Crack a CM

Source: Internet
Author: User

Author: riusksk
Home page:Http://riusksk.blogbus.com

At noon on the CCG forum, I saw a brother send a CM, and only broke it. So I started to fuck the guy and sharpen the knife to reach CM, so I had this article. The posts posted by that brother are:
Http://www.ccgcn.com/bbs/viewthr... & extra = page % 3D1If there are any errors, please correct them. To be honest, I am also very vague in some places.


First open the file, enter the username "riusksk" and register "78787878". Check the error message and find the prompt "fail". Then load the file with OD to find all the strings. The specific content is as follows:

For the text string, see Crack_Me:. text
Address disassembly text string
004015C1 PUSH Crack_Me.00403038 ASCII "User Name is empty! "
0040160C PUSH Crack_Me.00403028 ASCII "Great! Pf! Pf! "
0040161A PUSH Crack_Me.00403020 ASCII "fail! "
004016A7 PUSH Crack_Me.00403050 ASCII "C :"
004016C4 mov edx, dword ptr ss: [ESP + 58] (initial CPU selection)
00401899 PUSH Crack_Me.0040304C ASCII "% s"

Double-click ASCII "fail! ", The window automatically jumps to the following:

00401590. 6A ff push-1
00401592. 68 381E4000 PUSH Crack_Me.00401E38; SE handler Installation
00401597. 64: A1 0000000> mov eax, dword ptr fs: [0]
0040159D. 50 PUSH EAX
0040159E. 64: 8925 00000> mov dword ptr fs: [0], ESP
004015A5. 51 PUSH ECX
004015A6. 56 PUSH ESI
004015A7. 8BF1 mov esi, ECX
004015A9. 6A 01 PUSH 1
004015AB. E8 6A050000 CALL <JMP. & MFC42. #6334 _? UpdateData @ CWnd @ QAEHH @ Z>
004015B0. 8B4E 60 mov ecx, dword ptr ds: [ESI + 60]; Save the user name to ECX
004015B3. 8D46 60 lea eax, dword ptr ds: [ESI + 60]; User Name Pointer
004015B6. 8B51 F8 mov edx, dword ptr ds: [ECX-8]; User Name Length
004015B9. 85D2 test edx, EDX
004015BB. 75 20 jnz short Crack_Me.004015DD; Skip if the User Name is not empty; otherwise, the message "User Name is empty" is displayed"
004015BD. 6A 00 PUSH 0
004015BF. 6A 00 PUSH 0
004015C1. 68 38304000 PUSH Crack_Me.00403038; ASCII "User Name is empty! "
004015C6. 8BCE mov ecx, ESI
004015C8. E8 47050000 CALL <JMP. & MFC42. #4224 _? MessageBoxA @ CWnd @ QAEHPBD0I @ Z>
004015CD. 5E POP ESI
004015CE. 8B4C24 04 mov ecx, dword ptr ss: [ESP + 4]
004015D2. 64: 890D 00000> mov dword ptr fs: [0], ECX
004015D9. 83C4 10 add esp, 10
004015DC. C3 RETN
004015DD> 8D5424 04 lea edx, dword ptr ss: [ESP + 4]
004015E1. 50 push eax;/Arg2
004015E2. 52 push edx; | Arg1
004015E3. 8BCE mov ecx, ESI; |
004015E5. E8 66000000 CALL Crack_Me.00401650; Calculate the username riusksk and obtain the registration code.
Let's follow up on this CALL to see:
{
0040164F. C3 RETN
00401650/$ 6A ff push-1
00401652 |. 68 6F1E4000 PUSH Crack_Me.00401E6F; SE handler Installation
00401657 |. 64: A1 0000000> mov eax, dword ptr fs: [0]
0040165D |. 50 PUSH EAX
0040165E |. 64: 8925 00000> mov dword ptr fs: [0], ESP
00401665 |. 83EC 34 sub esp, 34
00401668 |. 33C0 xor eax, EAX
0040166A |. 53 PUSH EBX
0040166B |. 894424 21 mov dword ptr ss: [ESP + 21],

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.