├── screenshot.gif ├── README.md ├── LICENSE └── main.asm /screenshot.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iDone/010-Editor-Keygen/HEAD/screenshot.gif -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 010 Editor KeyGen 2 | 3 | A License Key generator for [010 Editor](http://www.sweetscape.com/download/010editor/). 4 | Written purely in Assembly 5 | 6 | ## Warning 7 | 8 | It is for **EDUCATIONAL PURPOSES** only. 9 | 10 | ## Features 11 | 12 | 1. Arbitrary usernames are supported 13 | 14 | 2. License expiration date can be customized (any date between the next day and December 31, 3000) 15 | 16 | 3. N-User License Keys can be generated where 1 ≤ N ≤ 1000 17 | 18 | You **DON'T NEED MSVCRT** to run this program 19 | 20 | ## How to assemble 21 | Here are the steps for Assembling 22 | 23 | 1. Download [Flat Assembler](http://flatassembler.net/download.php) 24 | 25 | or 26 | 27 | If you are on Linux, you may use `sudo apt-get install fasm` 28 | 29 | 2. Assemble using the following command 30 | 31 | `fasm main.asm` 32 | 33 | The current support is for Windows only. 34 | 35 | I'll be adding a linux executable soon 36 | 37 | ## Screenshot 38 | 39 | ![Screenshot](screenshot.gif) 40 | 41 | ## License 42 | 43 | [MIT](/LICENSE) 44 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 x0r19x91 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /main.asm: -------------------------------------------------------------------------------- 1 | ; +-----------------------------------------------------------------------+ 2 | ; | | 3 | ; | This is a keygen for 010 Editor | 4 | ; | | 5 | ; | http://www.sweetscape.com/download/010editor/ | 6 | ; | | 7 | ; +-----------------------------------------------------------------------+ 8 | 9 | ; +-----------------------------------------------------------------------+ 10 | ; | | 11 | ; | *WARNING* | 12 | ; | | 13 | ; | FOR EDUCATIONAL PURPOSES ONLY | 14 | ; | | 15 | ; | I did it for fun ! | 16 | ; | IF YOU LIKE IT PLEASE BUY IT | 17 | ; | | 18 | ; +-----------------------------------------------------------------------+ 19 | 20 | ; Boxes using ASCII Characters look beautiful :-) 21 | 22 | ; +-----------------------------------------------------------------------+ 23 | ; | AUTHOR | 24 | ; +-----------------------------------------------------------------------+ 25 | ; | _______ ____ ________ ________ ____ | 26 | ; | ___ __\ _ \______/_ / __ \___ ___/ __ \/_ | | 27 | ; | \ \/ / /_\ \_ __ \ \____ /\ \/ /\____ / | | | 28 | ; | > <\ \_/ \ | \/ | / / > < / / | | | 29 | ; | /__/\_ \\_____ /__| |___| /____/ /__/\_ \ /____/ |___| | 30 | ; | \/ \/ \/ | 31 | ; +-----------------------------------------------------------------------+ 32 | 33 | ; The above ascii art is generated using http://patorjk.com/software/taag 34 | 35 | ; This Program is only 6260 bytes ! 36 | ; I wrote the keygen first in C, using Visual Studio 2017 37 | ; The Binary Produced by Visual Studio is 68,608 Bytes 38 | ; So, I wrote it using Flat Assembler (FASM) 39 | 40 | ; Usage Instructions 41 | 42 | ; +-----------------------------------------------------------------------+ 43 | ; | USAGE | 44 | ; +-----------------------------------------------------------------------+ 45 | ; | | 46 | ; | 1. Download Flat Assembler (FASM) | 47 | ; | URL : https://flatassembler.net/download.php | 48 | ; | | 49 | ; | 2. Assemble the Source Code | 50 | ; | -> fasm [filename].asm | 51 | ; | | 52 | ; | 3. Execute the Executable File | 53 | ; | | 54 | ; +-----------------------------------------------------------------------+ 55 | 56 | 57 | ; Format of the License Key generated by this program 58 | 59 | ; +-----------------------------------------------------------------------+ 60 | ; | LICENSE FORMAT | 61 | ; +-----------------------------------------------------------------------+ 62 | ; | | 63 | ; | The License Key is Formatted as follows | 64 | ; | AABB-CCDD-EEFF-GGHH-IIJJ | 65 | ; | 1. AA, BB, ..., JJ are Hexadecimal Values | 66 | ; | 2. DD is 0xAC | 67 | ; | 3. Any License can be valid for atmost 983 years | 68 | ; | | 69 | ; +-----------------------------------------------------------------------+ 70 | 71 | ; +-----------------------------------------------------------------------+ 72 | ; | LICENSE TYPES | 73 | ; +-----------------------------------------------------------------------+ 74 | ; | | 75 | ; | 1. Single User License | 76 | ; | 2. N User License, where 1 < N < 1000 | 77 | ; | 3. 1000 User License (Site License) | 78 | ; | | 79 | ; +-----------------------------------------------------------------------+ 80 | 81 | ; We Need to Execute in Windows SubSystem 82 | ; 83 | ; Win32 Template 84 | ; Written by x0r19x91 85 | ; 86 | ; Date : 22:47 29-08-2018 87 | ; 88 | 89 | format PE GUI 6.0 90 | entry initialize 91 | include '\fasm\include\win32ax.inc' 92 | 93 | macro init_dll dll_id, dll_name, [func_name] 94 | { 95 | common 96 | label dll_id 97 | .size = 0 98 | .dll db dll_name, 0 99 | label .functions 100 | forward 101 | .size = .size + 1 102 | forward 103 | dd func_name, fn#func_name 104 | forward 105 | label func_name dword 106 | .str db `func_name, 0 107 | forward 108 | label fn#func_name dword 109 | dd 0 110 | } 111 | 112 | macro push [reg] { forward push reg } 113 | macro pop [reg] { reverse pop reg } 114 | 115 | macro load_dll [dll_id] 116 | { 117 | forward 118 | push ebx 119 | push esi 120 | push edx 121 | local ..next, ..load_loop 122 | ..next: 123 | mov eax, esp 124 | invoke fnLoadLibraryEx, dll_id#.dll, 0, 0 125 | mov esi, eax 126 | xor ebx, ebx 127 | ..load_loop: 128 | invoke fnGetProcAddress, esi, dword [dll_id#.functions+ebx*8] 129 | mov edx, [dll_id#.functions+ebx*8+4] 130 | mov [edx], eax 131 | inc ebx 132 | cmp ebx, dll_id#.size 133 | jl ..load_loop 134 | pop edx 135 | pop esi 136 | pop ebx 137 | } 138 | 139 | ; +-----------------------------------------------------------------------+ 140 | ; | | 141 | ; | Control Identifiers | 142 | ; | | 143 | ; +-----------------------------------------------------------------------+ 144 | 145 | IDD_MAIN_DIALOG = 1729 146 | IDC_TEXT_NAME = 0x01 147 | IDC_TEXT_USERS = 0x02 148 | IDC_SPIN_USERS = 0x03 149 | IDC_BTN_COPY = 0x04 150 | IDC_BTN_CLRREG = 0x05 151 | IDC_BTN_INFO = 0x06 152 | IDC_LABEL_SERIAL = 0x07 153 | IDC_DATE_DAYS = 0x0A 154 | 155 | 156 | UDM_SETRANGE32 = 0x46f 157 | GDTR_MIN = 0x001 158 | GDTR_MAX = 0x002 159 | 160 | LANGUAGE_ID = LANG_ENGLISH or SUBLANG_ENGLISH_US 161 | 162 | FORMAT_FLAGS = FORMAT_MESSAGE_ALLOCATE_BUFFER \ 163 | or FORMAT_MESSAGE_FROM_STRING \ 164 | or FORMAT_MESSAGE_ARGUMENT_ARRAY 165 | 166 | DELETE_FLAGS = 0x00010000 or KEY_QUERY_VALUE \ 167 | or KEY_ENUMERATE_SUB_KEYS 168 | 169 | 170 | 171 | ; +-----------------------------------------------------------------------+ 172 | ; | | 173 | ; | Global Data | 174 | ; | | 175 | ; +-----------------------------------------------------------------------+ 176 | 177 | section '.data' data readable writeable 178 | 179 | fnGetProcAddress dd 0 180 | fnLoadLibraryEx dd 0 181 | 182 | szMsgBoxTitle db 'Info', 0 ; Our Message Box Title 183 | szHex db '0123456789ABCDEF' ; Hexadecimal translation table 184 | szLicense rb 25 ; Stores the formatted license key 185 | szBytes rb 10 ; Stores the raw bytes of license key 186 | hHeap dd ? ; Handle to the heap of this process 187 | hTextName dd ? ; Handle to text box labeled 'Name' 188 | hTextUsers dd ? ; Handle to text box labeled 'Users' 189 | hSpinUsers dd ? ; Handle to up-down control for 'Users' 190 | hBtnCopy dd ? ; Handle to 'Copy' button 191 | hBtnInfo dd ? ; Handle to 'Info' button 192 | hBtnClr dd ? ; Handle to 'Clear Registry' button 193 | hStaticSerial dd ? ; Handle to the label inside the 'License Info' frame 194 | hDatePicker dd ? ; Handle to the date picker for license validity 195 | 196 | sysCurrDate SYSTEMTIME ? 197 | sysStartDate SYSTEMTIME ? 198 | sysEndDate SYSTEMTIME 3000, 12, 3, 31, 23, 59, 59, 0 199 | sysFileTime dq ? 200 | 201 | ; 202 | ; Declaring imports in a dll 203 | ; init_dll [dll_id], [dll_name], [function_1], [function_2], ... 204 | ; 205 | ; For Example 206 | ; init_dll user32, 'user32.dll', MessageBoxTimeoutA 207 | ; init_dll kernel32, 'kernel32.dll', ExitProcess 208 | ; 209 | init_dll kernel32, 'kernel32.dll',\ 210 | FormatMessageA, ExitProcess, GlobalAlloc, GlobalLock,\ 211 | HeapAlloc, HeapFree, LocalFree, GetLocalTime,\ 212 | SystemTimeToFileTime, FileTimeToSystemTime,\ 213 | GlobalUnlock, FileTimeToLocalFileTime 214 | 215 | init_dll advapi32, 'advapi32.dll',\ 216 | RegOpenKeyExA, RegDeleteTreeA, RegCloseKey, RegQueryValueExA 217 | 218 | init_dll ntdll, 'ntdll.dll', NtQuerySystemTime 219 | 220 | init_dll user32, 'user32.dll',\ 221 | SendMessageA, OpenClipboard, EmptyClipboard, GetDlgItem,\ 222 | SetClipboardData, CloseClipboard, DialogBoxIndirectParamA,\ 223 | PostQuitMessage, GetDlgItemInt, MessageBoxA 224 | 225 | ; Path to Registry Key for querying the existence of a registered user 226 | ; Also used for deleting the 'CLASSES' SubKey 227 | 228 | szPath db 'SOFTWARE\SweetScape\010 Editor', 0 229 | 230 | ; Format String for displaying the registered user information 231 | ; when 'Info' button is clicked 232 | 233 | szRegMsg db "Registered to '%1!s!'%nLicense Key: %2!s!", 0 234 | 235 | szNameKey db 'Name', 0 236 | szPassword db 'Password', 0 237 | 238 | ; Message to display when 010 Editor is Unregistered 239 | 240 | szUnregistered db '010 Editor is currently UNREGISTERED !' 241 | db 10 242 | db 'Please Register it !', 0 243 | 244 | ; Message to display when 010 Editor is not installed 245 | 246 | szNotInstalled db "You haven't yet installed 010 Editor !" 247 | db 10, 10 248 | db 'Download 010 Editor : http://www.sweetscape.com/download/010editor/', 0 249 | 250 | szMessages dd szNotInstalled, szUnregistered 251 | 252 | ; Used for Calculating bytes at offset 4, 5, 6, 7 in the license key 253 | 254 | rawBytes dd 969622712, 594890599, 1593930257, 1052452058, 890701766, 1677293387, 394424968 255 | dd 266815521, 1532978959, 1211194088, 2019260265, 729421127, 953225874, 1117854514 256 | dd 892543556, 2000911200, 514538256, 1400963072, 486675118, 1862498216, 1136668818 257 | dd 758909582, 1653935295, 821063674, 888606944, 687085563, 890056597, 1513495898 258 | dd 365692427, 184357836, 677395407, 863045227, 818746596, 391985767, 1842768403 259 | dd 758385145, 1478392706, 1985112985, 1552765320, 746944881, 368385984, 1758203153 260 | dd 1240817244, 660489060, 756944316, 1290697955, 844453952, 288239112, 1769473626 261 | dd 1922176006, 826636519, 391520695, 1081548223, 1069693142, 1244729994, 766313326 262 | dd 1101031894, 624951698, 14501479, 1794907983, 1460682958, 1660839647, 1104890686 263 | dd 897721119, 1442187162, 480708164, 454443986, 1064446153, 1595150448, 1041527979 264 | dd 1145775470, 1399869657, 255985995, 802693350, 2005610078, 1897360642, 2146073193 265 | dd 1538606632, 431647857, 964049561, 395138253, 19164808, 856904574, 730737943 266 | dd 708645054, 1506870658, 933323739, 819349658, 1780571206, 236747382, 533160167 267 | dd 2042104933, 670325172, 2040165158, 1354372994, 705785180, 1669754395, 1066536508 268 | dd 1426207888, 1437950089, 741941201, 796931522, 1694313338, 1290302874, 1367672048 269 | dd 2039808424, 1062939821, 954597728, 1668694488, 859122242, 1369582617, 140269649 270 | dd 53024683, 729221831, 816609203, 736893191, 55706320, 262747091, 1629838835, 581764799 271 | dd 1488480625, 1607077349, 1879925846, 1453945819, 1521965565, 856558562, 1530662365 272 | dd 1230847072, 1404918182, 1281256849, 1238970765, 272453753, 1640907491, 2127893021 273 | dd 350314733, 556617458, 654390256, 1648581270, 531062411, 1862873022, 1241517385 274 | dd 1471028336, 5121143, 1444839026, 1183580211, 1573659650, 2018540230, 1487873223 275 | dd 234237236, 898254600, 1023090193, 728843548, 2007454357, 1451820833, 267351539 276 | dd 302982385, 26807015, 865879122, 664886158, 195503981, 1625037691, 1330347906 277 | dd 1742434311, 1330272217, 1645368040, 542321916, 1782121222, 411042851, 435386250 278 | dd 1176704752, 1454246199, 1136813916, 1707755005, 224415730, 201138891, 989750331 279 | dd 1006010278, 1147286905, 406860280, 840388503, 1282017578, 1605698145, 23396724 280 | dd 862145265, 1898780916, 1855549801, 1571519230, 2083204840, 1859876276, 1602449334 281 | dd 1009413590, 690816450, 86131931, 345661263, 1565025600, 857544170, 1329948960 282 | dd 1211787679, 994381573, 991984748, 1956475134, 1098146294, 1655714289, 659576699 283 | dd 689116467, 1485584392, 451884118, 255590636, 2108114754, 1266252396, 1589326471 284 | dd 2019907768, 15552498, 1651075358, 614606175, 1656823678, 797605325, 1681594366 285 | dd 2005080248, 624648446, 884695971, 1526931791, 1595240948, 439447199, 2060396292 286 | dd 680093752, 409028215, 469068267, 195583689, 1791650630, 507724330, 1364025102 287 | dd 1094582668, 813049577, 32316922, 1240756058, 1176200235, 2104494066, 325396055 288 | dd 1796606917, 1709197385, 525495836, 1510101430, 735526761, 767523533, 1374043776 289 | dd 1559389967, 567085571, 1560216161, 867042846, 1001796703, 1568754293, 628841972 290 | dd 173812827, 379868455, 384973125 291 | 292 | ; Template for dialog box 293 | 294 | tmpDialog dd DS_SETFONT or DS_FIXEDSYS or WS_CAPTION or WS_SYSMENU 295 | dd 0 296 | dw 13 297 | dw 100, 100, 260, 114 298 | 299 | align 2 300 | dw 0 301 | dw 0 302 | du '010 Editor KeyGen', 0 303 | dw 8 304 | du 'MS Shell Dlg 2', 0 305 | 306 | align 4 307 | dd ES_LEFT+ES_AUTOHSCROLL+WS_CHILD+WS_VISIBLE+WS_BORDER+WS_TABSTOP 308 | dd 0 309 | dw 34,12,69,12 310 | dw IDC_TEXT_NAME 311 | dw -1, 0x81 312 | dw 0, 0 313 | 314 | align 4 315 | dd WS_VISIBLE+WS_TABSTOP 316 | dd 0 317 | dw 153,23,90,14 318 | dw IDC_DATE_DAYS 319 | du 'SysDateTimePick32', 0 320 | dw 0, 0 321 | 322 | align 4 323 | dd ES_LEFT+ES_AUTOHSCROLL+WS_CHILD+WS_VISIBLE+WS_BORDER+WS_TABSTOP+ES_NUMBER 324 | dd 0 325 | dw 34,32,60,14 326 | dw IDC_TEXT_USERS 327 | dw -1, 0x81 328 | dw 0, 0 329 | 330 | align 4 331 | dd WS_CHILD or WS_VISIBLE or WS_TABSTOP or BS_PUSHBUTTON 332 | dd 0 333 | dw 72,93,50,14 334 | dw IDC_BTN_COPY 335 | du -1, 0x80 336 | du 'Copy', 0 337 | dw 0 338 | 339 | align 4 340 | dd WS_CHILD or WS_VISIBLE or WS_TABSTOP or BS_PUSHBUTTON 341 | dd 0 342 | dw 203,93,50,14 343 | dw IDC_BTN_INFO 344 | du -1, 0x80 345 | du 'Info', 0 346 | dw 0 347 | 348 | align 4 349 | dd WS_CHILD or WS_VISIBLE or WS_TABSTOP or BS_PUSHBUTTON 350 | dd 0 351 | dw 7,93,59,14 352 | dw IDC_BTN_CLRREG 353 | du -1, 0x80 354 | du 'Clear Registry', 0 355 | dw 0 356 | 357 | align 4 358 | dd SS_LEFT+WS_CHILD+WS_VISIBLE+WS_GROUP 359 | dd 0 360 | dw 7,15,19,8 361 | dw -1 362 | du -1, 0x82 363 | du 'Name', 0 364 | dw 0 365 | 366 | align 4 367 | dd SS_LEFT+WS_CHILD+WS_VISIBLE+WS_GROUP 368 | dd 0 369 | dw 7,35,19,8 370 | dw -1 371 | du -1, 0x82 372 | du 'Users', 0 373 | dw 0 374 | 375 | align 4 376 | dd UDS_SETBUDDYINT+UDS_ARROWKEYS+WS_CHILD+WS_VISIBLE 377 | dd 0 378 | dw 93,32,12,14 379 | dw IDC_SPIN_USERS 380 | du 'msctls_updown32', 0 381 | dw 0, 0 382 | 383 | align 4 384 | dd BS_GROUPBOX+WS_CHILD+WS_VISIBLE 385 | dd 0 386 | dw 7,50,245,36 387 | dw -1 388 | du -1, 0x80 389 | du 'License Info', 0 390 | dw 0 391 | 392 | align 4 393 | dd SS_CENTER+WS_CHILD+WS_VISIBLE+WS_GROUP 394 | dd 0 395 | dw 70,64,120,12 396 | dw IDC_LABEL_SERIAL 397 | du -1, 0x82 398 | dw 0, 0 399 | 400 | align 4 401 | dd BS_GROUPBOX+WS_CHILD+WS_VISIBLE 402 | dd 0 403 | dw 109,11,143,34 404 | dw -1 405 | du -1, 0x80 406 | du 'Validity', 0 407 | dw 0 408 | 409 | align 4 410 | dd SS_LEFT+WS_CHILD+WS_VISIBLE+WS_GROUP 411 | dd 0 412 | dw 117,26,29,8 413 | dw -1 414 | du -1, 0x82 415 | du 'End Date', 0 416 | dw 0 417 | 418 | ; +-----------------------------------------------------------------------+ 419 | ; | | 420 | ; | Text Section | 421 | ; | | 422 | ; +-----------------------------------------------------------------------+ 423 | 424 | section '.text' code executable 425 | 426 | GET_PROC_ADDRESS = 0x8f900864 427 | LOAD_LIBRARY = 0x00635164 428 | KERNEL32_HASH = 0x29A1244C 429 | 430 | 431 | jenkins_hash: 432 | push ebx 433 | xor eax, eax 434 | @@: 435 | movzx ebx, byte [esi] 436 | or bl, bl 437 | jz @f 438 | add eax, ebx 439 | mov ebx, eax 440 | shl ebx, 10 441 | add eax, ebx 442 | mov ebx, eax 443 | shr ebx, 6 444 | xor eax, ebx 445 | inc esi 446 | jmp @b 447 | @@: 448 | mov ebx, eax 449 | shl ebx, 3 450 | add eax, ebx 451 | mov ebx, eax 452 | shr ebx, 11 453 | xor eax, ebx 454 | mov ebx, eax 455 | shl ebx, 15 456 | add eax, ebx 457 | pop ebx 458 | ret 459 | 460 | hash: 461 | push ebx 462 | xor eax, eax 463 | sub esi, 2 464 | @@: 465 | inc esi 466 | inc esi 467 | movzx ebx, word [esi] 468 | or ebx, ebx 469 | jz .ret 470 | ror eax, 9 471 | xor eax, ebx 472 | cmp ebx, 0x61 473 | jl @b 474 | cmp ebx, 0x7b 475 | jge @b 476 | xor eax, ebx 477 | sub ebx, 0x20 478 | xor eax, ebx 479 | jmp @b 480 | .ret: 481 | pop ebx 482 | ret 483 | 484 | initialize: 485 | mov eax, [fs:0x30] 486 | mov eax, [eax+12] 487 | mov ebx, [eax+0x1c] 488 | 489 | .find: 490 | mov esi, [ebx+0x20] 491 | call hash 492 | cmp eax, KERNEL32_HASH 493 | jz .found 494 | mov ebx, [ebx] 495 | jmp .find 496 | 497 | .found: 498 | mov ebx, [ebx+8] 499 | mov eax, [ebx+0x3c] 500 | mov eax, [eax+ebx+24+96] 501 | add eax, ebx 502 | push eax 503 | mov ecx, [eax+24] 504 | mov ebp, [eax+32] ; name table 505 | mov edx, [eax+36] ; ordinal table 506 | add edx, ebx 507 | add ebp, ebx 508 | xor edi, edi 509 | 510 | .search_loop: 511 | mov esi, [ebp] 512 | add esi, ebx 513 | call jenkins_hash 514 | cmp eax, LOAD_LIBRARY 515 | jnz .is_proc_addr 516 | inc edi 517 | movzx eax, word [edx] 518 | mov [fnLoadLibraryEx], eax 519 | jmp .next_func 520 | 521 | .is_proc_addr: 522 | cmp eax, GET_PROC_ADDRESS 523 | jnz .next_func 524 | inc edi 525 | movzx eax, word [edx] 526 | mov [fnGetProcAddress], eax 527 | 528 | .next_func: 529 | add edx, 2 530 | add ebp, 4 531 | cmp edi, 2 532 | jz @f 533 | dec ecx 534 | jnz .search_loop 535 | 536 | @@: 537 | pop edi 538 | mov edx, [edi+28] 539 | add edx, ebx 540 | mov eax, [fnLoadLibraryEx] 541 | mov ecx, [edx+eax*4] 542 | add ecx, ebx 543 | mov [fnLoadLibraryEx], ecx 544 | mov eax, [fnGetProcAddress] 545 | mov ecx, [edx+eax*4] 546 | add ecx, ebx 547 | mov [fnGetProcAddress], ecx 548 | jmp main 549 | 550 | 551 | ; +-----------------------------------------------------------------------+ 552 | ; | | 553 | ; | Function : to_upper | 554 | ; | Arguments : %bl | 555 | ; | %bl -> Character (0 - 255) | 556 | ; | Returns : %bl | 557 | ; | | 558 | ; +-----------------------------------------------------------------------+ 559 | ; | | 560 | ; | Convert a lowercase character in %bl to its uppercase equivalent | 561 | ; | | 562 | ; +-----------------------------------------------------------------------+ 563 | to_upper: 564 | cmp bl, 97 565 | jl @f 566 | cmp bl, 122 567 | jg @f 568 | sub ebx, 32 569 | @@: 570 | ret 571 | 572 | 573 | ; +-----------------------------------------------------------------------+ 574 | ; | | 575 | ; | Function : get_last_block | 576 | ; | Arguments : %edi, %esi, %edx | 577 | ; | %edi -> Pointer to a String | 578 | ; | %esi -> # days left for license to become invalid | 579 | ; | %edx -> # Users | 580 | ; | Returns : %eax | 581 | ; | | 582 | ; +-----------------------------------------------------------------------+ 583 | ; | | 584 | ; | Computes EE, FF, GG, HH and returns 0xHHGGFFEE | 585 | ; | See @LICENSE FORMAT above | 586 | ; | | 587 | ; +-----------------------------------------------------------------------+ 588 | get_last_block: 589 | push ebx 590 | push ecx 591 | xor ebx, ebx 592 | mov ecx, esi 593 | shl ecx, 4 594 | lea esi, [esi+ecx] 595 | mov ecx, edx 596 | shl edx, 4 597 | neg ecx 598 | lea edx, [edx+ecx] 599 | mov ecx, ebx 600 | mov eax, ebx 601 | @@: 602 | movzx ebx, byte [edi] 603 | or bl, bl 604 | jz @f 605 | call to_upper 606 | add eax, [rawBytes+ebx*4] 607 | xor eax, [rawBytes+ebx*4+52] 608 | imul eax, [rawBytes+ebx*4+188] 609 | mov ebx, esi 610 | movzx ebx, bl 611 | add eax, [rawBytes+ebx*4] 612 | mov ebx, edx 613 | movzx ebx, bl 614 | add eax, [rawBytes+ebx*4] 615 | mov ebx, ecx 616 | movzx ebx, bl 617 | add eax, [rawBytes+ebx*4] 618 | lea ecx, [ecx+19] 619 | lea esi, [esi+9] 620 | lea edx, [edx+13] 621 | inc edi 622 | jmp @b 623 | @@: 624 | pop ecx 625 | pop ebx 626 | ret 627 | 628 | 629 | ; +-----------------------------------------------------------------------+ 630 | ; | | 631 | ; | Function : get_days | 632 | ; | Arguments : %edi | 633 | ; | %edi -> # days left for license to become invalid | 634 | ; | Returns : %eax | 635 | ; | | 636 | ; +-----------------------------------------------------------------------+ 637 | ; | | 638 | ; | Computes the following | 639 | ; | | 640 | ; | M = 0x1845c8a0ce512957 | 641 | ; | T = _time64(0) | 642 | ; | M *= _mktime64(_localtime64(&T)) | 643 | ; | M >>= 77 | 644 | ; | return M | 645 | ; | | 646 | ; | i.e., | 647 | ; | return mktime64(_localtime64(&T)) / 86400 | 648 | ; | which is the number of days since January 1, 1970 at 00:00 | 649 | ; | | 650 | ; +-----------------------------------------------------------------------+ 651 | get_days: 652 | push ebx 653 | push eax 654 | push eax 655 | lea ebx, [esp] 656 | push eax 657 | push eax 658 | invoke fnNtQuerySystemTime, ebx 659 | invoke fnFileTimeToLocalFileTime, ebx, esp 660 | pop eax 661 | pop edx 662 | pop ebx 663 | pop ebx 664 | shrd eax, edx, 14 665 | shr edx, 14 666 | mov ebx, 0x324a9a7 667 | div ebx 668 | xor edx, edx 669 | lea eax, [eax+edi-134774] 670 | pop ebx 671 | ret 672 | 673 | 674 | ; +-----------------------------------------------------------------------+ 675 | ; | | 676 | ; | Function : generate_license_key | 677 | ; | Arguments : %edi, %esi, %edx | 678 | ; | %edi -> Pointer to String (User Name) | 679 | ; | %esi -> Number of Users | 680 | ; | %edx -> Number of Years of Validity | 681 | ; | Return : none | 682 | ; | | 683 | ; +-----------------------------------------------------------------------+ 684 | ; | | 685 | ; | Computes the License Key bytes in 'szBytes' array | 686 | ; | and the formatted license key in 'szLicense' array | 687 | ; | | 688 | ; +-----------------------------------------------------------------------+ 689 | generate_license_key: 690 | push edi 691 | push esi 692 | push edx 693 | push ebx 694 | push ecx 695 | mov edi, edx 696 | call get_days 697 | mov ecx, eax 698 | mov ebx, 17 699 | imul ebx 700 | xor eax, 0xE53167 701 | add eax, 0x2C175 702 | xor eax, 0x794c5f 703 | mov ebx, esi 704 | imul ebx, 11 705 | xor ebx, 0x3421 706 | sub ebx, 0x4D30 707 | xor ebx, 0x7892 708 | mov edi, [esp+16] 709 | mov esi, ecx 710 | mov edx, [esp+12] 711 | push eax 712 | call get_last_block 713 | mov ecx, ebx 714 | pop edx 715 | push ebx 716 | mov [szBytes+3], 0xAC 717 | mov [szBytes+4], al 718 | mov ebx, edx 719 | xor bh, al 720 | mov [szBytes+8], bh 721 | mov [szBytes+5], ah 722 | bswap edx 723 | xor dh, ah 724 | mov [szBytes+9], dh 725 | pop ebx 726 | xor cl, ah 727 | mov [szBytes+2], cl 728 | bswap eax 729 | mov [szBytes+6], ah 730 | mov ecx, edx 731 | bswap ecx 732 | xor cl, ah 733 | mov [szBytes], cl 734 | mov [szBytes+7], al 735 | xor bh, al 736 | mov [szBytes+1], bh 737 | mov eax, '----' 738 | mov edi, szLicense 739 | stosd 740 | stosd 741 | stosd 742 | stosd 743 | stosd 744 | stosd 745 | xor ebx, ebx 746 | sub edi, 24 747 | @@: 748 | xor edx, edx 749 | movzx edx, [szBytes+ebx] 750 | mov ecx, edx 751 | shr dl, 4 752 | mov ah, [szHex+edx] 753 | and cl, 0xf 754 | mov al, [szHex+ecx] 755 | inc ebx 756 | shl eax, 16 757 | movzx edx, [szBytes+ebx] 758 | mov ecx, edx 759 | shr dl, 4 760 | mov ah, [szHex+edx] 761 | and cl, 0xf 762 | mov al, [szHex+ecx] 763 | bswap eax 764 | stosd 765 | inc edi 766 | inc ebx 767 | cmp ebx, 10 768 | jl @b 769 | pop ecx 770 | pop ebx 771 | pop edx 772 | pop esi 773 | pop edi 774 | ret 775 | 776 | 777 | ; +-----------------------------------------------------------------------+ 778 | ; | | 779 | ; | Called when the 'Copy' button is clicked | 780 | ; | | 781 | ; | Copies the displayed license key to clipboard | 782 | ; | | 783 | ; +-----------------------------------------------------------------------+ 784 | copy_license: 785 | invoke fnSendMessageA, [hStaticSerial], WM_GETTEXTLENGTH, 0, 0 786 | and eax, eax 787 | jz .ret 788 | push ebx 789 | push esi 790 | inc eax 791 | mov ebx, eax 792 | invoke fnOpenClipboard, ebp 793 | invoke fnEmptyClipboard 794 | invoke fnGlobalAlloc, GHND, ebx 795 | mov esi, eax 796 | invoke fnGlobalLock, eax 797 | push eax 798 | invoke fnSendMessageA, [hStaticSerial], WM_GETTEXT, ebx, eax 799 | call [fnGlobalUnlock] 800 | invoke fnSetClipboardData, CF_TEXT, esi 801 | invoke fnCloseClipboard 802 | pop esi 803 | pop ebx 804 | 805 | .ret: 806 | mov eax, 1 807 | ret 808 | 809 | 810 | ; +-----------------------------------------------------------------------+ 811 | ; | | 812 | ; | WM_CLOSE Event Handler | 813 | ; | | 814 | ; +-----------------------------------------------------------------------+ 815 | on_close: 816 | invoke fnPostQuitMessage, 0 817 | jmp copy_license.ret 818 | 819 | 820 | ; +-----------------------------------------------------------------------+ 821 | ; | | 822 | ; | WM_INITDIALOG Event Handler | 823 | ; | | 824 | ; +-----------------------------------------------------------------------+ 825 | on_init_dialog: 826 | mov eax, [fs:0x30] 827 | mov eax, [eax+0x18] 828 | mov [hHeap], eax 829 | 830 | invoke fnGetLocalTime, sysCurrDate 831 | mov edi, sysFileTime 832 | invoke fnSystemTimeToFileTime, sysCurrDate, edi 833 | add dword [edi], 0x2a69c000 834 | adc dword [edi+4], 0xc9 835 | invoke fnFileTimeToSystemTime, edi, sysStartDate 836 | 837 | ; Store the Handles of the required controls 838 | 839 | invoke fnGetDlgItem, ebp, IDC_TEXT_NAME 840 | mov [hTextName], eax 841 | invoke fnGetDlgItem, ebp, IDC_TEXT_USERS 842 | mov [hTextUsers], eax 843 | invoke fnGetDlgItem, ebp, IDC_SPIN_USERS 844 | mov [hSpinUsers], eax 845 | invoke fnGetDlgItem, ebp, IDC_LABEL_SERIAL 846 | mov [hStaticSerial], eax 847 | invoke fnGetDlgItem, ebp, IDC_BTN_COPY 848 | mov [hBtnCopy], eax 849 | invoke fnGetDlgItem, ebp, IDC_BTN_INFO 850 | mov [hBtnInfo], eax 851 | invoke fnGetDlgItem, ebp, IDC_BTN_CLRREG 852 | mov [hBtnClr], eax 853 | invoke fnGetDlgItem, ebp, IDC_DATE_DAYS 854 | mov [hDatePicker], eax 855 | 856 | invoke fnSendMessageA, [hSpinUsers], UDM_SETBUDDY, [hTextUsers], 0 857 | invoke fnSendMessageA, [hSpinUsers], UDM_SETRANGE32, 1, 0x3e8 858 | invoke fnSendMessageA, [hSpinUsers], UDM_SETPOS, 0, 1 859 | invoke fnSendMessageA, [hTextUsers], EM_SETLIMITTEXT, 4, 0 860 | invoke fnSendMessageA, [hDatePicker], DTM_SETRANGE, 3, sysStartDate 861 | 862 | call $+22 863 | db 'ddd, MMM d, yyyy', 0 864 | invoke fnSendMessageA, [hDatePicker], DTM_SETFORMAT, 0 865 | 866 | ; Prefer short jumps :-) 867 | 868 | jmp clear_license_display.ret 869 | 870 | 871 | ; +-----------------------------------------------------------------------+ 872 | ; | | 873 | ; | Clear the contents of the label that displays the license key | 874 | ; | EFLAGS.CF indicates whether memory is allocated from heap | 875 | ; | If so, we need to free it | 876 | ; | | 877 | ; +-----------------------------------------------------------------------+ 878 | clear_license_display: 879 | jnc @f 880 | invoke fnHeapFree, [hHeap], 0, edi 881 | @@: 882 | lea eax, [szLicense+24] 883 | invoke fnSendMessageA, [hStaticSerial], WM_SETTEXT, 0, eax 884 | 885 | .ret: 886 | mov eax, 1 887 | ret 888 | 889 | 890 | ; +-----------------------------------------------------------------------+ 891 | ; | | 892 | ; | EN_CHANGE Event Handler | 893 | ; | | 894 | ; +-----------------------------------------------------------------------+ 895 | update_license_key: 896 | invoke fnSendMessageA, [hTextName], WM_GETTEXTLENGTH, 0, 0 897 | or eax, eax 898 | clc 899 | 900 | ; --------------------------------------------- 901 | ; Is the Number of Characters in UserName = 0 ? 902 | ; --------------------------------------------- 903 | 904 | jz clear_license_display 905 | inc eax 906 | mov esi, eax 907 | 908 | ; ----------------------------------------- 909 | ; Allocate Len(username)+1 bytes from heap 910 | ; ----------------------------------------- 911 | 912 | invoke fnHeapAlloc, [hHeap], HEAP_ZERO_MEMORY, eax 913 | or eax, eax 914 | stc 915 | 916 | ; -------------------- 917 | ; Allocation Failed ? 918 | ; -------------------- 919 | 920 | jz clear_license_display 921 | mov edi, eax 922 | 923 | invoke fnSendMessageA, [hTextName], WM_GETTEXT, esi, eax 924 | invoke fnGetDlgItemInt, ebp, IDC_TEXT_USERS, NULL, FALSE 925 | mov ebx, eax 926 | invoke fnSendMessageA, [hDatePicker], DTM_GETSYSTEMTIME, 0, sysStartDate 927 | test eax, eax 928 | stc 929 | js clear_license_display 930 | 931 | ; ------------------------------------------- 932 | ; Check Whether 1 <= Number of Users <= 1000 933 | ; ------------------------------------------- 934 | 935 | cmp ebx, 1 936 | jl clear_license_display 937 | cmp ebx, 1000 938 | jg clear_license_display 939 | 940 | ; Get The Number of Days from the Selected Date 941 | 942 | push edi 943 | invoke fnSystemTimeToFileTime, sysStartDate, sysFileTime 944 | mov esi, dword [sysFileTime] 945 | mov edi, dword [sysFileTime+4] 946 | invoke fnSystemTimeToFileTime, sysCurrDate, sysFileTime 947 | sub esi, dword [sysFileTime] 948 | sbb edi, dword [sysFileTime+4] 949 | add esi, 0x2a69c000 950 | adc edi, 0xc9 951 | shrd esi, edi, 14 952 | shr edi, 14 953 | mov eax, esi 954 | mov edx, edi 955 | mov edi, 0x324a9a7 956 | div edi 957 | pop edi 958 | 959 | mov esi, ebx 960 | mov edx, eax 961 | 962 | ; ------------------------------------------------- 963 | ; All parameters are valid, generate license key 964 | ; and display it 965 | ; ------------------------------------------------- 966 | 967 | call generate_license_key 968 | invoke fnSendMessageA, [hStaticSerial], WM_SETTEXT, 0, szLicense 969 | 970 | ; ----------------------------------------------- 971 | ; Free the memory allocated for storing username 972 | ; ----------------------------------------------- 973 | 974 | invoke fnHeapFree, [hHeap], 0, edi 975 | jmp on_notify.ret 976 | 977 | 978 | ; +-----------------------------------------------------------------------+ 979 | ; | | 980 | ; | WM_NOTIFY Event Handler | 981 | ; | | 982 | ; +-----------------------------------------------------------------------+ 983 | 984 | on_notify: 985 | mov eax, [esp+12] 986 | cmp eax, IDC_DATE_DAYS 987 | 988 | ; Is WM_NOTIFY sent by the Date Picker Control ? 989 | 990 | jnz on_notify.ret 991 | mov eax, [esp+16] 992 | mov eax, [eax+8] 993 | cmp eax, DTN_DATETIMECHANGE 994 | 995 | ; Selected Date changed ? 996 | 997 | jz update_license_key 998 | 999 | .ret: 1000 | mov eax, 1 1001 | ret 1002 | 1003 | ; +-----------------------------------------------------------------------+ 1004 | ; | | 1005 | ; | Called when 'Clear Registry' button is clicked | 1006 | ; | | 1007 | ; | Deletes 'CLASSES' subkey in | 1008 | ; | HKEY_CURRENT_USER\SOFTWARE\SweetScape\010 Editor | 1009 | ; | | 1010 | ; +-----------------------------------------------------------------------+ 1011 | clear_registry: 1012 | xor eax, eax 1013 | call $+13 1014 | db 'CLASSES', 0 1015 | push eax 1016 | 1017 | invoke fnRegOpenKeyExA, HKEY_CURRENT_USER, szPath, 0, DELETE_FLAGS, esp 1018 | mov ebx, [esp] 1019 | 1020 | ; Delete the tree pointed by the 'CLASSES' subkey 1021 | 1022 | call [fnRegDeleteTreeA] 1023 | invoke fnRegCloseKey, ebx 1024 | 1025 | jmp on_notify.ret 1026 | 1027 | 1028 | ; +-----------------------------------------------------------------------+ 1029 | ; | | 1030 | ; | Called when 'Info' button is clicked | 1031 | ; | | 1032 | ; | Displays Registered License Information | 1033 | ; | | 1034 | ; +-----------------------------------------------------------------------+ 1035 | get_info: 1036 | xor eax, eax 1037 | push eax 1038 | invoke fnRegOpenKeyExA, HKEY_CURRENT_USER, szPath, 0, KEY_QUERY_VALUE, esp 1039 | or eax, eax 1040 | clc 1041 | jnz @f 1042 | 1043 | invoke fnHeapAlloc, [hHeap], HEAP_ZERO_MEMORY, 1024 1044 | mov ebx, eax 1045 | invoke fnHeapAlloc, [hHeap], HEAP_ZERO_MEMORY, 32 1046 | mov esi, eax 1047 | pop edi 1048 | 1049 | ; ---------------------------------------------- 1050 | ; Set EFLAGS.CF to indicate Memory is allocated 1051 | ; It must be freed if RegQueryValueEx fails 1052 | ; ---------------------------------------------- 1053 | 1054 | push 1024 1055 | invoke fnRegQueryValueExA, edi, szNameKey, 0, 0, ebx, esp 1056 | cmp eax, 2 1057 | stc 1058 | 1059 | ; ----------------------------- 1060 | ; "Name" Value doesn't exist ? 1061 | ; ----------------------------- 1062 | 1063 | jz @f 1064 | mov dword [esp], 32 1065 | invoke fnRegQueryValueExA, edi, szPassword, 0, 0, esi, esp 1066 | cmp eax, 2 1067 | stc 1068 | 1069 | ; --------------------------------- 1070 | ; "Password" Value doesn't exist ? 1071 | ; --------------------------------- 1072 | 1073 | jz @f 1074 | mov [esp], edi 1075 | call [fnRegCloseKey] 1076 | 1077 | ; ------------------------------------------- 1078 | ; Format and Display the License Information 1079 | ; ------------------------------------------- 1080 | 1081 | xor eax, eax 1082 | push eax 1083 | push esi 1084 | push ebx 1085 | lea edi, [esp+8] 1086 | 1087 | invoke fnFormatMessageA, FORMAT_FLAGS, szRegMsg, 0, 0, edi, 1, esp 1088 | invoke fnMessageBoxA, ebp, dword [edi], szMsgBoxTitle, MB_ICONINFORMATION 1089 | 1090 | ; ------------------------- 1091 | ; Free the memory allocated 1092 | ; ------------------------- 1093 | 1094 | invoke fnHeapFree, [hHeap], 0, ebx 1095 | invoke fnHeapFree, [hHeap], 0, esi 1096 | add esp, 8 1097 | call [fnLocalFree] 1098 | 1099 | .ret: 1100 | mov eax, 1 1101 | ret 1102 | 1103 | ; ----------------------------- 1104 | ; Is 010 Editor Unregistered ? 1105 | ; ----------------------------- 1106 | @@: 1107 | pop eax 1108 | pushf 1109 | jnc @f 1110 | invoke fnHeapFree, [hHeap], 0, ebx 1111 | invoke fnHeapFree, [hHeap], 0, esi 1112 | invoke fnRegCloseKey, edi 1113 | @@: 1114 | popf 1115 | sbb eax, eax 1116 | neg eax 1117 | invoke fnMessageBoxA, ebp, [szMessages+eax*4], szMsgBoxTitle, MB_ICONWARNING 1118 | jmp get_info.ret 1119 | 1120 | 1121 | ; +-----------------------------------------------------------------------+ 1122 | ; | | 1123 | ; | Callback routine for the dialog box | 1124 | ; | | 1125 | ; +-----------------------------------------------------------------------+ 1126 | dialog_callback: 1127 | mov ebp, [esp+4] 1128 | mov ecx, [esp+8] 1129 | sub ecx, 0x10 1130 | jz on_close 1131 | sub ecx, 0x3e 1132 | jz on_notify 1133 | sub ecx, 0xc2 1134 | jz on_init_dialog 1135 | dec ecx 1136 | jnz on_command.ret 1137 | 1138 | 1139 | ; +-----------------------------------------------------------------------+ 1140 | ; | | 1141 | ; | WM_COMMAND Event Handler | 1142 | ; | | 1143 | ; +-----------------------------------------------------------------------+ 1144 | on_command: 1145 | mov eax, [esp+12] 1146 | movzx edx, ax 1147 | shr eax, 16 1148 | cmp eax, EN_CHANGE 1149 | jz update_license_key 1150 | cmp edx, IDC_BTN_COPY 1151 | jz copy_license 1152 | cmp edx, IDC_BTN_CLRREG 1153 | jz clear_registry 1154 | cmp edx, IDC_BTN_INFO 1155 | jz get_info 1156 | 1157 | .ret: 1158 | xor eax, eax 1159 | ret 1160 | 1161 | 1162 | 1163 | ; +-----------------------------------------------------------------------+ 1164 | ; | | 1165 | ; | Entry Point | 1166 | ; | | 1167 | ; +-----------------------------------------------------------------------+ 1168 | main: 1169 | load_dll ntdll, kernel32, advapi32, user32 1170 | mov eax, [fs:0x30] 1171 | mov eax, [eax+8] 1172 | invoke fnDialogBoxIndirectParamA, eax, tmpDialog, NULL, dialog_callback, NULL 1173 | invoke fnExitProcess, 0 1174 | 1175 | 1176 | ; +-----------------------------------------------------------------------+ 1177 | ; | | 1178 | ; | Define the Resources | 1179 | ; | | 1180 | ; +-----------------------------------------------------------------------+ 1181 | 1182 | section '.res' data readable resource 1183 | 1184 | directory RT_MANIFEST, manifest_info 1185 | 1186 | resource manifest_info, 1, LANGUAGE_ID, m_info 1187 | ; ----------------------------------- 1188 | ; Manifest for enabling Visual Styles 1189 | ; ----------------------------------- 1190 | 1191 | resdata m_info 1192 | db "" 1193 | db "" 1195 | db '' 1196 | db '' 1197 | db "" 1199 | db '' 1200 | db '' 1201 | db '' 1202 | db "" 1206 | db '' 1207 | db '' 1208 | db '' 1209 | endres 1210 | --------------------------------------------------------------------------------