Armadillo V4.X CopyMem-II脱壳――魔法转换(Magic Converter) V4.0正式版-加壳脱壳-看雪-安全社区|安全招聘|kanxue.com

最新回复 (84) ◀ 1 2 3 4
inraining 雪币： 234 活跃值： (10) 能力值： ( LV6，RANK：90 ) 在线值：发帖 15 回帖 411 粉丝 0 关注私信	inraining 2 76 楼谢谢Fly，了解。 00AE70FC 50 push eax 00AE70FD FF15 4801AF00 call dword ptr ds:[AF0148] ; kernel32.VirtualProtect 00AE7103 ^ E9 E3F7FFFF jmp 00AE68EB //循环 00AE7108 8B85 E4C6FFFF mov eax,dword ptr ss:[ebp-391C] //下断在此。 00AE710E 8985 C4AFFFFF mov dword ptr ss:[ebp+FFFFAFC4],eax 00422000 77DA6BF0 ADVAPI32.RegCloseKey 00422004 77DAEBE7 ADVAPI32.RegSetValueExA 00422008 77DA761B ADVAPI32.RegOpenKeyExA 0042200C 77DAEAF4 ADVAPI32.RegCreateKeyExA 00422010 00ACACCF 00422014 5C8415DD COMCTL32.InitCommonControls 00422018 00ACAD98 0042201C 77EF5D0B GDI32.SetBkMode 00422020 77EFA8F7 GDI32.SetMapMode 00422024 77EF7988 GDI32.SetViewportOrgEx 00422028 77F0F27C GDI32.OffsetViewportOrgEx 0042202C 77F0E45F GDI32.SetViewportExtEx 00422030 77F1C352 GDI32.ScaleViewportExtEx 00422034 77F0E3B6 GDI32.SetWindowExtEx 00422038 77F1C433 GDI32.ScaleWindowExtEx 0042203C 77EF6899 GDI32.IntersectClipRect 00422040 77EF6A3B GDI32.DeleteObject 00422044 77EF59A0 GDI32.SelectObject 00422048 77EF7B2D GDI32.GetViewportExtEx 0042204C 77EF7AB5 GDI32.GetWindowExtEx 00422050 77EF5FD5 GDI32.CreateSolidBrush 00422054 77F24F47 GDI32.PtVisible 00422058 77EF8070 GDI32.RectVisible 0042205C 77EFC449 GDI32.TextOutA 00422060 77EF9012 GDI32.ExtTextOutA 00422064 77F07FBB GDI32.Escape 00422068 77EFBFE7 GDI32.DPtoLP 0042206C 77EF8195 GDI32.LPtoDP 00422070 77EFAB59 GDI32.GetMapMode 00422074 77EF86B0 GDI32.PatBlt 00422078 77EF97BE GDI32.RestoreDC 0042207C 77EF9884 GDI32.SaveDC 00422080 77EF6CA6 GDI32.DeleteDC 00422084 77EF5FF1 GDI32.GetStockObject 00422088 77EF58A2 GDI32.GetDeviceCaps 0042208C 77EF84D4 GDI32.GetBkColor 00422090 77EF8528 GDI32.GetTextColor 00422094 77EF9A82 GDI32.GetObjectA 00422098 77EF5C59 GDI32.SetBkColor 0042209C 77EF5BA7 GDI32.SetTextColor 004220A0 77EF68E4 GDI32.GetClipBox 004220A4 77EFB52C GDI32.CreateDIBitmap 004220A8 77EFC333 GDI32.GetTextExtentPointA 004220AC 77EF6DC0 GDI32.BitBlt 004220B0 77EF5E10 GDI32.CreateCompatibleDC 004220B4 77EF601F GDI32.CreateBitmap 004220B8 00ACACAC 004220BC 7C825F62 kernel32.FormatMessageA 004220C0 7C957A40 ntdll.RtlUnwind 004220C4 7C801EEE kernel32.GetStartupInfoA 004220C8 7C812C8D kernel32.GetCommandLineA 004220CC 7C81CAA2 kernel32.ExitProcess 004220D0 7C801E16 kernel32.TerminateProcess 004220D4 7C93043D ntdll.RtlFreeHeap 004220D8 7C81082F kernel32.CreateThread 004220DC 7C80CCA9 kernel32.ExitThread 004220E0 7C9305D4 ntdll.RtlAllocateHeap 004220E4 7C81EAE1 kernel32.RaiseException 004220E8 7C9379FD ntdll.RtlReAllocateHeap 004220EC 7C9309ED ntdll.RtlSizeHeap 004220F0 7C809943 kernel32.GetACP 004220F4 7C8394AE kernel32.GetTimeZoneInformation 004220F8 7C862B8A kernel32.UnhandledExceptionFilter 004220FC 7C81DC3F kernel32.FreeEnvironmentStringsA 00422100 7C81485F kernel32.FreeEnvironmentStringsW 00422104 7C81CC23 kernel32.GetEnvironmentStringsA 00422108 7C812C78 kernel32.GetEnvironmentStringsW 0042210C 7C80C6CF kernel32.SetHandleCount 00422110 7C812CA9 kernel32.GetStdHandle 00422114 7C811110 kernel32.HeapDestroy 00422118 7C812929 kernel32.HeapCreate 0042211C 7C809B14 kernel32.VirtualFree 00422120 7C809A81 kernel32.VirtualAlloc 00422124 7C809F29 kernel32.IsBadWritePtr 00422128 7C810386 kernel32.SetUnhandledExceptionFilter 0042212C 7C838CB9 kernel32.GetStringTypeA 00422130 7C80A480 kernel32.GetStringTypeW 00422134 7C832E2B kernel32.LCMapStringA 00422138 7C80CEC4 kernel32.LCMapStringW 0042213C 7C809EB3 kernel32.IsBadReadPtr 00422140 7C80BB57 kernel32.IsBadCodePtr 00422144 7C81D8CB kernel32.SetStdHandle 00422148 7C80D293 kernel32.CompareStringA 0042214C 7C80A34E kernel32.CompareStringW 00422150 7C8226A9 kernel32.SetEnvironmentVariableA 00422154 7C81F8E2 kernel32.GetFileTime 00422158 7C822D47 kernel32.GetProfileStringA 0042215C 7C810C8F kernel32.GetFileSize 00422160 7C81174C kernel32.GetFileAttributesA 00422164 7C8092AC kernel32.GetTickCount 00422168 7C80EA66 kernel32.FileTimeToLocalFileTime 0042216C 7C80E9EC kernel32.FileTimeToSystemTime 00422170 7C81367C kernel32.GetFullPathNameA 00422174 7C827052 kernel32.GetVolumeInformationA 00422178 7C813559 kernel32.FindFirstFileA 0042217C 7C80EFD7 kernel32.FindClose 00422180 7C81F850 kernel32.SetEndOfFile 00422184 7C81FDDD kernel32.UnlockFile 00422188 7C81FE92 kernel32.LockFile 0042218C 7C80CD58 kernel32.FlushFileBuffers 00422190 7C810DA6 kernel32.SetFilePointer 00422194 7C810F9F kernel32.WriteFile 00422198 7C80180E kernel32.ReadFile 0042219C 7C801A24 kernel32.CreateFileA 004221A0 7C80E00D kernel32.GetCurrentProcess 004221A4 7C80E016 kernel32.DuplicateHandle 004221A8 7C80AA97 kernel32.SetErrorMode 004221AC 7C81E82A kernel32.GetOEMCP 004221B0 7C812BE6 kernel32.GetCPInfo 004221B4 7C80BAF1 kernel32.SizeofResource 004221B8 7C812996 ASCII "jPh" 004221BC 7C930331 ntdll.RtlGetLastWin32Error 004221C0 7C822BB7 kernel32.WritePrivateProfileStringA 004221C4 7C8278F0 kernel32.GlobalFlags 004221C8 7C810311 kernel32.lstrcpynA 004221CC 7C809750 kernel32.TlsGetValue 004221D0 7C81E2B1 kernel32.LocalReAlloc 004221D4 7C809BF5 kernel32.TlsSetValue 004221D8 7C921005 ntdll.RtlEnterCriticalSection 004221DC 7C8125C9 kernel32.GlobalReAlloc 004221E0 7C9210ED ntdll.RtlLeaveCriticalSection 004221E4 7C813453 kernel32.TlsFree 004221E8 7C838F36 kernel32.GlobalHandle 004221EC 7C93188A ntdll.RtlDeleteCriticalSection 004221F0 7C812B0F kernel32.TlsAlloc 004221F4 7C809FA1 kernel32.InitializeCriticalSection 004221F8 7C80995D kernel32.LocalFree 004221FC 7C8099BD kernel32.LocalAlloc 00422200 7C80A0C7 kernel32.WideCharToMultiByte 00422204 7C8097F4 kernel32.MulDiv 00422208 7C930340 ntdll.RtlSetLastWin32Error 0042220C 7C80977B kernel32.InterlockedIncrement 00422210 7C80C6E0 kernel32.lstrlenA 00422214 7C809CAD kernel32.MultiByteToWideChar 00422218 7C80A405 kernel32.GetThreadLocale 0042221C 7C809794 kernel32.InterlockedDecrement 00422220 7C801D77 kernel32.LoadLibraryA 00422224 7C80AA66 kernel32.FreeLibrary 00422228 7C8114AB kernel32.GetVersion 0042222C 7C838FB9 kernel32.lstrcatA 00422230 7C85B073 kernel32.GlobalGetAtomNameA 00422234 7C823039 kernel32.GlobalAddAtomA 00422238 7C823094 kernel32.GlobalFindAtomA 0042223C 7C80C729 kernel32.lstrcpyA 00422240 7C80B529 kernel32.GetModuleHandleA 00422244 7C80AC28 kernel32.GetProcAddress 00422248 7C810082 kernel32.GlobalUnlock 0042224C 7C80FE2F kernel32.GlobalFree 00422250 7C80C6CF kernel32.SetHandleCount 00422254 7C80C7B1 kernel32.FindResourceA 00422258 7C80A065 kernel32.LoadResource 0042225C 7C81E4BD kernel32.CreateEventA 00422260 7C838F10 kernel32.SuspendThread 00422264 7C80CC67 kernel32.SetThreadPriority 00422268 7C81E92A kernel32.ResumeThread 0042226C 7C809C28 kernel32.SetEvent 00422270 7C802530 kernel32.WaitForSingleObject 00422274 7C80B357 kernel32.GetModuleFileNameA 00422278 7C810119 kernel32.GlobalLock 0042227C 7C80FF2D kernel32.GlobalAlloc 00422280 7C81E19A kernel32.GlobalDeleteAtom 00422284 7C81EE79 kernel32.lstrcmpA 00422288 7C80B929 kernel32.lstrcmpiA 0042228C 7C809919 kernel32.GetCurrentThread 00422290 7C809737 kernel32.GetCurrentThreadId 00422294 7C8647B7 kernel32.CreateToolhelp32Snapshot 00422298 7C863A8D kernel32.Process32First 0042229C 7C80220F kernel32.WriteProcessMemory 004222A0 7C81E079 kernel32.OpenProcess 004222A4 7C8021CC kernel32.ReadProcessMemory 004222A8 7C863C00 kernel32.Process32Next 004222AC 7C809B77 kernel32.CloseHandle 004222B0 7C859F0B kernel32.DebugActiveProcess 004222B4 7C85A268 kernel32.WaitForDebugEvent 004222B8 7C811069 kernel32.GetFileType 004222BC 7C85A34D kernel32.ContinueDebugEvent 004222C0 00ACADB5 004222C4 7711D1ED OLEAUT32.VariantTimeToSystemTime 004222C8 770F4B59 OLEAUT32.SysAllocStringLen 004222CC 770F4850 OLEAUT32.SysFreeString 004222D0 770F66D9 OLEAUT32.VariantChangeType 004222D4 770F4BC2 OLEAUT32.SysAllocString 004222D8 7711D295 OLEAUT32.VariantCopy 004222DC 770F4C55 OLEAUT32.SysAllocStringByteLen 004222E0 770F4C3B OLEAUT32.SysStringLen 004222E4 770F48C0 OLEAUT32.VariantClear 004222E8 00ACAD1C 004222EC 5E5C1FC7 004222F0 00ACADB5 004222F4 77D1B46E USER32.SetRect 004222F8 77D5BB21 USER32.GetNextDlgGroupItem 004222FC 77D402D3 USER32.MessageBeep 00422300 77D1B49D USER32.InvalidateRect 00422304 77D18D03 USER32.CharUpperA 00422308 77D1C64D USER32.InflateRect 0042230C 77D18E00 USER32.RegisterWindowMessageA 00422310 77D3EBB0 USER32.PostThreadMessageA 00422314 77D3152F USER32.SendDlgItemMessageA 00422318 77D1B9D7 USER32.MapWindowPoints 0042231C 77D18E50 USER32.GetSysColor 00422320 77D1E5DC USER32.SetFocus 00422324 77D220A2 USER32.AdjustWindowRectEx 00422328 77D1C5B8 USER32.ScreenToClient 0042232C 77D1C03D USER32.CopyRect 00422330 77D1D16F USER32.GetTopWindow 00422334 77D1BEF3 USER32.IsChild 00422338 77D194FF USER32.GetCapture 0042233C 77D350CF USER32.WinHelpA 00422340 77D1A2DE USER32.wsprintfA 00422344 77D34D4A USER32.GetClassInfoA 00422348 77D22316 USER32.RegisterClassA 0042234C 77D3EABE USER32.GetMenu 00422350 77D2375B USER32.GetMenuItemCount 00422354 77D2355A USER32.GetSubMenu 00422358 77D4EEE8 USER32.GetMenuItemID 0042235C 77D4EEAB USER32.GetWindowTextLengthA 00422360 77D3F82E USER32.GetWindowTextA 00422364 77D1C35C USER32.GetDlgCtrlID 00422368 77D1DF6B USER32.DefWindowProcA 0042236C 77D2190B USER32.CreateWindowExA 00422370 77D1E49A USER32.GetClassLongA 00422374 77D1EDFA USER32.SetPropA 00422378 77D3F29F USER32.UnhookWindowsHookEx 0042237C 77D56969 USER32.CopyAcceleratorTableA 00422380 77D1E34B USER32.CallWindowProcA 00422384 77D1EEA2 USER32.RemovePropA 00422388 77D1C531 USER32.PtInRect 0042238C 77D1C6E4 USER32.GetMessagePos 00422390 77D1C4AE USER32.GetForegroundWindow 00422394 77D266A7 USER32.SetForegroundWindow 00422398 77D1C298 USER32.GetWindow 0042239C 77D1DED3 USER32.SetWindowLongA 004223A0 77D1C78E USER32.SetWindowPos 004223A4 77D18E00 USER32.RegisterWindowMessageA 004223A8 77D1B4D9 USER32.OffsetRect 004223AC 77D1B3E7 USER32.IntersectRect 004223B0 77D20554 USER32.SystemParametersInfoA 004223B4 77D1EB14 USER32.GetWindowPlacement 004223B8 77D1B57C USER32.GetWindowRect 004223BC 77D26CC9 USER32.EndDialog 004223C0 77D25380 USER32.SetActiveWindow 004223C4 77D1B7DB USER32.IsWindow 004223C8 77D1E666 USER32.DestroyWindow 004223CC 77D252A4 USER32.GetDlgItem 004223D0 77D50019 USER32.GetMenuCheckMarkDimensions 004223D4 77D267A8 USER32.LoadBitmapA 004223D8 77D3749F USER32.GetMenuState 004223DC 77D4EF2B USER32.ModifyMenuA 004223E0 77D4F7D2 USER32.SetMenuItemBitmaps 004223E4 77D2711B USER32.CheckMenuItem 004223E8 77D1FC3C USER32.EnableMenuItem 004223EC 77D1C640 USER32.GetFocus 004223F0 77D363D3 USER32.GetNextDlgTabItem 004223F4 77D3EA45 USER32.GetMessageA 004223F8 77D18BCE USER32.TranslateMessage 004223FC 77D1BCBD USER32.DispatchMessageA 00422400 77D1DF1E USER32.GetActiveWindow 00422404 77D1C379 USER32.GetKeyState 00422408 77D1ED6E USER32.CallNextHookEx 0042240C 77D3EC29 USER32.ValidateRect 00422410 77D1BD8E USER32.IsWindowVisible 00422414 77D1CEFD USER32.PeekMessageA 00422418 77D1C566 USER32.GetCursorPos 0042241C 77D221AE USER32.LoadIconA 00422420 77D18C06 USER32.SetTimer 00422424 77D1E2AE USER32.SendMessageA 00422428 77D3E438 USER32.UnregisterClassA 0042242C 77D1CB4B USER32.HideCaret 00422430 77D1CB5F USER32.ShowCaret 00422434 77D1CE27 USER32.ExcludeUpdateRgn 00422438 77D1F623 USER32.DrawFocusRect 0042243C 77D402B2 USER32.SetWindowsHookExA 00422440 77D1B5D7 USER32.GetParent 00422444 77D34E3E USER32.GetLastActivePopup 00422448 77D1C592 USER32.IsWindowEnabled 0042244C 77D1947C USER32.GetWindowLongA 00422450 77D5050B USER32.MessageBoxA 00422454 77D1C6A8 USER32.SetCursor 00422458 77D3EDEB USER32.PostQuitMessage 0042245C 77D1DB62 USER32.PostMessageA 00422460 77D1C4D4 USER32.EnableWindow 00422464 77D18C1A USER32.KillTimer 00422468 77D1C48A USER32.IsIconic 0042246C 77D1E3A1 USER32.DestroyMenu 00422470 77D3EC98 USER32.LoadStringA 00422474 77D18E83 USER32.GetSysColorBrush 00422478 77D1EE3C USER32.GetPropA 0042247C 77D18F75 USER32.GetSystemMetrics 00422480 77D1B556 USER32.GetClientRect 00422484 77D2759D USER32.DefDlgProcA 00422488 77D1C416 USER32.IsWindowUnicode 0042248C 77D301EF USER32.DrawIcon 00422490 77D1E032 USER32.GetClassNameA 00422494 77D1D7BB USER32.GetDesktopWindow 00422498 77D1E8FA USER32.LoadCursorA 0042249C 77D557DD USER32.GrayStringA 004224A0 77D35D61 USER32.DrawTextA 004224A4 77D5A1DD USER32.TabbedTextOutA 004224A8 77D1B4C5 USER32.EndPaint 004224AC 77D1B4B1 USER32.BeginPaint 004224B0 77D18FF9 USER32.GetWindowDC 004224B4 77D1866D USER32.ReleaseDC 004224B8 77D18697 USER32.GetDC 004224BC 77D1BF2C USER32.ClientToScreen 004224C0 77D1A041 USER32.wvsprintfA 004224C4 77D3EC40 USER32.CharNextA 004224C8 77D1D4DE USER32.ShowWindow 004224CC 77D1D515 USER32.MoveWindow 004224D0 77D1DC5A USER32.SetWindowTextA 004224D4 77D35C98 USER32.IsDialogMessageA 004224D8 77D2FD41 USER32.CreateDialogIndirectParamA 004224DC 77D1C064 USER32.UpdateWindow 004224E0 77D1C210 USER32.GetMessageTime 004224E4 77D3563B USER32.SetWindowContextHelpId 004224E8 77D5BA46 USER32.MapDialogRect 004224EC 00ACADAB 004224F0 72F75390 WINSPOOL.ClosePrinter 004224F4 72F86673 WINSPOOL.DocumentPropertiesA 004224F8 72F83767 WINSPOOL.OpenPrinterA 004224FC 00ACAD6A 00422500 76322533 comdlg32.GetFileTitleA 00422504 00ACAD6A 00422508 769DD1E0 ole32.CoFreeUnusedLibraries 0042250C 769D949B ole32.OleInitialize 00422510 769A2068 ole32.CoTaskMemAlloc 00422514 769A204C ole32.CoTaskMemFree 00422518 769CEA61 ole32.CreateILockBytesOnHGlobal 0042251C 769CEB91 ole32.StgCreateDocfileOnILockBytes 00422520 76A8B375 ole32.StgOpenStorageOnILockBytes 00422524 769EF356 ole32.CoGetClassObject 00422528 76A048A4 ole32.CLSIDFromString 0042252C 769F29DD ole32.CLSIDFromProgID 00422530 76A02DA0 ole32.CoRegisterMessageFilter 00422534 769D431A ole32.CoRevokeClassObject 00422538 76A2A529 ole32.OleFlushClipboard 0042253C 76A2A379 ole32.OleIsCurrentClipboard 00422540 769D9539 ole32.OleUninitialize 00422544 00ACACAC 00422548 74C9F0F3 oledlg.OleUIBusyA 0042254C 00ACACCF 函数输入表开始[eax]=004220BC 结束0042254C Size＝490 Right？呵呵，如有错误，还请指出：） 2005-12-13 18:13 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 77 楼只是说在[EAX]可以看到输入表函数开始地址，而不是说你当时中断时[EAX]中就是开始地址开始地址＝00422000 结束地址＝0042254C 2005-12-13 18:37 0
inraining 雪币： 234 活跃值： (10) 能力值： ( LV6，RANK：90 ) 在线值：发帖 15 回帖 411 粉丝 0 关注私信	inraining 2 78 楼谢谢Fly,呵呵,我刚也是按照54C开始算了,不过修复过的文件无法运行(运行无反应),检测是VC,还在找原因中. 2005-12-13 19:30 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 79 楼载入脱壳后程序调试看看是有CC还是校验 2005-12-14 23:09 0
wopasi 雪币： 184 活跃值： (47) 能力值： ( LV4，RANK：50 ) 在线值：发帖 40 回帖 229 粉丝 0 关注私信	wopasi 1 80 楼新人,学习中!!!另外给大家个玩物是lockfile易语言的程序挺好玩的 2006-9-2 15:41 0
冰到极点雪币： 156 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 4 回帖 74 粉丝 0 关注私信	冰到极点 81 楼我的Armadillo带KEY壳，在替换指纹以后被告之该KEY已经无效！改一下系统时间，不行，报错。一堆乱七八槽的E文！谁能帮帮我，怎么样才能不过期。 QQ：57869050 2006-9-24 17:25 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 82 楼 Trial-Reset 清除Armadillo试用信息调整本机时间为有效试用期之内替换可用key对应的硬件ID后再脱壳 Fixing.Armadillo.3.xx-4.xx.Hardware.FingerPrint.By.newbie_cracker http://www.unpack.cn/viewthread.php?tid=7124 2006-9-24 17:47 0
Kisco 雪币： 203 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 7 回帖 43 粉丝 0 关注私信	Kisco 83 楼学脱 ARM 的壳有一段时间了, 一般加壳的已能轻松搞掂,,最后剩下 CopyMemII 的怎么也搞不了,我跟着fly 和其它动画教程已经试了20多次了,, 就是无法修复,,我狂晕 !!!!!!!! 主要问题应该是 IAT 无法修复 : 还有: 再看一下我的ImportREC: 大家应该可以看到,,我的 ImportREC 在 1d7304 的 iat 找到的是 GetModuleHandleA ,, 但却无法修复,,大家看图 1 和 2 就看到了, 除了 1d7304 的以外还有很多, ImportRec 都找到的,但却无法修复试了N次了,都是这样,,,我都快郁闷死了,,有人可以救下我吗 !!! 555555 2006-10-3 09:50 0
luzhmu 雪币： 86 活跃值： (1158) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 650 粉丝 7 关注私信	luzhmu 84 楼 IAT 乱序？ 2006-10-3 10:47 0
fly 雪币： 898 活跃值： (4039) 能力值： ( LV9，RANK：3410 ) 在线值：发帖 294 回帖 7686 粉丝 32 关注私信	fly 85 85 楼 1、你按照教程避开输入表加密了？ 2、合并你的问题至相关主题下 2006-10-3 12:30 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

inraining

雪币： 234

活跃值： (10)

能力值：

( LV6，RANK：90 )

在线值：

发帖

15

回帖

411

粉丝

0

关注

私信

inraining 2: 76 楼

谢谢Fly，了解。
00AE70FC 50             push eax
00AE70FD FF15 4801AF00 call dword ptr ds:[AF0148]                ; kernel32.VirtualProtect
00AE7103  ^ E9 E3F7FFFF    jmp 00AE68EB
//循环
00AE7108 8B85 E4C6FFFF mov eax,dword ptr ss:[ebp-391C]
//下断在此。
00AE710E 8985 C4AFFFFF mov dword ptr ss:[ebp+FFFFAFC4],eax

00422000  77DA6BF0  ADVAPI32.RegCloseKey
00422004  77DAEBE7  ADVAPI32.RegSetValueExA
00422008  77DA761B  ADVAPI32.RegOpenKeyExA
0042200C  77DAEAF4  ADVAPI32.RegCreateKeyExA
00422010  00ACACCF
00422014  5C8415DD  COMCTL32.InitCommonControls
00422018  00ACAD98
0042201C  77EF5D0B  GDI32.SetBkMode
00422020  77EFA8F7  GDI32.SetMapMode
00422024  77EF7988  GDI32.SetViewportOrgEx
00422028  77F0F27C  GDI32.OffsetViewportOrgEx
0042202C  77F0E45F  GDI32.SetViewportExtEx
00422030  77F1C352  GDI32.ScaleViewportExtEx
00422034  77F0E3B6  GDI32.SetWindowExtEx
00422038  77F1C433  GDI32.ScaleWindowExtEx
0042203C  77EF6899  GDI32.IntersectClipRect
00422040  77EF6A3B  GDI32.DeleteObject
00422044  77EF59A0  GDI32.SelectObject
00422048  77EF7B2D  GDI32.GetViewportExtEx
0042204C  77EF7AB5  GDI32.GetWindowExtEx
00422050  77EF5FD5  GDI32.CreateSolidBrush
00422054  77F24F47  GDI32.PtVisible
00422058  77EF8070  GDI32.RectVisible
0042205C  77EFC449  GDI32.TextOutA
00422060  77EF9012  GDI32.ExtTextOutA
00422064  77F07FBB  GDI32.Escape
00422068  77EFBFE7  GDI32.DPtoLP
0042206C  77EF8195  GDI32.LPtoDP
00422070  77EFAB59  GDI32.GetMapMode
00422074  77EF86B0  GDI32.PatBlt
00422078  77EF97BE  GDI32.RestoreDC
0042207C  77EF9884  GDI32.SaveDC
00422080  77EF6CA6  GDI32.DeleteDC
00422084  77EF5FF1  GDI32.GetStockObject
00422088  77EF58A2  GDI32.GetDeviceCaps
0042208C  77EF84D4  GDI32.GetBkColor
00422090  77EF8528  GDI32.GetTextColor
00422094  77EF9A82  GDI32.GetObjectA
00422098  77EF5C59  GDI32.SetBkColor
0042209C  77EF5BA7  GDI32.SetTextColor
004220A0  77EF68E4  GDI32.GetClipBox
004220A4  77EFB52C  GDI32.CreateDIBitmap
004220A8  77EFC333  GDI32.GetTextExtentPointA
004220AC  77EF6DC0  GDI32.BitBlt
004220B0  77EF5E10  GDI32.CreateCompatibleDC
004220B4  77EF601F  GDI32.CreateBitmap
004220B8  00ACACAC
004220BC  7C825F62  kernel32.FormatMessageA
004220C0  7C957A40  ntdll.RtlUnwind
004220C4  7C801EEE  kernel32.GetStartupInfoA
004220C8  7C812C8D  kernel32.GetCommandLineA
004220CC  7C81CAA2  kernel32.ExitProcess
004220D0  7C801E16  kernel32.TerminateProcess
004220D4  7C93043D  ntdll.RtlFreeHeap
004220D8  7C81082F  kernel32.CreateThread
004220DC  7C80CCA9  kernel32.ExitThread
004220E0  7C9305D4  ntdll.RtlAllocateHeap
004220E4  7C81EAE1  kernel32.RaiseException
004220E8  7C9379FD  ntdll.RtlReAllocateHeap
004220EC  7C9309ED  ntdll.RtlSizeHeap
004220F0  7C809943  kernel32.GetACP
004220F4  7C8394AE  kernel32.GetTimeZoneInformation
004220F8  7C862B8A  kernel32.UnhandledExceptionFilter
004220FC  7C81DC3F  kernel32.FreeEnvironmentStringsA
00422100  7C81485F  kernel32.FreeEnvironmentStringsW
00422104  7C81CC23  kernel32.GetEnvironmentStringsA
00422108  7C812C78  kernel32.GetEnvironmentStringsW
0042210C  7C80C6CF  kernel32.SetHandleCount
00422110  7C812CA9  kernel32.GetStdHandle
00422114  7C811110  kernel32.HeapDestroy
00422118  7C812929  kernel32.HeapCreate
0042211C  7C809B14  kernel32.VirtualFree
00422120  7C809A81  kernel32.VirtualAlloc
00422124  7C809F29  kernel32.IsBadWritePtr
00422128  7C810386  kernel32.SetUnhandledExceptionFilter
0042212C  7C838CB9  kernel32.GetStringTypeA
00422130  7C80A480  kernel32.GetStringTypeW
00422134  7C832E2B  kernel32.LCMapStringA
00422138  7C80CEC4  kernel32.LCMapStringW
0042213C  7C809EB3  kernel32.IsBadReadPtr
00422140  7C80BB57  kernel32.IsBadCodePtr
00422144  7C81D8CB  kernel32.SetStdHandle
00422148  7C80D293  kernel32.CompareStringA
0042214C  7C80A34E  kernel32.CompareStringW
00422150  7C8226A9  kernel32.SetEnvironmentVariableA
00422154  7C81F8E2  kernel32.GetFileTime
00422158  7C822D47  kernel32.GetProfileStringA
0042215C  7C810C8F  kernel32.GetFileSize
00422160  7C81174C  kernel32.GetFileAttributesA
00422164  7C8092AC  kernel32.GetTickCount
00422168  7C80EA66  kernel32.FileTimeToLocalFileTime
0042216C  7C80E9EC  kernel32.FileTimeToSystemTime
00422170  7C81367C  kernel32.GetFullPathNameA
00422174  7C827052  kernel32.GetVolumeInformationA
00422178  7C813559  kernel32.FindFirstFileA
0042217C  7C80EFD7  kernel32.FindClose
00422180  7C81F850  kernel32.SetEndOfFile
00422184  7C81FDDD  kernel32.UnlockFile
00422188  7C81FE92  kernel32.LockFile
0042218C  7C80CD58  kernel32.FlushFileBuffers
00422190  7C810DA6  kernel32.SetFilePointer
00422194  7C810F9F  kernel32.WriteFile
00422198  7C80180E  kernel32.ReadFile
0042219C  7C801A24  kernel32.CreateFileA
004221A0  7C80E00D  kernel32.GetCurrentProcess
004221A4  7C80E016  kernel32.DuplicateHandle
004221A8  7C80AA97  kernel32.SetErrorMode
004221AC  7C81E82A  kernel32.GetOEMCP
004221B0  7C812BE6  kernel32.GetCPInfo
004221B4  7C80BAF1  kernel32.SizeofResource
004221B8  7C812996  ASCII "jPh"
004221BC  7C930331  ntdll.RtlGetLastWin32Error
004221C0  7C822BB7  kernel32.WritePrivateProfileStringA
004221C4  7C8278F0  kernel32.GlobalFlags
004221C8  7C810311  kernel32.lstrcpynA
004221CC  7C809750  kernel32.TlsGetValue
004221D0  7C81E2B1  kernel32.LocalReAlloc
004221D4  7C809BF5  kernel32.TlsSetValue
004221D8  7C921005  ntdll.RtlEnterCriticalSection
004221DC  7C8125C9  kernel32.GlobalReAlloc
004221E0  7C9210ED  ntdll.RtlLeaveCriticalSection
004221E4  7C813453  kernel32.TlsFree
004221E8  7C838F36  kernel32.GlobalHandle
004221EC  7C93188A  ntdll.RtlDeleteCriticalSection
004221F0  7C812B0F  kernel32.TlsAlloc
004221F4  7C809FA1  kernel32.InitializeCriticalSection
004221F8  7C80995D  kernel32.LocalFree
004221FC  7C8099BD  kernel32.LocalAlloc
00422200  7C80A0C7  kernel32.WideCharToMultiByte
00422204  7C8097F4  kernel32.MulDiv
00422208  7C930340  ntdll.RtlSetLastWin32Error
0042220C  7C80977B  kernel32.InterlockedIncrement
00422210  7C80C6E0  kernel32.lstrlenA
00422214  7C809CAD  kernel32.MultiByteToWideChar
00422218  7C80A405  kernel32.GetThreadLocale
0042221C  7C809794  kernel32.InterlockedDecrement
00422220  7C801D77  kernel32.LoadLibraryA
00422224  7C80AA66  kernel32.FreeLibrary
00422228  7C8114AB  kernel32.GetVersion
0042222C  7C838FB9  kernel32.lstrcatA
00422230  7C85B073  kernel32.GlobalGetAtomNameA
00422234  7C823039  kernel32.GlobalAddAtomA
00422238  7C823094  kernel32.GlobalFindAtomA
0042223C  7C80C729  kernel32.lstrcpyA
00422240  7C80B529  kernel32.GetModuleHandleA
00422244  7C80AC28  kernel32.GetProcAddress
00422248  7C810082  kernel32.GlobalUnlock
0042224C  7C80FE2F  kernel32.GlobalFree
00422250  7C80C6CF  kernel32.SetHandleCount
00422254  7C80C7B1  kernel32.FindResourceA
00422258  7C80A065  kernel32.LoadResource
0042225C  7C81E4BD  kernel32.CreateEventA
00422260  7C838F10  kernel32.SuspendThread
00422264  7C80CC67  kernel32.SetThreadPriority
00422268  7C81E92A  kernel32.ResumeThread
0042226C  7C809C28  kernel32.SetEvent
00422270  7C802530  kernel32.WaitForSingleObject
00422274  7C80B357  kernel32.GetModuleFileNameA
00422278  7C810119  kernel32.GlobalLock
0042227C  7C80FF2D  kernel32.GlobalAlloc
00422280  7C81E19A  kernel32.GlobalDeleteAtom
00422284  7C81EE79  kernel32.lstrcmpA
00422288  7C80B929  kernel32.lstrcmpiA
0042228C  7C809919  kernel32.GetCurrentThread
00422290  7C809737  kernel32.GetCurrentThreadId
00422294  7C8647B7  kernel32.CreateToolhelp32Snapshot
00422298  7C863A8D  kernel32.Process32First
0042229C  7C80220F  kernel32.WriteProcessMemory
004222A0  7C81E079  kernel32.OpenProcess
004222A4  7C8021CC  kernel32.ReadProcessMemory
004222A8  7C863C00  kernel32.Process32Next
004222AC  7C809B77  kernel32.CloseHandle
004222B0  7C859F0B  kernel32.DebugActiveProcess
004222B4  7C85A268  kernel32.WaitForDebugEvent
004222B8  7C811069  kernel32.GetFileType
004222BC  7C85A34D  kernel32.ContinueDebugEvent
004222C0  00ACADB5
004222C4  7711D1ED  OLEAUT32.VariantTimeToSystemTime
004222C8  770F4B59  OLEAUT32.SysAllocStringLen
004222CC  770F4850  OLEAUT32.SysFreeString
004222D0  770F66D9  OLEAUT32.VariantChangeType
004222D4  770F4BC2  OLEAUT32.SysAllocString
004222D8  7711D295  OLEAUT32.VariantCopy
004222DC  770F4C55  OLEAUT32.SysAllocStringByteLen
004222E0  770F4C3B  OLEAUT32.SysStringLen
004222E4  770F48C0  OLEAUT32.VariantClear
004222E8  00ACAD1C
004222EC  5E5C1FC7
004222F0  00ACADB5
004222F4  77D1B46E  USER32.SetRect
004222F8  77D5BB21  USER32.GetNextDlgGroupItem
004222FC  77D402D3  USER32.MessageBeep
00422300  77D1B49D  USER32.InvalidateRect
00422304  77D18D03  USER32.CharUpperA
00422308  77D1C64D  USER32.InflateRect
0042230C  77D18E00  USER32.RegisterWindowMessageA
00422310  77D3EBB0  USER32.PostThreadMessageA
00422314  77D3152F  USER32.SendDlgItemMessageA
00422318  77D1B9D7  USER32.MapWindowPoints
0042231C  77D18E50  USER32.GetSysColor
00422320  77D1E5DC  USER32.SetFocus
00422324  77D220A2  USER32.AdjustWindowRectEx
00422328  77D1C5B8  USER32.ScreenToClient
0042232C  77D1C03D  USER32.CopyRect
00422330  77D1D16F  USER32.GetTopWindow
00422334  77D1BEF3  USER32.IsChild
00422338  77D194FF  USER32.GetCapture
0042233C  77D350CF  USER32.WinHelpA
00422340  77D1A2DE  USER32.wsprintfA
00422344  77D34D4A  USER32.GetClassInfoA
00422348  77D22316  USER32.RegisterClassA
0042234C  77D3EABE  USER32.GetMenu
00422350  77D2375B  USER32.GetMenuItemCount
00422354  77D2355A  USER32.GetSubMenu
00422358  77D4EEE8  USER32.GetMenuItemID
0042235C  77D4EEAB  USER32.GetWindowTextLengthA
00422360  77D3F82E  USER32.GetWindowTextA
00422364  77D1C35C  USER32.GetDlgCtrlID
00422368  77D1DF6B  USER32.DefWindowProcA
0042236C  77D2190B  USER32.CreateWindowExA
00422370  77D1E49A  USER32.GetClassLongA
00422374  77D1EDFA  USER32.SetPropA
00422378  77D3F29F  USER32.UnhookWindowsHookEx
0042237C  77D56969  USER32.CopyAcceleratorTableA
00422380  77D1E34B  USER32.CallWindowProcA
00422384  77D1EEA2  USER32.RemovePropA
00422388  77D1C531  USER32.PtInRect
0042238C  77D1C6E4  USER32.GetMessagePos
00422390  77D1C4AE  USER32.GetForegroundWindow
00422394  77D266A7  USER32.SetForegroundWindow
00422398  77D1C298  USER32.GetWindow
0042239C  77D1DED3  USER32.SetWindowLongA
004223A0  77D1C78E  USER32.SetWindowPos
004223A4  77D18E00  USER32.RegisterWindowMessageA
004223A8  77D1B4D9  USER32.OffsetRect
004223AC  77D1B3E7  USER32.IntersectRect
004223B0  77D20554  USER32.SystemParametersInfoA
004223B4  77D1EB14  USER32.GetWindowPlacement
004223B8  77D1B57C  USER32.GetWindowRect
004223BC  77D26CC9  USER32.EndDialog
004223C0  77D25380  USER32.SetActiveWindow
004223C4  77D1B7DB  USER32.IsWindow
004223C8  77D1E666  USER32.DestroyWindow
004223CC  77D252A4  USER32.GetDlgItem
004223D0  77D50019  USER32.GetMenuCheckMarkDimensions
004223D4  77D267A8  USER32.LoadBitmapA
004223D8  77D3749F  USER32.GetMenuState
004223DC  77D4EF2B  USER32.ModifyMenuA
004223E0  77D4F7D2  USER32.SetMenuItemBitmaps
004223E4  77D2711B  USER32.CheckMenuItem
004223E8  77D1FC3C  USER32.EnableMenuItem
004223EC  77D1C640  USER32.GetFocus
004223F0  77D363D3  USER32.GetNextDlgTabItem
004223F4  77D3EA45  USER32.GetMessageA
004223F8  77D18BCE  USER32.TranslateMessage
004223FC  77D1BCBD  USER32.DispatchMessageA
00422400  77D1DF1E  USER32.GetActiveWindow
00422404  77D1C379  USER32.GetKeyState
00422408  77D1ED6E  USER32.CallNextHookEx
0042240C  77D3EC29  USER32.ValidateRect
00422410  77D1BD8E  USER32.IsWindowVisible
00422414  77D1CEFD  USER32.PeekMessageA
00422418  77D1C566  USER32.GetCursorPos
0042241C  77D221AE  USER32.LoadIconA
00422420  77D18C06  USER32.SetTimer
00422424  77D1E2AE  USER32.SendMessageA
00422428  77D3E438  USER32.UnregisterClassA
0042242C  77D1CB4B  USER32.HideCaret
00422430  77D1CB5F  USER32.ShowCaret
00422434  77D1CE27  USER32.ExcludeUpdateRgn
00422438  77D1F623  USER32.DrawFocusRect
0042243C  77D402B2  USER32.SetWindowsHookExA
00422440  77D1B5D7  USER32.GetParent
00422444  77D34E3E  USER32.GetLastActivePopup
00422448  77D1C592  USER32.IsWindowEnabled
0042244C  77D1947C  USER32.GetWindowLongA
00422450  77D5050B  USER32.MessageBoxA
00422454  77D1C6A8  USER32.SetCursor
00422458  77D3EDEB  USER32.PostQuitMessage
0042245C  77D1DB62  USER32.PostMessageA
00422460  77D1C4D4  USER32.EnableWindow
00422464  77D18C1A  USER32.KillTimer
00422468  77D1C48A  USER32.IsIconic
0042246C  77D1E3A1  USER32.DestroyMenu
00422470  77D3EC98  USER32.LoadStringA
00422474  77D18E83  USER32.GetSysColorBrush
00422478  77D1EE3C  USER32.GetPropA
0042247C  77D18F75  USER32.GetSystemMetrics
00422480  77D1B556  USER32.GetClientRect
00422484  77D2759D  USER32.DefDlgProcA
00422488  77D1C416  USER32.IsWindowUnicode
0042248C  77D301EF  USER32.DrawIcon
00422490  77D1E032  USER32.GetClassNameA
00422494  77D1D7BB  USER32.GetDesktopWindow
00422498  77D1E8FA  USER32.LoadCursorA
0042249C  77D557DD  USER32.GrayStringA
004224A0  77D35D61  USER32.DrawTextA
004224A4  77D5A1DD  USER32.TabbedTextOutA
004224A8  77D1B4C5  USER32.EndPaint
004224AC  77D1B4B1  USER32.BeginPaint
004224B0  77D18FF9  USER32.GetWindowDC
004224B4  77D1866D  USER32.ReleaseDC
004224B8  77D18697  USER32.GetDC
004224BC  77D1BF2C  USER32.ClientToScreen
004224C0  77D1A041  USER32.wvsprintfA
004224C4  77D3EC40  USER32.CharNextA
004224C8  77D1D4DE  USER32.ShowWindow
004224CC  77D1D515  USER32.MoveWindow
004224D0  77D1DC5A  USER32.SetWindowTextA
004224D4  77D35C98  USER32.IsDialogMessageA
004224D8  77D2FD41  USER32.CreateDialogIndirectParamA
004224DC  77D1C064  USER32.UpdateWindow
004224E0  77D1C210  USER32.GetMessageTime
004224E4  77D3563B  USER32.SetWindowContextHelpId
004224E8  77D5BA46  USER32.MapDialogRect
004224EC  00ACADAB
004224F0  72F75390  WINSPOOL.ClosePrinter
004224F4  72F86673  WINSPOOL.DocumentPropertiesA
004224F8  72F83767  WINSPOOL.OpenPrinterA
004224FC  00ACAD6A
00422500  76322533  comdlg32.GetFileTitleA
00422504  00ACAD6A
00422508  769DD1E0  ole32.CoFreeUnusedLibraries
0042250C  769D949B  ole32.OleInitialize
00422510  769A2068  ole32.CoTaskMemAlloc
00422514  769A204C  ole32.CoTaskMemFree
00422518  769CEA61  ole32.CreateILockBytesOnHGlobal
0042251C  769CEB91  ole32.StgCreateDocfileOnILockBytes
00422520  76A8B375  ole32.StgOpenStorageOnILockBytes
00422524  769EF356  ole32.CoGetClassObject
00422528  76A048A4  ole32.CLSIDFromString
0042252C  769F29DD  ole32.CLSIDFromProgID
00422530  76A02DA0  ole32.CoRegisterMessageFilter
00422534  769D431A  ole32.CoRevokeClassObject
00422538  76A2A529  ole32.OleFlushClipboard
0042253C  76A2A379  ole32.OleIsCurrentClipboard
00422540  769D9539  ole32.OleUninitialize
00422544  00ACACAC
00422548  74C9F0F3  oledlg.OleUIBusyA
0042254C  00ACACCF

函数输入表开始[eax]=004220BC
结束0042254C
Size＝490
Right？呵呵，如有错误，还请指出：）

2005-12-13 18:13

0

fly

雪币： 898

活跃值： (4039)

能力值：

( LV9，RANK：3410 )

在线值：

发帖

294

回帖

7686

粉丝

32

关注

私信

fly 85: 77 楼

只是说在[EAX]可以看到输入表函数开始地址，而不是说你当时中断时[EAX]中就是开始地址

开始地址＝00422000
结束地址＝0042254C

2005-12-13 18:37

0

inraining

雪币： 234

活跃值： (10)

能力值：

( LV6，RANK：90 )

在线值：

发帖

15

回帖

411

粉丝

0

关注

私信

inraining 2: 78 楼

谢谢Fly,呵呵,我刚也是按照54C开始算了,不过修复过的文件无法运行(运行无反应),检测是VC,还在找原因中.

2005-12-13 19:30

0

fly

雪币： 898

活跃值： (4039)

能力值：

( LV9，RANK：3410 )

在线值：

发帖

294

回帖

7686

粉丝

32

关注

私信

fly 85: 79 楼

载入脱壳后程序调试
看看是有CC还是校验

2005-12-14 23:09

0

wopasi

雪币： 184

活跃值： (47)

能力值：

( LV4，RANK：50 )

在线值：

发帖

40

回帖

229

粉丝

0

关注

私信

wopasi 1: 80 楼

新人,学习中!!!另外给大家个玩物是lockfile易语言的程序挺好玩的

2006-9-2 15:41

0

冰到极点

雪币： 156

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

4

回帖

74

粉丝

0

关注

私信

冰到极点: 81 楼

我的Armadillo带KEY壳，在替换指纹以后被告之该KEY已经无效！
改一下系统时间，不行，报错。一堆乱七八槽的E文！
谁能帮帮我，怎么样才能不过期。
QQ：57869050

2006-9-24 17:25

0

fly

雪币： 898

活跃值： (4039)

能力值：

( LV9，RANK：3410 )

在线值：

发帖

294

回帖

7686

粉丝

32

关注

私信

fly 85: 82 楼

Trial-Reset 清除Armadillo试用信息
调整本机时间为有效试用期之内

替换可用key对应的硬件ID后再脱壳

Fixing.Armadillo.3.xx-4.xx.Hardware.FingerPrint.By.newbie_cracker
http://www.unpack.cn/viewthread.php?tid=7124

2006-9-24 17:47

0

Kisco

雪币： 203

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

7

回帖

43

粉丝

0

关注

私信

Kisco: 83 楼

学脱 ARM 的壳有一段时间了, 一般加壳的已能轻松搞掂,,最后剩下

CopyMemII 的怎么也搞不了,我跟着fly 和其它动画教程已经试了20多次了,,

就是无法修复,,我狂晕 !!!!!!!!

主要问题应该是 IAT 无法修复 :

还有:

再看一下我的ImportREC:

大家应该可以看到,,我的 ImportREC 在 1d7304 的 iat 找到的是

GetModuleHandleA ,, 但却无法修复,,大家看图 1 和 2 就看到了,

除了 1d7304 的以外还有很多, ImportRec 都找到的,但却无法修复

试了N次了,都是这样,,,我都快郁闷死了,,有人可以救下我吗 !!! 555555

2006-10-3 09:50

0