PEDIY_CrackMe_2007

BP GetDlgItemTextA

名称在 unpacked, 项目 4

地址=00403120

类型=导入 (已知)

名称=USER32.GetDlgItemTextA

77D6AE36 > 8BFF MOV EDI,EDI

77D6AE38 55 PUSH EBP

77D6AE39 8BEC MOV EBP,ESP

77D6AE3B FF75 0C PUSH DWORD PTR SS:[EBP+C]

77D6AE3E FF75 08 PUSH DWORD PTR SS:[EBP+8]

77D6AE41 E8 888FFBFF CALL USER32.GetDlgItem

77D6AE46 85C0 TEST EAX,EAX

0012F9B0 0040153E /CALL 到 GetDlgItemTextA 来自 unpacked.00401539

0012F9B4 003E0AEE |hWnd = 003E0AEE ('TheBigMan's CrackMe #6',class='#32770')

0012F9B8 00000065 |ControlID = 65 (101.)

0012F9BC 0012F9D0 |Buffer = 0012F9D0

0012F9C0 00000100 \Count = 100 (256.)

0012F9C4 0012FAF7 ASCII "**** ... you entered the correct serial!"

0012F9C8 00402593 ASCII "You have to make an own working keygen!

Send the solutions to: t.h.e.b.i.g.m.a.n@gmx.net

Patching is not allowed!

Enjoy !"

0040153E |. 89C3 MOV EBX,EAX

00401540 |. 09DB OR EBX,EBX

00401542 |. 75 04 JNZ SHORT unpacked.00401548

00401544 |. 31C0 XOR EAX,EAX

00401546 |. EB 50 JMP SHORT unpacked.00401598

00401548 |> BF BC020000 MOV EDI,2BC

00401585 |. 53 PUSH EBX

00401586 |. FF75 08 PUSH DWORD PTR SS:[EBP+8]

00401589 |. E8 77FDFFFF CALL unpacked.00401 ?

0040158E |. 83C4 0C ADD ESP,0C

00401591 |. 09C0 OR EAX,EAX

004013C9 |. F7F9 IDIV ECX

004013CB |. 83FA 17 CMP EDX,17

004013CE |. 74 07 JE SHORT unpacked.004013D7

004013D0 |. 31C0 XOR EAX,EAX

004013D2 |. E9 2D010000 JMP unpacked.00401504

004013D7 |> 31DB XOR EBX,EBX

00401475 |> \3B5D 0C CMP EBX,DWORD PTR SS:[EBP+C]

00401478 |.^ 0F8C 74FFFFFF \JL unpacked.004013F2

0040147E |. 8D85 FCFEFFFF LEA EAX,DWORD PTR SS:[EBP-104] ?

004014B0 |. 57 PUSH EDI

004014B1 |. 8DBD E1FBFFFF LEA EDI,DWORD PTR SS:[EBP-41F] T654002

004014B7 |. 57 PUSH EDI

堆栈地址=0012F591, (ASCII "T654002")

EDI=00000062

004014DF |. 8D85 E1FCFFFF LEA EAX,DWORD PTR SS:[EBP-31F] ; |

004014E5 |. 50 PUSH EAX ; |Arg2

004014E6 |. 8D85 E1FDFFFF LEA EAX,DWORD PTR SS:[EBP-21F] ; |

004014EC |. 50 PUSH EAX ; |Arg1

004014ED |. E8 D0FDFFFF CALL unpacked.004012C2 ; \unpacked.004012C2

004012CD |. 46 INC ESI

004012CE |. EB 29 JMP SHORT unpacked.004012F9

004012D0 |> 8B55 08 /MOV EDX,DWORD PTR SS:[EBP+8]

004012D3 |. 0FBE3C32 |MOVSX EDI,BYTE PTR DS:[EDX+ESI]

004012D7 |. 89F8 |MOV EAX,EDI

004012D9 |. 83F0 20 |XOR EAX,20

004012DC |. B9 0A000000 |MOV ECX,0A

004012E1 |. 99 |CDQ

004012E2 |. F7F9 |IDIV ECX

004012E4 |. 89D7 |MOV EDI,EDX

004012E6 |. 83C7 30 |ADD EDI,30

004012E9 |. 8B55 0C |MOV EDX,DWORD PTR SS:[EBP+C]

004012EC |. 0FBE1432 |MOVSX EDX,BYTE PTR DS:[EDX+ESI]

004012F0 |. 39D7 |CMP EDI,EDX

004012F2 74 04 JE SHORT unpacked.004012F8 ???????????

004012F4 |. 31C0 |XOR EAX,EAX

004012F6 |. EB 08 |JMP SHORT unpacked.00401300

004012F8 |> 46 |INC ESI

004012F9 |> 39DE CMP ESI,EBX

004012FB |.^ 7C D3 \JL SHORT unpacked.004012D0

004012FD |. 31C0 XOR EAX,EAX

EAX 0012F691 ASCII "999999999999999999"

ECX 0012F791 ASCII "T654002-98"

FCW 037F Prec NEAR,64 Mask 1 1 1 1 1 1

004014DF |. 8D85 E1FCFFFF LEA EAX,DWORD PTR SS:[EBP-31F] ; |

004014E5 |. 50 PUSH EAX ; |Arg2

004014E6 |. 8D85 E1FDFFFF LEA EAX,DWORD PTR SS:[EBP-21F] ; |

004014EC |. 50 PUSH EAX ; |Arg1

004014ED |. E8 D0FDFFFF CALL unpacked.004012C2 ; \unpacked.004012C2

004014F2 |. 83C4 0C ADD ESP,0C

004012DC |. B9 0A000000 |MOV ECX,0A

004012E1 |. 99 |CDQ

004012E2 |. F7F9 |IDIV ECX

004012E4 |. 89D7 |MOV EDI,EDX

004012E6 |. 83C7 30 |ADD EDI,30

004012E9 |. 8B55 0C |MOV EDX,DWORD PTR SS:[EBP+C]

004012EC |. 0FBE1432 |MOVSX EDX,BYTE PTR DS:[EDX+ESI]

004012F0 |. 39D7 |CMP EDI,EDX

004012F2 |. 74 04 |JE SHORT unpacked.004012F8

004012F4 |. 31C0 |XOR EAX,EAX

004012F6 |. EB 08 |JMP SHORT unpacked.00401300

004012F8 |> 46 |INC ESI

PEDIY_CrackMe_2007视频.rar

PEDIY_CrackMe_2007.rar http://www.mediafire.com/upload_complete.php?id=mrmwgyjozli

修改PE头 http://www.namipan.com/d/%e4%bf%ae%e6%94%b...4b52d01ea442c00

Please follow and adhere to the topic title format - thank-you!

Are you Chinese?

Edited August 24, 200817 yr by wgz0001