|
[求助]大智慧的插件求指导怎么破自效验
请大牛帮忙看看用什么BP断点能断下来,这个应该是CRC32的自效验。 |
|
[求助]大智慧的插件求指导怎么破自效验
模块间调用 地址 反汇编 目标文件 10001015 CALL DWORD PTR DS:[<&msvcrt.time>] msvcrt.time 10001020 CALL DWORD PTR DS:[<&msvcrt.gmtime>] msvcrt.gmtime 100010C6 CALL DWORD PTR DS:[<&msvcrt.swprintf>] msvcrt.swprintf 100010EB CALL <JMP.&mfc42.#823_??2@YAPAXI@Z> mfc42.#823_??2@YAPAXI@Z 10001162 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 10001180 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 100011D1 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 1000127D CALL DWORD PTR DS:[<&msvcrt.wcscpy>] msvcrt.wcscpy 100012B3 CALL DWORD PTR DS:[<&msvcrt._strcmpi>] msvcrt._stricmp 10001370 CALL DWORD PTR DS:[<&msvcrt.wcscpy>] msvcrt.wcscpy 1000176A CALL <JMP.&mfc42.#472_??0CPen@@QAE@HHK@Z mfc42.#472_??0CPen@@QAE@HHK@Z 10001781 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 100017C6 CALL DWORD PTR DS:[<&gdi32.Arc>] GDI32.Arc 1000189C CALL <JMP.&mfc42.#540_??0CString@@QAE@XZ mfc42.#540_??0CString@@QAE@XZ 100018AD CALL <JMP.&mfc42.#540_??0CString@@QAE@XZ mfc42.#540_??0CString@@QAE@XZ 100018BE CALL <JMP.&mfc42.#540_??0CString@@QAE@XZ mfc42.#540_??0CString@@QAE@XZ 100018CF CALL <JMP.&mfc42.#540_??0CString@@QAE@XZ mfc42.#540_??0CString@@QAE@XZ 100018E0 CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 100018EE CALL DWORD PTR DS:[<&gdi32.CreatePen>] GDI32.CreatePen 100018F9 CALL <JMP.&mfc42.#1641_?Attach@CGdiObjec mfc42.#1641_?Attach@CGdiObject@@QAEHPAX@Z 10001905 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 10001920 CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 10001956 CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 10001986 CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 100019B9 CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 10001A2D CALL <JMP.&msvcrt._ftol> msvcrt._ftol 10001A8F CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 10001A9B CALL <JMP.&msvcrt._ftol> msvcrt._ftol 10001AFD CALL <JMP.&mfc42.#4297_?MoveTo@CDC@@QAE? mfc42.#4297_?MoveTo@CDC@@QAE?AVCPoint@@HH@Z 10001B23 CALL <JMP.&mfc42.#4133_?LineTo@CDC@@QAEH mfc42.#4133_?LineTo@CDC@@QAEHHH@Z 10001B46 CALL <JMP.&mfc42.#2818_?Format@CString@@ mfc42.#2818_?Format@CString@@QAAXPBDZZ 10001B9C CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 10001BAA CALL DWORD PTR DS:[<&gdi32.CreatePen>] GDI32.CreatePen 10001BB5 CALL <JMP.&mfc42.#1641_?Attach@CGdiObjec mfc42.#1641_?Attach@CGdiObject@@QAEHPAX@Z 10001BC1 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 10001BD6 CALL <JMP.&mfc42.#4297_?MoveTo@CDC@@QAE? mfc42.#4297_?MoveTo@CDC@@QAE?AVCPoint@@HH@Z 10001BE3 CALL <JMP.&mfc42.#4133_?LineTo@CDC@@QAEH mfc42.#4133_?LineTo@CDC@@QAEHHH@Z 10001BEC CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 10001BFA CALL DWORD PTR DS:[<&gdi32.CreatePen>] GDI32.CreatePen 10001C05 CALL <JMP.&mfc42.#1641_?Attach@CGdiObjec mfc42.#1641_?Attach@CGdiObject@@QAEHPAX@Z 10001C11 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 10001C3E CALL DWORD PTR DS:[<&gdi32.Arc>] GDI32.Arc 10001C66 CALL DWORD PTR DS:[<&gdi32.Arc>] GDI32.Arc 10001C84 CALL DWORD PTR DS:[<&gdi32.Arc>] GDI32.Arc 10001C8E CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 10001C9C CALL DWORD PTR DS:[<&gdi32.CreatePen>] GDI32.CreatePen 10001CA7 CALL <JMP.&mfc42.#1641_?Attach@CGdiObjec mfc42.#1641_?Attach@CGdiObject@@QAEHPAX@Z 10001CB3 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 10001CC7 CALL <JMP.&mfc42.#4297_?MoveTo@CDC@@QAE? mfc42.#4297_?MoveTo@CDC@@QAE?AVCPoint@@HH@Z 10001CD7 CALL <JMP.&mfc42.#4133_?LineTo@CDC@@QAEH mfc42.#4133_?LineTo@CDC@@QAEHHH@Z 10001D01 CALL <JMP.&mfc42.#800_??1CString@@QAE@XZ mfc42.#800_??1CString@@QAE@XZ 10001D12 CALL <JMP.&mfc42.#800_??1CString@@QAE@XZ mfc42.#800_??1CString@@QAE@XZ 10001D23 CALL <JMP.&mfc42.#800_??1CString@@QAE@XZ mfc42.#800_??1CString@@QAE@XZ 10001D34 CALL <JMP.&mfc42.#800_??1CString@@QAE@XZ mfc42.#800_??1CString@@QAE@XZ 10001D66 CALL <JMP.&mfc42.#5787_?SelectObject@CDC mfc42.#5788_?SelectObject@CDC@@QAEPAVCPen@@PAV2@@Z 10001DBB CALL DWORD PTR DS:[<&user32.InvertRect>] USER32.InvertRect 10001E28 CALL DWORD PTR DS:[<&user32.InvertRect>] USER32.InvertRect 10001E45 CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 10001E92 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 10002335 CALL DWORD PTR DS:[<&msvcrt.swprintf>] msvcrt.swprintf 100023A9 CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 100023CF CALL <JMP.&mfc42.#1146_?AfxFindResourceH mfc42.#1146_?AfxFindResourceHandle@@YGPAUHINSTANCE__@@PBD0@Z 100023D5 CALL DWORD PTR DS:[<&user32.LoadMenuA>] USER32.LoadMenuA 100023E0 CALL <JMP.&mfc42.#1644_?Attach@CMenu@@QA mfc42.#1644_?Attach@CMenu@@QAEHPAUHMENU__@@@Z 100023EB CALL DWORD PTR DS:[<&user32.GetSubMenu>] USER32.GetSubMenu 100023F2 CALL <JMP.&mfc42.#2863_?FromHandle@CMenu mfc42.#2863_?FromHandle@CMenu@@SGPAV1@PAUHMENU__@@@Z 1000240E CALL DWORD PTR DS:[<&user32.ClientToScre USER32.ClientToScreen 1000243F CALL <JMP.&mfc42.#6270_?TrackPopupMenu@C mfc42.#6270_?TrackPopupMenu@CMenu@@QAEHIHHPAVCWnd@@PBUtagRECT@@@Z 10002518 CALL DWORD PTR DS:[<&user32.CheckMenuIte USER32.CheckMenuItem 10002539 CALL DWORD PTR DS:[<&user32.CheckMenuIte USER32.CheckMenuItem 10002616 CALL <JMP.&mfc42.#2438_?DestroyMenu@CMen mfc42.#2438_?DestroyMenu@CMenu@@QAEHXZ 10002672 CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 1000267F CALL <JMP.&mfc42.#1168_?AfxGetModuleStat mfc42.#1168_?AfxGetModuleState@@YGPAVAFX_MODULE_STATE@@XZ 10002710 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 1000274B CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 1000279B CALL <JMP.&mfc42.#2414_?DeleteObject@CGd mfc42.#2414_?DeleteObject@CGdiObject@@QAEHXZ 100027D0 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 1000280B CALL <JMP.&mfc42.#2438_?DestroyMenu@CMen mfc42.#2438_?DestroyMenu@CMenu@@QAEHXZ 1000287B CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 100028C5 CALL <JMP.&mfc42.#561_??0CWinApp@@QAE@PB mfc42.#561_??0CWinApp@@QAE@PBD@Z 100028E3 CALL 画线插件.10002900 mfc42.#815_??1CWinApp@@UAE@XZ 100028F0 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 10002954 CALL <JMP.&mfc42.#3922_?InitApplication@ mfc42.#3922_?InitApplication@CWinApp@@UAEHXZ 10002991 CALL <JMP.&mfc42.#2725_?ExitInstance@CWi mfc42.#2725_?ExitInstance@CWinApp@@UAEHXZ 100029FA CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 100029FF CALL <JMP.&mfc42.#1168_?AfxGetModuleStat mfc42.#1168_?AfxGetModuleState@@YGPAVAFX_MODULE_STATE@@XZ 10002A15 CALL <JMP.&mfc42.#1168_?AfxGetModuleStat mfc42.#1168_?AfxGetModuleState@@YGPAVAFX_MODULE_STATE@@XZ 10002A50 CALL <JMP.&mfc42.#823_??2@YAPAXI@Z> mfc42.#823_??2@YAPAXI@Z 10002ABD CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 10002B3D CALL DWORD PTR DS:[<&msvcp60.?_Tidy@?$ba msvcp60.?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z 10002B5C CALL DWORD PTR DS:[<&msvcp60.?assign@?$b msvcp60.?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z 10002B6B CALL DWORD PTR DS:[<&msvcp60.??0out_of_r msvcp60.??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z 10002B7B CALL <JMP.&msvcrt._CxxThrowException> msvcrt._CxxThrowException 10002C19 CALL <JMP.&mfc42.#823_??2@YAPAXI@Z> mfc42.#823_??2@YAPAXI@Z 10002C99 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 10002DF4 CALL DWORD PTR DS:[<&msvcrt._vsnprintf>] msvcrt._vsnprintf 10002E02 CALL DWORD PTR DS:[<&kernel32.GetLocalTi kernel32.GetLocalTime 10002E4F CALL DWORD PTR DS:[<&msvcrt.sprintf>] msvcrt.sprintf 10002E60 CALL DWORD PTR DS:[<&kernel32.OutputDebu kernel32.OutputDebugStringA 10003001 CALL <JMP.&mfc42.#269_??0AFX_MODULE_STAT mfc42.#269_??0AFX_MODULE_STATE@@QAE@HP6GJPAUHWND__@@IIJ@ZK@Z 10003013 CALL 画线插件.1000302B mfc42.#600_??1AFX_MODULE_STATE@@UAE@XZ 10003020 CALL <JMP.&mfc42.#826_??3CNoTrackObject@ mfc42.#826_??3CNoTrackObject@@SGXPAX@Z 1000305A CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 1000306F CALL <JMP.&mfc42.#1578_?AfxWndProc@@YGJP mfc42.#1578_?AfxWndProc@@YGJPAUHWND__@@IIJ@Z 100030A8 CALL <JMP.&mfc42.#1116_?AfxCoreInitModul mfc42.#1116_?AfxCoreInitModule@@YGXXZ 100030AD CALL <JMP.&mfc42.#1176_?AfxGetThreadStat mfc42.#1176_?AfxGetThreadState@@YGPAV_AFX_THREAD_STATE@@XZ 100030C1 CALL <JMP.&mfc42.#1575_?AfxWinInit@@YGHP mfc42.#1575_?AfxWinInit@@YGHPAUHINSTANCE__@@0PADH@Z 100030CA CALL <JMP.&mfc42.#1168_?AfxGetModuleStat mfc42.#1168_?AfxGetModuleState@@YGPAVAFX_MODULE_STATE@@XZ 100030E8 CALL <JMP.&mfc42.#1577_?AfxWinTerm@@YGXX mfc42.#1577_?AfxWinTerm@@YGXXZ 100030FB CALL <JMP.&mfc42.#1182_?AfxInitExtension mfc42.#1182_?AfxInitExtensionModule@@YGHAAUAFX_EXTENSION_MODULE@@PAUHINSTANCE__@@@Z 10003102 CALL <JMP.&mfc42.#823_??2@YAPAXI@Z> mfc42.#823_??2@YAPAXI@Z 10003111 CALL <JMP.&mfc42.#342_??0CDynLinkLibrary mfc42.#342_??0CDynLinkLibrary@@QAE@AAUAFX_EXTENSION_MODULE@@H@Z 10003120 CALL <JMP.&mfc42.#1176_?AfxGetThreadStat mfc42.#1176_?AfxGetThreadState@@YGPAV_AFX_THREAD_STATE@@XZ 10003128 CALL <JMP.&mfc42.#1243_?AfxSetModuleStat mfc42.#1243_?AfxSetModuleState@@YGPAVAFX_MODULE_STATE@@PAV1@@Z 1000313F CALL <JMP.&mfc42.#1243_?AfxSetModuleStat mfc42.#1243_?AfxSetModuleState@@YGPAVAFX_MODULE_STATE@@PAV1@@Z 10003146 CALL <JMP.&mfc42.#1176_?AfxGetThreadStat mfc42.#1176_?AfxGetThreadState@@YGPAV_AFX_THREAD_STATE@@XZ 1000314E CALL <JMP.&mfc42.#1168_?AfxGetModuleStat mfc42.#1168_?AfxGetModuleState@@YGPAVAFX_MODULE_STATE@@XZ 10003161 CALL <JMP.&mfc42.#1197_?AfxLockTempMaps@ mfc42.#1197_?AfxLockTempMaps@@YGXXZ 10003168 CALL <JMP.&mfc42.#1570_?AfxUnlockTempMap mfc42.#1570_?AfxUnlockTempMaps@@YGHH@Z 1000316D CALL <JMP.&mfc42.#1577_?AfxWinTerm@@YGXX mfc42.#1577_?AfxWinTerm@@YGXXZ 10003179 CALL <JMP.&mfc42.#1253_?AfxTermExtension mfc42.#1253_?AfxTermExtensionModule@@YGXAAUAFX_EXTENSION_MODULE@@H@Z 1000318E CALL <JMP.&mfc42.#6467_??0AFX_MAINTAIN_S mfc42.#6467_??0AFX_MAINTAIN_STATE2@@QAE@PAVAFX_MODULE_STATE@@@Z 10003193 CALL <JMP.&mfc42.#1197_?AfxLockTempMaps@ mfc42.#1197_?AfxLockTempMaps@@YGXXZ 1000319A CALL <JMP.&mfc42.#1570_?AfxUnlockTempMap mfc42.#1570_?AfxUnlockTempMaps@@YGHH@Z 100031A2 CALL <JMP.&mfc42.#1255_?AfxTermThread@@Y mfc42.#1255_?AfxTermThread@@YGXPAUHINSTANCE__@@@Z 100031C6 CALL DWORD PTR DS:[<&kernel32.LocalAlloc kernel32.LocalAlloc 100031D2 CALL DWORD PTR DS:[<&kernel32.LocalFree> kernel32.LocalFree 100031D8 CALL <JMP.&mfc42.#1176_?AfxGetThreadStat mfc42.#1176_?AfxGetThreadState@@YGPAV_AFX_THREAD_STATE@@XZ 100031E4 CALL <JMP.&mfc42.#1243_?AfxSetModuleStat mfc42.#1243_?AfxSetModuleState@@YGPAVAFX_MODULE_STATE@@PAV1@@Z 100031F6 CALL <JMP.&mfc42.#1176_?AfxGetThreadStat mfc42.#1176_?AfxGetThreadState@@YGPAV_AFX_THREAD_STATE@@XZ 100031FE CALL <JMP.&mfc42.#1243_?AfxSetModuleStat mfc42.#1243_?AfxSetModuleState@@YGPAVAFX_MODULE_STATE@@PAV1@@Z 10003229 CALL DWORD PTR DS:[<&msvcrt._onexit>] msvcrt._onexit 1000323F CALL <JMP.&msvcrt.__dllonexit> msvcrt.__dllonexit 10003263 CALL <JMP.&msvcrt.??1type_info@@UAE@XZ> msvcrt.??1type_info@@UAE@XZ 10003270 CALL <JMP.&mfc42.#825_??3@YAXPAX@Z> mfc42.#825_??3@YAXPAX@Z 100032ED CALL DWORD PTR DS:[<&msvcrt.malloc>] msvcrt.malloc 10003318 CALL <JMP.&msvcrt._initterm> msvcrt._initterm 10003355 CALL DWORD PTR DS:[<&msvcrt.free>] msvcrt.free BP 命令断不下来 大家帮我看看 |
|
|
|
[分享]三套脱壳破解教程,一共8G多---完整泄密。。
楼主好人,顶上去 |
|
求助~~脱Armadillo 5.20加壳的DLL文件,找不到OEP入口。。。
你好 我想问下你的自效验去掉了吗?有方法和步骤吗 |
|
求助~~脱Armadillo 5.20加壳的DLL文件,找不到OEP入口。。。
请问你是怎么搞定的,插件能分享下吗 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值