|
[求助]软件已经脱壳完了 不知道任何修改时间限制
后面的部分都是检测帐号不成功的 这个软件有12小时试用时间 就是找不到验证成功的跳转 |
|
看看这个软件的加密方法
楼主兄弟借一个地方,谢谢。 我已经脱了一个代理软件的壳了只不过找不到关键跳转 希望各位达人帮忙看看 004A66A8 /. 55 PUSH EBP 004A66A9 |. 8BEC MOV EBP,ESP 004A66AB |. 81C4 E0FDFFFF ADD ESP,-220 004A66B1 |. 53 PUSH EBX 004A66B2 |. 56 PUSH ESI 004A66B3 |. 33C9 XOR ECX,ECX 004A66B5 |. 898D E4FDFFFF MOV DWORD PTR SS:[EBP-21C],ECX 004A66BB |. 898D E0FDFFFF MOV DWORD PTR SS:[EBP-220],ECX 004A66C1 |. 898D E8FDFFFF MOV DWORD PTR SS:[EBP-218],ECX 004A66C7 |. 898D FCFDFFFF MOV DWORD PTR SS:[EBP-204],ECX 004A66CD |. 898D F4FDFFFF MOV DWORD PTR SS:[EBP-20C],ECX 004A66D3 |. 898D F0FDFFFF MOV DWORD PTR SS:[EBP-210],ECX 004A66D9 |. 898D ECFDFFFF MOV DWORD PTR SS:[EBP-214],ECX 004A66DF |. 898D F8FDFFFF MOV DWORD PTR SS:[EBP-208],ECX 004A66E5 |. 8BF0 MOV ESI,EAX 004A66E7 |. 33C0 XOR EAX,EAX 004A66E9 |. 55 PUSH EBP 004A66EA |. 68 3F6A4A00 PUSH dumped_.004A6A3F 004A66EF |. 64:FF30 PUSH DWORD PTR FS:[EAX] 004A66F2 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP 004A66F5 |. 33D2 XOR EDX,EDX 004A66F7 |. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A66FD |. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A66FF |. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A6702 |. BA 546A4A00 MOV EDX,dumped_.004A6A54 ; 检测帐号是否可用,请稍侯... 004A6707 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A670D |. E8 D637FAFF CALL dumped_.00449EE8 004A6712 |. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6718 |. E8 03E0F5FF CALL dumped_.00404720 004A671D |. 50 PUSH EAX ; /IniFileName 004A671E |. 68 00010000 PUSH 100 ; |BufSize = 100 (256.) 004A6723 |. 8D85 01FFFFFF LEA EAX,DWORD PTR SS:[EBP-FF] ; | 004A6729 |. 50 PUSH EAX ; |ReturnBuffer 004A672A |. 68 706A4A00 PUSH dumped_.004A6A70 ; |Default = "" 004A672F |. 68 746A4A00 PUSH dumped_.004A6A74 ; |ip 004A6734 |. 68 786A4A00 PUSH dumped_.004A6A78 ; |target1 004A6739 |. E8 5601F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A673E |. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A6744 |. 92 XCHG EAX,EDX 004A6745 |. E8 9AC4F5FF CALL dumped_.00402BE4 004A674A |. 8B86 A4030000 MOV EAX,DWORD PTR DS:[ESI+3A4] 004A6750 |. E8 CBDFF5FF CALL dumped_.00404720 004A6755 |. 50 PUSH EAX ; /IniFileName 004A6756 |. 6A 00 PUSH 0 ; |Default = 0 004A6758 |. 68 806A4A00 PUSH dumped_.004A6A80 ; |port 004A675D |. 68 786A4A00 PUSH dumped_.004A6A78 ; |target1 004A6762 |. E8 2501F6FF CALL <JMP.&kernel32.GetPrivateProfileInt>; \GetPrivateProfileIntA 004A6767 |. 8BD8 MOV EBX,EAX 004A6769 |. 8B86 A0030000 MOV EAX,DWORD PTR DS:[ESI+3A0] 004A676F |. E8 ACDFF5FF CALL dumped_.00404720 004A6774 |. 50 PUSH EAX ; /IniFileName 004A6775 |. 68 00010000 PUSH 100 ; |BufSize = 100 (256.) 004A677A |. 8D85 01FEFFFF LEA EAX,DWORD PTR SS:[EBP-1FF] ; | 004A6780 |. 50 PUSH EAX ; |ReturnBuffer 004A6781 |. 68 706A4A00 PUSH dumped_.004A6A70 ; |Default = "" 004A6786 |. 68 886A4A00 PUSH dumped_.004A6A88 ; |serverip 004A678B |. 68 946A4A00 PUSH dumped_.004A6A94 ; |main 004A6790 |. E8 FF00F6FF CALL <JMP.&kernel32.GetPrivateProfileStr>; \GetPrivateProfileStringA 004A6795 |. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A679B |. 92 XCHG EAX,EDX 004A679C |. E8 43C4F5FF CALL dumped_.00402BE4 004A67A1 |. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A67A7 |. 8D95 00FEFFFF LEA EDX,DWORD PTR SS:[EBP-200] 004A67AD |. E8 12DDF5FF CALL dumped_.004044C4 004A67B2 |. 8B85 FCFDFFFF MOV EAX,DWORD PTR SS:[EBP-204] 004A67B8 |. 50 PUSH EAX 004A67B9 |. 8D95 F8FDFFFF LEA EDX,DWORD PTR SS:[EBP-208] 004A67BF |. 8B86 0C030000 MOV EAX,DWORD PTR DS:[ESI+30C] 004A67C5 |. E8 EE36FAFF CALL dumped_.00449EB8 004A67CA |. 8B85 F8FDFFFF MOV EAX,DWORD PTR SS:[EBP-208] 004A67D0 |. E8 BF22F6FF CALL dumped_.00408A94 004A67D5 |. 50 PUSH EAX 004A67D6 |. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A67DC |. 8D95 00FFFFFF LEA EDX,DWORD PTR SS:[EBP-100] 004A67E2 |. E8 DDDCF5FF CALL dumped_.004044C4 004A67E7 |. 8B85 F4FDFFFF MOV EAX,DWORD PTR SS:[EBP-20C] 004A67ED |. 50 PUSH EAX 004A67EE |. 53 PUSH EBX 004A67EF |. 8D95 F0FDFFFF LEA EDX,DWORD PTR SS:[EBP-210] 004A67F5 |. 8B86 24030000 MOV EAX,DWORD PTR DS:[ESI+324] 004A67FB |. E8 B836FAFF CALL dumped_.00449EB8 004A6800 |. 8B85 F0FDFFFF MOV EAX,DWORD PTR SS:[EBP-210] 004A6806 |. 50 PUSH EAX 004A6807 |. 8D95 ECFDFFFF LEA EDX,DWORD PTR SS:[EBP-214] 004A680D |. 8B86 20030000 MOV EAX,DWORD PTR DS:[ESI+320] 004A6813 |. E8 A036FAFF CALL dumped_.00449EB8 004A6818 |. 8B95 ECFDFFFF MOV EDX,DWORD PTR SS:[EBP-214] 004A681E |. 8BC6 MOV EAX,ESI 004A6820 |. 59 POP ECX 004A6821 |. E8 F6EEFFFF CALL dumped_.004A571C 004A6826 |. 8BD8 MOV EBX,EAX 004A6828 |. 0FBEC3 MOVSX EAX,BL 004A682B |. 83C0 0D ADD EAX,0D ; Switch (cases 0..FFFFFFFF) 004A682E |. 83F8 0D CMP EAX,0D 004A6831 |. 0F87 77010000 JA dumped_.004A69AE 004A6837 |. FF2485 3E684A>JMP DWORD PTR DS:[EAX*4+4A683E] 004A683E |. 9C694A00 DD dumped_.004A699C ; 分支表 被用于 004A6837 004A6842 |. 8A694A00 DD dumped_.004A698A 004A6846 |. 78694A00 DD dumped_.004A6978 004A684A |. 66694A00 DD dumped_.004A6966 004A684E |. 54694A00 DD dumped_.004A6954 004A6852 |. 3F694A00 DD dumped_.004A693F 004A6856 |. 2A694A00 DD dumped_.004A692A 004A685A |. 15694A00 DD dumped_.004A6915 004A685E |. 00694A00 DD dumped_.004A6900 004A6862 |. EB684A00 DD dumped_.004A68EB 004A6866 |. D6684A00 DD dumped_.004A68D6 004A686A |. C1684A00 DD dumped_.004A68C1 004A686E |. 8B684A00 DD dumped_.004A688B 004A6872 |. 76684A00 DD dumped_.004A6876 004A6876 |> BA A46A4A00 MOV EDX,dumped_.004A6AA4 ; Case 0 of switch 004A682B 004A687B |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6881 |. E8 6236FAFF CALL dumped_.00449EE8 004A6886 |. E9 58010000 JMP dumped_.004A69E3 004A688B |> 68 D86A4A00 PUSH dumped_.004A6AD8 ; Case FFFFFFFF of switch 004A682B 004A6890 |. FFB6 B4030000 PUSH DWORD PTR DS:[ESI+3B4] 004A6896 |. 68 F06A4A00 PUSH dumped_.004A6AF0 004A689B |. 8D85 E8FDFFFF LEA EAX,DWORD PTR SS:[EBP-218] 004A68A1 |. BA 03000000 MOV EDX,3 004A68A6 |. E8 35DDF5FF CALL dumped_.004045E0 004A68AB |. 8B95 E8FDFFFF MOV EDX,DWORD PTR SS:[EBP-218] 004A68B1 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68B7 |. E8 2C36FAFF CALL dumped_.00449EE8 004A68BC |. E9 22010000 JMP dumped_.004A69E3 004A68C1 |> BA 006B4A00 MOV EDX,dumped_.004A6B00 ; 帐/密错误; Case FFFFFFFE of switch 004A682B 004A68C6 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68CC |. E8 1736FAFF CALL dumped_.00449EE8 004A68D1 E9 0D010000 JMP dumped_.004A69E3 004A68D6 |> BA 146B4A00 MOV EDX,dumped_.004A6B14 ; sql错误; Case FFFFFFFD of switch 004A682B 004A68DB |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68E1 |. E8 0236FAFF CALL dumped_.00449EE8 004A68E6 |. E9 F8000000 JMP dumped_.004A69E3 004A68EB |> BA 246B4A00 MOV EDX,dumped_.004A6B24 ; 等级不够; Case FFFFFFFC of switch 004A682B 004A68F0 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A68F6 |. E8 ED35FAFF CALL dumped_.00449EE8 004A68FB |. E9 E3000000 JMP dumped_.004A69E3 004A6900 |> BA 386B4A00 MOV EDX,dumped_.004A6B38 ; 到期; Case FFFFFFFB of switch 004A682B 004A6905 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A690B |. E8 D835FAFF CALL dumped_.00449EE8 004A6910 |. E9 CE000000 JMP dumped_.004A69E3 004A6915 |> BA 486B4A00 MOV EDX,dumped_.004A6B48 ; 冻结; Case FFFFFFFA of switch 004A682B 004A691A |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6920 |. E8 C335FAFF CALL dumped_.00449EE8 004A6925 |. E9 B9000000 JMP dumped_.004A69E3 004A692A |> BA 586B4A00 MOV EDX,dumped_.004A6B58 ; 测试号:srcip已测试过; Case FFFFFFF9 of switch 004A682B 004A692F |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6935 |. E8 AE35FAFF CALL dumped_.00449EE8 004A693A |. E9 A4000000 JMP dumped_.004A69E3 004A693F |> BA 786B4A00 MOV EDX,dumped_.004A6B78 ; 测试号:srcip段已测试过; Case FFFFFFF8 of switch 004A682B 004A6944 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A694A |. E8 9935FAFF CALL dumped_.00449EE8 004A694F |. E9 8F000000 JMP dumped_.004A69E3 004A6954 |> BA 986B4A00 MOV EDX,dumped_.004A6B98 ; 测试号:srcip同时连接过多; Case FFFFFFF7 of switch 004A682B 004A6959 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A695F |. E8 8435FAFF CALL dumped_.00449EE8 004A6964 |. EB 7D JMP SHORT dumped_.004A69E3 004A6966 |> BA BC6B4A00 MOV EDX,dumped_.004A6BBC ; 帐/密太长; Case FFFFFFF6 of switch 004A682B 004A696B |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6971 |. E8 7235FAFF CALL dumped_.00449EE8 004A6976 |. EB 6B JMP SHORT dumped_.004A69E3 004A6978 |> BA D06B4A00 MOV EDX,dumped_.004A6BD0 ; 帐/密有非法字符; Case FFFFFFF5 of switch 004A682B 004A697D |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6983 |. E8 6035FAFF CALL dumped_.00449EE8 004A6988 |. EB 59 JMP SHORT dumped_.004A69E3 004A698A |> BA E86B4A00 MOV EDX,dumped_.004A6BE8 ; 目标服务器/端口连不上; Case FFFFFFF4 of switch 004A682B 004A698F |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A6995 |. E8 4E35FAFF CALL dumped_.00449EE8 004A699A |. EB 47 JMP SHORT dumped_.004A69E3 004A699C |> BA 086C4A00 MOV EDX,dumped_.004A6C08 ; 选择的服务器/端口组合有误; Case FFFFFFF3 of switch 004A682B 004A69A1 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69A7 |. E8 3C35FAFF CALL dumped_.00449EE8 004A69AC |. EB 35 JMP SHORT dumped_.004A69E3 004A69AE |> 8D95 E0FDFFFF LEA EDX,DWORD PTR SS:[EBP-220] ; Default case of switch 004A682B 004A69B4 |. 0FBEC3 MOVSX EAX,BL 004A69B7 |. E8 9C1FF6FF CALL dumped_.00408958 004A69BC |. 8B8D E0FDFFFF MOV ECX,DWORD PTR SS:[EBP-220] 004A69C2 |. 8D85 E4FDFFFF LEA EAX,DWORD PTR SS:[EBP-21C] 004A69C8 |. BA 2C6C4A00 MOV EDX,dumped_.004A6C2C ; 未知错误 004A69CD |. E8 9ADBF5FF CALL dumped_.0040456C 004A69D2 |. 8B95 E4FDFFFF MOV EDX,DWORD PTR SS:[EBP-21C] 004A69D8 |. 8B86 90030000 MOV EAX,DWORD PTR DS:[ESI+390] 004A69DE |. E8 0535FAFF CALL dumped_.00449EE8 004A69E3 |> B2 01 MOV DL,1 004A69E5 |. 8B86 48030000 MOV EAX,DWORD PTR DS:[ESI+348] 004A69EB |. 8B08 MOV ECX,DWORD PTR DS:[EAX] 004A69ED |. FF51 64 CALL DWORD PTR DS:[ECX+64] 004A69F0 |. 33C0 XOR EAX,EAX 004A69F2 |. 5A POP EDX 004A69F3 |. 59 POP ECX 004A69F4 |. 59 POP ECX 004A69F5 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX 004A69F8 |. 68 466A4A00 PUSH dumped_.004A6A46 004A69FD |> 8D85 E0FDFFFF LEA EAX,DWORD PTR SS:[EBP-220] 004A6A03 |. BA 03000000 MOV EDX,3 004A6A08 |. E8 77D8F5FF CALL dumped_.00404284 004A6A0D |. 8D85 ECFDFFFF LEA EAX,DWORD PTR SS:[EBP-214] 004A6A13 |. BA 02000000 MOV EDX,2 004A6A18 |. E8 67D8F5FF CALL dumped_.00404284 004A6A1D |. 8D85 F4FDFFFF LEA EAX,DWORD PTR SS:[EBP-20C] 004A6A23 |. E8 38D8F5FF CALL dumped_.00404260 004A6A28 |. 8D85 F8FDFFFF LEA EAX,DWORD PTR SS:[EBP-208] 004A6A2E |. E8 2DD8F5FF CALL dumped_.00404260 004A6A33 |. 8D85 FCFDFFFF LEA EAX,DWORD PTR SS:[EBP-204] 004A6A39 |. E8 22D8F5FF CALL dumped_.00404260 004A6A3E \. C3 RETN |
|
对于通过官方网站在线检测注册信息的软件如何破解!!!
有不用什么拦截封包软件的 能不能把过程大概说一下 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值