|
[分享]官方发布了最强的反编译工具IDA Pro 6.6版
有bug,官方更新了,6.6.140605 |
|
ACP2.0主程序壳壳脱了,修复成功
inlinePatch还是简单一些 |
|
|
|
|
|
NsPack V3.3+V3.4+V3.5+V3.6 CracKed
同时开了3个OD才修复成能运行 |
|
NsPack V3.3+V3.4+V3.5+V3.6 CracKed
变态,如果没有旧版参考,3.4版俺是脱不出来的了 |
|
|
|
|
|
[分享]Asprotect SKE 2.2 的Advanced Import protection保护技术
009ABE00??53???????????push ebx 009ABE01??56???????????push esi 009ABE02??57???????????push edi 009ABE03??55???????????push ebp 009ABE04??8BFA??????????mov edi,edx 009ABE06??B3 01????????? mov bl,1 009ABE08??8BF0??????????mov esi,eax 009ABE0A??83C6 08???????? add esi,8 009ABE0D??8BEE??????????mov ebp,esi 009ABE0F??EB 15????????? jmp short 009ABE26 009ABE11??55???????????push ebp 009ABE12??FFD7??????????call edi //处理部分CALL,变成PUSH XXXXXXXX,RETN 或 JUMP XXXXXXXX 009ABE14??84C0??????????test al,al 009ABE16??75 04????????? jnz short 009ABE1C 009ABE18??33DB??????????xor ebx,ebx 009ABE1A??EB 10????????? jmp short 009ABE2C 009ABE1C??8B45 04???????? mov eax,dword ptr ss:[ebp+4] 009ABE1F??83C0 08???????? add eax,8 009ABE22??03F0??????????add esi,eax 009ABE24??8BEE??????????mov ebp,esi 009ABE26??837D 04 00???????cmp dword ptr ss:[ebp+4],0 009ABE2A?^ 75 E5????????? jnz short 009ABE11 009ABE2C??8BC3??????????mov eax,ebx 009ABE2E??5D???????????pop ebp 009ABE2F??5F???????????pop edi 009ABE30??5E???????????pop esi 009ABE31??5B???????????pop ebx 009ABE32??C3???????????retn 009AC47C??55???????????push ebp 009AC47D??8BEC??????????mov ebp,esp 009AC47F??83C4 F8???????? add esp,-8 009AC482??53???????????push ebx 009AC483??56???????????push esi 009AC484??C645 FF 01???????mov byte ptr ss:[ebp-1],1 009AC488??A1 0C389B00?????? mov eax,dword ptr ds:[9B380C] 009AC48D??8B00??????????mov eax,dword ptr ds:[eax] 009AC48F??8B30??????????mov esi,dword ptr ds:[eax] 009AC491??8B5D 08???????? mov ebx,dword ptr ss:[ebp+8] 009AC494??8D45 F8???????? lea eax,dword ptr ss:[ebp-8] 009AC497??8B53 04???????? mov edx,dword ptr ds:[ebx+4] 009AC49A??E8 0923FFFF?????? call 0099E7A8 //分配内存 009AC49F??8D53 08???????? lea edx,dword ptr ds:[ebx+8] 009AC4A2??8B4B 04???????? mov ecx,dword ptr ds:[ebx+4] 009AC4A5??8B45 F8???????? mov eax,dword ptr ss:[ebp-8] //要处理的字节数 009AC4A8??E8 039BFDFF?????? call 00985FB0 009AC4AD??8B45 F8???????? mov eax,dword ptr ss:[ebp-8] 009AC4B0??E8 73FFFFFF?????? call 009AC428 009AC4B5??0333??????????add esi,dword ptr ds:[ebx] 009AC4B7??8BDE??????????mov ebx,esi 009AC4B9??B8 02000000?????? mov eax,2 009AC4BE??E8 0164FDFF?????? call 009828C4 009AC4C3??85C0??????????test eax,eax 009AC4C5??75 13????????? jnz short 009AC4DA 009AC4C7??C603 68???????? mov byte ptr ds:[ebx],68 //变成 PUSH XXXXXXXX 009AC4CA??8D43 01???????? lea eax,dword ptr ds:[ebx+1] 009AC4CD??8B55 F8???????? mov edx,dword ptr ss:[ebp-8] 009AC4D0??8910??????????mov dword ptr ds:[eax],edx 009AC4D2??83C3 05???????? add ebx,5 009AC4D5??C603 C3???????? mov byte ptr ds:[ebx],0C3 //RETN 009AC4D8??EB 10????????? jmp short 009AC4EA 009AC4DA??8B45 F8???????? mov eax,dword ptr ss:[ebp-8] 009AC4DD??2BC3??????????sub eax,ebx 009AC4DF??83E8 05???????? sub eax,5 009AC4E2??8D53 01???????? lea edx,dword ptr ds:[ebx+1] 009AC4E5??8902??????????mov dword ptr ds:[edx],eax 009AC4E7??C603 E9???????? mov byte ptr ds:[ebx],0E9 //变成JUMP XXXXXXXX 009AC4EA??8A45 FF???????? mov al,byte ptr ss:[ebp-1] 009AC4ED??5E???????????pop esi 009AC4EE??5B???????????pop ebx 009AC4EF??59???????????pop ecx 009AC4F0??59???????????pop ecx 009AC4F1??5D???????????pop ebp 009AC4F2??C2 0400???????? retn 4 我见过2个程序,吃的代码都一样,0x36个字节,不过还原蛮简单的,其它的不是很清楚 10003030 68 0000BC00 push 0BC0000 10003035 C3 retn 00BC0000? > \68 FFFFFFFF????? push -1 00BC0005? .?50??????????push eax 00BC0006? .?83C8 FF??????? or eax,FFFFFFFF 00BC0009? .?40??????????inc eax 00BC000A? .?64:8B00??????? mov eax,dword ptr fs:[eax] 00BC000D? .?50??????????push eax 00BC000E? .?64:EB 02???????jmp short dumped_.00BC0013 00BC0011???CD??????????db CD 00BC0012???20??????????db 20???????????????????????;?CHAR ' ' 00BC0013? >?81E8 F6C57142???? sub eax,4271C5F6 00BC0019? .?8B4424 0C?????? mov eax,dword ptr ss:[esp+C] 00BC001D? .?64:8925 00000000???mov dword ptr fs:[0],esp 00BC0024? .?896C24 0C?????? mov dword ptr ss:[esp+C],ebp 00BC0028? .?BD 96594800????? mov ebp,485996 00BC002D? .?C1CD A7??????? ror ebp,0A7 00BC0030? .?8D6C24 0C?????? lea ebp,dword ptr ss:[esp+C] 00BC0034? .?50??????????push eax 00BC0035? .?C3??????????retn |
|
[分享]Asprotect SKE 2.2 的Advanced Import protection保护技术
不错,不过偶喜欢只快速脱壳,分析很少看... |
|
[求助]怎样读取EAX的值
修改401234处的代码,跳到自己的处理代码 |
|
问一个用RadASM 编译 VC++6.0DLL的问题
谢谢,现在正常了 |
|
|
|
用Ollydbg手脱HASP Protection V1.X加壳的EXE和DLL
用PEID测了一下Fly,应该是假的~! |
|
|
|
北京天方金码科技发展有限公司诚聘软件工程师
这个版块不错支持中, 大家有宝快现撒 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值