-
-
[原创]一个VB编写的CrackMe
-
发表于: 2008-12-9 11:52
-
自己编写了一个小的CrackMe
是用VB编写的,比较简单。
放上来给大家看看吧~~~
看你能不能列出来用了哪些对生成注册码有用的函数吧~~
加油!
是用VB编写的,比较简单。
放上来给大家看看吧~~~
看你能不能列出来用了哪些对生成注册码有用的函数吧~~
加油!
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
|
|
|---|---|
|
|
Len()
好像用户名必须是12位但是输入12位用户名之后程序直接异常退出了 
|
|
|
附件对这个CRACKME作了修改,把嵌入汇编去掉了,简单了。
 那个异常退出我也弄不好,因为在VB里直接嵌入汇编,是不是win的保护机制让它不能运行呢? 不知道有没有大侠来指点一下…… 这是使用CPUID的VB嵌入汇编 在VB调试器中运行很正常,生成EXE后就会出问题。
'This shows how to incorporate machine code into VB
'''''''''''''''''''''''''''''''''''''''''''''''''''
'The example fills the array with a few machine instructions and then copies
'them to a procedure address. The modified procedure is then called thru
'CallWindowProc. The result of this specific machine code is your CPU Vendor Name.
'
'##########################################################################
'Apparently it gets a Stack Pointer Error, but I don't know why; if anybody
'can fix that please let me know... UMGEDV@AOL.COM
'The Error is not present in the native compiled version; so I think it got
'something to do with the P-Code Calling Convention (strange though)...
'##########################################################################
'
'Sub Dummy serves to reserve some space to copy the machine instructions into.
'
'
'Tested on Intel and AMD CPU's (uncompiled and compiled)
'
'
'引用别人的嵌入汇编代码
Option Explicit
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (lpvDest As Any, lpvSource As Any, ByVal cbCopy As Long)
Private x As Long
Public Function GN() As String
Dim mc(0 To 41) As Byte
Dim va As Long
Dim fa As Long
Dim tmp As Long
Dim cn(1 To 12) As Byte
mc(0) = &H55'push ebp
mc(1) = &H8B'move ebp,esp
mc(2) = &HEC
mc(3) = &H57'push edi
mc(4) = &H52'push edx
mc(5) = &H51 'push ecx
mc(6) = &H53 'push ebx
mc(7) = &H8B 'move eax,dword ptr [ebp+8]
mc(8) = &H45
mc(9) = &H8
mc(10) = &HF'cpuid
mc(11) = &HA2
mc(12) = &H8B'mov edi,dword ptr [ebp+12]
mc(13) = &H7D
mc(14) = &HC
mc(15) = &H89'move dword ptr [edi],ebx
mc(16) = &H1F
mc(17) = &H8B'mov edi,dword ptr [ebp+16]
mc(18) = &H7D
mc(19) = &H10
mc(20) = &H89'move dword ptr [edi],ecx
mc(21) = &HF
mc(22) = &H8B'mov edi,dword ptr [ebp+20]
mc(23) = &H7D
mc(24) = &H14
mc(25) = &H89'move dword ptr [edi],edx
mc(26) = &H17
mc(27) = &H58'pop ebx
mc(28) = &H59'pop ecx
mc(29) = &H5A 'pop edx
mc(30) = &H55 'pop edi
mc(31) = &HC9 'leave
mc(32) = &HC2 'ret 16 I tried everything from 0 to 24
mc(33) = &H10
mc(34) = &H0
mc(35) = &H89
'----------------------------无用数据
mc(36) = &H58
mc(37) = &H5A
mc(38) = &H8B
mc(39) = &H7D
mc(40) = &HF
mc(41) = &H53
'----------------------------
tmp = 0
va = VarPtr(mc(0))
fa = GA(AddressOf Dummy)
CopyMemory ByVal fa, ByVal va, 35
On Error Resume Next
CallWindowProc fa, tmp, VarPtr(cn(1)), VarPtr(cn(9)), VarPtr(cn(5))
GN = LCase(StrConv(cn(), vbUnicode))
End Function
Private Function GA(Address As Long) As Long
GA = Address
End Function
Private Sub Dummy()
'the code below just reserves some space to copy the machine code into
'it is never executed
x = 0
x = 1
x = 2
x = 3
x = 4
x = 5
x = 6
x = 7
x = 8
x = 9
x = 10
x = 0
x = 1
x = 2
x = 3
x = 4
x = 5
x = 6
x = 7
x = 8
x = 9
x = 10
End Sub
|
|
|
|
|
|
|
|
|
|
|
|
谢谢大虾,受教了
|
|
|
因为用了 正确注册码=输入注册码 判断,所以简单些
……我想知道在VB里嵌入汇编DEBUG时行,而编译后会显示内存访问的错误,怎么解决呢?
|
|
|
|
|
|
|
|
|
|
