【破解作者】 larblue
【作者邮箱】 larblue#126.com
【使用工具】 OD、DEDE、KeyMack
【破解平台】 Win9x/NT/2000/XP
【软件名称】 东晨进销存6.107
【下载地址】 http://www3.skycn.com/soft/9996.html
【软件简介】 本系统适用于大中小型企业、商畅?生产厂等物资供销、商品流通部门进行物资(商品)的采购、销售、库存的管理。主要功能包括进采购、采购退货、销售、销售退货、物料领用、领料退回、组装、拆卸、库存盘点、仓库调拨、借入、借出、借入还出、借出还入,供方客户资料管理,供方供货汇总、明细报表,客户供货汇总、明细报表,部门领用汇总、明细报表、仓库汇总、明细报表。销售毛利汇总、明细报表,销售年报表等多种报表,使公司业务情况一目了然。 本系统采用安全稳定的数据库管理系统设计而成,介面友好,所见即所得,操作简便,多级密码设置及备份功能,数据安全可靠,全真模拟显示功能,经营业务管理成熟,汇集了许多优秀企业的成功管理经验。 现已广泛应用于:大中小型企业集团、工厂、进出口公司`、五交化公司、商场?购物中心、酒店、连锁店、专卖店、批发部;化工、建材、五金水电、医药、汽配、食品、服装、电子、电脑、图书、仓储、化装品等行业。
【软件大小】 1.908M
【加壳方式】 无
【破解声明】 写的比较乱,大家凑合看吧
--------------------------------------------------------------------------------
【破解内容】
昨天下午帮朋友找了这款进削存软件6.106版的刚破完6.107就发布了,接着下了下来幸亏注册部分作者没有改动,所以又顺利的破解了6.107。
请看:
软件用Delphi写的没有加壳I like it!运行后提示有30天试用限制,所有的菜单和按钮并没有发现注册部分。改了一下系统时间再进去就提示注册了。
废话少说用DeDe载入过程里找到“Rigist”作者真是为我等大开方便之门。双击"Button2Click"进入注册部分
006E6B48 55 push ebp
006E6B49 8BEC mov ebp, esp
006E6B4B 33C9 xor ecx, ecx
006E6B4D 51 push ecx
006E6B4E 51 push ecx
006E6B4F 51 push ecx
006E6B50 51 push ecx
006E6B51 51 push ecx
006E6B52 53 push ebx
006E6B53 8BD8 mov ebx, eax
006E6B55 33C0 xor eax, eax
006E6B57 55 push ebp
* Possible String Reference to: '轺醒?圹?]米⒉崧胛扌В?
|
006E6B58 686C6C6E00 push $006E6C6C
***** TRY
|
006E6B5D 64FF30 push dword ptr fs:[eax]
006E6B60 648920 mov fs:[eax], esp
006E6B63 8D55FC lea edx, [ebp-$04]
* Reference to control TfmReg.Edit1 : TEdit
|
006E6B66 8B8320030000 mov eax, [ebx+$0320]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
006E6B6C E89B29DAFF call 0048950C
006E6B71 8B45FC mov eax, [ebp-$04]
|
006E6B74 E86FFFFFFF call 006E6AE8 //这一个进去判断验证码是否是"abc"不是就提示注册码无效不进行注册码校验
006E6B79 84C0 test al, al
006E6B7B 751B jnz 006E6B98
* Possible String Reference to: '注册码无效!'
|
006E6B7D B8786C6E00 mov eax, $006E6C78
|
006E6B82 E8A928E5FF call 00539430
* Reference to TApplication instance
|
006E6B87 A1C0F66E00 mov eax, dword ptr [$006EF6C0]
006E6B8C 8B00 mov eax, [eax]
* Reference to: Forms.TApplication.Terminate(TApplication);
|
006E6B8E E8E140DCFF call 004AAC74
006E6B93 E9A9000000 jmp 006E6C41
006E6B98 8D55F8 lea edx, [ebp-$08]
* Reference to control TfmReg.edRegNO : TEdit
|
006E6B9B 8B830C030000 mov eax, [ebx+$030C]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
006E6BA1 E86629DAFF call 0048950C
006E6BA6 8B45F8 mov eax, [ebp-$08]
006E6BA9 50 push eax
006E6BAA 8D55F4 lea edx, [ebp-$0C]
* Reference to control TfmReg.edCompanyName : TEdit
|
006E6BAD 8B8304030000 mov eax, [ebx+$0304]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
006E6BB3 E85429DAFF call 0048950C
006E6BB8 8B55F4 mov edx, [ebp-$0C]
* Reference to TfmMain instance
|
006E6BBB A1CCF46E00 mov eax, dword ptr [$006EF4CC]
006E6BC0 8B00 mov eax, [eax]
* Reference to control TfmMain.RegwareII1 : TRegwareII
|
006E6BC2 8B800C060000 mov eax, [eax+$060C]
006E6BC8 33C9 xor ecx, ecx
|
006E6BCA E8CD97E0FF call 004F039C //这里跟进去就是注册码的计算
006E6BCF 84C0 test al, al
006E6BD1 7458 jz 006E6C2B
* Possible String Reference to: '恭喜您!注册成功,多谢您的支持!'
|
006E6BD3 B8886C6E00 mov eax, $006E6C88
|
006E6BD8 E85328E5FF call 00539430
006E6BDD 8D55EC lea edx, [ebp-$14]
* Reference to control TfmReg.edCompanyName : TEdit
|
006E6BE0 8B8304030000 mov eax, [ebx+$0304]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
006E6BE6 E82129DAFF call 0048950C
006E6BEB 8B4DEC mov ecx, [ebp-$14]
006E6BEE 8D45F0 lea eax, [ebp-$10]
* Possible String Reference to: '注册用户:'
|
006E6BF1 BAB46C6E00 mov edx, $006E6CB4
* Reference to: System.@LStrCat3;
|
006E6BF6 E8D5DAD1FF call 004046D0
006E6BFB 8B45F0 mov eax, [ebp-$10]
006E6BFE 50 push eax
* Reference to TfmMain instance
|
006E6BFF A1CCF46E00 mov eax, dword ptr [$006EF4CC]
006E6C04 8B00 mov eax, [eax]
* Reference to control TfmMain.StatusBar1 : TStatusBar
|
006E6C06 8B804C040000 mov eax, [eax+$044C]
* Reference to field TStatusBar.Panels : TStatusPanels
|
006E6C0C 8B8008020000 mov eax, [eax+$0208]
006E6C12 BA02000000 mov edx, $00000002
* Reference to: ComCtrls.TStatusPanels.GetItem(TStatusPanels;Integer):TStatusPanel;
| or: QComCtrls.TStatusPanels.GetItem(TStatusPanels;Integer):TStatusPanel;
|
006E6C17 E87448D7FF call 0045B490
006E6C1C 5A pop edx
* Reference to: ComCtrls.TStatusPanel.SetText(TStatusPanel;AnsiString);
| or: ComCtrls.THeaderSection.SetText(THeaderSection;AnsiString);
|
006E6C1D E8CA47D7FF call 0045B3EC
006E6C22 8BC3 mov eax, ebx
* Reference to: Forms.TCustomForm.Close(TCustomForm);
|
006E6C24 E83B05DCFF call 004A7164
006E6C29 EB16 jmp 006E6C41
* Possible String Reference to: '注册码无效!'
|
006E6C2B B8786C6E00 mov eax, $006E6C78
|
006E6C30 E8FB27E5FF call 00539430
* Reference to TApplication instance
|
006E6C35 A1C0F66E00 mov eax, dword ptr [$006EF6C0]
006E6C3A 8B00 mov eax, [eax]
* Reference to: Forms.TApplication.Terminate(TApplication);
|
006E6C3C E83340DCFF call 004AAC74
006E6C41 33C0 xor eax, eax
006E6C43 5A pop edx
006E6C44 59 pop ecx
006E6C45 59 pop ecx
006E6C46 648910 mov fs:[eax], edx
****** FINALLY
|
* Possible String Reference to: '[?]米⒉崧胛扌В?
|
006E6C49 68736C6E00 push $006E6C73
006E6C4E 8D45EC lea eax, [ebp-$14]
* Reference to: System.@LStrClr(void;void);
|
006E6C51 E86ED7D1FF call 004043C4
006E6C56 8D45F0 lea eax, [ebp-$10]
* Reference to: System.@LStrClr(void;void);
|
006E6C59 E866D7D1FF call 004043C4
006E6C5E 8D45F4 lea eax, [ebp-$0C]
006E6C61 BA03000000 mov edx, $00000003
* Reference to: System.@LStrArrayClr(void;void;Integer);
|
006E6C66 E87DD7D1FF call 004043E8
006E6C6B C3 ret
* Reference to: System.@HandleFinally;
|
006E6C6C E977D0D1FF jmp 00403CE8
006E6C71 EBDB jmp 006E6C4E
****** END
|
006E6C73 5B pop ebx
006E6C74 8BE5 mov esp, ebp
006E6C76 5D pop ebp
006E6C77 C3 ret
用OD载入在 004F039C 下断跟了几轮
004F039C /$ 55 PUSH EBP
004F039D |. 8BEC MOV EBP,ESP
004F039F |. 83C4 F0 ADD ESP,-10
004F03A2 |. 53 PUSH EBX
004F03A3 |. 33DB XOR EBX,EBX
004F03A5 |. 895D F0 MOV DWORD PTR SS:[EBP-10],EBX
004F03A8 |. 895D F4 MOV DWORD PTR SS:[EBP-C],EBX
004F03AB |. 894D F8 MOV DWORD PTR SS:[EBP-8],ECX
004F03AE |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX
004F03B1 |. 8BD8 MOV EBX,EAX
004F03B3 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004F03B6 |. E8 B944F1FF CALL DCJXC.00404874
004F03BB |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
004F03BE |. E8 B144F1FF CALL DCJXC.00404874
004F03C3 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
004F03C6 |. E8 A944F1FF CALL DCJXC.00404874
004F03CB |. 33C0 XOR EAX,EAX
004F03CD |. 55 PUSH EBP
004F03CE |. 68 86044F00 PUSH DCJXC.004F0486
004F03D3 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
004F03D6 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
004F03D9 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004F03DC |. E8 A342F1FF CALL DCJXC.00404684
004F03E1 |. 3B43 4C CMP EAX,DWORD PTR DS:[EBX+4C]
004F03E4 |. 7F 19 JG SHORT DCJXC.004F03FF
004F03E6 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004F03E9 |. E8 9642F1FF CALL DCJXC.00404684
004F03EE |. 3B43 50 CMP EAX,DWORD PTR DS:[EBX+50]
004F03F1 |. 7C 0C JL SHORT DCJXC.004F03FF
004F03F3 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
004F03F6 |. E8 8942F1FF CALL DCJXC.00404684
004F03FB |. 85C0 TEST EAX,EAX
004F03FD |. 75 04 JNZ SHORT DCJXC.004F0403
004F03FF |> 33DB XOR EBX,EBX
004F0401 |. EB 60 JMP SHORT DCJXC.004F0463
004F0403 |> 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
004F0406 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
004F0409 |. E8 928BF1FF CALL DCJXC.00408FA0
004F040E |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
004F0411 |. 8D45 08 LEA EAX,DWORD PTR SS:[EBP+8]
004F0414 |. E8 4340F1FF CALL DCJXC.0040445C
004F0419 |. 8D4D F0 LEA ECX,DWORD PTR SS:[EBP-10]
004F041C |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004F041F |. 8BC3 MOV EAX,EBX
004F0421 |. E8 CEFBFFFF CALL DCJXC.004EFFF4
004F0426 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]//真注册码
004F0429 |. 8B55 08 MOV EDX,DWORD PTR SS:[EBP+8] //输入的注册码
004F042C |. E8 E78BF1FF CALL DCJXC.00409018
004F0431 |. 85C0 TEST EAX,EAX
004F0433 |. 74 04 JE SHORT DCJXC.004F0439 //跳就提示失败
004F0435 |. 33DB XOR EBX,EBX
004F0437 |. EB 2A JMP SHORT DCJXC.004F0463
004F0439 |> 8D43 48 LEA EAX,DWORD PTR DS:[EBX+48]
004F043C |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004F043F |. E8 D43FF1FF CALL DCJXC.00404418
004F0444 |. 8D43 54 LEA EAX,DWORD PTR DS:[EBX+54]
004F0447 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8]
004F044A |. E8 C93FF1FF CALL DCJXC.00404418
004F044F |. 8D43 5C LEA EAX,DWORD PTR DS:[EBX+5C]
004F0452 |. 8B55 08 MOV EDX,DWORD PTR SS:[EBP+8]
004F0455 |. E8 BE3FF1FF CALL DCJXC.00404418
004F045A |. 8BC3 MOV EAX,EBX
004F045C |. E8 5B020000 CALL DCJXC.004F06BC
004F0461 |. B3 01 MOV BL,1
004F0463 |> 33C0 XOR EAX,EAX
004F0465 |. 5A POP EDX
004F0466 |. 59 POP ECX
004F0467 |. 59 POP ECX
004F0468 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
004F046B |. 68 8D044F00 PUSH DCJXC.004F048D
004F0470 |> 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004F0473 |. BA 04000000 MOV EDX,4
004F0478 |. E8 6B3FF1FF CALL DCJXC.004043E8
004F047D |. 8D45 08 LEA EAX,DWORD PTR SS:[EBP+8]
004F0480 |. E8 3F3FF1FF CALL DCJXC.004043C4
004F0485 \. C3 RETN
--------------------------------------------------------------------------------
【破解总结】
初学破解拣个软柿子捏捏,大虾勿笑我!!!!
--------------------------------------------------------------------------------
【算法注册机】
仿佛与注册公司的内容没有关系,之与注册公司的长度有关
既然有内存注册机,算法注册机我懒得写了匆匆的给朋友交了活。
--------------------------------------------------------------------------------
【内存注册机】
中断地址4F0429
次数 1
指令 8B
长度 3
内存方式EAX
--------------------------------------------------------------------------------
【爆破地址】
很多地方啦!每次启动还要验证
改了公司名就又成试用版了
--------------------------------------------------------------------------------
【用户名、密码】
一组可用的
公司名larblue
注册码3137BFC4C15F
--------------------------------------------------------------------------------
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
