Image2Lcd 3.2破解 及注册机 (作者已免费,所以拿出来作为技术参考)
|
0040CF55 . /0F85 9D000000 jnz 0040CFF8
****************
0012FAC0 206315F8
****************
0040CF27 . 66:C74424 2E >mov word ptr [esp+2E], 11D2
0040CF2E . C74424 30 2FF>mov dword ptr [esp+30], 50AEF62F
0040CF36 . 66:C74424 34 >mov word ptr [esp+34], 15F8
0040CF3D . 66:C74424 36 >mov word ptr [esp+36], 2063
0040CF44 . FF15 BC424100 call dword ptr [<&sss.SSS_Reg>] ; sss.SSS_Reg
0040CF4A . 83C4 08 add esp, 8
0040CF4D . 66:817C24 26 >cmp word ptr [esp+26], 572
0040CF54 . 5D pop ebp
0040CF55 0F85 9D000000 jnz 0040CFF8
0012FB08 31313131
0012FB0C 00000000
0012FB10 32320000
0012FB14 00003232
0012FB18 00000000
0012FB1C 33333333
0012FB20 00000000
0012FB24 34340000
0012FB28 00003434
0012FB2C 00000000
0012FB30 35353535
1111 - A4CA - 7FED - 86FF - 525C
(sn1) (sn2) (sn3) (sn4) (sn5)
第2段计算:sn2=sn1*0x2063, 两低字节交换,sn2=sn2+sn1;
第3段计算:sn3=sn2+sn1, sn3=sn3+(((sn2&0xff)<<8)+(sn1>>8)), sn3=sn3*(0x50AEF62F+0x434713EA), sn3+=(0x15FB+0xD431), sn3=sn3>>16;
第4段计算:sn4=sn1+sn2+sn3, sn4=(sn3^sn4)&0xFFFF, sn4+=(sn2<<16+sn3), sn4=sn4*(0x50AEF62F+0x434713EA),
sn4+=(0x15F8+0xD431), tmp4=sn4, sn4=sn4>>16;
第5段计算:sn5=sn1+sn2+sn3+sn4,sn5=sn5-0x1E92,sn5=(sn4^sn5)&0xFFFF, sn5+=tmp4, sn5=sn5*(0x50AEF62F+0x434713EA),
sn5+=(0x15F8+0xD431),sn5=sn5>>16;
若暴破只须修改sss.dll。
计算注册码程序如下:
void CImage2Lcd32keygenDlg::OnBnClickedOk()
{
// TODO: Add your control notification handler code here
//OnOK();
CString m_string;
DWORD sn1,sn2,sn3,sn4,sn5,tmp4,tmp;
srand(time(0));
//int i=rand();
//int i=rand()%10;
//int i=random(10);
sn1= rand()%0xFFFF; //0x1111;
sn2=(sn1*0x2063)&0xFFFF;
sn2=((sn2&0xFF00)>>8) + ((sn2&0x00FF)<<8);
sn2+=sn1;
sn2=sn2&0xFFFF;
sn3=sn1+sn2;
sn3+=(((sn2&0xff)<<8) + (sn1>>8));
sn3=sn3*(0x50AEF62F+0x434713EA);
sn3+=(0x15FB+0xD431);
sn3=sn3>>16;
sn4=sn1+sn2+sn3;
sn4=(sn3^sn4)&0xFFFF;
tmp=sn2<<16;
tmp+=sn3;
sn4+=tmp; //(sn2<<16+sn3);
sn4=sn4*(0x50AEF62F+0x434713EA);
sn4+=(0x15F8+0xD431); tmp4=sn4;
sn4=sn4>>16;
sn5=sn1+sn2+sn3+sn4;
sn5=sn5-0x1E92;
sn5=(sn4^sn5)&0xFFFF;
sn5+=tmp4;
sn5=sn5*(0x50AEF62F+0x434713EA);
sn5+=(0x15F8+0xD431);
sn5=sn5>>16;
m_string.Format(__T("%04x-%04x-%04x-%04x-%04x"),sn1,sn2,sn3,sn4,sn5);
m_serial.SetWindowText(m_string);
}
|