|
[求助]看似简单,却破不出
私服工具........... |
|
[求助]在VB程序中的winsock控件接收完数据后如何下断点?
通过单步跟踪调试 |
|
[求助]ARJ Archive *
压缩壳!!!!!!!! |
|
[求助]盲人破解爱好者请求帮助
【求助】盲人破解爱好者请求帮助 (文盲的盲?????????) |
|
[讨论]这里的Cracker如果中文怎么称呼?
破解之神!!!!!!!!!!!!! |
|
[求助]黑鹰破解提权班 66课
输入完用户名和注册后就会在C:\WINDOWS\目录下生成一个名为ai4splaydd0.dat的注册文件,软件每次启动都会读取这个文件中的内容做效验,强行暴破是没有用的,只能从算部分入手 |
|
[求助]如何加上像这样的注册呢?
ASPROTECT 穿山甲,都可以做到 |
|
[求助]求助 ARJ Archive * 是什么壳!怎么脱?
自解压缩壳!!!!!! |
|
[讨论][求助]如何读懂注册算法
多看算法分析的文章和熟练的掌握汇编知识 |
|
Armadillo V5.0X 标准加壳保护方式脱壳
脚本运行窗口 行号 命令 返回值 EIP 计算结果 <--- C:\Documents and Settings\Administrator\ 1 dbh 005EA000 2 var Temp j 3 var bpcnt j 4 var Clear j 5 var MagicJMP j 6 var JmpAddress j 7 var fiXedOver j 8 var OpenMutexA j 9 var GetModuleHandleA j 10 var VirtualProtect j 11 var CreateFileMappingA j 12 var GetTickCount j 13 var CreateThread j 14 var FindOEP j 15 MSGYN "Plz Clear All BreakPoints And 1 j 16 cmp $RESULT, 0 j j 1 17 je TryAgain j j 18 cmp $VERSION, "1.65" j j "1.65" 19 jb CheckODbgScripVersion j j 20 BPHWC j j 21 BC j j 22 gpa "OutputDebugStringA", "KERNEL32.dll 7C859D78 j 23 mov [$RESULT], #C20400# j j 7C859D78 24 gpa "VirtualProtect", "KERNEL32.dll" 7C801AD0 j 25 find $RESULT,#5DC21000# 7C801AE8 j 7C801AD0 26 add $RESULT,1 7C801AE9 j 7C801AE8 27 mov VirtualProtect,$RESULT j j 7C801AE9 28 eob VirtualProtect j j 29 bp VirtualProtect j j 7C801AE9 30 gpa "OpenMutexA", "KERNEL32.dll" 7C80EA1B j 31 mov OpenMutexA,$RESULT j j 7C80EA1B 32 bp OpenMutexA j j 7C80EA1B 33 esto j 005EA000 34 OpenMutexA:_____________________________ _______________ _________ ____________________________________________________________________________________________________ 35 eob KillOpenMutexA 7C80EA1B 7C80EA1B 36 exec j j 37 mov eax,[ESP+0C] j j 38 pushad j j 39 push eax j j 40 push 0 j j 41 push 0 j j 42 CALL CreateMutexA j j 43 popad j j 44 jmp OpenMutexA j j 45 ende j 7C80EA1B 46 KillOpenMutexA:_________________________ _______________ _________ ____________________________________________________________________________________________________ 47 bc OpenMutexA 7C80EA1B 7C80EA1B 7C80EA1B 48 esti j 7C80EA1B 49 eob VirtualProtect j 7C80EA1D 50 GoOn0:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 51 esto 7C80EA1B 7C80EA1D 52 VirtualProtect:_________________________ _______________ _________ ____________________________________________________________________________________________________ 53 cmp eip,OpenMutexA 7C80EA1B 7C801AE9 7C80EA1B 7C801AE9,7C80EA1B 7C80EA1B 54 Uje OpenMutexA j j 55 cmp eip,VirtualProtect j j 7C801AE9 7C801AE9 56 jne GoOn0 j j 57 bc VirtualProtect j j 7C801AE9 58 gpa "CreateFileMappingA", "KERNEL32.dll 7C80945C j 59 find $RESULT,#C9C21800# 7C8094B2 j 7C80945C 60 mov CreateFileMappingA,$RESULT j j 7C8094B2 61 bp CreateFileMappingA j j 7C8094B2 62 eob CreateFileMappingA j j 63 esto j 7C801AE9 64 GoOn1:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 65 esto 66 CreateFileMappingA:_____________________ _______________ _________ ____________________________________________________________________________________________________ 67 cmp eip,CreateFileMappingA 7C8094B2 7C8094B2 7C8094B2 7C8094B2 68 jne GoOn1 j j 69 bc CreateFileMappingA j j 7C8094B2 70 gpa "GetModuleHandleA", "KERNEL32.dll" 7C80B6A1 j 71 find $RESULT,#C20400# 7C80B6C1 j 7C80B6A1 72 mov GetModuleHandleA,$RESULT j j 7C80B6C1 73 bp GetModuleHandleA j j 7C80B6C1 74 eob GetModuleHandleA j j 75 esto j 7C8094B2 76 GoOn2:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 77 esto 7C80B6C1 7C80B6C1 78 GetModuleHandleA:_______________________ _______________ _________ ____________________________________________________________________________________________________ 79 cmp eip,GetModuleHandleA 7C80B6C1 7C80B6C1 7C80B6C1 7C80B6C1,7C80B6C1 7C80B6C1,7C80B6C1 7C80B6C1 80 jne GoOn2 j j 81 cmp bpcnt,1 j j 2,1,0 82 Dje VirtualFree j j 83 cmp bpcnt,2 j j 2,0 84 Dje Third j 7C80B6C1 85 VirtualAlloc:___________________________ _______________ _________ ____________________________________________________________________________________________________ 86 mov Temp,esp 7C80B6C1 7C80B6C1 129450 87 add Temp,4 j j 129450 88 log Temp j j 129454 89 mov T0,[Temp] j j DF0B98 ?129454 90 cmp [T0],6E72656B j j 6E72656B ?DF0B98 91 log [T0] j j 6E72656B ?DF0B98 92 jne GoOn2 j j 93 add Temp,4 j j 129454 94 mov T1,[Temp] j j DF1A64 ?129458 95 cmp [T1],74726956 j j 74726956 ?DF1A64 96 jne GoOn2 j j 97 bc OpenMutexA j j 7C80EA1B 98 inc bpcnt j j 0 99 Ujmp GoOn2 7C80B6C1 100 VirtualFree:____________________________ _______________ _________ ____________________________________________________________________________________________________ 101 mov Temp,esp 7C80B6C1 7C80B6C1 129450 102 add Temp,4 j j 129450 103 mov T1,[Temp] j j DF0B98 ?129454 104 cmp [T1],6E72656B j j 6E72656B ?DF0B98 105 jne GoOn2 j j 106 add Temp,4 j j 129454 107 mov T1,[Temp] j j DF1A58 ?129458 108 add T1,7 j j DF1A58 109 cmp [T1],65657246 j j 65657246 ?DF1A5F 110 log [T1] j j 65657246 ?DF1A5F 111 jne GoOn2 j j 112 inc bpcnt j j 1 113 Ujmp GoOn2 7C80B6C1 114 Third:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 115 mov Temp,esp 7C80B6C1 7C80B6C1 12919C 116 add Temp,4 j j 12919C 117 mov T1,[Temp] j j 129318 ?1291A0 118 cmp [T1],6E72656B j j 6E72656B ?129318 119 jne GoOn2 j j 120 bc GetModuleHandleA j j 7C80B6C1 121 esti j 7C80B6C1 122 bp VirtualProtect j 00DA7E44 7C801AE9 123 eob VirtualProtect2 j j 124 esto j 00DA7E44 125 GoOn3:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 126 esto 127 VirtualProtect2:________________________ _______________ _________ ____________________________________________________________________________________________________ 128 cmp eip,VirtualProtect 129 jne GoOn3 130 bc VirtualProtect 131 esti 132 find eip,#83C404E9????????C705????????? 133 cmp $RESULT,0 134 je Armadillo.V5.X.Standard.Protection 135 add $RESULT,8 136 mov Temp,$RESULT 137 bp Temp 138 eob Temp 139 esto 140 GoOn4:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 141 esto 142 Temp:___________________________________ _______________ _________ ____________________________________________________________________________________________________ 143 cmp eip,Temp 144 jne GoOn4 145 bc Temp 146 mov bpcnt,0 147 gpa "GetTickCount", "KERNEL32.dll" 148 find $RESULT,#0FACD018C3# 149 cmp $RESULT,0 150 je NoFind 151 add $RESULT,4 152 mov GetTickCount,$RESULT 153 bp GetTickCount 154 eob GetTickCount 155 esto 156 GoOn5:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 157 esto 158 GetTickCount:___________________________ _______________ _________ ____________________________________________________________________________________________________ 159 cmp eip,GetTickCount 160 jne GoOn5 161 esti 162 find eip,#83780800744A68000100008D8D??? 163 inc bpcnt 164 log bpcnt 165 cmp bpcnt,10 166 ja NoFind 167 cmp $RESULT,0 168 je GoOn5 169 bc GetTickCount 170 esti 171 add $RESULT,4 172 mov MagicJMP,$RESULT 173 log MagicJMP 174 mov [MagicJMP],#EB# 175 find MagicJMP,#99B914000000F7F98B85???? 176 cmp $RESULT,0 177 je NoFind 178 add $RESULT,15 179 mov Clear,$RESULT 180 mov [Clear],#9090# 181 find Clear,#8B??????FFFF??E8????000083C 182 cmp $RESULT,0 183 je NoFind 184 add $RESULT,14 185 mov fiXedOver,$RESULT 186 log fiXedOver 187 eob fiXedOver 188 bp fiXedOver 189 esto 190 GoOn6:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 191 esto 192 fiXedOver:______________________________ _______________ _________ ____________________________________________________________________________________________________ 193 cmp eip,fiXedOver 194 jne GoOn6 195 bc fiXedOver 196 mov [MagicJMP],#74# 197 mov [Clear],#8908# 198 gpa "CreateThread", "KERNEL32.dll" 199 find $RESULT,#C21800# 200 mov CreateThread,$RESULT 201 eob CreateThread 202 bp CreateThread 203 esto 204 GoOn7:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 205 esto 206 CreateThread:___________________________ _______________ _________ ____________________________________________________________________________________________________ 207 cmp eip,CreateThread 208 jne GoOn7 209 bc CreateThread 210 esti 211 mov Temp,eip 212 sub Temp,400 213 find Temp,#FFD18945FC8B45FC# 214 cmp $RESULT,0 215 je NoFind 216 mov FindOEP,$RESULT 217 log FindOEP 218 eob FindOEP 219 bp FindOEP 220 esto 221 GoOn8:__________________________________ _______________ _________ ____________________________________________________________________________________________________ 222 esto 223 FindOEP:________________________________ _______________ _________ ____________________________________________________________________________________________________ 224 cmp eip,FindOEP 225 jne GoOn8 226 bc FindOEP 227 esti 228 tick time 229 eval "Time since script startup : {time 230 log $RESULT 231 log eip 232 cmt eip, "This is the OEP! Found By: f 233 MSG "Just : OEP ! Dump and Fix IAT. G 234 ret 235 NoFind:_________________________________ _______________ _________ ____________________________________________________________________________________________________ 236 MSG "Error! Don't find. " 237 ret 238 CheckODbgScripVersion:__________________ _______________ _________ ____________________________________________________________________________________________________ 239 msg "ODBGScript Version Need 1.65 or H 240 ret 241 Armadillo.V5.X.Standard.Protection:_____ _______________ _________ ____________________________________________________________________________________________________ 242 msg "Sorry,Maybe it's not Armadillo.V5 243 ret 244 TryAgain:_______________________________ _______________ _________ ____________________________________________________________________________________________________ 245 MSG " Plz Try Again ! " 246 ret |
|
|
|
[原创]o(∩_∩)o第四个外挂了。。。希望各位大大们多多指教o(∩_∩)o
叫她小妹妹就可以了!!!!!!!!!!!!!!!!!! |
|
[讨论]大家帮我分析一下这个进销存软件
vfp&exeNc v6.00+5.0双重壳 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值