IDA 打开发现有插桩,好家伙
同样分析
GetLocalTime(&this->systemtimeAC);
v2 = this->systemtimeAC.wMonth * this->systemtimeAC.wDayOfWeek;
v3 = this->systemtimeAC.wYear;
nSize = 256;
global_passwd[0] = this->systemtimeAC.wHour * this->systemtimeAC.wDay * (v3 * v2 + 1);
GetComputerNameA(::Buffer, &nSize);
v4 = 0;
v5 = strlen(::Buffer);
if ( v5 )
{
v6 = global_passwd[1];
do
{
v7 = ::Buffer[v4++];
v6 = (v6 + v7) * this->systemtimeAC.wMonth;
global_passwd[1] = v6;
}
while ( v4 < v5 );
}
GetModuleFileNameA(0, Filename, 0x100u);
v8 = 0;
v9 = strlen(Filename);
if ( v9 )
{
do
{
v10 = Filename[v8++];
global_passwd[2] = this->systemtimeAC.wHour * (global_passwd[1] + v10);
}
while ( v8 < v9 );
}
v1 = this;
CWnd::UpdateData(1);
v2 = *(v1 + 49);
v3 = (String - v2);
do
{
v4 = *v2++;
v2[v3 - 1] = v4;
}
while ( v4 );
String[19] = 0;
v12 = global_passwd[0];
v13 = HIWORD(global_passwd[1]);
String[4] = 0;
v14 = (global_passwd[0] + global_passwd[2]) >> 16;
String[9] = 0;
String[14] = 0;
v15 = strtol(String, &EndPtr, 16);
p2 = strtol(&String[5], &EndPtr, 16);
p3 = strtol(&String[10], &EndPtr, 16);
p4 = strtol(&String[15], &EndPtr, 16);
v17 = p3;
v8 = v15;
word_A80004 = v12;
p1 = (((p4 ^ v17) & 0xF0)
+ ((v15 + (p4 & 0xF000)) & 0xF000)
+ ((p4 + p2 + v15 + v17) & 0xF)
+ ((p2 - (p4 & 0xF00)) & 0xF00)) ^ 0xAFDA;
word_A80AD8 = p1;
word_A80000 = v13;
word_A80008 = v14;
if ( v8 != v12
|| (CWnd::MessageBoxA(this, "恭喜你!序列号第1部分正确!", 0, 0), p2 != HIWORD(global_passwd[1]))
|| (CWnd::MessageBoxA(this, "恭喜你!序列号第2部分正确!", 0, 0),
v17 != (global_passwd[0] + global_passwd[2]) >> 16)
|| (CWnd::MessageBoxA(this, "恭喜你!序列号第3部分正确!", 0, 0),
v9 = "恭喜你!序列号完全正确!",
p1 != (v12 + v13 + v14) >> 4) )
{
v9 = "序列号错误![注意:SN总计16位 形式为:xxxx-xxxx-xxxx-xxxx]";
}
import datetime
import socket
import os
time = datetime.datetime.now() # 获取当前时间
year = time.year
month = time.month
weekday = time.weekday() + 1 # 星期一应该对应'1',故加一
hour = time.hour
day = time.day
passwd = [0, 0, 0, 0]
v2 = month * weekday
v3 = year
passwd[0] = hour * day * (v3 * v2 + 1)
computerName = socket.gethostname().upper() # 获取计算机名,需要大写
for ch in computerName:
passwd[1] = month * (passwd[1] + ord(ch))
fileFlag = False
filePath = ''
for root, dirs, files in os.walk(os.getcwd(), topdown=True):
if 'DemoD2022_Debug.exe' in files:
filePath = root + '\\DemoD2022_Debug.exe'
fileFlag = True
break
if fileFlag == False:
print('未找到 DemoD2022_Debug.exe ,请放至同一文件夹下')
exit(0)
for ch in filePath:
passwd[2] = hour * (passwd[1] + ord(ch))
v12 = passwd[0] & 0xFFFF
v13 = passwd[1] >> 16
v14 = (passwd[2] + passwd[0]) >> 16
p1 = v12 & 0xFFFF
p2 = v13 & 0xFFFF
p3 = v14 & 0xFFFF
p4 = 0x0 & 0xFFFF
for i in range(0x10000):
v16 = (((i ^ p3) & 0xF0) + ((p1 + (i & 0xF000)) & 0xF000) +
((i + p2 + p1 + p3) & 0xF) + ((p2 - (i & 0xF00)) & 0xF00)) ^ 0xAFDA
if v16 == ((p1 + p2 + p3) >> 4):
p4 = i
break
print(('{:04X}-{:04X}-{:04X}-{:04X}').format(p1, p2, p3, p4))