- UID
- 6880
注册时间2006-1-12
阅读权限30
最后登录1970-1-1
龙战于野
TA的每日心情 | 开心
2018-2-26 08:32 |
|---|
签到天数: 19 天 [LV.4]偶尔看看III
|
【破解软件】DVD Copy Express 5.5
【下载地址】http://www.onlinedown.net/soft/7021.htm
【运行环境】Win9x/Me/NT/2000/XP/2003
【软件类别】国外软件/共享版/视频工具
【保护方式】注册码、重启验证
【作者声明】初学Crack,只是感兴趣,消遣业余时间,错误之处敬请诸位前辈不吝赐教。
【调试工具】OllyDBD、PEiD
【软件信息】将DVD电影拷贝制成VCD, SVCD, 和 AVI文件。
一、算法跟踪
PEiD分析:Microsoft Visual C++ 6.0
OD 载入程序查找字串参考,找到有用信息二处:
第一处地址=00407740 “please input correct registration code first!”
第二处地址=0041730F “you have registered!”
第一处
00407739 . 83F9 14 CMP ECX,14 ; 比较注册码位数
0040773C . 74 13 JE SHORT dce.00407751
0040773E . 56 PUSH ESI
0040773F . 56 PUSH ESI
00407740 . 68 A49A4D00 PUSH dce.004D9AA4 ; please input correct registration code first!
第二处
004172CE . E8 3D99FFFF CALL dce.00410C10 ; [00410C10]关键地址
004172D3 . 85C0 TEST EAX,EAX
004172D5 . 0F84 C0000000 JE dce.0041739B
004172DB . 6A 00 PUSH 0
004172DD . 8D4C24 08 LEA ECX,DWORD PTR SS:[ESP+8]
004172E1 . E8 BA93FFFF CALL dce.004106A0
004172E6 . 8B8E 0CD90000 MOV ECX,DWORD PTR DS:[ESI+D90C]
004172EC . 8B86 08D90000 MOV EAX,DWORD PTR DS:[ESI+D908]
004172F2 . 898C24 180100>MOV DWORD PTR SS:[ESP+118],ECX
004172F9 . 8D4C24 04 LEA ECX,DWORD PTR SS:[ESP+4]
004172FD . C78424 100200>MOV DWORD PTR SS:[ESP+210],0
00417308 . 898424 140100>MOV DWORD PTR SS:[ESP+114],EAX
0041730F . C78424 1C0100>MOV DWORD PTR SS:[ESP+11C],dce.004DA5D4 ; you have registered!
在第一处知道注册码位数需要20位。假码:12345678902234567890
由于重启验证,注册成功也无提示,在第二处断不下来。直接Ctrl+Go 到[00410C10]处。
00410C10 /$ 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] ; 在此下断
00410C16 |. 6A FF PUSH -1
00410C18 |. 68 FC334A00 PUSH dce.004A33FC
00410C1D |. 50 PUSH EAX
00410C1E |. B8 3C140000 MOV EAX,143C
00410C23 |. 64:8925 00000>MOV DWORD PTR FS:[0],ESP
00410C2A |. E8 C17B0600 CALL dce.004787F0
00410C2F |. 53 PUSH EBX
00410C30 |. 56 PUSH ESI
00410C31 |. 33DB XOR EBX,EBX
00410C33 |. 57 PUSH EDI
00410C34 |. 33FF XOR EDI,EDI
00410C36 |. 895C24 38 MOV DWORD PTR SS:[ESP+38],EBX
00410C3A |. 8D4424 48 LEA EAX,DWORD PTR SS:[ESP+48]
00410C3E |. 68 7C9A4D00 PUSH dce.004D9A7C ; software\dvd copy express\adrsetting
00410C43 |. 50 PUSH EAX
00410C44 |. 89BC24 581400>MOV DWORD PTR SS:[ESP+1458],EDI
00410C4B |. E8 C3730600 CALL dce.00478013
---------------------中间省略----------------------
00410D7E |. 50 PUSH EAX
00410D7F |. C68424 541400>MOV BYTE PTR SS:[ESP+1454],3
00410D87 |. E8 B92C0800 CALL dce.00493A45
00410D8C |. 8B5424 18 MOV EDX,DWORD PTR SS:[ESP+18]
00410D90 |. 83C9 FF OR ECX,FFFFFFFF
00410D93 |. 8BFA MOV EDI,EDX
00410D95 |. 33C0 XOR EAX,EAX
00410D97 |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
00410D99 |. F7D1 NOT ECX ; ECX=FFFFFFEA not =15
00410D9B |. 49 DEC ECX
00410D9C |. 83F9 14 CMP ECX,14 ; 比较注册码位数
00410D9F |. 0F85 2C010000 JNZ dce.00410ED1
00410DA5 |. 33C9 XOR ECX,ECX
00410DA7 |> 8A044A /MOV AL,BYTE PTR DS:[EDX+ECX*2] ; 取假码奇数位
00410DAA |. 3C 61 |CMP AL,61
00410DAC |. 7C 06 |JL SHORT dce.00410DB4
00410DAE |. 3C 66 |CMP AL,66
00410DB0 |. 7F 02 |JG SHORT dce.00410DB4
00410DB2 |. 2C 07 |SUB AL,7 ; (a…f)-7后逻辑左移
00410DB4 |> C0E0 04 |SHL AL,4 ; AL=31 shl 4=10
00410DB7 |. 88440C 3C |MOV BYTE PTR SS:[ESP+ECX+3C],AL
00410DBB |. 8A444A 01 |MOV AL,BYTE PTR DS:[EDX+ECX*2+1] ; 取假码偶数位
00410DBF |. 3C 61 |CMP AL,61
00410DC1 |. 7C 08 |JL SHORT dce.00410DCB
00410DC3 |. 3C 66 |CMP AL,66
00410DC5 |. 7F 04 |JG SHORT dce.00410DCB
00410DC7 |. 2C 57 |SUB AL,57 ; (a…f)-57
00410DC9 |. EB 02 |JMP SHORT dce.00410DCD
00410DCB |> 2C 30 |SUB AL,30 ; AL=32 -30=2
00410DCD |> 00440C 3C |ADD BYTE PTR SS:[ESP+ECX+3C],AL ; 10+2=12(变形后奇偶位相加)
00410DD1 |. 41 |INC ECX ; ECX 计数器
00410DD2 |. 83F9 0A |CMP ECX,0A ; A 循环次数
00410DD5 |.^ 7C D0 \JL SHORT dce.00410DA7 ; 结果记为s1
00410DD7 |. 6A 00 PUSH 0
00410DD9 |. 68 30A24D00 PUSH dce.004DA230 ; 字符串(advdripper)
00410DDE |. 8D4C24 24 LEA ECX,DWORD PTR SS:[ESP+24]
00410DE2 |. 6A 0A PUSH 0A
00410DE4 |. 8D5424 48 LEA EDX,DWORD PTR SS:[ESP+48]
00410DE8 |. 51 PUSH ECX
00410DE9 |. 52 PUSH EDX
00410DEA |. E8 0157FFFF CALL dce.004064F0 ; F7进入
00410DEF |. 8A4424 30 MOV AL,BYTE PTR SS:[ESP+30] ; sn(1)
00410DF3 |. 83C4 14 ADD ESP,14
00410DF6 |. 3C 72 CMP AL,72
00410DF8 |. 0F85 D3000000 JNZ dce.00410ED1
00410DFE |. 807C24 1D 67 CMP BYTE PTR SS:[ESP+1D],67 ; sn(2)
00410E03 |. 0F85 C8000000 JNZ dce.00410ED1
00410E09 |. 807C24 24 63 CMP BYTE PTR SS:[ESP+24],63 ; sn(9)
00410E0E |. 0F85 BD000000 JNZ dce.00410ED1
00410E14 |. 807C24 25 78 CMP BYTE PTR SS:[ESP+25],78 ; sn(10)
00410E19 |. 0F85 B2000000 JNZ dce.00410ED1
00410E1F |. 8A4C24 1F MOV CL,BYTE PTR SS:[ESP+1F] ; sn(4)
00410E23 |. 8A4424 1E MOV AL,BYTE PTR SS:[ESP+1E] ; sn(3)
00410E27 |. 8A5424 20 MOV DL,BYTE PTR SS:[ESP+20] ; sn(5)
00410E2B |. 884C24 29 MOV BYTE PTR SS:[ESP+29],CL
00410E2F |. 884424 28 MOV BYTE PTR SS:[ESP+28],AL
00410E33 |. 8A4424 21 MOV AL,BYTE PTR SS:[ESP+21] ; sn(6)
00410E37 |. 8D4C24 28 LEA ECX,DWORD PTR SS:[ESP+28]
00410E3B |. 885424 2A MOV BYTE PTR SS:[ESP+2A],DL
00410E3F |. 51 PUSH ECX ; ECX=sn(3、4、5、6)地址
00410E40 |. 884424 2F MOV BYTE PTR SS:[ESP+2F],AL
00410E44 |. C64424 30 00 MOV BYTE PTR SS:[ESP+30],0
00410E49 |. E8 96790600 CALL dce.004787E4
00410E4E |. 8A5424 26 MOV DL,BYTE PTR SS:[ESP+26] ; sn(7)
00410E52 |. 8BF0 MOV ESI,EAX
00410E54 |. 8A4424 27 MOV AL,BYTE PTR SS:[ESP+27] ; sn(8)
00410E58 |. 8D4C24 2C LEA ECX,DWORD PTR SS:[ESP+2C]
00410E5C |. 51 PUSH ECX
00410E5D |. 885424 30 MOV BYTE PTR SS:[ESP+30],DL
00410E61 |. 884424 31 MOV BYTE PTR SS:[ESP+31],AL
00410E65 |. C64424 32 00 MOV BYTE PTR SS:[ESP+32],0
---------------------中间省略----------------------
00410F18 |. 5F POP EDI
00410F19 |. 5E POP ESI
00410F1A |. 5B POP EBX
00410F1B |. 64:890D 00000>MOV DWORD PTR FS:[0],ECX
00410F22 |. 81C4 48140000 ADD ESP,1448
00410F28 \. C3 RETN ; 返回到 00412495
00410DEA 处F7进入来到下面:
004064F0 /$ 81EC 04010000 SUB ESP,104
004064F6 |. 53 PUSH EBX
004064F7 |. 8B9C24 180100>MOV EBX,DWORD PTR SS:[ESP+118] ; [ESP+118]="ADVDRipper"
004064FE |. 55 PUSH EBP
004064FF |. 56 PUSH ESI
00406500 |. 57 PUSH EDI
00406501 |. 8BFB MOV EDI,EBX
00406503 |. 83C9 FF OR ECX,FFFFFFFF
00406506 |. 33C0 XOR EAX,EAX
00406508 |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0040650A |. F7D1 NOT ECX ; ECX=4 not=B
0040650C |. 49 DEC ECX ; ECX=B-1=A
---------------------中间省略----------------------
0040662B |. 8BC3 MOV EAX,EBX
0040662D |. 2BF3 SUB ESI,EBX
0040662F |. 8D5F 01 LEA EBX,DWORD PTR DS:[EDI+1] ; [EDI+1]=B
00406632 |> 8A08 /MOV CL,BYTE PTR DS:[EAX]
00406634 |. 880C02 |MOV BYTE PTR DS:[EDX+EAX],CL ; CL=41 ('A')
00406637 |. 880C06 |MOV BYTE PTR DS:[ESI+EAX],CL
0040663A |. 40 |INC EAX
0040663B |. 4B |DEC EBX
0040663C |.^ 75 F4 \JNZ SHORT dce.00406632 ; 复制二份字符串
0040663E |> 33DB XOR EBX,EBX
00406640 |. 33C9 XOR ECX,ECX
00406642 |. 33C0 XOR EAX,EAX
00406644 |. 3BFB CMP EDI,EBX ; EDI=A
00406646 |. 7E 12 JLE SHORT dce.0040665A
00406648 |> 33D2 /XOR EDX,EDX
0040664A |. 8A9404 DC0000>|MOV DL,BYTE PTR SS:[ESP+EAX+DC] ; 取字符串(ADVDRipper)
00406651 |. 03D0 |ADD EDX,EAX ; EDX=(41..72) + EAX=(0..9)
00406653 |. 33CA |XOR ECX,EDX ; ECX=0.41.4…34
00406655 |. 40 |INC EAX
00406656 |. 3BC7 |CMP EAX,EDI
00406658 |.^ 7C EE \JL SHORT dce.00406648 ; 循环计算得到: 34
0040665A |> 33C0 XOR EAX,EAX
0040665C |. 3BFB CMP EDI,EBX
0040665E |. 7E 10 JLE SHORT dce.00406670
00406660 |> 8A5404 6C /MOV DL,BYTE PTR SS:[ESP+EAX+6C] ; 取字符串(ADVDRipper)
00406664 |. 32D1 |XOR DL,CL ; DL=41 xor 34= 75
00406666 |. 41 |INC ECX ; 34+(1…A)=35…3E
00406667 |. 885404 6C |MOV BYTE PTR SS:[ESP+EAX+6C],DL ; 保存计算结果
0040666B |. 40 |INC EAX
0040666C |. 3BC7 |CMP EAX,EDI
0040666E |.^ 7C F0 \JL SHORT dce.00406660 ; 结果记为s2(75 ..4F)
00406670 |> 33F6 XOR ESI,ESI
00406672 |. 3BFB CMP EDI,EBX
00406674 |. 7E 1A JLE SHORT dce.00406690
00406676 |> 33C0 /XOR EAX,EAX
00406678 |. BD 35000000 |MOV EBP,35
0040667D |. 8A4434 6C |MOV AL,BYTE PTR SS:[ESP+ESI+6C]
00406681 |. 99 |CDQ
00406682 |. F7FD |IDIV EBP
00406684 |. 46 |INC ESI
00406685 |. 3BF7 |CMP ESI,EDI
00406687 |. 889434 A30000>|MOV BYTE PTR SS:[ESP+ESI+A3],DL
0040668E |.^ 7C E6 \JL SHORT dce.00406676
00406690 |> 8BC1 MOV EAX,ECX
00406692 |. B9 35000000 MOV ECX,35
00406697 |. 99 CDQ
00406698 |. F7F9 IDIV ECX
0040669A |. 8B8424 1C0100>MOV EAX,DWORD PTR SS:[ESP+11C]
004066A1 |. 33F6 XOR ESI,ESI
004066A3 |. 32C9 XOR CL,CL
004066A5 |. 885C24 13 MOV BYTE PTR SS:[ESP+13],BL
004066A9 |. 884C24 18 MOV BYTE PTR SS:[ESP+18],CL
004066AD |. 885C24 14 MOV BYTE PTR SS:[ESP+14],BL
004066B1 |. 895C24 54 MOV DWORD PTR SS:[ESP+54],EBX
004066B5 |. 894424 58 MOV DWORD PTR SS:[ESP+58],EAX
004066B9 |. 895424 5C MOV DWORD PTR SS:[ESP+5C],EDX
004066BD |. 8B9424 180100>MOV EDX,DWORD PTR SS:[ESP+118]
004066C4 |. 2BD0 SUB EDX,EAX
004066C6 |. 895424 60 MOV DWORD PTR SS:[ESP+60],EDX ; EDX=20
004066CA |> 8B5424 60 /MOV EDX,DWORD PTR SS:[ESP+60] ; [ESP+60]=20
004066CE |. 8B4424 58 |MOV EAX,DWORD PTR SS:[ESP+58]
004066D2 |. 8BBC24 200100>|MOV EDI,DWORD PTR SS:[ESP+120] ; [ESP+120]=A
004066D9 |. 0FBE0402 |MOVSX EAX,BYTE PTR DS:[EDX+EAX] ; 逐位取s1
004066DD |. 8B5424 54 |MOV EDX,DWORD PTR SS:[ESP+54] ; [ESP+54]=0、1
004066E1 |. 3BD7 |CMP EDX,EDI
004066E3 |. 0F83 11010000 |JNB dce.004067FA
004066E9 |. 8A5C34 6C |MOV BL,BYTE PTR SS:[ESP+ESI+6C] ; 逐位取s2
004066ED |. 8B9424 280100>|MOV EDX,DWORD PTR SS:[ESP+128]
004066F4 |. 8BEB |MOV EBP,EBX
004066F6 |. 81E5 FF000000 |AND EBP,0FF
004066FC |. 85D2 |TEST EDX,EDX ; EDX=0
004066FE |. 8A9434 DC0000>|MOV DL,BYTE PTR SS:[ESP+ESI+DC] ; 逐位取字符串
00406705 |. 8BFA |MOV EDI,EDX
00406707 |. 74 2A |JE SHORT dce.00406733 ; 跳
00406709 |. 81E7 FF000000 |AND EDI,0FF
0040670F |. 33FD |XOR EDI,EBP
00406711 |. 8B6C24 14 |MOV EBP,DWORD PTR SS:[ESP+14]
00406715 |. 81E5 FF000000 |AND EBP,0FF
0040671B |. 884C24 14 |MOV BYTE PTR SS:[ESP+14],CL
0040671F |. 33FD |XOR EDI,EBP
00406721 |. 8B6C24 18 |MOV EBP,DWORD PTR SS:[ESP+18]
00406725 |. 81E5 FF000000 |AND EBP,0FF
0040672B |. 33FD |XOR EDI,EBP
0040672D |. 33C7 |XOR EAX,EDI
0040672F |. 8AC8 |MOV CL,AL
00406731 |. EB 2E |JMP SHORT dce.00406761
00406733 |> 81E7 FF000000 |AND EDI,0FF
00406739 |. 894424 68 |MOV DWORD PTR SS:[ESP+68],EAX ; EAX=00000012(s1)
0040673D |. 33FD |XOR EDI,EBP ; EDI=41(字符串) xor 75(s2)=34
0040673F |. 8B6C24 14 |MOV EBP,DWORD PTR SS:[ESP+14] ; [ESP+14]=0、0、s1(1-8)
00406743 |. 81E5 FF000000 |AND EBP,0FF
00406749 |. 884C24 14 |MOV BYTE PTR SS:[ESP+14],CL
0040674D |. 8A4C24 68 |MOV CL,BYTE PTR SS:[ESP+68] ; [ESP+68]=12(s1)
00406751 |. 33FD |XOR EDI,EBP ; 34 xor 0 =34
00406753 |. 8B6C24 18 |MOV EBP,DWORD PTR SS:[ESP+18] ; [ESP+18]=0
00406757 |. 81E5 FF000000 |AND EBP,0FF
0040675D |. 33FD |XOR EDI,EBP ; EBP=0、s1(1-9)
0040675F |. 33C7 |XOR EAX,EDI ; EAX=12(s1) xor 34=26
00406761 |> 8B7C24 58 |MOV EDI,DWORD PTR SS:[ESP+58]
00406765 |. 8B6C24 64 |MOV EBP,DWORD PTR SS:[ESP+64] ; [ESP+64]=A
00406769 |. 884C24 18 |MOV BYTE PTR SS:[ESP+18],CL
0040676D |. 8807 |MOV BYTE PTR DS:[EDI],AL ; 保存AL记为sn
0040676F |. 8B4424 54 |MOV EAX,DWORD PTR SS:[ESP+54] ; [ESP+54]=0、1…9
00406773 |. 40 |INC EAX
00406774 |. 47 |INC EDI
00406775 |. 894424 54 |MOV DWORD PTR SS:[ESP+54],EAX
00406779 |. 33C0 |XOR EAX,EAX
0040677B |. 8A8434 A40000>|MOV AL,BYTE PTR SS:[ESP+ESI+A4]
00406782 |. 897C24 58 |MOV DWORD PTR SS:[ESP+58],EDI
00406786 |. 8B7C24 5C |MOV EDI,DWORD PTR SS:[ESP+5C]
0040678A |. 8A4404 1C |MOV AL,BYTE PTR SS:[ESP+EAX+1C]
0040678E |. 02C2 |ADD AL,DL
00406790 |. 8A543C 1C |MOV DL,BYTE PTR SS:[ESP+EDI+1C]
00406794 |. 02D3 |ADD DL,BL
00406796 |. 888434 DC0000>|MOV BYTE PTR SS:[ESP+ESI+DC],AL
0040679D |. 885434 6C |MOV BYTE PTR SS:[ESP+ESI+6C],DL
004067A1 |. 46 |INC ESI ; ESI 计数器
004067A2 |. 3BF5 |CMP ESI,EBP ; EBP=A 循环次数
004067A4 |.^ 0F85 20FFFFFF |JNZ dce.004066CA ;
004067AA |. 8A4424 13 |MOV AL,BYTE PTR SS:[ESP+13]
004067AE |. FEC0 |INC AL
004067B0 |. 884424 13 |MOV BYTE PTR SS:[ESP+13],AL ; AL=1
004067B4 |. 75 3D |JNZ SHORT dce.004067F3 ; 跳
004067B6 |. 33D2 |XOR EDX,EDX
004067B8 |. 33C0 |XOR EAX,EAX
004067BA |. 3BEA |CMP EBP,EDX
004067BC |. 7E 35 |JLE SHORT dce.004067F3
004067BE |> 8A9C04 A40000>|/MOV BL,BYTE PTR SS:[ESP+EAX+A4]
004067C5 |. FEC3 ||INC BL
004067C7 |. 80FB 35 ||CMP BL,35
004067CA |. 889C04 A40000>||MOV BYTE PTR SS:[ESP+EAX+A4],BL
004067D1 |. 75 07 ||JNZ SHORT dce.004067DA
004067D3 |. 889404 A40000>||MOV BYTE PTR SS:[ESP+EAX+A4],DL
004067DA |> 8A5C04 1C ||MOV BL,BYTE PTR SS:[ESP+EAX+1C]
004067DE |. 005C04 6C ||ADD BYTE PTR SS:[ESP+EAX+6C],BL
004067E2 |. 47 ||INC EDI
004067E3 |. 83FF 35 ||CMP EDI,35
004067E6 |. 75 02 ||JNZ SHORT dce.004067EA
004067E8 |. 33FF ||XOR EDI,EDI
004067EA |> 40 ||INC EAX
004067EB |. 3BC5 ||CMP EAX,EBP
004067ED |.^ 7C CF |\JL SHORT dce.004067BE
004067EF |. 897C24 5C |MOV DWORD PTR SS:[ESP+5C],EDI
004067F3 |> 33F6 |XOR ESI,ESI
004067F5 |.^ E9 D0FEFFFF \JMP dce.004066CA
004067FA |> 8B8424 1C0100>MOV EAX,DWORD PTR SS:[ESP+11C] ; [ESP+11C]=sn
00406801 |. 5F POP EDI
00406802 |. 5E POP ESI
00406803 |. 5D POP EBP
00406804 |. C60402 00 MOV BYTE PTR DS:[EDX+EAX],0
00406808 |. 33C0 XOR EAX,EAX
0040680A |. 5B POP EBX
0040680B |. 81C4 04010000 ADD ESP,104
00406811 \. C3 RETN ; 返回到 00410DEF
二、算法小结
注册码必须是20位,用户名与注册码无关。
1.预处理注册码
奇数位 shl 4 若是[a..f]先减7
偶数位 若是[a..f] sub 57 否则 sub 30
奇、偶数位相加得到: s1
2. 字符串(ADVDRipper)(0x41445644526970706572)
0 xor (41+0) =41
41 xor (44+1)=4
4 xor (56+2) =5C
……
循环得到: 34
3. 字符串(ADVDRipper)
41 xor 34=75
44 xor 35=71
……
循环得到: s2=75 71 60 73 6A 50 4A 4B 59 4F
4.
字符串 xor s2 得到s3
s3 xor (0 0 s1[1..8]) 得到s4
s4 xor (0 s1[1..9] 得到s5
s1 xor s5 得到的结果如果第1、2、9、10位,等于72、67、63、78注册成功。
三、算法验证
1.注册码:46142df8758703683419
奇数位:412f780631 --> 40 10 20 F0 70 80 00 60 30 10
偶数位:64d8573849 --> 6 4 D 8 5 7 3 8 4 9
s1 = 46 14 2D F8 75 87 03 68 34 19
2.四次异或运算
(1)
字符串 41 44 56 44 52 69 70 70 65 72
s2 75 71 60 73 6A 50 4A 4B 59 4F
--------------------------------------------------
s3 34 35 36 37 38 39 3A 3B 3C 3D
(2)
s3 34 35 36 37 38 39 3A 3B 3C 3D
00 00 46 14 2D F8 75 87 03 68
--------------------------------------------------
s4 34 35 70 23 15 C1 4F BC 3F 55
(3)
s4 34 35 70 23 15 C1 4F BC 3F 55
00 46 14 2D F8 75 87 03 68 34
---------------------------------------------------------
s5 34 73 64 0E ED B4 C8 BF 57 61
4.
s1 46 14 2D F8 75 87 03 68 34 19
s5 34 73 64 0E ED B4 C8 BF 57 61
----------------------------------------------------------
72 67 49 F6 98 33 CB D7 63 78
结果第1、2、9、10位,等于72、67、63、78注册成功。
注册信息保存在:
HKEY_LOCAL_MACHINE\SOFTWARE\DVD COPY EXPRESS\ADRSETTING |
|
IP卡
发表于 2006-7-27 21:33:17
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2006-7-27 22:03:07
楼主
