调用堆栈: 主线程
地址 堆栈 函数过程 / 参数 调用来自 结构
0012F49C 77D19418 包含ntdll.KiFastSystemCallRet USER32.77D19416 0012F4D0
0012F4A0 77D2770A USER32.WaitMessage USER32.77D27705 0012F4D0
0012F4D4 77D249C4 USER32.77D2757B USER32.77D249BF 0012F4D0
0012F4FC 77D3A956 USER32.77D2490E USER32.77D3A951 0012F4F8
0012F7BC 77D3A2BC USER32.SoftModalMessageBox USER32.77D3A2B7 0012F7B8
0012F90C 77D663FD USER32.77D3A147 USER32.77D663F8 0012F908
0012F964 77D664A2 USER32.MessageBoxTimeoutW USER32.77D6649D 0012F960
0012F998 77D50877 ? USER32.MessageBoxTimeoutA USER32.77D50872 0012F994
0012F9B8 77D5082F ? USER32.MessageBoxExA USER32.77D5082A 0012F9B4
0012F9BC 000F09F4 hOwner = 000F09F4 ('URLegal',class
0012F9C0 0041E240 Text = "Name / Code mis-match. Try
0012F9C4 003B9350 Title = "URLegal"
0012F9C8 00000030 Style = MB_OK|MB_ICONEXCLAMATION|M
0012F9CC 00000000 LanguageID = 0 (LANG_NEUTRAL)
0012F9D4 73D49872 ? USER32.MessageBoxA MFC42.73D4986C 0012F9D0
0012F9D8 000F09F4 hOwner = 000F09F4 ('URLegal',class
0012F9DC 0041E240 Text = "Name / Code mis-match. Try
0012F9E0 003B9350 Title = "URLegal"
0012F9E4 00000030 Style = MB_OK|MB_ICONEXCLAMATION|M
0012FB14 004026D5 ? <JMP.&MFC42.#1200_AfxMessageBox> Urlegal.004026D0 0012FA74
0012FBB4 73D324C0 Urlegal.004025C6 MFC42.73D324BD 0012FBB0
0012FBC4 73D323BF MFC42.73D3243E MFC42.73D323BA 0012FBC0
0012FBF4 73D32A85 MFC42.#4424_CCmdTarget::OnCmdMsg MFC42.73D32A80 0012FBF0
0012FC24 73D33244 包含MFC42.73D32A85 MFC42.73D33241 0012FC20
0012FC74 73D332F7 MFC42.#4441_CWnd::OnCommand MFC42.73D332F2 0012FC70
0012FC8C 73D31BF1 包含MFC42.73D332F7 MFC42.73D31BEB 0012FD08
0012FD0C 73D31B9B 包含MFC42.73D31BF1 MFC42.73D31B95 0012FD08
0012FD2C 73D31B05 包含MFC42.73D31B9B MFC42.73D31AFF 0012FD28
0012FD8C 73D31A58 MFC42.#1109_AfxCallWndProc MFC42.73D31A53 0012FD88
0012FDAC 73DC847D MFC42.#1578_AfxWndProc MFC42.73DC8478 0012FDA8
0012FDB0 000F09F4 Arg1 = 000F09F4
0012FDB4 00000111 Arg2 = 00000111
0012FDB8 00008009 Arg3 = 00008009
0012FDBC 00000000 Arg4 = 00000000
0012FDD8 77D18734 包含MFC42.73DC847D USER32.77D18731 0012FDD4
0012FE04 77D18816 ? USER32.77D1870C USER32.77D18811 0012FE00
0012FE6C 77D189CD USER32.77D1875F USER32.77D189C8 0012FE68
0012FE70 00000000 Arg1 = 00000000
0012FE74 73DC8444 Arg2 = 73DC8444
0012FE78 000F09F4 Arg3 = 000F09F4
0012FE7C 00000111 Arg4 = 00000111
0012FE80 00008009 Arg5 = 00008009
0012FE84 00000000 Arg6 = 00000000
0012FE88 0063E6FC Arg7 = 0063E6FC
0012FE8C 00000001 Arg8 = 00000001
0012FECC 77D196C7 ? USER32.77D188F1 USER32.77D196C2 0012FEC8
0012FEDC 73D3125A ? USER32.DispatchMessageA MFC42.73D31254 0012FED8
0012FEE0 0042238C pMsg = WM_LBUTTONUP hw = 1D09B2 Ke
上边这代码中,我要从哪个地方下手?
我想了解下这个破解的过程,为什么要重某个地址进去,根据的原理是什么。
比如:
0012F9BC 000F09F4 hOwner = 000F09F4 ('URLegal',class
0012F9C0 0041E240 Text = "Name / Code mis-match. Try
0012F9C4 003B9350 Title = "URLegal"
0012F9C8 00000030 Style = MB_OK|MB_ICONEXCLAMATION|M
0012F9CC 00000000 LanguageID = 0 (LANG_NEUTRAL)
0012F9D4 73D49872 ? USER32.MessageBoxA MFC42.73D4986C 0012F9D0
0012F9D8 000F09F4 hOwner = 000F09F4 ('URLegal',class
0012F9DC 0041E240 Text = "Name / Code mis-match. Try
0012F9E0 003B9350 Title = "URLegal"
0012F9E4 00000030 Style = MB_OK|MB_ICONEXCLAMATION|M
0012FB14 004026D5 ? <JMP.&MFC42.#1200_AfxMessageBox> Urlegal.004026D0 0012FA74
上边这有些信息,但要重哪个地方跟进?为什么要这个地方?如果要从这个地址分析,那它和前面后面的部分又有什么关系?
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课