能力值:
( LV2,RANK:10 )
|
-
-
26 楼
很抱歉把这个帖子顶起来,今天碰到个朋友问ASPR 2的壳怎么脱,好久没碰一时间竟然忘记了,看了此帖子,受益不少,呵呵,非常感谢。
PS.FLY很感性啊 ,很像10年后的我。
|
能力值:
( LV2,RANK:10 )
|
-
-
27 楼
学习ing
|
能力值:
( LV2,RANK:10 )
|
-
-
28 楼
Hey fly, you will unpack or crack the version 1.02? The update is avaible to download at EBs web:
http://www.enterbrain.co.jp/tkool/rpgxp_update.html
Please contact me if you need more info or help.
|
能力值:
( LV2,RANK:10 )
|
-
-
29 楼
最初由 Desert 发布
Hey fly, you will unpack or crack the version 1.02? The update is avaible to download at EBs web:
http://www.enterbrain.co.jp/tkool/rpgxp_update.html
Please contact me if you need more info or help. 大哥,不是进口的,装什么进口货呢?
|
能力值:
( LV2,RANK:10 )
|
-
-
30 楼
对着老大的文章,然后把一个也是ASProtect V2.0加壳的程序
(http://piaoxue888.ys168.com里 其他软件 目录里讯闪3.3里的游戏菜单程序)
看拉看
用IsDebug V1.4插件去掉Ollydbg的调试器标志
先bp GetModuleHandleA断点,然后断2次,取消断点,alt+f9,ctrl+f9,然后
Ctrl+S 搜索命令序列:
mov edx,dword ptr ss:[ebp+C]
mov edx,dword ptr ds:[edx]
mov dword ptr ds:[edx],eax
00BF7648 8B55 0C mov edx,dword ptr ss:[ebp+C]
00BF764B 8B12 mov edx,dword ptr ds:[edx]
00BF764D 891A mov dword ptr ds:[edx],ebx
//再在这里断点,shift+f9执行到这里,将eax修改为ebx,这是第一次找的
00BF764F E9 20010000 jmp 00BF7774
00BF7774 8B45 0C mov eax,dword ptr ss:[ebp+C]
00BF7777 8300 04 add dword ptr ds:[eax],4
00BF777A 8D85 FAFEFFFF lea eax,dword ptr ss:[ebp-106]
00BF7780 3BF8 cmp edi,eax
00BF7782 74 07 je short 00BF778B
00BF7784 8BC7 mov eax,edi
00BF7786 E8 D9ADFDFF call 00BD2564
00BF778B 5F pop edi
00BF778C 5E pop esi
00BF778D 5B pop ebx
00BF778E 8BE5 mov esp,ebp
00BF7790 5D pop ebp
00BF7791 C2 1000 retn 10
到这里,本来要ctrl+s再查第2次的,一往下执行就跳个出错对话框
OS: Windows XP Professional, SP1
CPU: GenuineIntel, Intel Pentium 4, MMX @ 1700 MHz
Application data:
VmVyc2lvbjogUUhGeWJtcGdaWEJzYW1oSVptcHRKQ2xmYjNoNFltTml
BQWM4SUQ0K01ISmtlSDUyTXlNbk9pUW1Oa1J5ZTMxNWFudzANCkltYW
dlQmFzZTogMDA0MDAwMDANCi0xDQpDb2RlID0gWzIxMF0NCi0gMTM2D
QotIDIwOQ0KLSAyMjcNCi0gMA0KLSBbXQ0KPiBFOlzRtsnBM1sxXS4z
XLfFt/7O8cb3XDEyMy5leGUNCg0KMy4zLjAuMA0KMS4wLjAuMA0KDQo
+IEM6XFdJTkRPV1NcU3lzdGVtMzJcbnRkbGwuZGxsDQo+IEM6XFdJTk
RPV1Ncc3lzdGVtMzJca2VybmVsMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc
3lzdGVtMzJcdXNlcjMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMy
XEdESTMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXEFEVkFQSTM
yLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFJQQ1JUNC5kbGwNCj
4gQzpcV0lORE9XU1xzeXN0ZW0zMlxvbGVhdXQzMi5kbGwNCj4gQzpcV
0lORE9XU1xzeXN0ZW0zMlxNU1ZDUlQuRExMDQo+IEM6XFdJTkRPV1Nc
c3lzdGVtMzJcT0xFMzIuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJ
cdmVyc2lvbi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxjb21jdG
wzMi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxzaGVsbDMyLmRsb
A0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFNITFdBUEkuZGxsDQo+IEM6
XFdJTkRPV1Ncc3lzdGVtMzJcdXJsbW9uLmRsbA0KPiBDOlxXSU5ET1d
TXFN5c3RlbTMyXHdpbm1tLmRsbA0KPiBDOlxXSU5ET1dTXFN5c3RlbT
MyXHdzb2NrMzIuZGxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcV1MyX
zMyLmRsbA0KPiBDOlxXSU5ET1dTXFN5c3RlbTMyXFdTMkhFTFAuZGxs
DQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcaXBobHBhcGkuZGxsDQo+IEM
6XFdJTkRPV1NcU3lzdGVtMzJcSU1NMzIuRExMDQo+IEM6XFdJTkRPV1
NcU3lzdGVtMzJcTFBLLkRMTA0KPiBDOlxXSU5ET1dTXFN5c3RlbTMyX
FVTUDEwLmRsbA0KPiBDOlxXSU5ET1dTXFdpblN4U1x4ODZfTWljcm9z
b2Z0LldpbmRvd3MuQ29tbW9uLUNvbnRyb2xzXzY1OTViNjQxNDRjY2Y
xZGZfNi4wLjEwLjBfeC13d19mN2ZiNTgwNVxjb21jdGwzMi5kbGwNCj
4gQzpcV0lORE9XU1xTeXN0ZW0zMlx1eHRoZW1lLmRsbA0KPiBDOlxXS
U5ET1dTXERPV05MT34xXENuc01pbi5kbGwNCkJyb3dzZXIgRXh0ZW5k
DQqxsb6pyP3G37b+0ru/xry809DP3rmry74NCjM3MjENCjEsIDUsIDE
sIDINCkNuc01pbg0KsObIqMv509AgKEMpIDIwMDEgLSAyMDA0DQpDbn
NNaW4uZGxsDQoxLCA1LCAxLCAyDQozNzIxIENuc01pbg0KDQo+IEM6X
FdJTkRPV1NcU3lzdGVtMzJcTkVUQVBJMzIuZGxsDQo+IEM6XFdJTkRP
V1NcU3lzdGVtMzJcTVNDVEYuZGxsDQo+IEM6XFBST0dSQX4xXDM3MjF
caGVscGVyLmRsbA0KDQpIZWxwZXIgTW9kdWxlDQoxLCAwLCAxLCA2DQ
pIZWxwZXINCkNvcHlyaWdodCAyMDA0DQpIZWxwZXIuZGxsDQoxLCAwL
CAxLCA2DQpIZWxwZXIgTW9kdWxlDQoNCj4gQzpcV0lORE9XU1xzeXN0
ZW0zMlxXSU5JTkVULmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXEN
SWVBUMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTVNBU04xLm
RsbA0KPiBDOlxXSU5ET1dTXFN5c3RlbTMyXG1zY3RmaW1lLmltZQ0KP
iBDOlxXSU5ET1dTXFN5c3RlbTMyXE1zaW10Zi5kbGw=
我估计可能是检测到调试工具就这样,可是开始我已经把od隐藏拉啊~。
不明白拉,本来想学下的,就卡在这里拉。晕~
|
|
|
|
