Fancy Blog

  :: 首页 :: 博问 :: 闪存 :: :: 联系 :: 订阅 订阅 :: 管理 ::

DialogBlocks2.0的注册算法

作者: qfejj

    DialogBlocks For wxWindgets,这个软件可以帮助软件设计者轻松快速地设计出专业的用户界面,更有跨平台的界面支持库,用过的朋友肯定知道它的强大功能,没有用过的朋友可以试试。注册成为正式用户后,解除所有限制的功能。付钱注册还是使用我的注册机注册,随你便,哈哈。(反正我对老外是不会客气的)
    这个软件采用用户名--注册码的保护方式,有标准版和个人版之分,注册信息保存在注册表,每次启动读取验证,用户名和注册码没有大小写之分。有个缺点是在内存中会出现完整的明文注册码,还好每次出现的地方都不同,可以对付一下注册机工具生成的内存注册机。软件只用了一个GetWindowText,至于提示注册成功与否的MessageBoxA也是用的同一个,拦截GetWindowText后,只要点击用户界面就会让你中断,MessageBox当然也是没什么用的,调试后你会发现,判断离那里很远。拦截注册表值的读取要等上很久,最快最方便的是查找出错字串来定位(软件作者好像忽略了这个,前面那些保护白做了)。
    我的习惯,贴代码前先说一下这个软件的注册过程。
    这个软件要完美爆破很简单,只要在0042B8C1处call dialogbl.0042B7A0使al返回值为1即可。对于这个call,如果第一次al返回1,注册成功且为标准版,第二次al返回1,注册成功也为标准版,第三次al返回1,注册成功为个人版。三次返回值都为0则注册失败。
    软件由用户名处理后得到注册码后直接比较,没有中间值(这样子对我来说太好了,写注册机不用写逆算部分),具体的处理过程如下:
    1. 获取用户名,把所有大写字母都转化为小写,然后在用户名后加上一固定字串,对于这个固定字串是这样子加的:
       a.计算标准版注册码所用的字串是"Anthemion Software DialogBlocks",80h
       b.另一个计算标准版注册码所用的字串"Anthemion Software DialogBlocks and HelpBlocks",80h
       c.计算个人版注册码所用的字串"Anthemion Software DialogBlocks Personal Edition",80h
       在用户名第一个字节向后偏移38h的地方加上一个值,这个值(16进制)=用户名长度(包括新加的字串)*8
       这里说一点,由a和b生成的注册码注册后同为标准版,就是说一个用户名可以有两个不用的注册码来完成标准版的注册,对于这两个不同的注册码完成的注册,我没看出有什么不同。像这样子处理,在没有用户名的情况下也是可以成功注册的。
    2.获取用户名长度(包括加上的字串长),对超出40(16进制64)的部分舍弃。我贴的注册机源码里没有这部分的代码,我想没有哪位喜欢用超过30个字符的ID来注册吧?(如果有,我单独给你写一个好了)
    3.通过一函数对处理后的用户名进行一定的计算,得到结果。这个函数体比较庞大,有点吓人,我只有通过代码来说明。
    下面看算法相关的代码,怎么跟的具体就不说了。另外,没有注释的地方你大可不看,以节约你宝贵的时间。

;***************处理用户名长度,计算附加值********************************
...
004257DE    push ebp                                      ;  具体进来处理
004257DF    mov ebp,esp
004257E1    push ebx
004257E2    mov ebx,dword ptr ss:[ebp+10]                 ;  用户名长度
004257E5    push esi                                      ;  esi指向类似于"Anthemion Software DialogBlocks"的字串,视具体版本
004257E6    mov esi,dword ptr ss:[ebp+8]                  ;  这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
004257E9    push edi
004257EA    mov eax,dword ptr ds:[esi+10]
004257ED    lea ecx,dword ptr ds:[eax+ebx*8]              ;  用户名长度*8+eax,eax=0
004257F0    cmp ecx,eax
004257F2    mov dword ptr ds:[esi+10],ecx                 ;  保存,这个值在处理用户名的时候要用
004257F5    jnb short dialogbl.004257FA
004257F7    inc dword ptr ds:[esi+14]
004257FA    mov ecx,ebx                                   ;  ebx=用户名长度
004257FC    shr ecx,1D
004257FF    add dword ptr ds:[esi+14],ecx                 ;  esi指向的是那个数组0123456789ABCDEFFEDCBA9876543210
00425802    shr eax,3
00425805    and eax,3F
00425808    je short dialogbl.0042583A
0042580A    push 40
0042580C    lea ecx,dword ptr ds:[eax+esi+18]
00425810    pop edi
00425811    sub edi,eax
00425813    cmp ebx,edi
00425815    jnb short dialogbl.0042581E
00425817    push ebx
00425818    push dword ptr ss:[ebp+C]
0042581B    push ecx
0042581C    jmp short dialogbl.00425871
0042581E    push edi                                      ; /n
0042581F    push dword ptr ss:[ebp+C]                     ; |src
00425822    push ecx                                      ; |dest
00425823    call <jmp.&MSVCRT.memcpy>                     ; \memcpy
00425828    lea eax,dword ptr ds:[esi+18]
0042582B    push eax
0042582C    push esi
0042582D    call dialogbl.00425901
00425832    add dword ptr ss:[ebp+C],edi
00425835    add esp,14
00425838    sub ebx,edi
0042583A    cmp ebx,40                                    ;  用户名长度和40比较
0042583D    jb short dialogbl.00425869                    ;  小于40则转去处理
0042583F    mov edi,ebx                                   ;  用户名长度要是大于40,右移6
00425841    shr edi,6
00425844    /push 40                                      ; /n = 40 (64.)
00425846    |lea eax,dword ptr ds:[esi+18]                ; |
00425849    |push dword ptr ss:[ebp+C]                    ; |src
0042584C    |push eax                                     ; |dest
0042584D    |call <jmp.&MSVCRT.memcpy>                    ; \memcpy 
00425852    |lea eax,dword ptr ds:[esi+18]
00425855    |push eax
00425856    |push esi
00425857    |call dialogbl.00425901
0042585C    |add dword ptr ss:[ebp+C],40
00425860    |add esp,14
00425863    |sub ebx,40
00425866    |dec edi
00425867    \jnz short dialogbl.00425844
00425869    push ebx                                      ; /n
0042586A    add esi,18                                    ; |
0042586D    push dword ptr ss:[ebp+C]                     ; |加了字串后的用户名
00425870    push esi                                      ; |地址
00425871    call <jmp.&MSVCRT.memcpy>                     ; \把加了字串的用户名复制到esi所指地址后
00425876    add esp,0C
00425879    pop edi
0042587A    pop esi
0042587B    pop ebx
0042587C    pop ebp
0042587D    retn
...

;************************处理用户名,得到注册码********************
...
0042B631    mov dword ptr ss:[ebp-14],ebx
0042B634    mov edi,dword ptr ss:[ebp-10]                 ;  用户名
0042B637    lea esi,dword ptr ss:[ebp-27C]
0042B63D    mov eax,edi
0042B63F    cmp byte ptr ds:[eax],bl
0042B641    je short dialogbl.0042B65C
0042B643    /mov al,byte ptr ds:[edi]                     ;  具体的处理部分
0042B645    |cmp al,20                                    ;  看取出的字母(数字)是否是空格
0042B647    |je short dialogbl.0042B657
0042B649    |movsx eax,al                                 ;  用户名ASCII值扩展到eax
0042B64C    |push eax                                     ; /c
0042B64D    |call dword ptr ds:[<&MSVCRT.tolower>]        ; \所有用户名中字母一律转换为小写字母
0042B653    |mov byte ptr ds:[esi],al                     ;  转换后得到的小写字母ASCII值保存到堆栈
0042B655    |pop ecx
0042B656    |inc esi
0042B657    |inc edi                                      ;  如果前面取得的是空格,则指针移到下一个字母(数字)
0042B658    |cmp byte ptr ds:[edi],bl                     ;  看用户名是否已经取完
0042B65A    \jnz short dialogbl.0042B643                  ;  若没取完,回去再取下一个并作小写转换处理
0042B65C    push dword ptr ss:[ebp-14]                    ; /一字串
0042B65F    lea eax,dword ptr ss:[ebp-27C]                ; |转换为小写字母后的用户名
0042B665    mov byte ptr ds:[esi],bl                      ; |
0042B667    push eax                                      ; |dest
0042B668    call <jmp.&MSVCRT.strcat>                     ; \在小写用户名后加上字串“Anthemion Software DialogBlocks”
                                                          ; 关于这个字串的规则是这样的:
                                                          ; 用户名后加上字串"Anthemion Software DialogBlocks",80h
                                                          ; 或者加上"Anthemion Software DialogBlocks and HelpBlocks",80h
                                                          ; 最后得到的是标准版的注册码
                                                          ; 用户名后加上字串"Anthemion Software DialogBlocks Personal Edition",80h
                                                          ; 最后得到的是个人版的注册码
0042B66D    mov eax,dword ptr ds:[908840]
0042B672    mov dword ptr ss:[ebp+C],eax
0042B675    lea eax,dword ptr ss:[ebp-7C]
0042B678    mov byte ptr ss:[ebp-4],2
0042B67C    push eax
0042B67D    call dialogbl.004257B6
0042B682    lea eax,dword ptr ss:[ebp-27C]                ;  加了字串后的用户名地址送到eax
0042B688    push eax                                      ; /s
0042B689    call <jmp.&MSVCRT.strlen>                     ; \取这个加了字串的用户名的长度,eax返回长度
0042B68E    push eax
0042B68F    lea eax,dword ptr ss:[ebp-27C]                ;  加了字串后的用户名地址送到eax
0042B695    push eax
0042B696    lea eax,dword ptr ss:[ebp-7C]                 ;  这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
0042B699    push eax
0042B69A    call dialogbl.004257DE
0042B69F    lea eax,dword ptr ss:[ebp-7C]                 ;  这个地址指向一个数组0123456789ABCDEFFEDCBA9876543210
0042B6A2    push eax
0042B6A3    lea eax,dword ptr ss:[ebp-24]                 ;  将指向下面函数处理的结果
0042B6A6    push eax
0042B6A7    call dialogbl.0042587E                        ;  处理得到结果,里面有一个处理用户名的关键call,如下面{}中所示:
                                                          ;  这段代码没有调用任何函数,写注册机的时候可以照搬过来,要改动
                                                          ;  的地方很少,我最喜欢这样的代码,写注册机的时候太方便了!

{ ;Local Call from 0042B6A7
--------处理用户名的关键代码(一个庞大的函数体)---begin
  00425901    push ebp                                      ;  用户名-->标准版注册码的处理过程
  00425902    mov ebp,esp
  00425904    sub esp,44
  00425907    mov eax,dword ptr ss:[ebp+C]                  ;  堆栈地址指向用户名
  0042590A    mov ecx,dword ptr ss:[ebp+8]                  ;  堆栈地址指向数组0123456789ABCDEFFEDCBA987654321
  0042590D    push ebx
  0042590E    push esi
  0042590F    mov esi,dword ptr ds:[eax]                    ;  取出用户名前4个字母
  00425911    mov edx,dword ptr ds:[ecx+C]                  ;  取出数列中的4位(76543210)
  00425914    mov ebx,dword ptr ds:[ecx+4]                  ;  取出数列中的4位(89ABCDEF)
  00425917    push edi
  00425918    mov edi,dword ptr ds:[ecx+8]                  ;  取出数列中的4位(FEDCBA98)
  0042591B    mov dword ptr ss:[ebp-8],esi                  ;  用户名前4个字母,作为一个累计性质的值,保存到0012F8C8
  0042591E    mov esi,edx
  00425920    xor esi,edi
  00425922    and esi,ebx
  00425924    xor esi,edx
  00425926    mov edx,dword ptr ds:[ecx]                    ;  取出数列中的4位(01234567)
  00425928    add esi,dword ptr ss:[ebp-8]                  ;  和前4个用户名ASCII值相加
  0042592B    lea esi,dword ptr ds:[esi+edx+D76AA478]       ;  计算,里面常数写注册机时不用修改
  00425932    mov edx,esi
  00425934    shr edx,19
  00425937    shl esi,7
  0042593A    or edx,esi
  0042593C    mov esi,dword ptr ds:[eax+4]                  ;  向后取用户名4个字母
  0042593F    mov dword ptr ss:[ebp-1C],esi                 ;  作为一个累计性质的值,保存
  00425942    mov esi,edi
  00425944    add edx,ebx
  00425946    xor esi,ebx
  00425948    and esi,edx
  0042594A    xor esi,edi
  0042594C    mov edi,dword ptr ds:[ecx+C]
  0042594F    add esi,dword ptr ss:[ebp-1C]
  00425952    lea edi,dword ptr ds:[edi+esi+E8C7B756]
  00425959    mov esi,edi
  0042595B    shr esi,14
  0042595E    shl edi,0C
  00425961    or esi,edi
  00425963    mov edi,dword ptr ds:[eax+8]                  ;  向后取用户名4个字母
  00425966    mov dword ptr ss:[ebp-28],edi                 ;  作为一个累计性质的值,保存
  00425969    mov edi,ebx
  0042596B    add esi,edx
  0042596D    xor edi,edx
  0042596F    and edi,esi
  00425971    xor edi,ebx
  00425973    add edi,dword ptr ss:[ebp-28]
  00425976    mov ebx,edi
  00425978    mov edi,dword ptr ds:[ecx+8]
  0042597B    lea edi,dword ptr ds:[edi+ebx+242070DB]
  00425982    mov ebx,edi
  00425984    shr ebx,0F
  00425987    shl edi,11
  0042598A    or ebx,edi
  0042598C    mov edi,dword ptr ds:[eax+C]                  ;  向后取用户名4个字母
  0042598F    mov dword ptr ss:[ebp-14],edi                 ;  作为一个累计性质的值,保存
  00425992    mov edi,esi
  00425994    add ebx,esi
  00425996    xor edi,edx
  00425998    and edi,ebx
  0042599A    mov dword ptr ss:[ebp+C],ebx                  ;  作为一个累计性质的值,保存
  0042599D    xor edi,edx
  0042599F    add edi,dword ptr ss:[ebp-14]
  004259A2    mov ebx,edi
  004259A4    mov edi,dword ptr ds:[ecx+4]
  004259A7    lea edi,dword ptr ds:[edi+ebx+C1BDCEEE]
  004259AE    mov ebx,edi
  004259B0    shl ebx,16
  004259B3    shr edi,0A
  004259B6    or ebx,edi
  004259B8    mov edi,dword ptr ds:[eax+10]                 ;  向后取用户名4个字母
  004259BB    add ebx,dword ptr ss:[ebp+C]
  004259BE    mov dword ptr ss:[ebp-40],edi                 ;  作为一个累计性质的值,保存
  004259C1    mov dword ptr ss:[ebp-4],ebx                  ;  作为一个累计性质的值,保存
  004259C4    mov ebx,esi
  004259C6    xor ebx,dword ptr ss:[ebp+C]
  004259C9    and ebx,dword ptr ss:[ebp-4]
  004259CC    xor ebx,esi
  004259CE    add ebx,edi
  004259D0    lea edx,dword ptr ds:[edx+ebx+F57C0FAF]
  004259D7    mov edi,edx
  004259D9    shr edi,19
  004259DC    shl edx,7
  004259DF    mov ebx,dword ptr ss:[ebp+C]
  004259E2    or edi,edx
  004259E4    add edi,dword ptr ss:[ebp-4]
  004259E7    xor ebx,dword ptr ss:[ebp-4]
  004259EA    mov edx,dword ptr ds:[eax+14]
  004259ED    and ebx,edi
  004259EF    mov dword ptr ss:[ebp-2C],edx
  004259F2    xor ebx,dword ptr ss:[ebp+C]
  004259F5    add ebx,edx
  004259F7    lea esi,dword ptr ds:[esi+ebx+4787C62A]
  004259FE    mov ebx,dword ptr ss:[ebp+C]
  00425A01    mov edx,esi
  00425A03    shr edx,14
  00425A06    shl esi,0C
  00425A09    or edx,esi
  00425A0B    mov esi,dword ptr ds:[eax+18]                ;  向后取用户名4个字母
  00425A0E    mov dword ptr ss:[ebp-20],esi                ;  作为一个累计性质的值,保存
  00425A11    mov esi,dword ptr ss:[ebp-4]
  00425A14    add edx,edi
  00425A16    xor esi,edi
  00425A18    and esi,edx
  00425A1A    xor esi,dword ptr ss:[ebp-4]
  00425A1D    add esi,dword ptr ss:[ebp-20]
  00425A20    lea ebx,dword ptr ds:[ebx+esi+A8304613]
  00425A27    mov esi,ebx
  00425A29    shr esi,0F
  00425A2C    shl ebx,11
  00425A2F    or esi,ebx
  00425A31    mov ebx,dword ptr ds:[eax+1C]
  00425A34    mov dword ptr ss:[ebp-C],ebx
  00425A37    mov ebx,edx
  00425A39    add esi,edx
  00425A3B    xor ebx,edi
  00425A3D    and ebx,esi
  00425A3F    mov dword ptr ss:[ebp+C],esi
  00425A42    mov esi,dword ptr ss:[ebp-4]
  00425A45    xor ebx,edi
  00425A47    add ebx,dword ptr ss:[ebp-C]
  00425A4A    lea esi,dword ptr ds:[esi+ebx+FD469501]
  00425A51    mov ebx,esi
  00425A53    shl ebx,16
  00425A56    shr esi,0A
  00425A59    or ebx,esi
  00425A5B    mov esi,dword ptr ds:[eax+20]                ;  向后取用户名4个字母
  00425A5E    add ebx,dword ptr ss:[ebp+C]                
  00425A61    mov dword ptr ss:[ebp-34],esi                ;  作为一个累计性质的值,保存
  00425A64    mov dword ptr ss:[ebp-4],ebx
  00425A67    mov ebx,edx
  00425A69    xor ebx,dword ptr ss:[ebp+C]
  00425A6C    and ebx,dword ptr ss:[ebp-4]
  00425A6F    xor ebx,edx
  00425A71    add ebx,esi
  00425A73    lea edi,dword ptr ds:[edi+ebx+698098D8]
  00425A7A    mov ebx,dword ptr ss:[ebp+C]
  00425A7D    xor ebx,dword ptr ss:[ebp-4]
  00425A80    mov esi,edi
  00425A82    shr esi,19
  00425A85    shl edi,7
  00425A88    or esi,edi
  00425A8A    mov edi,dword ptr ds:[eax+24]               ;  向后取用户名4个字母
  00425A8D    add esi,dword ptr ss:[ebp-4]
  00425A90    mov dword ptr ss:[ebp-44],edi               ;  作为一个累计性质的值,保存
  00425A93    and ebx,esi
  00425A95    xor ebx,dword ptr ss:[ebp+C]
  00425A98    add ebx,edi
  00425A9A    lea edx,dword ptr ds:[edx+ebx+8B44F7AF]
  00425AA1    mov ebx,dword ptr ss:[ebp+C]
  00425AA4    mov edi,edx
  00425AA6    shr edi,14
  00425AA9    shl edx,0C
  00425AAC    or edi,edx
  00425AAE    mov edx,dword ptr ds:[eax+28]              ;  向后取用户名4个字母
  00425AB1    mov dword ptr ss:[ebp-18],edx              ;  作为一个累计性质的值,保存
  00425AB4    mov edx,dword ptr ss:[ebp-4]
  00425AB7    add edi,esi
  00425AB9    xor edx,esi
  00425ABB    and edx,edi
  00425ABD    xor edx,dword ptr ss:[ebp-4]
  00425AC0    add edx,dword ptr ss:[ebp-18]
  00425AC3    lea ebx,dword ptr ds:[ebx+edx+FFFF5BB1]
  00425ACA    mov edx,ebx
  00425ACC    shr edx,0F
  00425ACF    shl ebx,11
  00425AD2    or edx,ebx
  00425AD4    mov ebx,dword ptr ds:[eax+2C]              ;  向后取用户名4个字母
  00425AD7    mov dword ptr ss:[ebp-24],ebx              ;  作为一个累计性质的值,保存
  00425ADA    mov ebx,edi
  00425ADC    xor ebx,esi
  00425ADE    add edx,edi
  00425AE0    and ebx,edx
  00425AE2    mov dword ptr ss:[ebp+C],edx
  00425AE5    mov edx,dword ptr ss:[ebp-4]
  00425AE8    xor ebx,esi
  00425AEA    add ebx,dword ptr ss:[ebp-24]
  00425AED    lea edx,dword ptr ds:[edx+ebx+895CD7BE]
  00425AF4    mov ebx,edx
  00425AF6    shl ebx,16
  00425AF9    shr edx,0A
  00425AFC    or ebx,edx
  00425AFE    mov edx,dword ptr ds:[eax+30]              ;  向后取用户名4个字母
  00425B01    add ebx,dword ptr ss:[ebp+C]            
  00425B04    mov dword ptr ss:[ebp-30],edx              ;  作为一个累计性质的值,保存
  00425B07    mov dword ptr ss:[ebp-4],ebx
  00425B0A    mov ebx,edi
  00425B0C    xor ebx,dword ptr ss:[ebp+C]
  00425B0F    and ebx,dword ptr ss:[ebp-4]
  00425B12    xor ebx,edi
  00425B14    add ebx,edx
  00425B16    lea esi,dword ptr ds:[esi+ebx+6B901122]
  00425B1D    mov ebx,dword ptr ss:[ebp+C]
  00425B20    xor ebx,dword ptr ss:[ebp-4]
  00425B23    mov edx,esi
  00425B25    shr edx,19
  00425B28    shl esi,7
  00425B2B    or edx,esi
  00425B2D    mov esi,dword ptr ds:[eax+34]            ;  向后取用户名4个字母
  00425B30    add edx,dword ptr ss:[ebp-4]
  00425B33    mov dword ptr ss:[ebp-3C],esi            ;  作为一个累计性质的值,保存
  00425B36    and ebx,edx
  00425B38    xor ebx,dword ptr ss:[ebp+C]
  00425B3B    add ebx,esi
  00425B3D    mov esi,dword ptr ds:[eax+38]            ;  向后取用户名4个字母,ds:[eax+38]所指的就是由用户名长度计算得到的值
  00425B40    mov dword ptr ss:[ebp-10],esi
  00425B43    mov esi,dword ptr ss:[ebp-4]
  00425B46    lea edi,dword ptr ds:[edi+ebx+FD987193]  ;  [下面代码直到ret没有特别的地方,就是计算然后累计
  00425B4D    xor esi,edx                              ;  其实这里所有的计算都是通过lea指令来累计的
  00425B4F    mov ebx,edi                              ;  这部分的代码写注册机的时候可以照搬,EBP指向的就是
  00425B51    mov eax,dword ptr ds:[eax+3C]            ;  保存累计结果的地址,写注册机的时候可以设一个变量
  00425B54    shr ebx,14                               ;  替换。]
  00425B57    shl edi,0C
  00425B5A    or ebx,edi
  00425B5C    mov edi,dword ptr ss:[ebp+C]
  00425B5F    add ebx,edx
  00425B61    mov dword ptr ss:[ebp-38],eax
  00425B64    and esi,ebx
  00425B66    mov dword ptr ss:[ebp+8],ebx
  00425B69    xor esi,dword ptr ss:[ebp-4]
  00425B6C    add esi,dword ptr ss:[ebp-10]
  00425B6F    lea edi,dword ptr ds:[edi+esi+A679438E]
  00425B76    mov esi,edi
  00425B78    shr esi,0F
  00425B7B    shl edi,11
  00425B7E    or esi,edi
  00425B80    mov edi,ebx
  00425B82    add esi,ebx
  00425B84    xor edi,edx
  00425B86    and edi,esi
  00425B88    xor edi,edx
  00425B8A    add edi,eax
  00425B8C    mov eax,dword ptr ss:[ebp-4]
  00425B8F    lea eax,dword ptr ds:[eax+edi+49B40821]
  00425B96    mov edi,eax
  00425B98    shl edi,16
  00425B9B    shr eax,0A
  00425B9E    or edi,eax
  00425BA0    mov eax,esi
  00425BA2    add edi,esi
  00425BA4    xor eax,edi
  00425BA6    and eax,ebx
  00425BA8    xor eax,esi
  00425BAA    add eax,dword ptr ss:[ebp-1C]
  00425BAD    lea edx,dword ptr ds:[edx+eax+F61E2562]
  00425BB4    mov eax,edx
  00425BB6    shr eax,1B
  00425BB9    shl edx,5
  00425BBC    or eax,edx
  00425BBE    mov edx,edi
  00425BC0    add eax,edi
  00425BC2    xor edx,eax
  00425BC4    and edx,esi
  00425BC6    xor edx,edi
  00425BC8    add edx,dword ptr ss:[ebp-20]
  00425BCB    lea ebx,dword ptr ds:[ebx+edx+C040B340]
  00425BD2    mov edx,ebx
  00425BD4    shr edx,17
  00425BD7    shl ebx,9
  00425BDA    or edx,ebx
  00425BDC    add edx,eax
  00425BDE    mov dword ptr ss:[ebp+8],edx
  00425BE1    xor edx,eax
  00425BE3    and edx,edi
  00425BE5    mov ebx,dword ptr ss:[ebp+8]
  00425BE8    xor edx,eax
  00425BEA    add edx,dword ptr ss:[ebp-24]
  00425BED    lea esi,dword ptr ds:[esi+edx+265E5A51]
  00425BF4    mov edx,esi
  00425BF6    shr edx,12
  00425BF9    shl esi,0E
  00425BFC    or edx,esi
  00425BFE    mov esi,dword ptr ss:[ebp+8]
  00425C01    add edx,dword ptr ss:[ebp+8]
  00425C04    xor esi,edx
  00425C06    and esi,eax
  00425C08    xor esi,dword ptr ss:[ebp+8]
  00425C0B    add esi,dword ptr ss:[ebp-8]
  00425C0E    lea edi,dword ptr ds:[edi+esi+E9B6C7AA]
  00425C15    mov esi,edi
  00425C17    shl esi,14
  00425C1A    shr edi,0C
  00425C1D    or esi,edi
  00425C1F    mov edi,edx
  00425C21    add esi,edx
  00425C23    xor edi,esi
  00425C25    and edi,dword ptr ss:[ebp+8]
  00425C28    xor edi,edx
  00425C2A    add edi,dword ptr ss:[ebp-2C]
  00425C2D    lea eax,dword ptr ds:[eax+edi+D62F105D]
  00425C34    mov edi,eax
  00425C36    shr edi,1B
  00425C39    shl eax,5
  00425C3C    or edi,eax
  00425C3E    mov eax,esi
  00425C40    add edi,esi
  00425C42    xor eax,edi
  00425C44    and eax,edx
  00425C46    xor eax,esi
  00425C48    add eax,dword ptr ss:[ebp-18]
  00425C4B    lea ebx,dword ptr ds:[ebx+eax+2441453]
  00425C52    mov eax,ebx
  00425C54    shr eax,17
  00425C57    shl ebx,9
  00425C5A    or eax,ebx
  00425C5C    add eax,edi
  00425C5E    mov dword ptr ss:[ebp+8],eax
  00425C61    xor eax,edi
  00425C63    and eax,esi
  00425C65    xor eax,edi
  00425C67    add eax,dword ptr ss:[ebp-38]
  00425C6A    lea edx,dword ptr ds:[edx+eax+D8A1E681]
  00425C71    mov eax,edx
  00425C73    shr eax,12
  00425C76    shl edx,0E
  00425C79    or eax,edx
  00425C7B    mov edx,dword ptr ss:[ebp+8]
  00425C7E    add eax,dword ptr ss:[ebp+8]
  00425C81    xor edx,eax
  00425C83    and edx,edi
  00425C85    xor edx,dword ptr ss:[ebp+8]
  00425C88    add edx,dword ptr ss:[ebp-40]
  00425C8B    lea esi,dword ptr ds:[esi+edx+E7D3FBC8]
  00425C92    mov edx,esi
  00425C94    shl edx,14
  00425C97    shr esi,0C
  00425C9A    or edx,esi
  00425C9C    mov esi,eax
  00425C9E    add edx,eax
  00425CA0    mov ebx,dword ptr ss:[ebp+8]
  00425CA3    xor esi,edx
  00425CA5    and esi,dword ptr ss:[ebp+8]
  00425CA8    xor esi,eax
  00425CAA    add esi,dword ptr ss:[ebp-44]
  00425CAD    lea edi,dword ptr ds:[edi+esi+21E1CDE6]
  00425CB4    mov esi,edi
  00425CB6    shr esi,1B
  00425CB9    shl edi,5
  00425CBC    or esi,edi
  00425CBE    mov edi,edx
  00425CC0    add esi,edx
  00425CC2    xor edi,esi
  00425CC4    and edi,eax
  00425CC6    xor edi,edx
  00425CC8    add edi,dword ptr ss:[ebp-10]
  00425CCB    lea ebx,dword ptr ds:[ebx+edi+C33707D6]
  00425CD2    mov edi,ebx
  00425CD4    shr edi,17
  00425CD7    shl ebx,9
  00425CDA    or edi,ebx
  00425CDC    add edi,esi
  00425CDE    mov dword ptr ss:[ebp+8],edi
  00425CE1    xor edi,esi
  00425CE3    and edi,edx
  00425CE5    mov ebx,dword ptr ss:[ebp+8]
  00425CE8    xor edi,esi
  00425CEA    add edi,dword ptr ss:[ebp-14]
  00425CED    lea eax,dword ptr ds:[eax+edi+F4D50D87]
  00425CF4    mov edi,eax
  00425CF6    shr edi,12
  00425CF9    shl eax,0E
  00425CFC    or edi,eax
  00425CFE    mov eax,dword ptr ss:[ebp+8]
  00425D01    add edi,dword ptr ss:[ebp+8]
  00425D04    xor eax,edi
  00425D06    and eax,esi
  00425D08    xor eax,dword ptr ss:[ebp+8]
  00425D0B    add eax,dword ptr ss:[ebp-34]
  00425D0E    lea edx,dword ptr ds:[edx+eax+455A14ED]
  00425D15    mov eax,edx
  00425D17    shl eax,14
  00425D1A    shr edx,0C
  00425D1D    or eax,edx
  00425D1F    mov edx,edi
  00425D21    add eax,edi
  00425D23    xor edx,eax
  00425D25    and edx,dword ptr ss:[ebp+8]
  00425D28    xor edx,edi
  00425D2A    add edx,dword ptr ss:[ebp-3C]
  00425D2D    lea esi,dword ptr ds:[esi+edx+A9E3E905]
  00425D34    mov edx,esi
  00425D36    shr edx,1B
  00425D39    shl esi,5
  00425D3C    or edx,esi
  00425D3E    mov esi,eax
  00425D40    add edx,eax
  00425D42    xor esi,edx
  00425D44    and esi,edi
  00425D46    xor esi,eax
  00425D48    add esi,dword ptr ss:[ebp-28]
  00425D4B    lea ebx,dword ptr ds:[ebx+esi+FCEFA3F8]
  00425D52    mov esi,ebx
  00425D54    shr esi,17
  00425D57    shl ebx,9
  00425D5A    or esi,ebx
  00425D5C    add esi,edx
  00425D5E    mov dword ptr ss:[ebp+8],esi
  00425D61    xor esi,edx
  00425D63    and esi,eax
  00425D65    xor esi,edx
  00425D67    add esi,dword ptr ss:[ebp-C]
  00425D6A    lea edi,dword ptr ds:[edi+esi+676F02D9]
  00425D71    mov esi,dword ptr ss:[ebp+8]
  00425D74    mov ebx,edi
  00425D76    shr ebx,12
  00425D79    shl edi,0E
  00425D7C    or ebx,edi
  00425D7E    add ebx,esi
  00425D80    mov dword ptr ss:[ebp-4],esi
  00425D83    xor dword ptr ss:[ebp-4],ebx
  00425D86    mov edi,dword ptr ss:[ebp-4]
  00425D89    and edi,edx
  00425D8B    xor edi,esi
  00425D8D    add edi,dword ptr ss:[ebp-30]
  00425D90    lea eax,dword ptr ds:[eax+edi+8D2A4C8A]
  00425D97    mov edi,dword ptr ss:[ebp+8]
  00425D9A    mov esi,eax
  00425D9C    shl esi,14
  00425D9F    shr eax,0C
  00425DA2    or esi,eax
  00425DA4    mov eax,dword ptr ss:[ebp-4]
  00425DA7    add esi,ebx
  00425DA9    xor eax,esi
  00425DAB    add eax,dword ptr ss:[ebp-2C]
  00425DAE    lea edx,dword ptr ds:[edx+eax+FFFA3942]
  00425DB5    mov eax,edx
  00425DB7    shr eax,1C
  00425DBA    shl edx,4
  00425DBD    or eax,edx
  00425DBF    mov edx,ebx
  00425DC1    xor edx,esi
  00425DC3    add eax,esi
  00425DC5    xor edx,eax
  00425DC7    add edx,dword ptr ss:[ebp-34]
  00425DCA    lea edx,dword ptr ds:[edi+edx+8771F681]
  00425DD1    mov edi,edx
  00425DD3    shr edi,15
  00425DD6    shl edx,0B
  00425DD9    or edi,edx
  00425DDB    add edi,eax
  00425DDD    mov edx,edi
  00425DDF    mov dword ptr ss:[ebp-4],edi
  00425DE2    xor edx,esi
  00425DE4    xor edx,eax
  00425DE6    add edx,dword ptr ss:[ebp-24]
  00425DE9    lea edx,dword ptr ds:[ebx+edx+6D9D6122]
  00425DF0    mov ebx,edx
  00425DF2    shr ebx,10
  00425DF5    shl edx,10
  00425DF8    or ebx,edx
  00425DFA    add ebx,edi
  00425DFC    xor dword ptr ss:[ebp-4],ebx
  00425DFF    mov edx,dword ptr ss:[ebp-4]
  00425E02    xor edx,eax
  00425E04    add edx,dword ptr ss:[ebp-10]
  00425E07    lea esi,dword ptr ds:[esi+edx+FDE5380C]
  00425E0E    mov edx,esi
  00425E10    shl edx,17
  00425E13    shr esi,9
  00425E16    or edx,esi
  00425E18    mov esi,dword ptr ss:[ebp-4]
  00425E1B    add edx,ebx
  00425E1D    xor esi,edx
  00425E1F    add esi,dword ptr ss:[ebp-1C]
  00425E22    lea esi,dword ptr ds:[eax+esi+A4BEEA44]
  00425E29    mov eax,esi
  00425E2B    shr eax,1C
  00425E2E    shl esi,4
  00425E31    or eax,esi
  00425E33    mov esi,ebx
  00425E35    add eax,edx
  00425E37    xor esi,edx
  00425E39    xor esi,eax
  00425E3B    add esi,dword ptr ss:[ebp-40]
  00425E3E    lea edi,dword ptr ds:[edi+esi+4BDECFA9]
  00425E45    mov esi,edi
  00425E47    shr esi,15
  00425E4A    shl edi,0B
  00425E4D    or esi,edi
  00425E4F    add esi,eax
  00425E51    mov edi,esi
  00425E53    xor edi,edx
  00425E55    xor edi,eax
  00425E57    add edi,dword ptr ss:[ebp-C]
  00425E5A    lea ebx,dword ptr ds:[ebx+edi+F6BB4B60]
  00425E61    mov edi,ebx
  00425E63    shr edi,10
  00425E66    shl ebx,10
  00425E69    or edi,ebx
  00425E6B    mov dword ptr ss:[ebp-4],esi
  00425E6E    add edi,esi
  00425E70    xor dword ptr ss:[ebp-4],edi
  00425E73    mov ebx,dword ptr ss:[ebp-4]
  00425E76    xor ebx,eax
  00425E78    add ebx,dword ptr ss:[ebp-18]
  00425E7B    lea ebx,dword ptr ds:[edx+ebx+BEBFBC70]
  00425E82    mov edx,ebx
  00425E84    shl edx,17
  00425E87    shr ebx,9
  00425E8A    or edx,ebx
  00425E8C    mov ebx,dword ptr ss:[ebp-4]
  00425E8F    add edx,edi
  00425E91    xor ebx,edx
  00425E93    add ebx,dword ptr ss:[ebp-3C]
  00425E96    lea ebx,dword ptr ds:[eax+ebx+289B7EC6]
  00425E9D    mov eax,ebx
  00425E9F    shr eax,1C
  00425EA2    shl ebx,4
  00425EA5    or eax,ebx
  00425EA7    mov ebx,edi
  00425EA9    add eax,edx
  00425EAB    xor ebx,edx
  00425EAD    xor ebx,eax
  00425EAF    add ebx,dword ptr ss:[ebp-8]
  00425EB2    lea esi,dword ptr ds:[esi+ebx+EAA127FA]
  00425EB9    mov ebx,esi
  00425EBB    shr ebx,15
  00425EBE    shl esi,0B
  00425EC1    or ebx,esi
  00425EC3    add ebx,eax
  00425EC5    mov esi,ebx
  00425EC7    mov dword ptr ss:[ebp-4],ebx
  00425ECA    xor esi,edx
  00425ECC    xor esi,eax
  00425ECE    add esi,dword ptr ss:[ebp-14]
  00425ED1    lea edi,dword ptr ds:[edi+esi+D4EF3085]
  00425ED8    mov esi,edi
  00425EDA    shr esi,10
  00425EDD    shl edi,10
  00425EE0    or esi,edi
  00425EE2    add esi,ebx
  00425EE4    xor dword ptr ss:[ebp-4],esi
  00425EE7    mov dword ptr ss:[ebp+C],esi
  00425EEA    mov edi,dword ptr ss:[ebp-4]
  00425EED    xor edi,eax
  00425EEF    add edi,dword ptr ss:[ebp-20]
  00425EF2    lea edi,dword ptr ds:[edx+edi+4881D05]
  00425EF9    mov edx,edi
  00425EFB    shl edx,17
  00425EFE    shr edi,9
  00425F01    or edx,edi
  00425F03    mov edi,dword ptr ss:[ebp-4]
  00425F06    add edx,esi
  00425F08    xor edi,edx
  00425F0A    xor esi,edx
  00425F0C    add edi,dword ptr ss:[ebp-44]
  00425F0F    lea edi,dword ptr ds:[eax+edi+D9D4D039]
  00425F16    mov eax,edi
  00425F18    shr eax,1C
  00425F1B    shl edi,4
  00425F1E    or eax,edi
  00425F20    add eax,edx
  00425F22    xor esi,eax
  00425F24    add esi,dword ptr ss:[ebp-30]
  00425F27    lea ebx,dword ptr ds:[ebx+esi+E6DB99E5]
  00425F2E    mov esi,ebx
  00425F30    shr esi,15
  00425F33    shl ebx,0B
  00425F36    or esi,ebx
  00425F38    mov ebx,dword ptr ss:[ebp+C]
  00425F3B    add esi,eax
  00425F3D    mov edi,esi
  00425F3F    xor edi,edx
  00425F41    xor edi,eax
  00425F43    add edi,dword ptr ss:[ebp-38]
  00425F46    lea ebx,dword ptr ds:[ebx+edi+1FA27CF8]
  00425F4D    mov edi,ebx
  00425F4F    shr edi,10
  00425F52    shl ebx,10
  00425F55    or edi,ebx
  00425F57    mov ebx,esi
  00425F59    add edi,esi
  00425F5B    xor ebx,edi
  00425F5D    mov dword ptr ss:[ebp+C],edi
  00425F60    xor ebx,eax
  00425F62    add ebx,dword ptr ss:[ebp-28]
  00425F65    lea edx,dword ptr ds:[edx+ebx+C4AC5665]
  00425F6C    mov ebx,dword ptr ss:[ebp+C]
  00425F6F    mov edi,edx
  00425F71    shl edi,17
  00425F74    shr edx,9
  00425F77    or edi,edx
  00425F79    mov edx,esi
  00425F7B    add edi,ebx
  00425F7D    not edx
  00425F7F    or edx,edi
  00425F81    xor edx,ebx
  00425F83    add edx,dword ptr ss:[ebp-8]
  00425F86    lea eax,dword ptr ds:[eax+edx+F4292244]
  00425F8D    mov edx,eax
  00425F8F    shr edx,1A
  00425F92    shl eax,6
  00425F95    or edx,eax
  00425F97    mov eax,ebx
  00425F99    add edx,edi
  00425F9B    not eax
  00425F9D    or eax,edx
  00425F9F    xor eax,edi
  00425FA1    add eax,dword ptr ss:[ebp-C]
  00425FA4    lea esi,dword ptr ds:[esi+eax+432AFF97]
  00425FAB    mov eax,esi
  00425FAD    shr eax,16
  00425FB0    shl esi,0A
  00425FB3    or eax,esi
  00425FB5    mov esi,edi
  00425FB7    add eax,edx
  00425FB9    not esi
  00425FBB    or esi,eax
  00425FBD    xor esi,edx
  00425FBF    add esi,dword ptr ss:[ebp-10]
  00425FC2    lea ebx,dword ptr ds:[ebx+esi+AB9423A7]
  00425FC9    mov esi,ebx
  00425FCB    shr esi,11
  00425FCE    shl ebx,0F
  00425FD1    or esi,ebx
  00425FD3    mov ebx,edx
  00425FD5    add esi,eax
  00425FD7    not ebx
  00425FD9    or ebx,esi
  00425FDB    xor ebx,eax
  00425FDD    add ebx,dword ptr ss:[ebp-2C]
  00425FE0    lea edi,dword ptr ds:[edi+ebx+FC93A039]
  00425FE7    mov ebx,edi
  00425FE9    shl ebx,15
  00425FEC    shr edi,0B
  00425FEF    or ebx,edi
  00425FF1    mov edi,eax
  00425FF3    add ebx,esi
  00425FF5    not edi
  00425FF7    or edi,ebx
  00425FF9    xor edi,esi
  00425FFB    add edi,dword ptr ss:[ebp-30]
  00425FFE    lea edi,dword ptr ds:[edx+edi+655B59C3]
  00426005    mov edx,edi
  00426007    shr edx,1A
  0042600A    shl edi,6
  0042600D    or edx,edi
  0042600F    mov edi,esi
  00426011    add edx,ebx
  00426013    not edi
  00426015    or edi,edx
  00426017    xor edi,ebx
  00426019    add edi,dword ptr ss:[ebp-14]
  0042601C    lea edi,dword ptr ds:[eax+edi+8F0CCC92]
  00426023    mov eax,edi
  00426025    shr eax,16
  00426028    shl edi,0A
  0042602B    or eax,edi
  0042602D    mov edi,ebx
  0042602F    add eax,edx
  00426031    not edi
  00426033    or edi,eax
  00426035    xor edi,edx
  00426037    add edi,dword ptr ss:[ebp-18]
  0042603A    lea edi,dword ptr ds:[esi+edi+FFEFF47D]
  00426041    mov esi,edi
  00426043    shr esi,11
  00426046    shl edi,0F
  00426049    or esi,edi
  0042604B    mov edi,edx
  0042604D    add esi,eax
  0042604F    not edi
  00426051    or edi,esi
  00426053    xor edi,eax
  00426055    add edi,dword ptr ss:[ebp-1C]
  00426058    lea ebx,dword ptr ds:[ebx+edi+85845DD1]
  0042605F    mov edi,ebx
  00426061    shr ebx,0B
  00426064    shl edi,15
  00426067    or edi,ebx
  00426069    mov ebx,eax
  0042606B    not ebx
  0042606D    add edi,esi
  0042606F    or ebx,edi
  00426071    xor ebx,esi
  00426073    add ebx,dword ptr ss:[ebp-34]
  00426076    lea ebx,dword ptr ds:[edx+ebx+6FA87E4F]
  0042607D    mov edx,ebx
  0042607F    shl ebx,6
  00426082    shr edx,1A
  00426085    or edx,ebx
  00426087    mov ebx,esi
  00426089    add edx,edi
  0042608B    not ebx
  0042608D    or ebx,edx
  0042608F    xor ebx,edi
  00426091    add ebx,dword ptr ss:[ebp-38]
  00426094    lea ebx,dword ptr ds:[eax+ebx+FE2CE6E0]
  0042609B    mov eax,ebx
  0042609D    shr eax,16
  004260A0    shl ebx,0A
  004260A3    or eax,ebx
  004260A5    mov ebx,edi
  004260A7    add eax,edx
  004260A9    not ebx
  004260AB    or ebx,eax
  004260AD    xor ebx,edx
  004260AF    add ebx,dword ptr ss:[ebp-20]
  004260B2    lea ebx,dword ptr ds:[esi+ebx+A3014314]
  004260B9    mov esi,ebx
  004260BB    shr esi,11
  004260BE    shl ebx,0F
  004260C1    or esi,ebx
  004260C3    mov ebx,edx
  004260C5    add esi,eax
  004260C7    not ebx
  004260C9    or ebx,esi
  004260CB    xor ebx,eax
  004260CD    add ebx,dword ptr ss:[ebp-3C]
  004260D0    lea ebx,dword ptr ds:[edi+ebx+4E0811A1]
  004260D7    mov edi,ebx
  004260D9    shl edi,15
  004260DC    shr ebx,0B
  004260DF    or edi,ebx
  004260E1    mov ebx,eax
  004260E3    add edi,esi
  004260E5    not ebx
  004260E7    or ebx,edi
  004260E9    xor ebx,esi
  004260EB    add ebx,dword ptr ss:[ebp-40]
  004260EE    lea ebx,dword ptr ds:[edx+ebx+F7537E82]
  004260F5    mov edx,ebx
  004260F7    shr edx,1A
  004260FA    shl ebx,6
  004260FD    or edx,ebx
  004260FF    mov ebx,esi
  00426101    add edx,edi
  00426103    not ebx
  00426105    or ebx,edx
  00426107    xor ebx,edi
  00426109    add ebx,dword ptr ss:[ebp-24]
  0042610C    lea eax,dword ptr ds:[eax+ebx+BD3AF235]
  00426113    mov ebx,eax
  00426115    shr ebx,16
  00426118    shl eax,0A
  0042611B    or ebx,eax
  0042611D    mov eax,edi
  0042611F    add ebx,edx
  00426121    not eax
  00426123    or eax,ebx
  00426125    xor eax,edx
  00426127    add eax,dword ptr ss:[ebp-28]
  0042612A    lea esi,dword ptr ds:[esi+eax+2AD7D2BB]
  00426131    mov eax,esi
  00426133    shr eax,11
  00426136    shl esi,0F
  00426139    or eax,esi
  0042613B    mov esi,edx
  0042613D    add eax,ebx
  0042613F    not esi
  00426141    or esi,eax
  00426143    xor esi,ebx
  00426145    add esi,dword ptr ss:[ebp-44]
  00426148    lea edi,dword ptr ds:[edi+esi+EB86D391]
  0042614F    mov esi,dword ptr ds:[ecx]
  00426151    add esi,edx
  00426153    mov edx,edi
  00426155    shl edx,15
  00426158    shr edi,0B                                    ; 上面的一大串代码所作的处理,可以当作黑箱操作看待
  0042615B    or edx,edi                                    ; 下面是保存结果,写注册机时设个变量替换那些地址就可以了
  0042615D    mov dword ptr ds:[ecx],esi                    ; 保存结果
  0042615F    add edx,dword ptr ds:[ecx+4]
  00426162    pop edi
  00426163    pop esi
  00426164    add edx,eax
  00426166    mov dword ptr ds:[ecx+4],edx                  ; 保存结果
  00426169    mov edx,dword ptr ds:[ecx+8]
  0042616C    add edx,eax
  0042616E    mov eax,dword ptr ds:[ecx+C]
  00426171    add eax,ebx
  00426173    mov dword ptr ds:[ecx+8],edx                  ; 保存结果
  00426176    mov dword ptr ds:[ecx+C],eax                  ; 保存结果
  00426179    pop ebx
  0042617A    leave
  0042617B    retn
  -------------------处理用户名的关键代码--------end
}

0042B6AC    add esp,24
0042B6AF    xor edi,edi
0042B6B1    lea esi,dword ptr ss:[ebp-24]                 ;  使esi指向前面处理的结果
0042B6B4    /xor ecx,ecx
0042B6B6    |xor eax,eax
0042B6B8    |/movzx edx,byte ptr ds:[esi+eax]             ;  下面这个循环处理前面保存的结果,
0042B6BC    ||shl ecx,8
0042B6BF    ||add ecx,edx                                 ;  其实整个过程就把数据的高低位换了一下
0042B6C1    ||inc eax
0042B6C2    ||cmp eax,4
0042B6C5    |\jl short dialogbl.0042B6B8
0042B6C7    |mov eax,dword ptr ds:[908840]
0042B6CC    |cmp edi,2
0042B6CF    |jge short dialogbl.0042B704
0042B6D1    |mov dword ptr ss:[ebp+10],eax
0042B6D4    |push ecx
0042B6D5    |lea eax,dword ptr ss:[ebp+10]
0042B6D8    |push dialogbl.008D87E4                       ;  ASCII "%08lX-"
0042B6DD    |push eax
0042B6DE    |mov byte ptr ss:[ebp-4],3
0042B6E2    |call dialogbl.005871A0                       ;  这个call设置输出格式,把结果保存到一个地方
0042B6E7    |mov ecx,dword ptr ss:[ebp+10]                ;  加了"-"的结果,作为注册码第一段
0042B6EA    |add esp,0C
0042B6ED    |mov eax,dword ptr ds:[ecx-8]                 ;  结果的长度,包括"-"
0042B6F0    |push eax
0042B6F1    |push ecx
0042B6F2    |push eax
0042B6F3    |lea ecx,dword ptr ss:[ebp+C]
0042B6F6    |call dialogbl.00585A10
0042B6FB    |mov byte ptr ss:[ebp-4],2
0042B6FF    |lea ecx,dword ptr ss:[ebp+10]
0042B702    |jmp short dialogbl.0042B735
0042B704    |mov dword ptr ss:[ebp+10],eax
0042B707    |push ecx
0042B708    |lea eax,dword ptr ss:[ebp+10]
0042B70B    |push dialogbl.008D87DC                       ;  ASCII "%08lX"
0042B710    |push eax
0042B711    |mov byte ptr ss:[ebp-4],4
0042B715    |call dialogbl.005871A0                       ;  这个call设置输出格式,把结果保存到一个地方
0042B71A    |mov ecx,dword ptr ss:[ebp+10]                ;  加了"-"的结果,作为注册码第二段
0042B71D    |add esp,0C
0042B720    |mov eax,dword ptr ds:[ecx-8]                 ;  结果的长度,包括"-"          
0042B723    |push eax
0042B724    |push ecx
0042B725    |push eax
0042B726    |lea ecx,dword ptr ss:[ebp+C]
0042B729    |call dialogbl.00585A10
0042B72E    |mov byte ptr ss:[ebp-4],2
0042B732    |lea ecx,dword ptr ss:[ebp+10]
0042B735    |call dialogbl.0040104B
0042B73A    |inc edi
0042B73B    |add esi,4
0042B73E    |cmp edi,3
0042B741    \jl dialogbl.0042B6B4
0042B747    mov eax,dword ptr ss:[ebp+C]                  ;  调试到这里的时候可以看到计算出的注册码
0042B74A    mov edi,dword ptr ss:[ebp+8]
0042B74D    cmp dword ptr ds:[eax-8],ebx
0042B750    jnz short dialogbl.0042B75B
0042B752    mov eax,dword ptr ds:[908840]
0042B757    mov dword ptr ds:[edi],eax
0042B759    jmp short dialogbl.0042B769
0042B75B    mov dword ptr ds:[edi],eax                    ;  复制指针
0042B75D    mov ecx,dword ptr ds:[eax-C]
...
    
    三种不同版本的注册码(确切的说应该是两种版本三个注册码)的计算都用到了那个庞大的函数,唯一不同的是固定字串和后面对应的值(就是那个通过用户名长度计算得到的),看到这里,我想各位都大致知道该怎么写这个软件的注册机了吧?我自己写了一个注册机,我也贴一个只计算标准版注册码的注册机源码,大家要是有兴趣可以照着源码写一个计算个人版注册码的注册机,要做的只是把固定字串的值按规则替换掉(前面我提到过)。当然也可以写在一起,用radiobutton或是checkbox来区分版本,然后给定不同的的字串,最后调用那个计算函数就可以了,要注意的是存放累计值的变量前后(特别是前面)需要很大的空间,如果不够会造成数据覆盖,计算出错(可以通过修改保存临时结果的地址来解决这个问题,不过这样工作量很大,要改很多地方)。对这个软件只要调试,就会发现明码的,要爆破安我说的也很简单,但是如果你写过了这个软件的注册机,会发现收获很大。好了,废话说道这里,虽然我的文笔不好,但还是希望大家会喜欢。
    最后贴个注册机,不当之处请大家指正。

--------------------------------------------------------------------------------
【算法注册机】


;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>> Keygen For DialogBlocks Version 2.00 >>>
;>>>           author:qfejj               >>>
;>>>         Email :qfejj@163.com         >>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.586
.model flat, stdcall 
option casemap :none 
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include    windows.inc
include    user32.inc
include    kernel32.inc
includelib user32.lib
includelib kernel32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
IDD_DLGBOX              equ 1000
IDC_NAME                equ 1001
IDC_KEY                 equ 1002
IDC_STC1                equ 1004
IDC_STC2                equ 1005
IDC_GENERATE            equ 1006
IDC_ABOUT               equ 1007
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proto :HWND,:UINT,:WPARAM,:LPARAM
GetKey  proto
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data
szMsgboxText    db '-=You are free to do as you wish!=-',0dh
                db '         -=Email:qfejj@163.com=-',0
szMsgboxCaption db 'about',0
format1         db '%X-',0
;--参与用户名处理的数据:
szAppendString1 db 'Anthemion Software DialogBlocks',80h,0  ;看这里占了多少字节?
aConvertString  db 01h,23h,45h,67h,89h,0ABh,0CDh,0EFh,0FEh,0DCh,0BAh,98h,76h,54h,32h,10h

.data?
hInstance       HINSTANCE ?
hDlg            HINSTANCE ?
sAppendString   dd ?
temp            dd 20 dup(?)
aAcumulate      dd 20 dup(?)    ;它前后需要很大的空间
aNameBuffer     db 60 dup(?)
aStdKeyBuffer   db 20 dup(?)    ;存放标准版注册码初步处理结果
aStdKeyOut      db 30 dup(?)    ;存放最终标准版注册码
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

.code

start:
  invoke GetModuleHandle,NULL
  mov hInstance,eax
  invoke DialogBoxParam,hInstance,IDD_DLGBOX,NULL,addr DlgProc,NULL
  invoke ExitProcess,0

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM
        mov eax,uMsg
  .if     eax==WM_CLOSE
      invoke EndDialog,hWin,0
  .elseif eax==WM_INITDIALOG
      push hWin
      pop  hDlg
  .elseif eax==WM_COMMAND
      mov eax,wParam
      .if eax==IDC_GENERATE
      invoke RtlZeroMemory,offset aNameBuffer,sizeof aNameBuffer
      invoke RtlZeroMemory,offset aStdKeyBuffer,sizeof aStdKeyBuffer
      invoke RtlZeroMemory,offset aStdKeyOut,sizeof aStdKeyOut
       invoke GetKey
      .elseif eax==IDC_ABOUT
      invoke MessageBox,hWin,addr szMsgboxText,addr szMsgboxCaption,MB_OK
      .endif                
  .else
    mov eax,FALSE
    ret
  .endif
  mov eax,TRUE
  ret

DlgProc endp
 
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
GetKey proc

;-----------------------
; 在用户名后加上固定字串
;-----------------------
  invoke GetDlgItemText,hDlg,IDC_NAME,offset aNameBuffer,sizeof aNameBuffer
  invoke GetDlgItem,hDlg,IDC_NAME
        invoke GetWindowTextLength,eax
  invoke CharLowerBuff,addr aNameBuffer,eax ; 转换成小写
  invoke lstrcat,offset aNameBuffer,offset szAppendString1
  invoke lstrlen,addr aNameBuffer
  sub eax,1                                 ; 一定要减1
  lea ecx,dword ptr[eax*8]                 
  mov sAppendString,ecx
  invoke lstrcat,offset [aNameBuffer+38h],offset sAppendString  ;自己调试的时候留意一下,看这里为什么要用38h

;-------------------------------
;  处理用户名,得到标准版的注册码
;-------------------------------

  mov eax,offset aNameBuffer
  mov ecx,offset aConvertString
  push ebx
  push esi
  mov esi,dword ptr [eax]                   ;  取出用户名前4个字母
  mov edx,dword ptr [ecx+0Ch]               ;  取出数列中的4位(76543210)
  mov ebx,dword ptr [ecx+4]                 ;  取出数列中的4位(89ABCDEF)
  push edi
  mov edi,dword ptr [ecx+8]                 ;  取出数列中的4位(FEDCBA98)
  mov dword ptr [aAcumulate-8],esi          ;  用户名前4个字母,作为一个累计性质的值,保存到0012F8C8
  mov esi,edx
  xor esi,edi
  and esi,ebx
  xor esi,edx
  mov edx,dword ptr [ecx]                   ;  取出数列中的4位(01234567)
  add esi,dword ptr [aAcumulate-8]          ;  和前4个用户名ASCII值相加
  lea esi,dword ptr [esi+edx+0D76AA478h]    ;  计算,里面常数写注册机时不用修改
  mov edx,esi
  shr edx,19h
  shl esi,7
  or edx,esi
  mov esi,dword ptr [eax+4]                 ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-1Ch],esi        ;  作为一个累计性质的值,保存
  mov esi,edi
  add edx,ebx
  xor esi,ebx
  and esi,edx
  xor esi,edi
  mov edi,dword ptr [ecx+0Ch]
  add esi,dword ptr [aAcumulate-1Ch]
  lea edi,dword ptr [edi+esi+0E8C7B756h]
  mov esi,edi
  shr esi,14h
  shl edi,0Ch
  or esi,edi
  mov edi,dword ptr [eax+8]                 ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-28h],edi        ;  作为一个累计性质的值,保存
  mov edi,ebx
  add esi,edx
  xor edi,edx
  and edi,esi
  xor edi,ebx
  add edi,dword ptr [aAcumulate-28h]
  mov ebx,edi
  mov edi,dword ptr [ecx+8]
  lea edi,dword ptr [edi+ebx+242070DBh]
  mov ebx,edi
  shr ebx,0Fh
  shl edi,11h
  or ebx,edi
  mov edi,dword ptr [eax+0Ch]                 ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-14h],edi          ;  作为一个累计性质的值,保存
  mov edi,esi
  add ebx,esi
  xor edi,edx
  and edi,ebx
  mov dword ptr [aAcumulate+0Ch],ebx          ;  作为一个累计性质的值,保存
  xor edi,edx
  add edi,dword ptr [aAcumulate-14h]
  mov ebx,edi
  mov edi,dword ptr [ecx+4]
  lea edi,dword ptr [edi+ebx+0C1BDCEEEh]
  mov ebx,edi
  shl ebx,16h
  shr edi,0Ah
  or ebx,edi
  mov edi,dword ptr [eax+10h]                 ;  向后取用户名4个字母
  add ebx,dword ptr [aAcumulate+0Ch]
  mov dword ptr [aAcumulate-40h],edi          ;  作为一个累计性质的值,保存
  mov dword ptr [aAcumulate-4],ebx            ;  作为一个累计性质的值,保存
  mov ebx,esi
  xor ebx,dword ptr [aAcumulate+0Ch]
  and ebx,dword ptr [aAcumulate-4]
  xor ebx,esi
  add ebx,edi
  lea edx,dword ptr [edx+ebx+0F57C0FAFh]
  mov edi,edx
  shr edi,19h
  shl edx,7
  mov ebx,dword ptr [aAcumulate+0Ch]
  or edi,edx
  add edi,dword ptr [aAcumulate-4]
  xor ebx,dword ptr [aAcumulate-4]
  mov edx,dword ptr [eax+14h]
  and ebx,edi
  mov dword ptr [aAcumulate-2Ch],edx
  xor ebx,dword ptr [aAcumulate+0Ch]
  add ebx,edx
  lea esi,dword ptr [esi+ebx+4787C62Ah]
  mov ebx,dword ptr [aAcumulate+0Ch]
  mov edx,esi
  shr edx,14h
  shl esi,0Ch
  or edx,esi
  mov esi,dword ptr [eax+18h]                 ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-20h],esi          ;  作为一个累计性质的值,保存
  mov esi,dword ptr [aAcumulate-4]          
  add edx,edi
  xor esi,edi
  and esi,edx
  xor esi,dword ptr [aAcumulate-4]
  add esi,dword ptr [aAcumulate-20h]
  lea ebx,dword ptr [ebx+esi+0A8304613h]
  mov esi,ebx
  shr esi,0Fh
  shl ebx,11h
  or esi,ebx
  mov ebx,dword ptr [eax+1Ch]               ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-0Ch],ebx        ;  作为一个累计性质的值,保存
  mov ebx,edx
  add esi,edx
  xor ebx,edi
  and ebx,esi
  mov dword ptr [aAcumulate+0Ch],esi
  mov esi,dword ptr [aAcumulate-4]
  xor ebx,edi
  add ebx,dword ptr [aAcumulate-0Ch]
  lea esi,dword ptr [esi+ebx+0FD469501h]
  mov ebx,esi
  shl ebx,16h
  shr esi,0Ah
  or ebx,esi
  mov esi,dword ptr [eax+20h]                 ;  向后取用户名4个字母
  add ebx,dword ptr [aAcumulate+0Ch]         ;  作为一个累计性质的值,保存
  mov dword ptr [aAcumulate-34h],esi
  mov dword ptr [aAcumulate-4],ebx
  mov ebx,edx
  xor ebx,dword ptr [aAcumulate+0Ch]
  and ebx,dword ptr [aAcumulate-4]
  xor ebx,edx
  add ebx,esi
  lea edi,dword ptr [edi+ebx+698098D8h]
  mov ebx,dword ptr [aAcumulate+0Ch]
  xor ebx,dword ptr [aAcumulate-4]
  mov esi,edi
  shr esi,19h
  shl edi,7
  or esi,edi
  mov edi,dword ptr [eax+24h]                ;  向后取用户名4个字母
  add esi,dword ptr [aAcumulate-4]
  mov dword ptr [aAcumulate-44h],edi        ;  作为一个累计性质的值,保存
  and ebx,esi
  xor ebx,dword ptr [aAcumulate+0Ch]
  add ebx,edi
  lea edx,dword ptr [edx+ebx+8B44F7AFh]
  mov ebx,dword ptr [aAcumulate+0Ch]
  mov edi,edx
  shr edi,14h
  shl edx,0Ch
  or edi,edx
  mov edx,dword ptr [eax+28h]                 ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-18h],edx          ;  作为一个累计性质的值,保存
  mov edx,dword ptr [aAcumulate-4]
  add edi,esi
  xor edx,esi
  and edx,edi
  xor edx,dword ptr [aAcumulate-4]
  add edx,dword ptr [aAcumulate-18h]
  lea ebx,dword ptr [ebx+edx+0FFFF5BB1h]
  mov edx,ebx
  shr edx,0Fh
  shl ebx,11h
  or edx,ebx
  mov ebx,dword ptr [eax+2C0h]
  mov dword ptr [aAcumulate-24h],ebx
  mov ebx,edi
  xor ebx,esi
  add edx,edi
  and ebx,edx
  mov dword ptr [aAcumulate+0Ch],edx
  mov edx,dword ptr [aAcumulate-4]
  xor ebx,esi
  add ebx,dword ptr [aAcumulate-24h]
  lea edx,dword ptr [edx+ebx+895CD7BEh]
  mov ebx,edx
  shl ebx,16h
  shr edx,0Ah
  or ebx,edx
  mov edx,dword ptr [eax+30h]                  ;  向后取用户名4个字母
  add ebx,dword ptr [aAcumulate+0Ch]
  mov dword ptr [aAcumulate-30h],edx          ;  作为一个累计性质的值,保存
  mov dword ptr [aAcumulate-4],ebx
  mov ebx,edi
  xor ebx,dword ptr [aAcumulate+0Ch]
  and ebx,dword ptr [aAcumulate-4]
  xor ebx,edi
  add ebx,edx
  lea esi,dword ptr [esi+ebx+6B901122h]
  mov ebx,dword ptr [aAcumulate+0Ch]
  xor ebx,dword ptr [aAcumulate-4]
  mov edx,esi
  shr edx,19h
  shl esi,7
  or edx,esi
  mov esi,dword ptr [eax+34h]                ;  向后取用户名4个字母
  add edx,dword ptr [aAcumulate-4]
  mov dword ptr [aAcumulate-3Ch],esi          ;  作为一个累计性质的值,保存
  and ebx,edx
  xor ebx,dword ptr [aAcumulate+0Ch]
  add ebx,esi
  mov esi,dword ptr [eax+38h]               ;  向后取用户名4个字母
  mov dword ptr [aAcumulate-10h],esi        ;  作为一个累计性质的值,保存
  mov esi,dword ptr [aAcumulate-4]
  lea edi,dword ptr [edi+ebx+0FD987193h]
  xor esi,edx
  mov ebx,edi
  mov eax,dword ptr [eax+3Ch]
  shr ebx,14h
  shl edi,0Ch
  or ebx,edi
  mov edi,dword ptr [aAcumulate+0Ch]
  add ebx,edx
  mov dword ptr [aAcumulate-38h],eax
  and esi,ebx
  mov dword ptr [aAcumulate+8],ebx
  xor esi,dword ptr [aAcumulate-4]
  add esi,dword ptr [aAcumulate-10h]
  lea edi,dword ptr [edi+esi+0A679438Eh]
  mov esi,edi
  shr esi,0Fh
  shl edi,11h
  or esi,edi
  mov edi,ebx
  add esi,ebx
  xor edi,edx
  and edi,esi
  xor edi,edx
  add edi,eax
  mov eax,dword ptr [aAcumulate-4]
  lea eax,dword ptr [eax+edi+49B40821h]
  mov edi,eax
  shl edi,16h
  shr eax,0Ah
  or edi,eax
  mov eax,esi
  add edi,esi
  xor eax,edi
  and eax,ebx
  xor eax,esi
  add eax,dword ptr [aAcumulate-1Ch]
  lea edx,dword ptr [edx+eax+0F61E2562h]
  mov eax,edx
  shr eax,1Bh
  shl edx,5
  or eax,edx
  mov edx,edi
  add eax,edi
  xor edx,eax
  and edx,esi
  xor edx,edi
  add edx,dword ptr [aAcumulate-20h]
  lea ebx,dword ptr [ebx+edx+0C040B340h]
  mov edx,ebx
  shr edx,17h
  shl ebx,9
  or edx,ebx
  add edx,eax
  mov dword ptr [aAcumulate+8],edx
  xor edx,eax
  and edx,edi
  mov ebx,dword ptr [aAcumulate+8]
  xor edx,eax
  add edx,dword ptr [aAcumulate-24h]
  lea esi,dword ptr [esi+edx+265E5A51h]
  mov edx,esi
  shr edx,12h
  shl esi,0Eh
  or edx,esi
  mov esi,dword ptr [aAcumulate+8]
  add edx,dword ptr [aAcumulate+8]
  xor esi,edx
  and esi,eax
  xor esi,dword ptr [aAcumulate+8]
  add esi,dword ptr [aAcumulate-8]
  lea edi,dword ptr [edi+esi+0E9B6C7AAh]
  mov esi,edi
  shl esi,14h
  shr edi,0Ch
  or esi,edi
  mov edi,edx
  add esi,edx
  xor edi,esi
  and edi,dword ptr [aAcumulate+8]
  xor edi,edx
  add edi,dword ptr [aAcumulate-2Ch]
  lea eax,dword ptr [eax+edi+0D62F105Dh]
  mov edi,eax
  shr edi,1Bh
  shl eax,5
  or edi,eax
  mov eax,esi
  add edi,esi
  xor eax,edi
  and eax,edx
  xor eax,esi
  add eax,dword ptr [aAcumulate-18h]
  lea ebx,dword ptr [ebx+eax+2441453h]
  mov eax,ebx
  shr eax,17h
  shl ebx,9
  or eax,ebx
  add eax,edi
  mov dword ptr [aAcumulate+8],eax
  xor eax,edi
  and eax,esi
  xor eax,edi
  add eax,dword ptr [aAcumulate-38h]
  lea edx,dword ptr [edx+eax+0D8A1E681h]
  mov eax,edx
  shr eax,12h
  shl edx,0Eh
  or eax,edx
  mov edx,dword ptr [aAcumulate+8]
  add eax,dword ptr [aAcumulate+8]
  xor edx,eax
  and edx,edi
  xor edx,dword ptr [aAcumulate+8]
  add edx,dword ptr [aAcumulate-40h]
  lea esi,dword ptr [esi+edx+0E7D3FBC8h]
  mov edx,esi
  shl edx,14h
  shr esi,0Ch
  or edx,esi
  mov esi,eax
  add edx,eax
  mov ebx,dword ptr [aAcumulate+8]
  xor esi,edx
  and esi,dword ptr [aAcumulate+8]
  xor esi,eax
  add esi,dword ptr [aAcumulate-44h]
  lea edi,dword ptr [edi+esi+21E1CDE6h]
  mov esi,edi
  shr esi,1Bh
  shl edi,5
  or esi,edi
  mov edi,edx
  add esi,edx
  xor edi,esi
  and edi,eax
  xor edi,edx
  add edi,dword ptr [aAcumulate-10h]
  lea ebx,dword ptr [ebx+edi+0C33707D6h]
  mov edi,ebx
  shr edi,17h
  shl ebx,9
  or edi,ebx
  add edi,esi
  mov dword ptr [aAcumulate+8],edi
  xor edi,esi
  and edi,edx
  mov ebx,dword ptr [aAcumulate+8]
  xor edi,esi
  add edi,dword ptr [aAcumulate-14h]
  lea eax,dword ptr [eax+edi+0F4D50D87h]
  mov edi,eax
  shr edi,12h
  shl eax,0Eh
  or edi,eax
  mov eax,dword ptr [aAcumulate+8]
  add edi,dword ptr [aAcumulate+8]
  xor eax,edi
  and eax,esi
  xor eax,dword ptr [aAcumulate+8]
  add eax,dword ptr [aAcumulate-34h]
  lea edx,dword ptr [edx+eax+455A14EDh]
  mov eax,edx
  shl eax,14h
  shr edx,0Ch
  or eax,edx
  mov edx,edi
  add eax,edi
  xor edx,eax
  and edx,dword ptr [aAcumulate+8]
  xor edx,edi
  add edx,dword ptr [aAcumulate-3Ch]
  lea esi,dword ptr [esi+edx+0A9E3E905h]
  mov edx,esi
  shr edx,1Bh
  shl esi,5
  or edx,esi
  mov esi,eax
  add edx,eax
  xor esi,edx
  and esi,edi
  xor esi,eax
  add esi,dword ptr [aAcumulate-28h]
  lea ebx,dword ptr [ebx+esi+0FCEFA3F8h]
  mov esi,ebx
  shr esi,17h
  shl ebx,9
  or esi,ebx
  add esi,edx
  mov dword ptr [aAcumulate+8],esi
  xor esi,edx
  and esi,eax
  xor esi,edx
  add esi,dword ptr [aAcumulate-0Ch]
  lea edi,dword ptr [edi+esi+676F02D9h]
  mov esi,dword ptr [aAcumulate+8]
  mov ebx,edi
  shr ebx,12h
  shl edi,0Eh
  or ebx,edi
  add ebx,esi
  mov dword ptr [aAcumulate-4],esi
  xor dword ptr [aAcumulate-4],ebx
  mov edi,dword ptr [aAcumulate-4]
  and edi,edx
  xor edi,esi
  add edi,dword ptr [aAcumulate-30h]
  lea eax,dword ptr [eax+edi+8D2A4C8Ah]
  mov edi,dword ptr [aAcumulate+8]
  mov esi,eax
  shl esi,14h
  shr eax,0Ch
  or esi,eax
  mov eax,dword ptr [aAcumulate-4]
  add esi,ebx
  xor eax,esi
  add eax,dword ptr [aAcumulate-2Ch]
  lea edx,dword ptr [edx+eax+0FFFA3942h]
  mov eax,edx
  shr eax,1Ch
  shl edx,4
  or eax,edx
  mov edx,ebx
  xor edx,esi
  add eax,esi
  xor edx,eax
  add edx,dword ptr [aAcumulate-34h]
  lea edx,dword ptr [edi+edx+8771F681h]
  mov edi,edx
  shr edi,15h
  shl edx,0Bh
  or edi,edx
  add edi,eax
  mov edx,edi
  mov dword ptr [aAcumulate-4],edi
  xor edx,esi
  xor edx,eax
  add edx,dword ptr [aAcumulate-24h]
  lea edx,dword ptr [ebx+edx+6D9D6122h]
  mov ebx,edx
  shr ebx,10h
  shl edx,10h
  or ebx,edx
  add ebx,edi
  xor dword ptr [aAcumulate-4],ebx
  mov edx,dword ptr [aAcumulate-4]
  xor edx,eax
  add edx,dword ptr [aAcumulate-10h]
  lea esi,dword ptr [esi+edx+0FDE5380Ch]
  mov edx,esi
  shl edx,17h
  shr esi,9
  or edx,esi
  mov esi,dword ptr [aAcumulate-4]
  add edx,ebx
  xor esi,edx
  add esi,dword ptr [aAcumulate-1Ch]
  lea esi,dword ptr [eax+esi+0A4BEEA44h]
  mov eax,esi
  shr eax,1Ch
  shl esi,4
  or eax,esi
  mov esi,ebx
  add eax,edx
  xor esi,edx
  xor esi,eax
  add esi,dword ptr [aAcumulate-40h]
  lea edi,dword ptr [edi+esi+4BDECFA9h]
  mov esi,edi
  shr esi,15h
  shl edi,0Bh
  or esi,edi
  add esi,eax
  mov edi,esi
  xor edi,edx
  xor edi,eax
  add edi,dword ptr [aAcumulate-0Ch]
  lea ebx,dword ptr [ebx+edi+0F6BB4B60h]
  mov edi,ebx
  shr edi,10h
  shl ebx,10h
  or edi,ebx
  mov dword ptr [aAcumulate-4],esi
  add edi,esi
  xor dword ptr [aAcumulate-4],edi
  mov ebx,dword ptr [aAcumulate-4]
  xor ebx,eax
  add ebx,dword ptr [aAcumulate-18h]
  lea ebx,dword ptr [edx+ebx+0BEBFBC70h]
  mov edx,ebx
  shl edx,17h
  shr ebx,9
  or edx,ebx
  mov ebx,dword ptr [aAcumulate-4]
  add edx,edi
  xor ebx,edx
  add ebx,dword ptr [aAcumulate-3Ch]
  lea ebx,dword ptr [eax+ebx+289B7EC6h]
  mov eax,ebx
  shr eax,1Ch
  shl ebx,4
  or eax,ebx
  mov ebx,edi
  add eax,edx
  xor ebx,edx
  xor ebx,eax
  add ebx,dword ptr [aAcumulate-8]
  lea esi,dword ptr [esi+ebx+0EAA127FAh]
  mov ebx,esi
  shr ebx,15h
  shl esi,0Bh
  or ebx,esi
  add ebx,eax
  mov esi,ebx
  mov dword ptr [aAcumulate-4],ebx
  xor esi,edx
  xor esi,eax
  add esi,dword ptr [aAcumulate-14h]
  lea edi,dword ptr [edi+esi+0D4EF3085h]
  mov esi,edi
  shr esi,10h
  shl edi,10h
  or esi,edi
  add esi,ebx
  xor dword ptr [aAcumulate-4],esi
  mov dword ptr [aAcumulate+0Ch],esi
  mov edi,dword ptr [aAcumulate-4]
  xor edi,eax
  add edi,dword ptr [aAcumulate-20h]
  lea edi,dword ptr [edx+edi+4881D05h]
  mov edx,edi
  shl edx,17h
  shr edi,9
  or edx,edi
  mov edi,dword ptr [aAcumulate-4]
  add edx,esi
  xor edi,edx
  xor esi,edx
  add edi,dword ptr [aAcumulate-44h]
  lea edi,dword ptr [eax+edi+0D9D4D039h]
  mov eax,edi
  shr eax,1Ch
  shl edi,4
  or eax,edi
  add eax,edx
  xor esi,eax
  add esi,dword ptr [aAcumulate-30h]
  lea ebx,dword ptr [ebx+esi+0E6DB99E5h]
  mov esi,ebx
  shr esi,15h
  shl ebx,0Bh
  or esi,ebx
  mov ebx,dword ptr [aAcumulate+0Ch]
  add esi,eax
  mov edi,esi
  xor edi,edx
  xor edi,eax
  add edi,dword ptr [aAcumulate-38h]
  lea ebx,dword ptr [ebx+edi+1FA27CF8h]
  mov edi,ebx
  shr edi,10h
  shl ebx,10h
  or edi,ebx
  mov ebx,esi
  add edi,esi
  xor ebx,edi
  mov dword ptr [aAcumulate+0Ch],edi
  xor ebx,eax
  add ebx,dword ptr [aAcumulate-28h]
  lea edx,dword ptr [edx+ebx+0C4AC5665h]
  mov ebx,dword ptr [aAcumulate+0Ch]
  mov edi,edx
  shl edi,17h
  shr edx,9
  or edi,edx
  mov edx,esi
  add edi,ebx
  not edx
  or edx,edi
  xor edx,ebx
  add edx,dword ptr [aAcumulate-8]
  lea eax,dword ptr [eax+edx+0F4292244h]
  mov edx,eax
  shr edx,1Ah
  shl eax,6
  or edx,eax
  mov eax,ebx
  add edx,edi
  not eax
  or eax,edx
  xor eax,edi
  add eax,dword ptr [aAcumulate-0Ch]
  lea esi,dword ptr [esi+eax+432AFF97h]
  mov eax,esi
  shr eax,16h
  shl esi,0Ah
  or eax,esi
  mov esi,edi
  add eax,edx
  not esi
  or esi,eax
  xor esi,edx
  add esi,dword ptr [aAcumulate-10h]
  lea ebx,dword ptr [ebx+esi+0AB9423A7h]
  mov esi,ebx
  shr esi,11h
  shl ebx,0Fh
  or esi,ebx
  mov ebx,edx
  add esi,eax
  not ebx
  or ebx,esi
  xor ebx,eax
  add ebx,dword ptr [aAcumulate-2Ch]
  lea edi,dword ptr [edi+ebx+0FC93A039h]
  mov ebx,edi
  shl ebx,15h
  shr edi,0Bh
  or ebx,edi
  mov edi,eax
  add ebx,esi
  not edi
  or edi,ebx
  xor edi,esi
  add edi,dword ptr [aAcumulate-30h]
  lea edi,dword ptr [edx+edi+655B59C3h]
  mov edx,edi
  shr edx,1Ah
  shl edi,6
  or edx,edi
  mov edi,esi
  add edx,ebx
  not edi
  or edi,edx
  xor edi,ebx
  add edi,dword ptr [aAcumulate-14h]
  lea edi,dword ptr [eax+edi+8F0CCC92h]
  mov eax,edi
  shr eax,16h
  shl edi,0Ah
  or eax,edi
  mov edi,ebx
  add eax,edx
  not edi
  or edi,eax
  xor edi,edx
  add edi,dword ptr [aAcumulate-18h]
  lea edi,dword ptr [esi+edi+0FFEFF47Dh]
  mov esi,edi
  shr esi,11h
  shl edi,0Fh
  or esi,edi
  mov edi,edx
  add esi,eax
  not edi
  or edi,esi
  xor edi,eax
  add edi,dword ptr [aAcumulate-1Ch]
  lea ebx,dword ptr [ebx+edi+85845DD1h]
  mov edi,ebx
  shr ebx,0Bh
  shl edi,15h
  or edi,ebx
  mov ebx,eax
  not ebx
  add edi,esi
  or ebx,edi
  xor ebx,esi
  add ebx,dword ptr [aAcumulate-34h]
  lea ebx,dword ptr [edx+ebx+6FA87E4Fh]
  mov edx,ebx
  shl ebx,6
  shr edx,1Ah
  or edx,ebx
  mov ebx,esi
  add edx,edi
  not ebx
  or ebx,edx
  xor ebx,edi
  add ebx,dword ptr [aAcumulate-38h]
  lea ebx,dword ptr [eax+ebx+0FE2CE6E0h]
  mov eax,ebx
  shr eax,16h
  shl ebx,0Ah
  or eax,ebx
  mov ebx,edi
  add eax,edx
  not ebx
  or ebx,eax
  xor ebx,edx
  add ebx,dword ptr [aAcumulate-20h]
  lea ebx,dword ptr [esi+ebx+0A3014314h]
  mov esi,ebx
  shr esi,11h
  shl ebx,0Fh
  or esi,ebx
  mov ebx,edx
  add esi,eax
  not ebx
  or ebx,esi
  xor ebx,eax
  add ebx,dword ptr [aAcumulate-3Ch]
  lea ebx,dword ptr [edi+ebx+4E0811A1h]
  mov edi,ebx
  shl edi,15h
  shr ebx,0Bh
  or edi,ebx
  mov ebx,eax
  add edi,esi
  not ebx
  or ebx,edi
  xor ebx,esi
  add ebx,dword ptr [aAcumulate-40h]
  lea ebx,dword ptr [edx+ebx+0F7537E82h]
  mov edx,ebx
  shr edx,1Ah
  shl ebx,6
  or edx,ebx
  mov ebx,esi
  add edx,edi
  not ebx
  or ebx,edx
  xor ebx,edi
  add ebx,dword ptr [aAcumulate-24h]
  lea eax,dword ptr [eax+ebx+0BD3AF235h]
  mov ebx,eax
  shr ebx,16h
  shl eax,0Ah
  or ebx,eax
  mov eax,edi
  add ebx,edx
  not eax
  or eax,ebx
  xor eax,edx
  add eax,dword ptr [aAcumulate-28h]
  lea esi,dword ptr [esi+eax+2AD7D2BBh]
  mov eax,esi
  shr eax,11h
  shl esi,0Fh
  or eax,esi
  mov esi,edx
  add eax,ebx
  not esi
  or esi,eax
  xor esi,ebx
  add esi,dword ptr [aAcumulate-44h]
  lea edi,dword ptr [edi+esi+0EB86D391h]
  mov esi,dword ptr [ecx]
  add esi,edx
  mov edx,edi
  shl edx,15h
  shr edi,0Bh
  or edx,edi
  mov dword ptr [aStdKeyBuffer],esi             ; 保存结果
  add edx,dword ptr [ecx+4]
  pop edi
  pop esi
  add edx,eax
  mov dword ptr [aStdKeyBuffer+4],edx           ; 保存结果
  mov edx,dword ptr [ecx+8]
  add edx,eax
  mov eax,dword ptr [ecx+0Ch]
  add eax,ebx
  mov dword ptr [aStdKeyBuffer+8],edx           ; 保存结果
  mov dword ptr [aStdKeyBuffer+0Ch],eax         ; 保存结果
  ;------------------------------------
  xor edi,edi
@1:
  xor ecx,ecx
  xor eax,eax
@2:
  movzx edx,byte ptr[aStdKeyBuffer+eax+edi*4]
  shl ecx,8
  add ecx,edx
  inc eax
  cmp eax,4
  jl @2                                        ;小循环结束后,ecx中就是其中一段注册码
  invoke wsprintf,addr temp,addr format1,ecx
  invoke lstrcat,addr aStdKeyOut,addr temp
  inc edi
  cmp edi,3
  jl @1
  mov byte ptr[aStdKeyOut+26],0
  invoke SetDlgItemText,hDlg,IDC_KEY,addr aStdKeyOut
     leave
  ret

GetKey endp

end start
--------------------------------------------------------------------------------
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>>>    keygen.rc     >>>>>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#define IDD_DLGBOX 1000
#define IDC_GRP1 1003
#define IDC_NAME 1001
#define IDC_KEY 1002
#define IDC_STC1 1004
#define IDC_STC2 1005
#define IDC_GENERATE 1006
#define IDC_ABOUT 1007
IDD_DLGBOX DIALOGEX 4,5,214,78
CAPTION "Keygen For DialogBlocks Version 2.00"
FONT 8,"MS Sans Serif"
STYLE 0x10CA0880
EXSTYLE 0x00000001
BEGIN
  CONTROL "",IDC_NAME,"Edit",0x50010000,54,7,142,15,0x00000200
  CONTROL "",IDC_KEY,"Edit",0x50010800,54,27,142,15,0x00000200
  CONTROL "Name :",IDC_STC1,"Static",0x50000201,14,7,40,15,0x00000000
  CONTROL "Key :",IDC_STC2,"Static",0x50000201,14,27,40,15,0x00000000
  CONTROL "GENERATE",IDC_GENERATE,"Button",0x50010000,52,55,52,17,0x00000000
  CONTROL "ABOUT",IDC_ABOUT,"Button",0x50010000,128,55,52,17,0x00000000
  CONTROL "",IDC_GRP1,"Button",0x50000007,10,1,194,46,0x00000000
END

posted on 2005-06-19 23:07  F4ncy Blog  阅读(1319)  评论(0编辑  收藏  举报