学了这么久的破解,一事无成。今天破解一个觉得简单的VB软件却找不到头绪所以求高手指点迷津。
看过一些资料,讲VB开发的软件。运行需要msvbvm60.dll动态链接库支持,属于解释性语句。所以序列号比较也在些链接库中完成。所以我们的断点要设在msvbvm60.dll中。进行验证拦截。_vbaStrComp或_vbaStrCmp就能找出注册码了。
可我要破解的这个软件,却对上面的说法被拒绝。请高手指点一下。谢谢
软件在我的网盘上http://longhorn.ys168.com可以下载
73464805 /74 0A je short 73464811
73464807 |50 push eax
73464808 |FF15 F0194473 call dword ptr [<&OLEAUT32.#6>] ; OLEAUT32.SysFreeString
7346480E |8326 00 and dword ptr [esi], 0
73464811 \5E pop esi
73464812 C3 retn
73464813 > FF7424 08 push dword ptr [esp+8] 下断点
73464817 FF7424 08 push dword ptr [esp+8]
7346481B 6A 00 push 0
7346481D E8 03000000 call __vbaStrComp
73464822 C2 0800 retn 8
73464825 > 837C24 04 02 cmp dword ptr [esp+4], 2 下断点
7346482A 0F84 DB2C0200 je 7348750B
73464830 68 01000300 push 30001
73464835 FF7424 08 push dword ptr [esp+8]
73464839 FF7424 10 push dword ptr [esp+10]
7346483D FF7424 18 push dword ptr [esp+18]
73464841 FF15 840E5573 call dword ptr [73550E84] ; OLEAUT32.VarBstrCmp
73464847 85C0 test eax, eax
73464849 0F8C C32C0200 jl 73487512
7346484F 48 dec eax
73464850 C2 0C00 retn 0C
73464853 > 8B4424 08 mov eax, dword ptr [esp+8]
73464857 03C0 add eax, eax
73464859 50 push eax
7346485A FF7424 08 push dword ptr [esp+8]
7346485E E8 03000000 call rtcLeftBstr
73464863 C2 0800 retn 8
73464866 > 56 push esi
73464867 8B7424 0C mov esi, dword ptr [esp+C]
7346486B 85F6 test esi, esi
7346486D 0F8C 0F2A0200 jl 73487282
73464873 81FE FFFFFF7F cmp esi, 7FFFFFFF
73464879 0F8F 032A0200 jg 73487282
7346487F 8B4424 08 mov eax, dword ptr [esp+8]
73464883 8BCE mov ecx, esi
73464885 85C0 test eax, eax
73464887 0F84 FC290200 je 73487289
7346488D 8B50 FC mov edx, dword ptr [eax-4]
73464890 3BF2 cmp esi, edx
73464892 0F87 F8290200 ja 73487290
73464898 51 push ecx
73464899 50 push eax
7346489A FF15 FC194473 call dword ptr [<&OLEAUT32.#150>] ; OLEAUT32.SysAllocStringByteLen
734648A0 8BF0 mov esi, eax
734648A2 85F6 test esi, esi
734648A4 0F84 F9290200 je 734872A3
734648AA 8BC6 mov eax, esi
734648AC 5E pop esi
734648AD C2 0800 retn 8
734648B0 > 53 push ebx
734648B1 56 push esi
734648B2 8B7424 10 mov esi, dword ptr [esp+10]
734648B6 57 push edi
734648B7 8D7C24 18 lea edi, dword ptr [esp+18]
734648BB 33DB xor ebx, ebx
734648BD 8B06 mov eax, dword ptr [esi]
734648BF 85C0 test eax, eax
734648C1 74 0A je short 734648CD
734648C3 50 push eax
734648C4 FF15 F0194473 call dword ptr [<&OLEAUT32.#6>] ; OLEAUT32.SysFreeString
734648CA 8326 00 and dword ptr [esi], 0
734648CD 43 inc ebx
734648CE 3B5C24 10 cmp ebx, dword ptr [esp+10]
734648D2 73 07 jnb short 734648DB
734648D4 8B37 mov esi, dword ptr [edi]
734648D6 83C7 04 add edi, 4
734648D9 ^ EB E2 jmp short 734648BD
734648DB 5F pop edi
734648DC 5E pop esi
734648DD 5B pop ebx
734648DE C3 retn
按通常破解VB的文章在73464813和73464825处下断点。没有一点用处。请你解答如何破解此软件?
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)