dec ecx
0059F209 75F9 jnz 0059F204
0059F20B 53 push ebx
0059F20C 56 push esi
0059F20D 57 push edi
0059F20E B88CEC5900 mov eax, $0059EC8C

* Reference to: SysInit.Proc_0040745C
|
0059F213 E84482E6FF call 0040745C
0059F218 BE183A5A00 mov esi, $005A3A18
0059F21D 33C0 xor eax, eax
0059F21F 55 push ebp

* Possible String Reference to: '椴L?氙_^[鑠R?TimesWinMutex'
|
0059F220 6881F95900 push $0059F981

***** TRY
|
0059F225 64FF30 push dword ptr fs:[eax]
0059F228 648920 mov fs:[eax], esp

* Possible String Reference to: 'TimesWinMutex'
|
0059F22B 6890F95900 push $0059F990
0059F230 6AFF push $FF
0059F232 6A00 push $00

* Reference to: Unit_004074D8.Proc_00407684
|
0059F234 E84B84E6FF call 00407684

* Reference to GlobalVar_005A6154
|
0059F239 A354615A00 mov dword ptr [$005A6154], eax
0059F23E 833D54615A0000 cmp dword ptr [$005A6154], +$00
0059F245 7413 jz 0059F25A

* Reference to: kernel32.GetLastError()
|
0059F247 E89085E6FF call 004077DC
0059F24C 3DB7000000 cmp eax, $000000B7
0059F251 7507 jnz 0059F25A
0059F253 33C0 xor eax, eax

* Reference to: regunit.Proc_0059EC1C
|
0059F255 E8C2F9FFFF call 0059EC1C

* Reference to: System.Proc_00402B54
|
0059F25A E8F538E6FF call 00402B54
0059F25F 85C0 test eax, eax
0059F261 7E3A jle 0059F29D
0059F263 8D55EC lea edx, [ebp-$14]
0059F266 B802000000 mov eax, $00000002

* Reference to: System.Proc_00402BB4
|
0059F26B E84439E6FF call 00402BB4
0059F270 8B45EC mov eax, [ebp-$14]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059F273 E854AAE6FF call 00409CCC
0059F278 8BD8 mov ebx, eax
0059F27A 6AFF push $FF
0059F27C 53 push ebx

* Reference to: kernel32.WaitForSingleObject()
|
0059F27D E85A87E6FF call 004079DC
0059F282 53 push ebx

* Reference to: kernel32.CloseHandle()
|
0059F283 E8C483E6FF call 0040764C
0059F288 8D55E8 lea edx, [ebp-$18]
0059F28B B801000000 mov eax, $00000001

* Reference to: System.Proc_00402BB4
|
0059F290 E81F39E6FF call 00402BB4
0059F295 8B45E8 mov eax, [ebp-$18]

* Reference to: Unit_00408A04.Proc_0040A080
|
0059F298 E8E3ADE6FF call 0040A080
0059F29D 8D55E4 lea edx, [ebp-$1C]

* Reference to TApplication instance
|
0059F2A0 A124415A00 mov eax, dword ptr [$005A4124]
0059F2A5 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00475138
|
0059F2A7 E88C5EEDFF call 00475138
0059F2AC 8B45E4 mov eax, [ebp-$1C]
0059F2AF BA40000000 mov edx, $00000040

* Reference to: Unit_00408A04.Proc_00409D9C
|
0059F2B4 E8E3AAE6FF call 00409D9C
0059F2B9 8BD8 mov ebx, eax
0059F2BB 85DB test ebx, ebx
0059F2BD 770A jnbe 0059F2C9

* Possible String Reference to: '打开文件出错'
|
0059F2BF B8A8F95900 mov eax, $0059F9A8

* Reference to: regunit.Proc_0059EC1C
|
0059F2C4 E853F9FFFF call 0059EC1C
0059F2C9 33C9 xor ecx, ecx
0059F2CB 8B16 mov edx, [esi]
0059F2CD 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F2CF E8A8ABE6FF call 00409E7C
0059F2D4 BAC4635A00 mov edx, $005A63C4
0059F2D9 B902000000 mov ecx, $00000002
0059F2DE 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E24
|
0059F2E0 E83FABE6FF call 00409E24
0059F2E5 33C9 xor ecx, ecx
0059F2E7 8B5604 mov edx, [esi+$04]
0059F2EA 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F2EC E88BABE6FF call 00409E7C
0059F2F1 BAC6635A00 mov edx, $005A63C6
0059F2F6 B902000000 mov ecx, $00000002
0059F2FB 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E24
|
0059F2FD E822ABE6FF call 00409E24
0059F302 33C9 xor ecx, ecx
0059F304 8B5608 mov edx, [esi+$08]
0059F307 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F309 E86EABE6FF call 00409E7C
0059F30E BAC8635A00 mov edx, $005A63C8
0059F313 B902000000 mov ecx, $00000002
0059F318 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E24
|
0059F31A E805ABE6FF call 00409E24
0059F31F 33C9 xor ecx, ecx
0059F321 8B560C mov edx, [esi+$0C]
0059F324 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F326 E851ABE6FF call 00409E7C
0059F32B BACA635A00 mov edx, $005A63CA
0059F330 B902000000 mov ecx, $00000002
0059F335 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E24
|
0059F337 E8E8AAE6FF call 00409E24
0059F33C 33C9 xor ecx, ecx
0059F33E 8B5610 mov edx, [esi+$10]
0059F341 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F343 E834ABE6FF call 00409E7C
0059F348 BACC635A00 mov edx, $005A63CC
0059F34D B902000000 mov ecx, $00000002
0059F352 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E24
|
0059F354 E8CBAAE6FF call 00409E24
0059F359 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409EC0
|
0059F35B E860ABE6FF call 00409EC0
0059F360 C605CE635A0000 mov byte ptr [$005A63CE], $00
0059F367 33DB xor ebx, ebx
0059F369 66833DC4635A0000 cmp word ptr [$005A63C4], +$00
0059F371 0F8496010000 jz 0059F50D
0059F377 66833DC6635A0000 cmp word ptr [$005A63C6], +$00
0059F37F 0F8488010000 jz 0059F50D
0059F385 66833DC8635A0000 cmp word ptr [$005A63C8], +$00
0059F38D 0F847A010000 jz 0059F50D
0059F393 66833DCA635A0000 cmp word ptr [$005A63CA], +$00
0059F39B 0F846C010000 jz 0059F50D
0059F3A1 66A1CA635A00 mov ax, word ptr [$005A63CA]
0059F3A7 50 push eax
0059F3A8 668B0DC8635A00 mov cx, word ptr [$005A63C8]
0059F3AF 668B15C6635A00 mov dx, word ptr [$005A63C6]
0059F3B6 66A1C4635A00 mov ax, word ptr [$005A63C4]

* Reference to: DBTables.Proc_00526418
|
0059F3BC E85770F8FF call 00526418
0059F3C1 84C0 test al, al
0059F3C3 0F8444010000 jz 0059F50D
0059F3C9 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F3D0 0FB715C4635A00 movzx edx, word ptr [$005A63C4]
0059F3D7 2BC2 sub eax, edx
0059F3D9 3DB4000000 cmp eax, $000000B4
0059F3DE 0F8D29010000 jnl 0059F50D

* Reference to: Unit_00408A04.Proc_0040BDE8
|
0059F3E4 E8FFC9E6FF call 0040BDE8
0059F3E9 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F3F0 8945E0 mov [ebp-$20], eax
0059F3F3 DB45E0 fild dword ptr [ebp-$20]
0059F3F6 DED9 fcompp
0059F3F8 DFE0 fstsw ax
0059F3FA 9E sahf
0059F3FB 0F8686000000 jbe 0059F487
0059F401 6A10 push $10
0059F403 8D45DC lea eax, [ebp-$24]
0059F406 50 push eax
0059F407 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F40E 8945E0 mov [ebp-$20], eax
0059F411 DB45E0 fild dword ptr [ebp-$20]
0059F414 83C4F8 add esp, -$08
0059F417 DD1C24 fstp qword ptr [esp]
0059F41A 9B wait
0059F41B 8D45C8 lea eax, [ebp-$38]

* Reference to: Unit_00408A04.Proc_0040CB6C
|
0059F41E E849D7E6FF call 0040CB6C
0059F423 8B45C8 mov eax, [ebp-$38]
0059F426 8945CC mov [ebp-$34], eax
0059F429 C645D00B mov byte ptr [ebp-$30], $0B
0059F42D 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F434 8945E0 mov [ebp-$20], eax
0059F437 DB45E0 fild dword ptr [ebp-$20]
0059F43A 83C4F8 add esp, -$08
0059F43D DD1C24 fstp qword ptr [esp]
0059F440 9B wait
0059F441 8D45C4 lea eax, [ebp-$3C]

* Reference to: Unit_00408A04.Proc_0040CB6C
|
0059F444 E823D7E6FF call 0040CB6C
0059F449 8B45C4 mov eax, [ebp-$3C]
0059F44C 8945D4 mov [ebp-$2C], eax
0059F44F C645D80B mov byte ptr [ebp-$28], $0B
0059F453 8D55CC lea edx, [ebp-$34]
0059F456 B901000000 mov ecx, $00000001

* Possible String Reference to: '本系统上次运行的时间为 %s 。为保证?
| 低车恼?吩诵校??裳≡裨?%s 后再使
| 用本软件或重新安装和注册。按下[确定
| ]后系统将退出。'
|
0059F45B B8C0F95900 mov eax, $0059F9C0

* Reference to: Unit_00408A04.Proc_0040AB18
|
0059F460 E8B3B6E6FF call 0040AB18
0059F465 8B45DC mov eax, [ebp-$24]

* Reference to: System.Proc_00405224
|
0059F468 E8B75DE6FF call 00405224
0059F46D 8BD0 mov edx, eax

* Possible String Reference to: '警告'
|
0059F46F B93CFA5900 mov ecx, $0059FA3C

* Reference to TApplication instance
|
0059F474 A124415A00 mov eax, dword ptr [$005A4124]
0059F479 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00474CF0
|
0059F47B E87058EDFF call 00474CF0
0059F480 33C0 xor eax, eax

* Reference to: regunit.Proc_0059EC1C
|
0059F482 E895F7FFFF call 0059EC1C
0059F487 C605CE635A0001 mov byte ptr [$005A63CE], $01

* Reference to: Unit_00408A04.Proc_0040BDE8
|
0059F48E E855C9E6FF call 0040BDE8
0059F493 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F49A 8945E0 mov [ebp-$20], eax
0059F49D DB45E0 fild dword ptr [ebp-$20]
0059F4A0 DED9 fcompp
0059F4A2 DFE0 fstsw ax
0059F4A4 9E sahf
0059F4A5 0F94C3 setz bl
0059F4A8 84DB test bl, bl
0059F4AA 7461 jz 0059F50D
0059F4AC 0FB705CC635A00 movzx eax, word ptr [$005A63CC]
0059F4B3 0FB715C4635A00 movzx edx, word ptr [$005A63C4]
0059F4BA 2BC2 sub eax, edx
0059F4BC BFB4000000 mov edi, $000000B4
0059F4C1 2BF8 sub edi, eax
0059F4C3 83FF0F cmp edi, +$0F
0059F4C6 7D45 jnl 0059F50D
0059F4C8 6A34 push $34
0059F4CA 8D45C0 lea eax, [ebp-$40]
0059F4CD 50 push eax
0059F4CE 897DB8 mov [ebp-$48], edi
0059F4D1 C645BC00 mov byte ptr [ebp-$44], $00
0059F4D5 8D55B8 lea edx, [ebp-$48]
0059F4D8 33C9 xor ecx, ecx

* Possible String Reference to: '本软件的使用期在 %d 天后需要重新注?
| 幔??Ｍ?⒓粗匦伦⒉崧穑?
|
0059F4DA B84CFA5900 mov eax, $0059FA4C

* Reference to: Unit_00408A04.Proc_0040AB18
|
0059F4DF E834B6E6FF call 0040AB18
0059F4E4 8B45C0 mov eax, [ebp-$40]

* Reference to: System.Proc_00405224
|
0059F4E7 E8385DE6FF call 00405224
0059F4EC 8BD0 mov edx, eax

* Possible String Reference to: '提示'
|
0059F4EE B98CFA5900 mov ecx, $0059FA8C

* Reference to TApplication instance
|
0059F4F3 A124415A00 mov eax, dword ptr [$005A4124]
0059F4F8 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00474CF0
|
0059F4FA E8F157EDFF call 00474CF0
0059F4FF 83F806 cmp eax, +$06
0059F502 7509 jnz 0059F50D
0059F504 C605CE635A0000 mov byte ptr [$005A63CE], $00
0059F50B 33DB xor ebx, ebx
0059F50D 84DB test bl, bl
0059F50F 0F84B4000000 jz 0059F5C9

* Reference to TApplication instance
|
0059F515 A124415A00 mov eax, dword ptr [$005A4124]
0059F51A 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00474AC8
|
0059F51C E8A755EDFF call 00474AC8

* Reference to TApplication instance
|
0059F521 A124415A00 mov eax, dword ptr [$005A4124]
0059F526 8B00 mov eax, [eax]

* Possible String Reference to: '广州时代报刊信息系统'
|
0059F528 BA9CFA5900 mov edx, $0059FA9C

* Reference to: Forms.Proc_004746D4
|
0059F52D E8A251EDFF call 004746D4

* Reference to: Forms.Proc_00476154
|
0059F532 E81D6CEDFF call 00476154
0059F537 84C0 test al, al
0059F539 750A jnz 0059F545

* Possible String Reference to: '初始化错误'
|
0059F53B B8BCFA5900 mov eax, $0059FABC

* Reference to: regunit.Proc_0059EC1C
|
0059F540 E8D7F6FFFF call 0059EC1C

* Reference to TApplication instance
|
0059F545 8B0D24415A00 mov ecx, [$005A4124]
0059F54B 8B09 mov ecx, [ecx]
0059F54D B201 mov dl, $01

* Reference to class TFlashForm
|
0059F54F A140E65900 mov eax, dword ptr [$0059E640]

* Reference to: Forms.Proc_0046D38C
|
0059F554 E833DEECFF call 0046D38C

* Reference to pointer to GlobalVar_005A6144
|
0059F559 8B1588405A00 mov edx, [$005A4088]
0059F55F 8902 mov [edx], eax

* Reference to pointer to GlobalVar_005A6144
|
0059F561 A188405A00 mov eax, dword ptr [$005A4088]
0059F566 8B00 mov eax, [eax]

* Reference to: Forms.Proc_004715CC
|
0059F568 E85F20EDFF call 004715CC

* Reference to pointer to GlobalVar_005A6144
|
0059F56D A188405A00 mov eax, dword ptr [$005A4088]
0059F572 8B00 mov eax, [eax]
0059F574 8B10 mov edx, [eax]

* Possible reference to virtual method TGlobalVar_005A6144.OFFS_0088
|
0059F576 FF9288000000 call dword ptr [edx+$0088]

* Reference to TMainForm instance
|
0059F57C 8B0DE03C5A00 mov ecx, [$005A3CE0]

* Reference to TApplication instance
|
0059F582 A124415A00 mov eax, dword ptr [$005A4124]
0059F587 8B00 mov eax, [eax]

* Reference to class TMainForm
|
0059F589 8B15406A5900 mov edx, [$00596A40]

* Reference to: Forms.Proc_00474AE0
|
0059F58F E84C55EDFF call 00474AE0

* Reference to TData1 instance
|
0059F594 8B0D90445A00 mov ecx, [$005A4490]

* Reference to TApplication instance
|
0059F59A A124415A00 mov eax, dword ptr [$005A4124]
0059F59F 8B00 mov eax, [eax]

* Reference to class TData1
|
0059F5A1 8B15B89D5500 mov edx, [$00559DB8]

* Reference to: Forms.Proc_00474AE0
|
0059F5A7 E83455EDFF call 00474AE0

* Reference to pointer to GlobalVar_005A6144
|
0059F5AC A188405A00 mov eax, dword ptr [$005A4088]
0059F5B1 8B00 mov eax, [eax]

* Reference to: System.Proc_00403EA4
|
0059F5B3 E8EC48E6FF call 00403EA4

* Reference to TApplication instance
|
0059F5B8 A124415A00 mov eax, dword ptr [$005A4124]
0059F5BD 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00474B60
|
0059F5BF E89C55EDFF call 00474B60
0059F5C4 E94B030000 jmp 0059F914

* Reference to TApplication instance
|
0059F5C9 A124415A00 mov eax, dword ptr [$005A4124]
0059F5CE 8B00 mov eax, [eax]

* Reference to: Forms.Proc_00474AC8
|
0059F5D0 E8F354EDFF call 00474AC8

* Reference to TApplication instance
|
0059F5D5 A124415A00 mov eax, dword ptr [$005A4124]
0059F5DA 8B00 mov eax, [eax]

* Possible String Reference to: '广州时代报刊信息系统'
|
0059F5DC BA9CFA5900 mov edx, $0059FA9C

* Reference to: Forms.Proc_004746D4
|
0059F5E1 E8EE50EDFF call 004746D4
0059F5E6 6804010000 push $00000104
0059F5EB 6858615A00 push $005A6158
0059F5F0 6A00 push $00

* Reference to: kernel32.GetModuleFileNameA()
|
0059F5F2 E8FD81E6FF call 004077F4
0059F5F7 6860625A00 push $005A6260
0059F5FC 6804010000 push $00000104

* Reference to: kernel32.GetTempPathA()
|
0059F601 E84682E6FF call 0040784C
0059F606 6860625A00 push $005A6260
0059F60B 6A00 push $00

* Possible String Reference to: 'tmp'
|
0059F60D 68C8FA5900 push $0059FAC8
0059F612 6860625A00 push $005A6260

* Reference to: kernel32.GetTempFileNameA()
|
0059F617 E82882E6FF call 00407844
0059F61C 8D45B4 lea eax, [ebp-$4C]
0059F61F BA60625A00 mov edx, $005A6260
0059F624 B905010000 mov ecx, $00000105

* Reference to: System.Proc_00404FDC
|
0059F629 E8AE59E6FF call 00404FDC
0059F62E 8B45B4 mov eax, [ebp-$4C]
0059F631 B90A000000 mov ecx, $0000000A

* Possible String Reference to: 'RCDATA_4'
|
0059F636 BAD4FA5900 mov edx, $0059FAD4

* Reference to: Unit_00526419.Proc_005268A4
|
0059F63B E86472F8FF call 005268A4
0059F640 803DCE635A0000 cmp byte ptr [$005A63CE], $00
0059F647 0F8564010000 jnz 0059F7B1

* Reference to: Unit_00408A04.Proc_0040BDE8
|
0059F64D E896C7E6FF call 0040BDE8

* Reference to: System.Proc_00402D28
|
0059F652 E8D136E6FF call 00402D28
0059F657 66A3C4635A00 mov word ptr [$005A63C4], ax

* Reference to: Unit_00526419.Proc_00526610
|
0059F65D E8AE6FF8FF call 00526610
0059F662 99 cdq
0059F663 33C2 xor eax, edx
0059F665 2BC2 sub eax, edx
0059F667 8D55B0 lea edx, [ebp-$50]

* Reference to: Unit_00408A04.Proc_00409C2C
|
0059F66A E8BDA5E6FF call 00409C2C
0059F66F 8B55B0 mov edx, [ebp-$50]
0059F672 B8C0635A00 mov eax, $005A63C0

* Possible String Reference to: '78987'
|
0059F677 B9E8FA5900 mov ecx, $0059FAE8

* Reference to: System.Proc_00405078
|
0059F67C E8F759E6FF call 00405078
0059F681 68C0635A00 push $005A63C0
0059F686 B905000000 mov ecx, $00000005
0059F68B BA01000000 mov edx, $00000001
0059F690 A1C0635A00 mov eax, dword ptr [$005A63C0]

* Reference to: System.Proc_00405284
|
0059F695 E8EA5BE6FF call 00405284
0059F69A A1C0635A00 mov eax, dword ptr [$005A63C0]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059F69F E828A6E6FF call 00409CCC
0059F6A4 66A3C6635A00 mov word ptr [$005A63C6], ax
0059F6AA 66813DC4635A003E92 cmp word ptr [$005A63C4], $923E
0059F6B3 7337 jnb 0059F6EC
0059F6B5 0FB715C6635A00 movzx edx, word ptr [$005A63C6]
0059F6BC 0FB705C4635A00 movzx eax, word ptr [$005A63C4]

* Reference to: Unit_00526419.Proc_0052645C
|
0059F6C3 E8946DF8FF call 0052645C
0059F6C8 66A3C8635A00 mov word ptr [$005A63C8], ax
0059F6CE 0FB715C6635A00 movzx edx, word ptr [$005A63C6]
0059F6D5 0FB705C4635A00 movzx eax, word ptr [$005A63C4]

* Reference to: Unit_00526419.Proc_00526544
|
0059F6DC E8636EF8FF call 00526544
0059F6E1 66A3CA635A00 mov word ptr [$005A63CA], ax
0059F6E7 E9C5000000 jmp 0059F7B1

* Reference to TApplication instance
|
0059F6EC 8B0D24415A00 mov ecx, [$005A4124]
0059F6F2 8B09 mov ecx, [ecx]
0059F6F4 B201 mov dl, $01

* Reference to class TRegForm
|
0059F6F6 A16CE85900 mov eax, dword ptr [$0059E86C]

* Reference to: Forms.Proc_0046D38C
|
0059F6FB E88CDCECFF call 0046D38C

* Reference to pointer to GlobalVar_005A614C
|
0059F700 8B15B43A5A00 mov edx, [$005A3AB4]
0059F706 8902 mov [edx], eax
0059F708 8D55AC lea edx, [ebp-$54]
0059F70B 0FB705C4635A00 movzx eax, word ptr [$005A63C4]

* Reference to: Unit_00408A04.Proc_00409C2C
|
0059F712 E815A5E6FF call 00409C2C
0059F717 8B55AC mov edx, [ebp-$54]

* Reference to pointer to GlobalVar_005A614C
|
0059F71A A1B43A5A00 mov eax, dword ptr [$005A3AB4]
0059F71F 8B00 mov eax, [eax]

* Reference to field GlobalVar_005A614C.OFFS_0310
|
0059F721 8B8010030000 mov eax, [eax+$0310]

* Reference to: Controls.Proc_00453F60
|
0059F727 E83448EBFF call 00453F60
0059F72C 8D55A8 lea edx, [ebp-$58]
0059F72F 0FB705C6635A00 movzx eax, word ptr [$005A63C6]

* Reference to: Unit_00408A04.Proc_00409C2C
|
0059F736 E8F1A4E6FF call 00409C2C
0059F73B 8B55A8 mov edx, [ebp-$58]

* Reference to pointer to GlobalVar_005A614C
|
0059F73E A1B43A5A00 mov eax, dword ptr [$005A3AB4]
0059F743 8B00 mov eax, [eax]

* Reference to field GlobalVar_005A614C.OFFS_0314
|
0059F745 8B8014030000 mov eax, [eax+$0314]

* Reference to: Controls.Proc_00453F60
|
0059F74B E81048EBFF call 00453F60

* Reference to pointer to GlobalVar_005A614C
|
0059F750 A1B43A5A00 mov eax, dword ptr [$005A3AB4]
0059F755 8B00 mov eax, [eax]
0059F757 8B10 mov edx, [eax]

* Possible reference to virtual method TGlobalVar_005A614C.OFFS_00E8
|
0059F759 FF92E8000000 call dword ptr [edx+$00E8]
0059F75F 48 dec eax
0059F760 7548 jnz 0059F7AA
0059F762 8D55A4 lea edx, [ebp-$5C]

* Reference to pointer to GlobalVar_005A614C
|
0059F765 A1B43A5A00 mov eax, dword ptr [$005A3AB4]
0059F76A 8B00 mov eax, [eax]

* Reference to field GlobalVar_005A614C.OFFS_0318
|
0059F76C 8B8018030000 mov eax, [eax+$0318]

* Reference to: Controls.Proc_00453F30
|
0059F772 E8B947EBFF call 00453F30
0059F777 8B45A4 mov eax, [ebp-$5C]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059F77A E84DA5E6FF call 00409CCC
0059F77F 66A3C8635A00 mov word ptr [$005A63C8], ax
0059F785 8D55A0 lea edx, [ebp-$60]

* Reference to pointer to GlobalVar_005A614C
|
0059F788 A1B43A5A00 mov eax, dword ptr [$005A3AB4]
0059F78D 8B00 mov eax, [eax]

* Reference to field GlobalVar_005A614C.OFFS_031C
|
0059F78F 8B801C030000 mov eax, [eax+$031C]

* Reference to: Controls.Proc_00453F30
|
0059F795 E89647EBFF call 00453F30
0059F79A 8B45A0 mov eax, [ebp-$60]

* Reference to: Unit_00408A04.Proc_00409CCC
|
0059F79D E82AA5E6FF call 00409CCC
0059F7A2 66A3CA635A00 mov word ptr [$005A63CA], ax
0059F7A8 EB07 jmp 0059F7B1
0059F7AA 33C0 xor eax, eax

* Reference to: regunit.Proc_0059EC1C
|
0059F7AC E86BF4FFFF call 0059EC1C
0059F7B1 8D459C lea eax, [ebp-$64]
0059F7B4 BA60625A00 mov edx, $005A6260
0059F7B9 B905010000 mov ecx, $00000105

* Reference to: System.Proc_00404FDC
|
0059F7BE E81958E6FF call 00404FDC
0059F7C3 8B459C mov eax, [ebp-$64]
0059F7C6 BA02000000 mov edx, $00000002

* Reference to: Unit_00408A04.Proc_00409D9C
|
0059F7CB E8CCA5E6FF call 00409D9C
0059F7D0 8BD8 mov ebx, eax
0059F7D2 85DB test ebx, ebx
0059F7D4 770A jnbe 0059F7E0

* Possible String Reference to: '打开文件出错'
|
0059F7D6 B8A8F95900 mov eax, $0059F9A8

* Reference to: regunit.Proc_0059EC1C
|
0059F7DB E83CF4FFFF call 0059EC1C
0059F7E0 33C9 xor ecx, ecx
0059F7E2 8B16 mov edx, [esi]
0059F7E4 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F7E6 E891A6E6FF call 00409E7C
0059F7EB BAC4635A00 mov edx, $005A63C4
0059F7F0 B902000000 mov ecx, $00000002
0059F7F5 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E50
|
0059F7F7 E854A6E6FF call 00409E50
0059F7FC 33C9 xor ecx, ecx
0059F7FE 8B5604 mov edx, [esi+$04]
0059F801 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F803 E874A6E6FF call 00409E7C
0059F808 BAC6635A00 mov edx, $005A63C6
0059F80D B902000000 mov ecx, $00000002
0059F812 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E50
|
0059F814 E837A6E6FF call 00409E50
0059F819 33C9 xor ecx, ecx
0059F81B 8B5608 mov edx, [esi+$08]
0059F81E 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F820 E857A6E6FF call 00409E7C
0059F825 BAC8635A00 mov edx, $005A63C8
0059F82A B902000000 mov ecx, $00000002
0059F82F 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E50
|
0059F831 E81AA6E6FF call 00409E50
0059F836 33C9 xor ecx, ecx
0059F838 8B560C mov edx, [esi+$0C]
0059F83B 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F83D E83AA6E6FF call 00409E7C
0059F842 BACA635A00 mov edx, $005A63CA
0059F847 B902000000 mov ecx, $00000002
0059F84C 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E50
|
0059F84E E8FDA5E6FF call 00409E50
0059F853 33C9 xor ecx, ecx
0059F855 8B5610 mov edx, [esi+$10]
0059F858 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E7C
|
0059F85A E81DA6E6FF call 00409E7C
0059F85F BACC635A00 mov edx, $005A63CC
0059F864 B902000000 mov ecx, $00000002
0059F869 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409E50
|
0059F86B E8E0A5E6FF call 00409E50
0059F870 8BC3 mov eax, ebx

* Reference to: Unit_00408A04.Proc_00409EC0
|
0059F872 E849A6E6FF call 00409EC0

* Reference to: kernel32.GetCurrentProcessId()
|
0059F877 E8287FE6FF call 004077A4
0059F87C 50 push eax
0059F87D 6AFF push $FF
0059F87F 6800001000 push $00100000

* Reference to: kernel32.OpenProcess()
|
0059F884 E89B80E6FF call 00407924
0059F889 8BD8 mov ebx, eax
0059F88B 8D4598 lea eax, [ebp-$68]
0059F88E 50 push eax
0059F88F C7458060625A00 mov dword ptr [ebp-$80], $005A6260
0059F896 C6458406 mov byte ptr [ebp-$7C], $06
0059F89A C7458858615A00 mov dword ptr [ebp-$78], $005A6158
0059F8A1 C6458C06 mov byte ptr [ebp-$74], $06
0059F8A5 895D90 mov [ebp-$70], ebx
0059F8A8 C6459400 mov byte ptr [ebp-$6C], $00
0059F8AC 8D5580 lea edx, [ebp-$80]
0059F8AF B902000000 mov ecx, $00000002

* Possible String Reference to: '%s "%s" %d'
|
0059F8B4 B8F8FA5900 mov eax, $0059FAF8

* Reference to: Unit_00408A04.Proc_0040AB18
|
0059F8B9 E85AB2E6FF call 0040AB18
0059F8BE 8B5598 mov edx, [ebp-$68]
0059F8C1 B868635A00 mov eax, $005A6368

* Reference to: System.Proc_00404DC8
|
0059F8C6 E8FD54E6FF call 00404DC8
0059F8CB B86C635A00 mov eax, $005A636C
0059F8D0 33C9 xor ecx, ecx
0059F8D2 BA44000000 mov edx, $00000044

* Reference to: System.Proc_00403320
|
0059F8D7 E8443AE6FF call 00403320
0059F8DC C7056C635A0044000000 mov dword ptr [$005A636C], $00000044
0059F8E6 68B0635A00 push $005A63B0
0059F8EB 686C635A00 push $005A636C
0059F8F0 6A00 push $00
0059F8F2 6A00 push $00
0059F8F4 6A00 push $00
0059F8F6 6AFF push $FF
0059F8F8 6A00 push $00
0059F8FA 6A00 push $00
0059F8FC A168635A00 mov eax, dword ptr [$005A6368]

* Reference to: System.Proc_00405224
|
0059F901 E81E59E6FF call 00405224
0059F906 50 push eax
0059F907 6A00 push $00

* Reference to: kernel32.CreateProcessA()
|
0059F909 E8BE7DE6FF call 004076CC
0059F90E 53 push ebx

* Reference to: kernel32.CloseHandle()
|
0059F90F E8387DE6FF call 0040764C
0059F914 A154615A00 mov eax, dword ptr [$005A6154]
0059F919 50 push eax

* Reference to: kernel32.CloseHandle()
|
0059F91A E82D7DE6FF call 0040764C
0059F91F A154615A00 mov eax, dword ptr [$005A6154]
0059F924 50 push eax

* Reference to: kernel32.ReleaseMutex()
|
0059F925 E81A80E6FF call 00407944
0059F92A 33C0 xor eax, eax
0059F92C 5A pop edx
0059F92D 59 pop ecx
0059F92E 59 pop ecx
0059F92F 648910 mov fs:[eax], edx

****** FINALLY
|

* Possible String Reference to: '_^[鑠R?TimesWinMutex'
|
0059F932 6888F95900 push $0059F988
0059F937 8D4598 lea eax, [ebp-$68]
0059F93A BA02000000 mov edx, $00000002

* Reference to: System.Proc_00404D98
|
0059F93F E85454E6FF call 00404D98
0059F944 8D45A0 lea eax, [ebp-$60]
0059F947 BA02000000 mov edx, $00000002

* Reference to: System.Proc_00404D98
|
0059F94C E84754E6FF call 00404D98
0059F951 8D45A8 lea eax, [ebp-$58]
0059F954 BA04000000 mov edx, $00000004

* Reference to: System.Proc_00404D98
|
0059F959 E83A54E6FF call 00404D98
0059F95E 8D45C0 lea eax, [ebp-$40]
0059F961 BA03000000 mov edx, $00000003

* Reference to: System.Proc_00404D98
|
0059F966 E82D54E6FF call 00404D98
0059F96B 8D45DC lea eax, [ebp-$24]

* Reference to: System.Proc_00404D74
|
0059F96E E80154E6FF call 00404D74
0059F973 8D45E4 lea eax, [ebp-$1C]
0059F976 BA03000000 mov edx, $00000003

* Reference to: System.Proc_00404D98
|
0059F97B E81854E6FF call 00404D98
0059F980 C3 ret

0059F981 E9B24CE6FF jmp 00404638
0059F986 EBAF jmp 0059F937

****** END
|
0059F988 5F pop edi
0059F989 5E pop esi
0059F98A 5B pop ebx

* Reference to: System.Proc_00404C00
|
0059F98B E87052E6FF call 00404C00
0059F990 54 push esp
0059F991 696D657357696E imul ebp, [ebp+$65], $6E695773
0059F998 4D dec ebp
0059F999 7574 jnz 0059FA0F
0059F99B 657800 js 0059F99E
0059F99E 0000 add [eax], al

0059F9A0 FFFF DB $FF, $FF //
0059F9A2 FFFF DB $FF, $FF //
0059F9A4 0C00 or al, $00
0059F9A6 0000 add [eax], al

0059F9A8 B4F2 mov ah, $F2
0059F9AA BFAACEC4BC mov edi, $BCC4CEAA
0059F9AF FEB3 DB $FE, $B3 //
0059F9B1 F6B4ED00000000 div byte ptr [ebp+ebp*8+$0000]
0059F9B8 FFFF DB $FF, $FF //
0059F9BA FFFF DB $FF, $FF //
0059F9BC 7800 js 0059F9BE
0059F9BE 0000 add [eax], al

0059F9C0 B1BE mov cl, $BE
0059F9C2 CF iret
0059F9C3 B5CD mov ch, $CD
0059F9C5 B3C9 mov bl, $C9
0059F9C7 CF iret
0059F9C8 B4CE mov ah, $CE
0059F9CA D4 aam
0059F9CB CB ret

0059F9CC D0D0 rcl al, 1
0059F9CE B5C4 mov ch, $C4
0059F9D0 CA ret

0059F9D1 B1BC mov cl, $BC
0059F9D3 E4CE in al, $CE
0059F9D5 AA stosb
0059F9D6 20257320A1A3 and [$A3A12073], ah
0059F9DC CE into
0059F9DD AA stosb
0059F9DE B1A3 mov cl, $A3
0059F9E0 D6 DB $D6 //
0059F9E1 A4 movsb
0059F9E2 CF iret
0059F9E3 B5CD mov ch, $CD
0059F9E5 B3B5 mov bl, $B5
0059F9E7 C4D5 les edx, bp
0059F9E9 FD std
0059F9EA C8B7 enter , $B7
0059F9EC D4 aam
0059F9ED CB ret

0059F9EE D0D0 rcl al, 1
0059F9F0 A3ACC4FABF mov dword ptr [$BFFAC4AC], eax
0059F9F5 C9 leave
0059F9F6 D1A1D4F1D4DA shl dword ptr [ecx+$DAD4F1D4], 1
0059F9FC 20257320BAF3 and [$F3BA2073], ah
0059FA02 D4 aam
0059FA03 D9CA fxch st(0), st(2)
0059FA05 B9D3C3B1BE mov ecx, $BEB1C3D3
0059FA0A C8ED enter , $ED
0059FA0C BCFEBBF2D6 mov esp, $D6F2BBFE
0059FA11 D8D0 fcom st(0), st(0)
0059FA13 C2B0B2 ret $B2B0

}

yyk518 · 2002-09-28

用Soft-ICE破了它吧[

]

zhengxionglai · 2002-09-28

用soft-ice 只可以解针对本机的密码,其他的客户端呢?

jsxjd · 2002-09-28

先要从上面找出从提供序列号的EDIT中获得内容的代码。

LongV · 2002-09-28

Call 00526418为注册码比较核心。
修改下面地址0059EB4E中的740C为：9090，即可。
0059EB47 E8CC78F8FF call 00526418
0059EB4C 84C0 test al, al
0059EB4E 740C jz 0059EB5C

帮忙看看这段汇编语句!!(200分)

zhengxionglai

Unregistered / Unconfirmed

qwei

Unregistered / Unconfirmed

zhengxionglai

Unregistered / Unconfirmed

lilofox

Unregistered / Unconfirmed

喜玛拉雅

Unregistered / Unconfirmed

zhengxionglai

Unregistered / Unconfirmed

zhengxionglai

Unregistered / Unconfirmed

yyk518

Unregistered / Unconfirmed

zhengxionglai

Unregistered / Unconfirmed

jsxjd

Unregistered / Unconfirmed

LongV

Unregistered / Unconfirmed

Similar threads