|
[求助]关于一个无壳软件的crack
不会的,我的重启软件后没提示注册,看你是不是按我下面这样的做的 0042322B . 0F85 F4020000 JNZ locoytra.00423525 ;首先将这里的JNZ改为JZ 004252D4 . E8 3CF80300 CALL locoytra.00464B15 ;在这里下断点,这里得到一个字符串,用这个字符串作为注册码 |
|
[求助]关于一个无壳软件的crack
我的软件是从你给的下载地址下的,除非是你我使用的工具不同 |
|
[求助]关于一个无壳软件的crack
我新手,只是碰巧了而已,我不会分析,只是说下我是怎么做的,下MessageBoxW断点,返回三次后来到下面 00425160 . 55 PUSH EBP 00425161 . 8BEC MOV EBP,ESP 00425163 . 83E4 F8 AND ESP,FFFFFFF8 00425166 . 6A FF PUSH -1 00425168 . 68 487E4800 PUSH locoytra.00487E48 0042516D . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] 00425173 . 50 PUSH EAX 00425174 . 83EC 28 SUB ESP,28 00425177 . 55 PUSH EBP 00425178 . 56 PUSH ESI 00425179 . 57 PUSH EDI 0042517A . A1 70984A00 MOV EAX,DWORD PTR DS:[4A9870] 0042517F . 33C4 XOR EAX,ESP 00425181 . 50 PUSH EAX 00425182 . 8D4424 38 LEA EAX,DWORD PTR SS:[ESP+38] 00425186 . 64:A3 0000000>MOV DWORD PTR FS:[0],EAX 0042518C . 8BF1 MOV ESI,ECX 0042518E . 6A 01 PUSH 1 00425190 . E8 92060200 CALL locoytra.00445827 00425195 . 8B46 74 MOV EAX,DWORD PTR DS:[ESI+74] 00425198 . 50 PUSH EAX 00425199 . 8B46 78 MOV EAX,DWORD PTR DS:[ESI+78] 0042519C . 51 PUSH ECX 0042519D . 83E8 10 SUB EAX,10 004251A0 . 896424 1C MOV DWORD PTR SS:[ESP+1C],ESP 004251A4 . 8BFC MOV EDI,ESP 004251A6 . 50 PUSH EAX 004251A7 . E8 C4D2FDFF CALL locoytra.00402470 004251AC . 83C4 04 ADD ESP,4 004251AF . 8D4C24 24 LEA ECX,DWORD PTR SS:[ESP+24] 004251B3 . 83C0 10 ADD EAX,10 004251B6 . 51 PUSH ECX 004251B7 . 8907 MOV DWORD PTR DS:[EDI],EAX 004251B9 . E8 82D1FFFF CALL locoytra.00422340 004251BE . C74424 40 000>MOV DWORD PTR SS:[ESP+40],0 004251C6 . E8 49D00100 CALL locoytra.00442214 004251CB . 33C9 XOR ECX,ECX 004251CD . 85C0 TEST EAX,EAX 004251CF . 0F95C1 SETNE CL 004251D2 . 85C9 TEST ECX,ECX 004251D4 . 75 0A JNZ SHORT locoytra.004251E0 004251D6 . 68 05400080 PUSH 80004005 004251DB . E8 E0D6FDFF CALL locoytra.004028C0 004251E0 > 8B10 MOV EDX,DWORD PTR DS:[EAX] 004251E2 . 8BC8 MOV ECX,EAX 004251E4 . 8B42 0C MOV EAX,DWORD PTR DS:[EDX+C] 004251E7 . FFD0 CALL EAX 004251E9 . 83C0 10 ADD EAX,10 004251EC . 894424 10 MOV DWORD PTR SS:[ESP+10],EAX 004251F0 . 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10] 004251F4 . 8DAE 10070000 LEA EBP,DWORD PTR DS:[ESI+710] 004251FA . 51 PUSH ECX ; /Arg1 004251FB . 8BCD MOV ECX,EBP ; | 004251FD . C64424 44 01 MOV BYTE PTR SS:[ESP+44],1 ; | 00425202 . E8 DE1F0200 CALL locoytra.004471E5 ; \locoytra.004471E5 00425207 . 817E 74 09040>CMP DWORD PTR DS:[ESI+74],409 0042520E . 0F85 A5000000 JNZ locoytra.004252B9 00425214 . 8D5424 10 LEA EDX,DWORD PTR SS:[ESP+10] 00425218 . 52 PUSH EDX ; /Arg1 00425219 . 8D4C24 20 LEA ECX,DWORD PTR SS:[ESP+20] ; | 0042521D . E8 0EEDFFFF CALL locoytra.00423F30 ; \locoytra.00423F30 00425222 . 85C0 TEST EAX,EAX 00425224 . 74 47 JE SHORT locoytra.0042526D 00425226 . 6A 00 PUSH 0 ; /Arg3 = 00000000 00425228 . 6A 00 PUSH 0 ; |Arg2 = 00000000 0042522A . 68 704C4900 PUSH locoytra.00494C70 ; |Arg1 = 00494C70 0042522F . E8 CB530200 CALL locoytra.0044A5FF ; \locoytra.0044A5FF 00425234 . 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+10] 00425238 . 51 PUSH ECX 00425239 . 83C0 F0 ADD EAX,-10 0042523C . 896424 18 MOV DWORD PTR SS:[ESP+18],ESP 00425240 . 8BFC MOV EDI,ESP 00425242 . 50 PUSH EAX 00425243 . E8 28D2FDFF CALL locoytra.00402470 00425248 . 83C0 10 ADD EAX,10 0042524B . 83C4 04 ADD ESP,4 0042524E . 8D4C24 20 LEA ECX,DWORD PTR SS:[ESP+20] 00425252 . 8907 MOV DWORD PTR DS:[EDI],EAX 00425254 . E8 A7E4FFFF CALL locoytra.00423700 00425259 . 6A 01 PUSH 1 ; /ExitCode = 1 0042525B . FF15 CCA44800 CALL DWORD PTR DS:[<&USER32.PostQuitMess>; \PostQuitMessage 00425261 . 8BCE MOV ECX,ESI 00425263 . E8 7DD80100 CALL locoytra.00442AE5 00425268 . E9 29010000 JMP locoytra.00425396 0042526D > 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+10] 00425271 . 51 PUSH ECX 00425272 . 83C0 F0 ADD EAX,-10 00425275 . 896424 18 MOV DWORD PTR SS:[ESP+18],ESP 00425279 . 8BF4 MOV ESI,ESP 0042527B . 50 PUSH EAX 0042527C . E8 EFD1FDFF CALL locoytra.00402470 00425281 . 83C0 10 ADD EAX,10 00425284 . 8906 MOV DWORD PTR DS:[ESI],EAX 00425286 . 83C4 04 ADD ESP,4 00425289 . 8D4424 20 LEA EAX,DWORD PTR SS:[ESP+20] 0042528D . 50 PUSH EAX 0042528E . E8 ADD2FFFF CALL locoytra.00422540 00425293 . 6A 00 PUSH 0 ; /Arg3 = 00000000 00425295 . 6A 00 PUSH 0 ; |Arg2 = 00000000 00425297 . 85C0 TEST EAX,EAX ; | 00425299 . 74 0F JE SHORT locoytra.004252AA ; | 0042529B . 68 F84C4900 PUSH locoytra.00494CF8 ; |Arg1 = 00494CF8 004252A0 . E8 5A530200 CALL locoytra.0044A5FF ; \locoytra.0044A5FF 004252A5 . E9 EC000000 JMP locoytra.00425396 004252AA > 68 204D4900 PUSH locoytra.00494D20 ; |Arg1 = 00494D20 004252AF . E8 4B530200 CALL locoytra.0044A5FF ; \locoytra.0044A5FF 004252B4 . E9 DD000000 JMP locoytra.00425396 004252B9 > 8B46 78 MOV EAX,DWORD PTR DS:[ESI+78] 004252BC . 85C0 TEST EAX,EAX 004252BE . 0F84 B8000000 JE locoytra.0042537C 004252C4 . 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+10] 004252C8 . 8379 F4 00 CMP DWORD PTR DS:[ECX-C],0 004252CC . 0F8C AA000000 JL locoytra.0042537C 004252D2 . 50 PUSH EAX ; /Arg2 004252D3 . 51 PUSH ECX ; |Arg1 004252D4 . E8 3CF80300 CALL locoytra.00464B15 ; \locoytra.00464B15 ;这里会将注册码和另一个字符串做比较 004252D9 . 83C4 08 ADD ESP,8 004252DC . 85C0 TEST EAX,EAX 004252DE . 0F84 98000000 JE locoytra.0042537C ;判断是否相等, 不想等的话就报注册码错误 004252E4 . 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+10] 004252E8 . 2BC1 SUB EAX,ECX 004252EA . D1F8 SAR EAX,1 004252EC . 83F8 FF CMP EAX,-1 004252EF . 0F84 87000000 JE locoytra.0042537C 004252F5 . 51 PUSH ECX 004252F6 . 8D41 F0 LEA EAX,DWORD PTR DS:[ECX-10] 004252F9 . 896424 18 MOV DWORD PTR SS:[ESP+18],ESP 004252FD . 8BFC MOV EDI,ESP 004252FF . 50 PUSH EAX 00425300 . E8 6BD1FDFF CALL locoytra.00402470 00425305 . 83C0 10 ADD EAX,10 00425308 . 8907 MOV DWORD PTR DS:[EDI],EAX 0042530A . C64424 48 02 MOV BYTE PTR SS:[ESP+48],2 0042530F . 8BB6 88000000 MOV ESI,DWORD PTR DS:[ESI+88] 00425315 . 83EE 10 SUB ESI,10 00425318 . 896424 20 MOV DWORD PTR SS:[ESP+20],ESP 0042531C . 8BFC MOV EDI,ESP 0042531E . 56 PUSH ESI 0042531F . E8 4CD1FDFF CALL locoytra.00402470 00425324 . 83C0 10 ADD EAX,10 00425327 . 8907 MOV DWORD PTR DS:[EDI],EAX 00425329 . 83C4 04 ADD ESP,4 0042532C . 8D7C24 24 LEA EDI,DWORD PTR SS:[ESP+24] 00425330 . C64424 48 01 MOV BYTE PTR SS:[ESP+48],1 00425335 . E8 66DCFFFF CALL locoytra.00422FA0 ;关键函数,跟进 0042533A . 6A 00 PUSH 0 ; /Arg3 = 00000000 0042533C . 6A 00 PUSH 0 ; |Arg2 = 00000000 0042533E . 83F8 01 CMP EAX,1 ; | 00425341 . 75 2D JNZ SHORT locoytra.00425370 ; | 00425343 . 68 484D4900 PUSH locoytra.00494D48 ; |Arg1 = 00494D48 00425348 . E8 B2520200 CALL locoytra.0044A5FF ; \locoytra.0044A5FF 0042534D . 6A 12 PUSH 12 ; /ExitCode = 12 (18.) 0042534F . FF15 CCA44800 CALL DWORD PTR DS:[<&USER32.PostQuitMess>; \PostQuitMessage 00425355 . 51 PUSH ECX 00425356 . 8BCC MOV ECX,ESP 00425358 . 896424 1C MOV DWORD PTR SS:[ESP+1C],ESP 0042535C . 68 601D4900 PUSH locoytra.00491D60 00425361 . E8 4AD0FDFF CALL locoytra.004023B0 00425366 . E8 7543FFFF CALL locoytra.004196E0 0042536B . 83C4 04 ADD ESP,4 0042536E . EB 26 JMP SHORT locoytra.00425396 00425370 > 83F8 02 CMP EAX,2 00425373 . 75 0B JNZ SHORT locoytra.00425380 00425375 . 68 804D4900 PUSH locoytra.00494D80 0042537A . EB 09 JMP SHORT locoytra.00425385 0042537C > 6A 00 PUSH 0 0042537E . 6A 00 PUSH 0 00425380 > 68 AC4D4900 PUSH locoytra.00494DAC ; |Arg1 = 00494DAC 00425385 > E8 75520200 CALL locoytra.0044A5FF ; \locoytra.0044A5FF 0042538A . 68 601D4900 PUSH locoytra.00491D60 ; /Arg1 = 00491D60 0042538F . 8BCD MOV ECX,EBP ; | 00425391 . E8 DD3C0200 CALL locoytra.00449073 ; \locoytra.00449073 00425396 > C64424 40 00 MOV BYTE PTR SS:[ESP+40],0 0042539B . 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+10] 跟进 00425335 的函数来到下面这里,这里进行网络验证,具体是怎样的,我不知道 00422FA0 $ 6A FF PUSH -1 00422FA2 . 68 4A664800 PUSH locoytra.0048664A 00422FA7 . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0] 00422FAD . 50 PUSH EAX 00422FAE . 81EC F8000000 SUB ESP,0F8 00422FB4 . A1 70984A00 MOV EAX,DWORD PTR DS:[4A9870] 00422FB9 . 33C4 XOR EAX,ESP 00422FBB . 898424 F40000>MOV DWORD PTR SS:[ESP+F4],EAX 00422FC2 . 53 PUSH EBX 00422FC3 . 55 PUSH EBP 00422FC4 . 56 PUSH ESI 00422FC5 . A1 70984A00 MOV EAX,DWORD PTR DS:[4A9870] 00422FCA . 33C4 XOR EAX,ESP 00422FCC . 50 PUSH EAX 00422FCD . 8D8424 080100>LEA EAX,DWORD PTR SS:[ESP+108] 00422FD4 . 64:A3 0000000>MOV DWORD PTR FS:[0],EAX 00422FDA . 8D8424 180100>LEA EAX,DWORD PTR SS:[ESP+118] 00422FE1 . 50 PUSH EAX 00422FE2 . 8D4C24 24 LEA ECX,DWORD PTR SS:[ESP+24] 00422FE6 . 51 PUSH ECX 00422FE7 . C78424 180100>MOV DWORD PTR SS:[ESP+118],1 00422FF2 . E8 B96AFFFF CALL locoytra.00419AB0 00422FF7 . 8D5424 40 LEA EDX,DWORD PTR SS:[ESP+40] 00422FFB . 52 PUSH EDX 00422FFC . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],2 00423004 . E8 07100000 CALL locoytra.00424010 00423009 . 83C4 0C ADD ESP,0C 0042300C . 8BF0 MOV ESI,EAX 0042300E . 8D4424 20 LEA EAX,DWORD PTR SS:[ESP+20] 00423012 . 50 PUSH EAX 00423013 . 8D4C24 44 LEA ECX,DWORD PTR SS:[ESP+44] 00423017 . 68 143F4900 PUSH locoytra.00493F14 ; UNICODE "http://" 0042301C . 51 PUSH ECX 0042301D . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],3 00423025 . E8 26ECFDFF CALL locoytra.00401C50 0042302A . 83C4 0C ADD ESP,0C 0042302D . 68 AC484900 PUSH locoytra.004948AC ; UNICODE "/regcode/regcheck.php?key1=" 00423032 . 50 PUSH EAX 00423033 . 8D5424 38 LEA EDX,DWORD PTR SS:[ESP+38] 00423037 . 52 PUSH EDX 00423038 . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],4 00423040 . E8 0B08FEFF CALL locoytra.00403850 00423045 . 83C4 0C ADD ESP,0C 00423048 . 56 PUSH ESI 00423049 . 50 PUSH EAX 0042304A . 8D4424 30 LEA EAX,DWORD PTR SS:[ESP+30] 0042304E . 50 PUSH EAX 0042304F . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],5 00423057 . E8 34EBFDFF CALL locoytra.00401B90 0042305C . 83C4 0C ADD ESP,0C 0042305F . 68 9C484900 PUSH locoytra.0049489C ; UNICODE "&key2=" 00423064 . 50 PUSH EAX 00423065 . 8D4C24 3C LEA ECX,DWORD PTR SS:[ESP+3C] 00423069 . 51 PUSH ECX 0042306A . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],6 00423072 . E8 D907FEFF CALL locoytra.00403850 00423077 . 83C4 0C ADD ESP,0C 0042307A . 8D9424 1C0100>LEA EDX,DWORD PTR SS:[ESP+11C] 00423081 . 52 PUSH EDX 00423082 . 50 PUSH EAX 00423083 . 8D4424 34 LEA EAX,DWORD PTR SS:[ESP+34] 00423087 . 50 PUSH EAX 00423088 . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],7 00423090 . E8 FBEAFDFF CALL locoytra.00401B90 00423095 . 83C4 0C ADD ESP,0C 00423098 . 68 8C484900 PUSH locoytra.0049488C ; UNICODE "&key3=" 0042309D . 50 PUSH EAX 0042309E . 8D4C24 44 LEA ECX,DWORD PTR SS:[ESP+44] 004230A2 . 51 PUSH ECX 004230A3 . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],8 004230AB . E8 A007FEFF CALL locoytra.00403850 004230B0 . 83C4 0C ADD ESP,0C 004230B3 . 8D5F 04 LEA EBX,DWORD PTR DS:[EDI+4] 004230B6 . 53 PUSH EBX 004230B7 . 50 PUSH EAX 004230B8 . 8D5424 24 LEA EDX,DWORD PTR SS:[ESP+24] 004230BC . 52 PUSH EDX 004230BD . C68424 1C0100>MOV BYTE PTR SS:[ESP+11C],9 004230C5 . E8 C6EAFDFF CALL locoytra.00401B90 004230CA . 83C4 0C ADD ESP,0C 004230CD . C68424 100100>MOV BYTE PTR SS:[ESP+110],0B 004230D5 . 8B4424 3C MOV EAX,DWORD PTR SS:[ESP+3C] 004230D9 . 83C0 F0 ADD EAX,-10 004230DC . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 004230DF . 83CD FF OR EBP,FFFFFFFF 004230E2 . 8BD5 MOV EDX,EBP 004230E4 . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 004230E8 . 4A DEC EDX 004230E9 . 85D2 TEST EDX,EDX 004230EB . 7F 0A JG SHORT locoytra.004230F7 004230ED . 8B08 MOV ECX,DWORD PTR DS:[EAX] 004230EF . 8B11 MOV EDX,DWORD PTR DS:[ECX] 004230F1 . 50 PUSH EAX 004230F2 . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 004230F5 . FFD0 CALL EAX 004230F7 > C68424 100100>MOV BYTE PTR SS:[ESP+110],0C 004230FF . 8B4424 2C MOV EAX,DWORD PTR SS:[ESP+2C] 00423103 . 83C0 F0 ADD EAX,-10 00423106 . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 00423109 . 8BD5 MOV EDX,EBP 0042310B . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 0042310F . 4A DEC EDX 00423110 . 85D2 TEST EDX,EDX 00423112 . 7F 0A JG SHORT locoytra.0042311E 00423114 . 8B08 MOV ECX,DWORD PTR DS:[EAX] 00423116 . 8B11 MOV EDX,DWORD PTR DS:[ECX] 00423118 . 50 PUSH EAX 00423119 . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 0042311C . FFD0 CALL EAX 0042311E > C68424 100100>MOV BYTE PTR SS:[ESP+110],0D 00423126 . 8B4424 34 MOV EAX,DWORD PTR SS:[ESP+34] 0042312A . 83C0 F0 ADD EAX,-10 0042312D . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 00423130 . 8BD5 MOV EDX,EBP 00423132 . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 00423136 . 4A DEC EDX 00423137 . 85D2 TEST EDX,EDX 00423139 . 7F 0A JG SHORT locoytra.00423145 0042313B . 8B08 MOV ECX,DWORD PTR DS:[EAX] 0042313D . 8B11 MOV EDX,DWORD PTR DS:[ECX] 0042313F . 50 PUSH EAX 00423140 . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 00423143 . FFD0 CALL EAX 00423145 > C68424 100100>MOV BYTE PTR SS:[ESP+110],0E 0042314D . 8B4424 28 MOV EAX,DWORD PTR SS:[ESP+28] 00423151 . 83C0 F0 ADD EAX,-10 00423154 . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 00423157 . 8BD5 MOV EDX,EBP 00423159 . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 0042315D . 4A DEC EDX 0042315E . 85D2 TEST EDX,EDX 00423160 . 7F 0A JG SHORT locoytra.0042316C 00423162 . 8B08 MOV ECX,DWORD PTR DS:[EAX] 00423164 . 8B11 MOV EDX,DWORD PTR DS:[ECX] 00423166 . 50 PUSH EAX 00423167 . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 0042316A . FFD0 CALL EAX 0042316C > C68424 100100>MOV BYTE PTR SS:[ESP+110],0F 00423174 . 8B4424 30 MOV EAX,DWORD PTR SS:[ESP+30] 00423178 . 83C0 F0 ADD EAX,-10 0042317B . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 0042317E . 8BD5 MOV EDX,EBP 00423180 . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 00423184 . 4A DEC EDX 00423185 . 85D2 TEST EDX,EDX 00423187 . 7F 0A JG SHORT locoytra.00423193 00423189 . 8B08 MOV ECX,DWORD PTR DS:[EAX] 0042318B . 8B11 MOV EDX,DWORD PTR DS:[ECX] 0042318D . 50 PUSH EAX 0042318E . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 00423191 . FFD0 CALL EAX 00423193 > C68424 100100>MOV BYTE PTR SS:[ESP+110],10 0042319B . 8B4424 40 MOV EAX,DWORD PTR SS:[ESP+40] 0042319F . 83C0 F0 ADD EAX,-10 004231A2 . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 004231A5 . 8BD5 MOV EDX,EBP 004231A7 . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 004231AB . 4A DEC EDX 004231AC . 85D2 TEST EDX,EDX 004231AE . 7F 0A JG SHORT locoytra.004231BA 004231B0 . 8B08 MOV ECX,DWORD PTR DS:[EAX] 004231B2 . 8B11 MOV EDX,DWORD PTR DS:[ECX] 004231B4 . 50 PUSH EAX 004231B5 . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 004231B8 . FFD0 CALL EAX 004231BA > C68424 100100>MOV BYTE PTR SS:[ESP+110],11 004231C2 . 8B4424 38 MOV EAX,DWORD PTR SS:[ESP+38] 004231C6 . 83C0 F0 ADD EAX,-10 004231C9 . 8D48 0C LEA ECX,DWORD PTR DS:[EAX+C] 004231CC . 8BD5 MOV EDX,EBP 004231CE . F0:0FC111 LOCK XADD DWORD PTR DS:[ECX],EDX ; 锁定前缀 004231D2 . 4A DEC EDX 004231D3 . 85D2 TEST EDX,EDX 004231D5 . 7F 0A JG SHORT locoytra.004231E1 004231D7 . 8B08 MOV ECX,DWORD PTR DS:[EAX] 004231D9 . 8B11 MOV EDX,DWORD PTR DS:[ECX] 004231DB . 50 PUSH EAX 004231DC . 8B42 04 MOV EAX,DWORD PTR DS:[EDX+4] 004231DF . FFD0 CALL EAX 004231E1 > 8D4C24 44 LEA ECX,DWORD PTR SS:[ESP+44] 004231E5 . 51 PUSH ECX ; /Arg1 004231E6 . E8 75710000 CALL locoytra.0042A360 ; \locoytra.0042A360 004231EB . 6A 01 PUSH 1 004231ED . C68424 140100>MOV BYTE PTR SS:[ESP+114],12 004231F5 . 8B5424 20 MOV EDX,DWORD PTR SS:[ESP+20] 004231F9 . 6A 01 PUSH 1 004231FB . 52 PUSH EDX 004231FC . 8D4C24 50 LEA ECX,DWORD PTR SS:[ESP+50] 00423200 . E8 AB810000 CALL locoytra.0042B3B0 00423205 . 8D4424 24 LEA EAX,DWORD PTR SS:[ESP+24] 00423209 . 50 PUSH EAX 0042320A . 8D4C24 48 LEA ECX,DWORD PTR SS:[ESP+48] 0042320E . E8 ED760000 CALL locoytra.0042A900 00423213 . C68424 100100>MOV BYTE PTR SS:[ESP+110],13 0042321B . 8B7424 24 MOV ESI,DWORD PTR SS:[ESP+24] 0042321F . 56 PUSH ESI ; /Arg1 00423220 . E8 CF180400 CALL locoytra.00464AF4 ; \locoytra.00464AF4 00423225 . 83C4 04 ADD ESP,4 00423228 . 83F8 01 CMP EAX,1 0042322B . 0F85 F4020000 JNZ locoytra.00423525 ;将这里改成JZ就行了, 反正我就是这样做的,成功注册 00423231 . 8B47 14 MOV EAX,DWORD PTR DS:[EDI+14] 00423234 . 51 PUSH ECX 00423235 . 83E8 10 SUB EAX,10 00423238 . 896424 14 MOV DWORD PTR SS:[ESP+14],ESP 0042323C . 8BF4 MOV ESI,ESP 0042323E . 50 PUSH EAX 0042323F . E8 2CF2FDFF CALL locoytra.00402470 00423244 . 83C0 10 ADD EAX,10 00423247 . 8906 MOV DWORD PTR DS:[ESI],EAX 00423249 . 83C4 04 ADD ESP,4 0042324C . 8D7424 14 LEA ESI,DWORD PTR SS:[ESP+14] 00423250 . E8 EB0E0000 CALL locoytra.00424140 00423255 . C68424 100100>MOV BYTE PTR SS:[ESP+110],14 0042325D . 8B00 MOV EAX,DWORD PTR DS:[EAX] 0042325F . 50 PUSH EAX 00423260 . 8B8424 200100>MOV EAX,DWORD PTR SS:[ESP+120] 00423267 . 51 PUSH ECX 00423268 . 83C0 F0 ADD EAX,-10 0042326B . 896424 20 MOV DWORD PTR SS:[ESP+20],ESP 0042326F . 8BF4 MOV ESI,ESP 00423271 . 50 PUSH EAX 00423272 . E8 F9F1FDFF CALL locoytra.00402470 00423277 . 8D4C24 20 LEA ECX,DWORD PTR SS:[ESP+20] 0042327B . 83C4 04 ADD ESP,4 0042327E . 83C0 10 ADD EAX,10 00423281 . 51 PUSH ECX 00423282 . 8906 MOV DWORD PTR DS:[ESI],EAX 00423284 . E8 17090000 CALL locoytra.00423BA0 00423289 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 0042328B . 8B2D A0A24800 MOV EBP,DWORD PTR DS:[<&KERNEL32.WritePr>; kernel32.WritePrivateProfileStringW 00423291 . 83C4 08 ADD ESP,8 00423294 . 50 PUSH EAX ; |String 00423295 . 68 78484900 PUSH locoytra.00494878 ; |Key = "code" 0042329A . 68 64484900 PUSH locoytra.00494864 ; |Section = "Version" 0042329F . FFD5 CALL EBP ; \WritePrivateProfileStringW 004232A1 . 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] 004232A5 . 83C0 F0 ADD EAX,-10 |
|
[原创]新人报道啦
同新 |
|
[求助]关于一个无壳软件的crack
程序通过网络验证,只需改动一个重要跳转就行了,我成功注册了,虽然是暴力破解的,吾也是新手,就想找找程序练练 |
|
[求助]如何在主窗口中捕获WM_MOUSEMOVE消息
既然被RichEdit填满了,就只有RichEdit能收到WM_MOUSEMOVE,主窗口是收不到的,楼主应该子类化RichEdit控件,然后在消息处理过程中判断是否是WM_MOUSEMOVE,是的话就调用主窗口的消息处理 |
|
[求助]我们学校的U盘病毒
真想看看病毒的源码 |
|
[求助]我们学校的U盘病毒
我最感兴趣的是中了病毒后无法显示系统隐藏文件,查看下了注册表HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL 都很正常,貌似病毒也没用什么驱动 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值