From f3f9a6c1785b9d3c0742690f634a644dfeba9828 Mon Sep 17 00:00:00 2001
From: Yourtion <yourtion@gmail.com>
Date: Tue, 17 May 2016 12:30:15 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=9D=E6=8A=A4=E5=BA=94=E7=94=A8=E7=A8=8B?=
 =?UTF-8?q?=E5=BA=8F=EF=BC=881=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 27_day/Makefile   | 10 +++++++++-
 27_day/crack7.nas | 28 ++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 27_day/crack7.nas

diff --git a/27_day/Makefile b/27_day/Makefile
index 8714cad..2bfddd0 100644
--- a/27_day/Makefile
+++ b/27_day/Makefile
@@ -164,10 +164,17 @@ color2.bim : color2.obj a_nask.obj Makefile
 color2.hrb : color2.bim Makefile
 	$(BIM2HRB) color2.bim color2.hrb 56k
 
+crack7.bim : crack7.obj Makefile
+	$(OBJ2BIM) @$(RULEFILE) out:crack7.bim stack:1k map:crack7.map crack7.obj
+
+crack7.hrb : crack7.bim Makefile
+	$(BIM2HRB) crack7.bim crack7.hrb 0k
+
 haribote.img : ipl10.bin haribote.sys Makefile \
 		hello.hrb hello2.hrb a.hrb hello3.hrb hello4.hrb hello5.hrb \
 		winhelo.hrb winhelo2.hrb winhelo3.hrb star1.hrb stars.hrb stars2.hrb \
-		lines.hrb walk.hrb noodle.hrb beepdown.hrb color.hrb color2.hrb
+		lines.hrb walk.hrb noodle.hrb beepdown.hrb color.hrb color2.hrb \
+		crack7.hrb
 	$(EDIMG)   imgin:../z_tools/fdimg0at.tek \
 		wbinimg src:ipl10.bin len:512 from:0 to:0 \
 		copy from:haribote.sys to:@: \
@@ -191,6 +198,7 @@ haribote.img : ipl10.bin haribote.sys Makefile \
 		copy from:beepdown.hrb to:@: \
 		copy from:color.hrb to:@: \
 		copy from:color2.hrb to:@: \
+		copy from:crack7.hrb to:@: \
 		imgout:haribote.img
 
 # 其他指令
diff --git a/27_day/crack7.nas b/27_day/crack7.nas
new file mode 100644
index 0000000..134090f
--- /dev/null
+++ b/27_day/crack7.nas
@@ -0,0 +1,28 @@
+[FORMAT "WCOFF"]
+[INSTRSET "i486p"]
+[BITS 32]
+[FILE "crack7.nas"]
+
+		GLOBAL	_HariMain
+
+[SECTION .text]
+
+_HariMain:
+		MOV		AX,1005*8
+		MOV		DS,AX
+		CMP		DWORD [DS:0x0004],'Hari'
+		JNE		fin								; 不是应用程序，因此不执行任何操作
+
+		MOV		ECX,[DS:0x0000]		; 读取该应用程序数据段的大小
+		MOV		AX,2005*8
+		MOV		DS,AX
+
+crackloop:							; 整个用123填充
+		ADD		ECX,-1
+		MOV		BYTE [DS:ECX],123
+		CMP		ECX,0
+		JNE		crackloop
+
+fin:										; 结束
+		MOV		EDX,4
+		INT		0x40