|
公司开发游戏,希望加壳,特询问购买事宜
因为他实在太适合国内的低级玩家了:)这就是为什么弱智的游戏倍受追捧,有内涵的就曲高和寡了:) |
|
介绍一个.NET的加壳软件-MaxtoCode
这个。。。。。。。。。。。:) |
|
[原创]破解还能生存多久?从代码迷惑技术谈起。
最初由 lotusroots 发布 路过看了一下,最近在看dotnet的混淆器,应用了不少就是你所说的那些能够放在论文里臭屁的听起来毛骨悚然的各种混淆方法。最后呢其实保护对于动态分析都是脆弱的,正如前面freeeman所说的。重要的还是在防止动态上下功夫,静态的混淆虽然能够起到一定的防护,但是对于破解而言更多的我们只需要找到那关键的一跳(泛指):)。对于保护某些关键技术不被窃取,也就是防止逆向还是有一定作用的 |
|
关于农业银行卡条形码解码.
我来告诉你吧,卡上的其他东西都已明文保存,只有密码加了密的,一般是des,另外可能存了mac值也是加密的。 atm的取款是联机操作,也就是要与大机通讯,所以通讯的时候用3des加密,10组key,随机取出一组把索引值传给大机,这样就可以建立加密通讯。 其他就不能说了,因为我也不知道:) 至于你要伪造卡,你要欺骗atm等等,基本上属于妄想,要有比你牛100倍的人早就这么做了。所以还是别搞这种事的好,只有把自己钱搞没了得分! |
|
一款新壳ActiveMark
不好意思,pll823和pll621是亲戚不?:D 这个不是什么“在线下载的安装制作程序” http://get.games.yahoo.com/proddesc?gamekey=lemonadetycoon2 这个是用它加壳的一个程序 这个是rce上的人分析的 1. Facts : It appears to be protected by ActiveMark from TryMedia. I had a look at it, dumped it, fixed import table, fixed relevant api calls. They actually emulate a few API for which u can find a translation table in memory (ie APINAME, Offset of garbaged emulation), hence u can easily fix those : call dword ptr is replaced by nop call emulatedAPI (90 E8 XX XX XX XX). jmp dword ptr is replaced by nop jmp emulatedtAPI (90 E9 XX XX XX XX). mov dword ptr is replaced by nop mov reg32, Offset emulatedAPI (90 BX XX XX XX XX). The following detection strings are used, it is easily bypassed : FilemonClass RegmonClass File Monitor - Sysinternals: www.sysinternals.com Registry Monitor - Sysinternals: www.sysinternals.com \\.\NTICE \\.\SICE \\.\SIWVID \\.\FROGSICE \\.\SUPERBPM INT3 backdoor is used too. Loader APIs are checked for softBP (1st and 2nd byte... sounds dangerous to me, ah well). Some API code is replicated in a buffer too (CreateThread for instance and Sleep). Entrypoint is easy to find as well (0x2958D), the image is using thread for doing some tasks, and you will find the UPX loader code to decompress, resolve API of some code inside (Sigh !!!) which is garbaged. 2. Problem : For some reason, it does an infinite loop after being fixed while accessing the file MAIN.ARF (Seek Offsets are different from trial and dumped version). I Looked at it for 2 days and I can't figure out what is the thing I missed. I'd be very glad to get any input from you guyz from this target. It must be a very stupid thing, coz the whole scheme looks plain dodgy (we are very far from a ProtectCD, ASPR, VBOX, or SafeDisc wrapping scheme). 他包含的算法和anti CRC32 loops, SHA-1 checks on the crypted-tunnel-VFS, Rijndael, anti debug threads, obfuscation and code-interleaving is the same. A lot of EBFF's to make Disasm'ing harder. Dumping is very easy, fixing the dump is harder (to hard for me ). I think generating a valid license file (<VID>.lcn) is still the proper way for an attack. But im not that Crypt-Wizard. |
|
征集《软件加密技术内幕》封面宣传语
魔高一尺,道高一丈 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值