Code:
FirstSerialCheck:
005352F4 |. C705 54735900 >MOV DWORD PTR DS:[597354],3A9
005352FE |. E8 FD0F0000 CALL <STUN.GenerateMagicNumber>
00535303 |. 8BF0 MOV ESI,EAX
00535305 |. C705 54735900 >MOV DWORD PTR DS:[597354],163
0053530F |. 83E6 0F AND ESI,0F
00535312 |. E8 E90F0000 CALL <STUN.GenerateMagicNumber>
00535317 |. 83E0 0F AND EAX,0F
0053531A |. C1E0 04 SHL EAX,4
0053531D |. 0BF0 OR ESI,EAX
0053531F |. 8D8424 7C04000>LEA EAX,DWORD PTR SS:[ESP+47C]
00535326 |. 50 PUSH EAX
00535327 |. E8 84100000 CALL STUN.005363B0
0053532C |. 8BD0 MOV EDX,EAX
0053532E |. B9 0F000000 MOV ECX,0F
00535333 |. 33C0 XOR EAX,EAX
00535335 |. 8D7C24 31 LEA EDI,DWORD PTR SS:[ESP+31]
00535339 |. C64424 30 00 MOV BYTE PTR SS:[ESP+30],0
0053533E |. 83C4 04 ADD ESP,4
00535341 |. F3:AB REP STOS DWORD PTR ES:[EDI]
00535343 |. 66:AB STOS WORD PTR ES:[EDI]
00535345 |. 85ED TEST EBP,EBP
00535347 |. 895424 20 MOV DWORD PTR SS:[ESP+20],EDX
0053534B |. AA STOS BYTE PTR ES:[EDI]
0053534C |. 0F85 FF010000 JNZ <STUN.NoValiedSerial>
00535352 |. 8BCA MOV ECX,EDX
00535354 |. 81E1 FF000000 AND ECX,0FF ; Check 1st serial
0053535A |. 3BF1 CMP ESI,ECX
0053535C |. 0F85 EF010000 JNZ <STUN.NoValiedSerial>
SecondSerialCheck:
004785C2 |. C705 54735900 >MOV DWORD PTR DS:[597354],34
004785CC |. E8 2FDD0B00 CALL <STUN.GenerateMagicNumber>
004785D1 |. 83E0 0F AND EAX,0F
004785D4 |. C1E0 08 SHL EAX,8
004785D7 |. 8945 F8 MOV DWORD PTR SS:[EBP-8],EAX
004785DA |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004785DD |. 0B45 F8 OR EAX,DWORD PTR SS:[EBP-8]
004785E0 |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
004785E3 |. C705 54735900 >MOV DWORD PTR DS:[597354],1C9
004785ED |. E8 0EDD0B00 CALL <STUN.GenerateMagicNumber>
004785F2 |. 83E0 0F AND EAX,0F
004785F5 |. C1E0 0C SHL EAX,0C
004785F8 |. 8945 F8 MOV DWORD PTR SS:[EBP-8],EAX
004785FB |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004785FE |. 0B4D F8 OR ECX,DWORD PTR SS:[EBP-8]
00478601 |. 894D FC MOV DWORD PTR SS:[EBP-4],ECX
00478604 |. E8 979C0000 CALL <STUN.GetSerialValue> ; Here is the 2nd check of the serial
00478609 |. 25 00FF0000 AND EAX,0FF00
0047860E |. 3945 FC CMP DWORD PTR SS:[EBP-4],EAX
00478611 |. 74 0F JE SHORT STUN.00478622
00478613 |. C705 58AF5700 >MOV DWORD PTR DS:[57AF58],1
0047861D |. E8 8EDC0B00 CALL <STUN.ModifyKeyFile>
00478622 |> 833D 58AF5700 >CMP DWORD PTR DS:[57AF58],0 ; SkipCheck
00478629 |. 74 1C JE SHORT STUN.00478647
0047862B |. 833D DC445800 >CMP DWORD PTR DS:[5844DC],64
00478632 |. 72 13 JB SHORT STUN.00478647
00478634 |. C705 5C3C5900 >MOV DWORD PTR DS:[593C5C],1
0047863E |. C605 70465800 >MOV BYTE PTR DS:[584670],1
00478645 |. EB 07 JMP SHORT STUN.0047864E
00478647 |> C605 70465800 >MOV BYTE PTR DS:[584670],0
0047864E |> 8BE5 MOV ESP,EBP
00478650 |. 5D POP EBP
00478651 \. C3 RETN
GenerateMagicNumber:
00536300 >/$ 68 48715900 PUSH STUN.00597148
00536305 |. E8 66FEFFFF CALL STUN.00536170
0053630A |. 8B15 54735900 MOV EDX,DWORD PTR DS:[597354]
00536310 |. 8B0D 64735900 MOV ECX,DWORD PTR DS:[597364]
00536316 |. 03C2 ADD EAX,EDX
00536318 |. 83C4 04 ADD ESP,4
0053631B |. 8901 MOV DWORD PTR DS:[ECX],EAX
0053631D |. A1 5C735900 MOV EAX,DWORD PTR DS:[59735C]
00536322 |. 3D 00000100 CMP EAX,10000
00536327 |. 72 62 JB SHORT STUN.0053638B
00536329 |. A1 64735900 MOV EAX,DWORD PTR DS:[597364]
0053632E |. 56 PUSH ESI
0053632F |. 8B48 04 MOV ECX,DWORD PTR DS:[EAX+4]
00536332 |. 0FAF08 IMUL ECX,DWORD PTR DS:[EAX]
00536335 |. 41 INC ECX
00536336 |. 81E1 FFFF0000 AND ECX,0FFFF
0053633C |. 8908 MOV DWORD PTR DS:[EAX],ECX
0053633E |. 8B35 64735900 MOV ESI,DWORD PTR DS:[597364]
00536344 |. B8 E9042FF8 MOV EAX,F82F04E9
00536349 |. F725 5C735900 MUL DWORD PTR DS:[59735C]
0053634F |. 8B46 04 MOV EAX,DWORD PTR DS:[ESI+4]
00536352 |. 0FAF06 IMUL EAX,DWORD PTR DS:[ESI]
00536355 |. C1EA 10 SHR EDX,10
00536358 |. 40 INC EAX
00536359 |. 25 FFFF0000 AND EAX,0FFFF
0053635E |. 8906 MOV DWORD PTR DS:[ESI],EAX
00536360 |. 0FAFC2 IMUL EAX,EDX
00536363 |. C1E8 10 SHR EAX,10
00536366 |. 8BD0 MOV EDX,EAX
00536368 |. 5E POP ESI
00536369 |. C1E0 05 SHL EAX,5
0053636C |. 03C2 ADD EAX,EDX
0053636E |. C1E0 07 SHL EAX,7
00536371 |. 03C2 ADD EAX,EDX
00536373 |. 8BD1 MOV EDX,ECX
00536375 |. C1E2 05 SHL EDX,5
00536378 |. 03D1 ADD EDX,ECX
0053637A |. C1E2 07 SHL EDX,7
0053637D |. 03D1 ADD EDX,ECX
0053637F |. C1E2 04 SHL EDX,4
00536382 |. C1E0 04 SHL EAX,4
00536385 |. C1EA 10 SHR EDX,10
00536388 |. 03C2 ADD EAX,EDX
0053638A |. C3 RETN
0053638B |> 8B15 64735900 MOV EDX,DWORD PTR DS:[597364]
00536391 |. 8B4A 04 MOV ECX,DWORD PTR DS:[EDX+4]
00536394 |. 0FAF0A IMUL ECX,DWORD PTR DS:[EDX]
00536397 |. 41 INC ECX
00536398 |. 81E1 FFFF0000 AND ECX,0FFFF
0053639E |. 0FAFC1 IMUL EAX,ECX
005363A1 |. 890A MOV DWORD PTR DS:[EDX],ECX
005363A3 |. C1E8 10 SHR EAX,10
005363A6 \. C3 RETN
...
00536170 /$ 81EC 00020000 SUB ESP,200
00536176 |. 83C9 FF OR ECX,FFFFFFFF
00536179 |. 33C0 XOR EAX,EAX
0053617B |. 8D5424 00 LEA EDX,DWORD PTR SS:[ESP]
0053617F |. 56 PUSH ESI
00536180 |. 57 PUSH EDI
00536181 |. 8BBC24 0C02000>MOV EDI,DWORD PTR SS:[ESP+20C]
00536188 |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0053618A |. F7D1 NOT ECX
0053618C |. 2BF9 SUB EDI,ECX
0053618E |. 8BC1 MOV EAX,ECX
00536190 |. 8BF7 MOV ESI,EDI
00536192 |. 8BFA MOV EDI,EDX
00536194 |. C1E9 02 SHR ECX,2
00536197 |. F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS>
00536199 |. 8BC8 MOV ECX,EAX
0053619B |. 33C0 XOR EAX,EAX
0053619D |. 83E1 03 AND ECX,3
005361A0 |. F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[>
005361A2 |. 8D7C24 08 LEA EDI,DWORD PTR SS:[ESP+8]
005361A6 |. 83C9 FF OR ECX,FFFFFFFF
005361A9 |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
005361AB |. F7D1 NOT ECX
005361AD |. 49 DEC ECX
005361AE |. 75 09 JNZ SHORT STUN.005361B9
005361B0 |. 5F POP EDI
005361B1 |. 5E POP ESI
005361B2 |. 81C4 00020000 ADD ESP,200
005361B8 |. C3 RETN
005361B9 |> 0FBE5424 08 MOVSX EDX,BYTE PTR SS:[ESP+8]
005361BE |. BE 01000000 MOV ESI,1
005361C3 |. 3BCE CMP ECX,ESI
005361C5 |. 7E 17 JLE SHORT STUN.005361DE
005361C7 |> 0FBE4434 08 /MOVSX EAX,BYTE PTR SS:[ESP+ESI+8]
005361CC |. C1E2 09 |SHL EDX,9
005361CF |. 03C2 |ADD EAX,EDX
005361D1 |. BF 83841E00 |MOV EDI,1E8483
005361D6 |. 99 |CDQ
005361D7 |. F7FF |IDIV EDI
005361D9 |. 46 |INC ESI
005361DA |. 3BF1 |CMP ESI,ECX
005361DC |.^7C E9 \JL SHORT STUN.005361C7
005361DE |> 5F POP EDI
005361DF |. 8BC2 MOV EAX,EDX
005361E1 |. 5E POP ESI
005361E2 |. 81C4 00020000 ADD ESP,200
005361E8 \. C3 RETN
Now, I'm stucked. I have no idea how to calculate my own serial. Because I cannot use breakpoints while using DirectX.
yeah, s1ce is really nice, _and_ it works with dx, but I don't like