在OD调试中出现注册窗口却自动跳过,菜鸟却步,请高手指点迷津!
其实我也不是一个菜鸟,只是一只菜蛋而已,欲破壳而出却找不到方向,下面就是我这只菜蛋的第一场破解战争,若只是简单的问题请不要见笑,请指点一二,若是一个能够提供给大家研究的题材,就请大家花时间在这里讨论一下吧,废话不多说了,下面是一些相关信息,这个是题材的下载网址,软件名称为电脑维修助手.
http://sq.onlinedown.net:82/down/DnwxzsSetup.exe
(本想上传一个,却权限不够)
1.找不到其相关的字符串,只有几个乱码,
",!@"
"CC:\WINDOWS\system32\pcwxzs\pcwxzs.exe"
"VB5!?vb6chs.dll"
"?8@"
"?P@"
"?P@"
2.所以不能正确找出它的断点.
3.在OD中运行后出现注册窗口时却没有停下来,直接运行到最后,最后出现什么浮点不正确.以下是相关的介面
:00402140 7000 jo 00402142
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00402140(C)
|
:00402142 0000 add byte ptr [eax], al
:00402144 2C214000 DWORD 0040212C
:00402148 3C214000 DWORD 0040213C
:0040214C 0000 add byte ptr [eax], al
:0040214E 0400 add al, 00
:00402150 D432 aam (base50)
:00402152 40 inc eax
:00402153 000000000000000000 BYTE 9 DUP(0)
:0040215C A1DC324000 mov eax, dword ptr [004032DC]
:00402161 0BC0 or eax, eax
:00402163 7402 je 00402167
:00402165 FFE0 jmp eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00402163(C)
|
* Possible StringData Ref from Code Obj ->",!@"
|
:00402167 6844214000 push 00402144
* Possible StringData Ref from Code Obj ->"?8@"
|
:0040216C B830114000 mov eax, 00401130
:00402171 FFD0 call eax
:00402173 FFE0 jmp eax
:00402175 000000 BYTE 3 DUP(0)
:00402178 0C00 or al, 00
:0040217A 40 inc eax
:0040217B 000000000000000000 BYTE 9 DUP(0)
:00402184 4A dec edx
:00402185 000000 BYTE 3 DUP(0)
:00402188 43 inc ebx
:00402189 003A add byte ptr [edx], bh
:0040218B 005C0057 add byte ptr [eax+eax+57], bl
:0040218F 004900 add byte ptr [ecx+00], cl
:00402192 4E dec esi
:00402193 0044004F add byte ptr [eax+eax+4F], al
:00402197 005700 add byte ptr [edi+00], dl
:0040219A 53 push ebx
:0040219B 005C0073 add byte ptr [eax+eax+73], bl
:0040219F 007900 add byte ptr [ecx+00], bh
:004021A2 7300 jnb 004021A4
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021A2(C)
|
:004021A4 7400 je 004021A6
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021A4(C)
|
:004021A6 65006D00 add byte ptr gs:[ebp+00], ch
:004021AA 3300 xor eax, dword ptr [eax]
:004021AC 3200 xor al, byte ptr [eax]
:004021AE 5C pop esp
:004021AF 007000 add byte ptr [eax+00], dh
:004021B2 6300 arpl dword ptr [eax], eax
:004021B4 7700 ja 004021B6
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021B4(C)
|
:004021B6 7800 js 004021B8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021B6(C)
|
:004021B8 7A00 jpe 004021BA
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021B8(C)
|
:004021BA 7300 jnb 004021BC
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021BA(C)
|
:004021BC 5C pop esp
:004021BD 007000 add byte ptr [eax+00], dh
:004021C0 6300 arpl dword ptr [eax], eax
:004021C2 7700 ja 004021C4
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021C2(C)
|
:004021C4 7800 js 004021C6
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021C4(C)
|
:004021C6 7A00 jpe 004021C8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021C6(C)
|
:004021C8 7300 jnb 004021CA
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021C8(C)
|
:004021CA 2E006500 add byte ptr cs:[ebp+00], ah
:004021CE 7800 js 004021D0
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004021CE(C)
|
:004021D0 65 BYTE 065h
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课