日前碰到一个工程预算软件，感觉不错，是VFP程序，ROCKY狗，未加壳，反编译后发现是调用ROCKY DLL实现加密的
......
DECLARE INTEGER Rockey IN RYDLL32.dll INTEGER , INTEGER @ , LONG @ , LONG @ , INTEGER @ ,  ;
      INTEGER @ , INTEGER @ , INTEGER @ , STRING @

......

分析代码，很容易找到判断狗狗的代码及跳转

CL_ERRTXT = '您的加密狗有问题!!! ......)'

NDOS = WROWS('imis')
IF NDOS < 30
GD_SIZE = 9
ENDIF
USE (CDK)
STORE 0 TO LP1 , LP2 , HANDLE
STORE '' TO BUFFER
RETCODE = ROCKEY(RY_FIND,@HANDLE,@LP1,@LP2,@P1,@P2,@P3,@P4,@BUFFER)
TEST_JM = IIF(RETCODE <> 0,.F.,.T.)
CP_JMG = ''
IF TEST_JM
RETCODE = ROCKEY(RY_OPEN,@HANDLE,@LP1,@LP2,@P1,@P2,@P3,@P4,@BUFFER)
TEST_JM = IIF(RETCODE <> 0,.F.,.T.)
IF TEST_JM
P1 = 0
P2 = 20
BUFFER = '                   '
RETCODE = ROCKEY(RY_READ,@HANDLE,@LP1,@LP2,@P1,@P2,@P3,@P4,@BUFFER)
TEST_JM = IIF(RETCODE <> 0,.F.,.T.)
IF TEST_JM
CP_JMG = BUFFER
ENDIF
ENDIF
ENDIF
IF TEST_JM             ★★★★是否有狗★★★★
DIMENSION A_TMP( 4 ) , B_TMP( 4 )
FOR II_M = 1 TO 4
RETCODE = ROCKEY(RY_RANDOM,@HANDLE,@LP1,@LP2,@P1,@P2,@P3,@P4,@BUFFER)
XX_M = ALLTRIM(STR(P1,5))
A_TMP( II_M ) = IIF(LEN(XX_M) > 3,VAL(LEFT(XX_M,3)),VAL(XX_M))
ENDFOR
LP1 = 0
LP2 = 7
P1 = A_TMP(1)
P2 = A_TMP(2)
P3 = A_TMP(3)
P4 = A_TMP(4)
RETCODE = ROCKEY(RY_CALCULATE2,@HANDLE,@LP1,@LP2,@P1,@P2,@P3,@P4,@BUFFER)
IF (RETCODE <> 0)
  messagebox(&etsbl_m,48,'警告')
QUIT
ELSE
NO_M = 0
ON ERROR no_m=10
FOR II_M = 1 TO 4
II_C = STR(II_M,1)
  if p&ii_c>32768
  p&ii_c=p&ii_c-65536
ENDIF
ENDFOR
B_TMP( 1 ) = P1 - P3 + P4 - P2 - 63
B_TMP( 2 ) = P4 - P2 - 56
B_TMP( 3 ) = P3 + 7
B_TMP( 4 ) = P4 - P1
IF NO_M = 10
  messagebox(&etsbl_m,48,'警告')
QUIT
ELSE
IF  .NOT. (A_TMP(1) = B_TMP(1) AND A_TMP(2) = B_TMP(2) AND A_TMP(3) = B_TMP(3) AND  ;
A_TMP(4) = B_TMP(4))
  messagebox(&etsbl_m,48,'警告')
QUIT
ENDIF
ENDIF
......

如何直接在可执行程序中修改跳转代码？有无专业工具？求指点！！！！

[培训]《安卓高级研修班(网课)》月薪三万计划，掌握调试、分析还原ollvm、vmp的方法，定制art虚拟机自动化脱壳的方法