004B7A29 |. E8 2A1CF5FF call 00409658
004B7A2E |. 837D FC 00 cmp dword ptr [ebp-4], 0
004B7A32 75 1E jnz short 004B7A52 /此处 我把JNZ改成JMP了
004B7A34 |. 6A 30 push 30
004B7A36 |. 68 647B4B00 push 004B7B64
004B7A3B |. 68 707B4B00 push 004B7B70
004B7A40 |. 8BC3 mov eax, ebx
004B7A42 |. E8 C57CF9FF call 0044F70C
004B7A47 |. 50 push eax ; |hOwner
004B7A48 |. E8 0B04F5FF call <jmp.&user32.MessageBoxA> ; \MessageBoxA
004B7A4D |. E9 B2000000 jmp 004B7B04
004B7A52 |> 8D55 F0 lea edx, dword ptr [ebp-10]
004B7A55 |. 8B83 04030000 mov eax, dword ptr [ebx+304]
004B7A5B |. E8 44D5FBFF call 00474FA4
004B7A60 |. 8B45 F0 mov eax, dword ptr [ebp-10]
004B7A63 |. 8D55 F4 lea edx, dword ptr [ebp-C]
004B7A66 |. E8 ED1BF5FF call 00409658
004B7A6B |. 8B45 F4 mov eax, dword ptr [ebp-C]
004B7A6E |. 50 push eax
004B7A6F |. 8D55 E4 lea edx, dword ptr [ebp-1C]
004B7A72 |. 8B83 10030000 mov eax, dword ptr [ebx+310]
004B7A78 |. E8 27D5FBFF call 00474FA4
004B7A7D |. 8B45 E4 mov eax, dword ptr [ebp-1C]
004B7A80 |. 8D55 E8 lea edx, dword ptr [ebp-18]
004B7A83 |. E8 D01BF5FF call 00409658
004B7A88 |. 8B45 E8 mov eax, dword ptr [ebp-18]
004B7A8B |. 8D55 EC lea edx, dword ptr [ebp-14]
004B7A8E |. E8 55FBFFFF call 004B75E8
004B7A93 |. 8B55 EC mov edx, dword ptr [ebp-14]
004B7A96 |. 58 pop eax
004B7A97 |. E8 FCD5F4FF call 00405098
004B7A9C 75 4D jnz short 004B7AEB/此处我把jnz改成NOP了,提示注册成功,但还是不行,而且每次运行软件还出现注册信息窗口,
004B7A9E |. 8D55 DC lea edx, dword ptr [ebp-24]
004B7AA1 |. 8B83 10030000 mov eax, dword ptr [ebx+310]
004B7AA7 |. E8 F8D4FBFF call 00474FA4
004B7AAC |. 8B45 DC mov eax, dword ptr [ebp-24]
004B7AAF |. 8D55 E0 lea edx, dword ptr [ebp-20]
004B7AB2 |. E8 A11BF5FF call 00409658
004B7AB7 |. 8B4D E0 mov ecx, dword ptr [ebp-20]
004B7ABA |. BA 887B4B00 mov edx, 004B7B88
004B7ABF |. B8 947B4B00 mov eax, 004B7B94
004B7AC4 |. E8 27BFFFFF call 004B39F0
004B7AC9 |. 6A 30 push 30
004B7ACB |. 68 647B4B00 push 004B7B64
004B7AD0 |. 68 AC7B4B00 push 004B7BAC
004B7AD5 |. 8BC3 mov eax, ebx
004B7AD7 |. E8 307CF9FF call 0044F70C
004B7ADC |. 50 push eax ; |hOwner
004B7ADD |. E8 7603F5FF call <jmp.&user32.MessageBoxA> ; \MessageBoxA
004B7AE2 |. 8BC3 mov eax, ebx
004B7AE4 |. E8 BBD4FAFF call 00464FA4
004B7AE9 |. EB 19 jmp short 004B7B04
004B7AEB |> 6A 30 push 30
004B7AED |. 68 647B4B00 push 004B7B64
004B7AF2 |. 68 707B4B00 push 004B7B70
004B7AF7 |. 8BC3 mov eax, ebx
004B7AF9 |. E8 0E7CF9FF call 0044F70C
004B7AFE |. 50 push eax ; |hOwner
004B7AFF |. E8 5403F5FF call <jmp.&user32.MessageBoxA> ; \MessageBoxA
004B7B04 |> 33C0 xor eax, eax
请高手帮我分析一下,看看怎么暴破,我想跟一下注册码,跟了N入都没头绪,请大家帮忙指点下,小弟在此先谢大家了!!
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课