本文仅以学习交流为目的,请勿用于非法用途
自从去除控制破解掉了机房助手6.1的密码策略后,那个作者更换了加密策略,并对软件加壳保护
今天来分析一下新的加密算法
同6.1 相比 6.8
1 依旧是过时的DES加密
2 更换了密钥为rebootpc,偏移量syserror
3 对写入注册表的数据做了一些装饰
4 增加了对去除控制,我的arp欺骗程序,用于6.1破解密码的regworkshop
的屏蔽(很愚蠢的匹配窗口名的办法)以图为证
关键算法
public static object smethod_2()
{
string text = null;
int num = 0;
try
{
ProjectData.ClearProjectError();
string text2 = "reboot";
string text3 = "sys";
object objectValue = RuntimeHelpers.GetObjectValue(Interaction.CreateObject("wscript.shell", ""));
object obj = RuntimeHelpers.GetObjectValue(NewLateBinding.LateGet(objectValue, null, "regread", new object[]
{
"HKEY_LOCAL_MACHINE\\software\\pd"
}, null, null, null));
int num2 = 1;
do
{
Conversions.ToString(Operators.ConcatenateObject(obj, "2"));
num2++;
}
while (num2 <= 3);
obj = RuntimeHelpers.GetObjectValue(NewLateBinding.LateGet(objectValue, null, "regread", new object[]
{
"HKEY_LOCAL_MACHINE\\software\\360m"
}, null, null, null));
object objectValue2 = RuntimeHelpers.GetObjectValue(obj);
text2 += "pc";
int num3 = 1;
do
{
Conversions.ToString(Operators.ConcatenateObject(obj, "1"));
num3++;
}
while (num3 <= 3);
obj = Strings.Mid(Conversions.ToString(obj), 2);
int num4 = 1;
do
{
Conversions.ToString(Operators.ConcatenateObject(obj, "2"));
num4++;
}
while (num4 <= 3);
text3 += "error";
if (Information.Err().Number == 0)
{
text = CryptoHelper.smethod_1(Conversions.ToString(obj), text2, text3);
}
else
{
text = "";
}
CryptoHelper.Decrypt(Conversions.ToString(objectValue2), "20200101", "xsjfglzs");
}
catch (Exception)
{
}
string text4 = text;
if (num != 0)
{
ProjectData.ClearProjectError();
}
MessageBox.Show(Conversions.ToString(text4));
return text4;
}
public static string Decrypt(string string_0, string string_1, string string_2)
{
DESCryptoServiceProvider descryptoServiceProvider = new DESCryptoServiceProvider();
descryptoServiceProvider.Key = Encoding.UTF8.GetBytes(string_1);
descryptoServiceProvider.IV = Encoding.UTF8.GetBytes(string_2);
byte[] buffer = Convert.FromBase64String(string_0);
MemoryStream stream = new MemoryStream(buffer);
CryptoStream stream2 = new CryptoStream(stream, descryptoServiceProvider.CreateDecryptor(), CryptoStreamMode.Read);
StreamReader streamReader = new StreamReader(stream2);
return streamReader.ReadToEnd();
}
可以看出核心算法并未有较大的改变
可以参考我对6.1的分析 https://blog.csdn.net/qq_37485351/article/details/93291748
这是修改版的设置,在原密码栏中随意输入,按保存设置,忽视退出安全软件提示(按是),会自动弹出一个消息框,那就是密码
下载地址 https://www.lanzous.com/b05fzlri
当然注册表解密也行
把360m项拿出来,去掉前面的a就是真正的加密码了,一样的在线解密
ok
我们的目的旨在帮助有能力的学生学到更多的知识,而不是局限于老师所讲的,当然我们还是希望薄弱的同学好好听课。