破解“搏彩王”-卜算子系列彩票助理-软件逆向-看雪-安全社区|安全招聘|kanxue.com

破解“搏彩王”-卜算子系列彩票助理

发表于: 2004-12-3 19:49 6562

破解“搏彩王”-卜算子系列彩票助理

kyc

2004-12-3 19:49

6562

【破解作者】 kyc[DFCG][CZG]
【作者邮箱】 [email]muyang008@163.com[/email]
【使用工具】 old1.10
【破解平台】 Win2003
【软件名称】 “搏彩王”-卜算子系列彩票助理
【下载地址】  自己找http://www.bszcp.com
【软件简介】搏彩王是目前国内功能齐全、分析精度较高的一套集成化彩票选号助理软件。它集历史号灌装、历史统计、历史走势、
历史点阵分布、历史参数查询、自定义待选号、自定义复选单选、复选选号、胆拖选号、旋转矩阵选号、电脑/手工精筛、参数报告、
排列组合打印、中奖对奖结果分布、中奖金额结算、历史中奖理财盈亏报告诸功能于一身，提供购前分析和预测，中奖对奖和结算，
历史购买理财一条龙服务。
【软件大小】安装后68.3MB
【加壳方式】 NULL
【破解声明】我是一只小菜鸟，偶得一点心得，愿与大家分享：）
--------------------------------------------------------------------------------
【破解内容】看了网上不知道哪位大侠写的VB破解文章大有启发，这个软件就是VB写的。
运行软件一看，内容丰富庞大怪不得有60多MB。注册时竟然自动退出，看了软件目录有很多MDB数据库文件，其中Ureg.mdb可疑打开看
里面躺者刚刚输入的注册码，重新运行软件输入了“78787878”8位注册码，竟然出现错误提示，看样子注册码必须市8位。
拿出ollydbg 1.10,加载程序，等它自动分析完之后，按ALT+E打开可执行模块，找到MSVBVM60.DLL,双击它，到了这个模块里面，
再按Ctrl+N显示出这个模块里面的函数名称，下拉滚动条找到rtcmsgbox这个函数，按F2下断点。按F9执行程序，填试验码后点注册，
程序就被断下来了，F2取消段点
这里是在MSVBVM60.DLL模块里，我们要回到原程序的空间去，所以我们按Ctrl+F9,意思是执行到返回处。这时注册出错框出现了，点确认之后，
程序断在此处。

按F8就回到了原程序的空间。

代码如下：

--------------------------------------------------------------------------------------------------------------------------------
007D67F3          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BC2C
007D67FD          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D6803          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D6809          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D680C          .  FFD6       call esi
007D680E          .  8D4D 8C    lea ecx,dword ptr ss:[ebp-74]
007D6811          .  51          push ecx
007D6812          .  8D55 9C    lea edx,dword ptr ss:[ebp-64]
007D6815          .  52          push edx
007D6816          .  8D45 AC    lea eax,dword ptr ss:[ebp-54]
007D6819          .  50          push eax
007D681A          .  6A 00       push 0
007D681C          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D681F          .  51          push ecx
007D6820          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
--------------------------------------------------------------------------------------------------------------------------------
＃rtcmsgbox函数调用，用于显示注册码错的信息。
关键的语句应该在这段代码的上面，我们去找找，我们向上找了几下

重新加载程序，007D5D53 处下断。F9运行，填试验码，注册，确定，程序被断在此处

007D5D53          .  51          push ecx
007D5D54          .  6A 40       push 40                               ;  f2
007D5D56          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D5D5C          .  81C4 14010000 add esp,114
007D5D62          .  C745 FC 38000>mov dword ptr ss:[ebp-4],38
007D5D69          .  8B47 40    mov eax,dword ptr ds:[edi+40]
007D5D6C          .  3BF0       cmp esi,eax---------------------------------？ESI=78787878？EAX=49532337专业版真码
007D5D6E          .  0F85 F2010000 jnz 搏彩王乐.007D5F66
007D5D74          .  C745 FC 39000>mov dword ptr ss:[ebp-4],39
007D5D7B          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],80020004
007D5D85          .  B8 0A000000 mov eax,0A
007D5D8A          .  8985 BCFBFFFF mov dword ptr ss:[ebp-444],eax
007D5D90          .  8B57 6C    mov edx,dword ptr ds:[edi+6C]
007D5D93          .  8B12       mov edx,dword ptr ds:[edx]
007D5D95          .  83EC 10    sub esp,10
007D5D98          .  8BCC       mov ecx,esp
007D5D9A          .  8901       mov dword ptr ds:[ecx],eax
007D5D9C          .  8B85 C0FBFFFF mov eax,dword ptr ss:[ebp-440]
007D5DA2          .  8941 04    mov dword ptr ds:[ecx+4],eax
007D5DA5          .  8B85 C4FBFFFF mov eax,dword ptr ss:[ebp-43C]
007D5DAB          .  8941 08    mov dword ptr ds:[ecx+8],eax
007D5DAE          .  8B85 C8FBFFFF mov eax,dword ptr ss:[ebp-438]
007D5DB4          .  8941 0C    mov dword ptr ds:[ecx+C],eax
007D5DB7          .  68 10BB5100 push 搏彩王乐.0051BB10                      ;  UNICODE "UPDATE [Regist] SET [Userserl]="
007D5DBC          .  56          push esi
007D5DBD          .  8995 A8F9FFFF mov dword ptr ss:[ebp-658],edx
007D5DC3          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D5DC9          .  8BD0       mov edx,eax
007D5DCB          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D5DCE          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D5DD4          .  50          push eax
007D5DD5          .  FF15 74104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
007D5DDB          .  8BD0       mov edx,eax
007D5DDD          .  8D4D D4    lea ecx,dword ptr ss:[ebp-2C]
007D5DE0          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D5DE6          .  50          push eax
007D5DE7          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D5DEA          .  51          push ecx
007D5DEB          .  8B95 A8F9FFFF mov edx,dword ptr ss:[ebp-658]
007D5DF1          .  FF52 5C    call dword ptr ds:[edx+5C]
007D5DF4          .  DBE2       fclex
007D5DF6          .  85C0       test eax,eax
007D5DF8          .  7D 12       jge short 搏彩王乐.007D5E0C
007D5DFA          .  6A 5C       push 5C
007D5DFC          .  68 94385100 push 搏彩王乐.00513894
007D5E01          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D5E04          .  51          push ecx
007D5E05          .  50          push eax
007D5E06          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D5E0C          >  8D55 D4    lea edx,dword ptr ss:[ebp-2C]
007D5E0F          .  52          push edx
007D5E10          .  8D45 D8    lea eax,dword ptr ss:[ebp-28]
007D5E13          .  50          push eax
007D5E14          .  6A 02       push 2
007D5E16          .  FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStrList
007D5E1C          .  83C4 0C    add esp,0C
007D5E1F          .  C745 FC 3A000>mov dword ptr ss:[ebp-4],3A
007D5E26          .  8B4D DC    mov ecx,dword ptr ss:[ebp-24]
007D5E29          .  51          push ecx
007D5E2A          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D5E30          .  8BD0       mov edx,eax
007D5E32          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D5E35          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D5E3B          .  50          push eax
007D5E3C          .  68 3C835100 push 搏彩王乐.0051833C                      ;  UNICODE "Sernum"
007D5E41          .  68 30835100 push 搏彩王乐.00518330                      ;  UNICODE "Ini"
007D5E46          .  68 1C835100 push 搏彩王乐.0051831C                      ;  UNICODE "BZBQMLT"
007D5E4B          .  FF15 14104000 call dword ptr ds:[<&MSVBVM60.#690>]    ;  MSVBVM60.rtcSaveSetting
007D5E51          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D5E54          .  FF15 10134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
007D5E5A          .  C745 FC 3B000>mov dword ptr ss:[ebp-4],3B
007D5E61          .  B9 04000280 mov ecx,80020004
007D5E66          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D5E69          .  B8 0A000000 mov eax,0A
007D5E6E          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D5E71          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D5E74          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D5E77          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051BB7C
007D5E81          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D5E87          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D5E8D          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D5E90          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D5E96          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D5E98          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BB54
007D5EA2          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D5EA8          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D5EAE          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D5EB1          .  FFD6       call esi
007D5EB3          .  8D55 8C    lea edx,dword ptr ss:[ebp-74]
007D5EB6          .  52          push edx
007D5EB7          .  8D45 9C    lea eax,dword ptr ss:[ebp-64]
007D5EBA          .  50          push eax
007D5EBB          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D5EBE          .  51          push ecx
007D5EBF          .  33F6       xor esi,esi
007D5EC1          .  56          push esi
007D5EC2          .  8D55 BC    lea edx,dword ptr ss:[ebp-44]
007D5EC5          .  52          push edx
007D5EC6          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
007D5ECC          .  8D45 8C    lea eax,dword ptr ss:[ebp-74]
007D5ECF          .  50          push eax
007D5ED0          .  8D4D 9C    lea ecx,dword ptr ss:[ebp-64]
007D5ED3          .  51          push ecx
007D5ED4          .  8D55 AC    lea edx,dword ptr ss:[ebp-54]
007D5ED7          .  52          push edx
007D5ED8          .  8D45 BC    lea eax,dword ptr ss:[ebp-44]
007D5EDB          .  50          push eax
007D5EDC          .  6A 04       push 4
007D5EDE          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D5EE4          .  83C4 14    add esp,14
007D5EE7          .  C745 FC 3C000>mov dword ptr ss:[ebp-4],3C
007D5EEE          .  8B0F       mov ecx,dword ptr ds:[edi]
007D5EF0          .  57          push edi
007D5EF1          .  FF91 00030000 call dword ptr ds:[ecx+300]
007D5EF7          .  50          push eax
007D5EF8          .  8D55 CC    lea edx,dword ptr ss:[ebp-34]
007D5EFB          .  52          push edx
007D5EFC          .  FF15 CC104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;  MSVBVM60.__vbaObjSet
007D5F02          .  8BF8       mov edi,eax
007D5F04          .  8B07       mov eax,dword ptr ds:[edi]
007D5F06          .  6A FF       push -1
007D5F08          .  57          push edi
007D5F09          .  FF90 94000000 call dword ptr ds:[eax+94]
007D5F0F          .  DBE2       fclex
007D5F11          .  3BC6       cmp eax,esi------------------------------？eax,？esi
007D5F13          .  7D 12       jge short 搏彩王乐.007D5F27
007D5F15          .  68 94000000 push 94
007D5F1A          .  68 90B25100 push 搏彩王乐.0051B290
007D5F1F          .  57          push edi
007D5F20          .  50          push eax
007D5F21          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D5F27          >  8D4D CC    lea ecx,dword ptr ss:[ebp-34]
007D5F2A          .  FF15 0C134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
007D5F30          .  C745 FC 3D000>mov dword ptr ss:[ebp-4],3D
007D5F37          .  66:8935 5A69F>mov word ptr ds:[F4695A],si
007D5F3E          .  C745 FC 3E000>mov dword ptr ss:[ebp-4],3E
007D5F45          .  66:8935 5C69F>mov word ptr ds:[F4695C],si
007D5F4C          .  C745 FC 3F000>mov dword ptr ss:[ebp-4],3F
007D5F53          .  66:8935 5E69F>mov word ptr ds:[F4695E],si
007D5F5A          .  C745 FC 40000>mov dword ptr ss:[ebp-4],40
007D5F61          .^ E9 D8ECFFFF jmp 搏彩王乐.007D4C3E
007D5F66          >  C745 FC 41000>mov dword ptr ss:[ebp-4],41
007D5F6D          .  8BC8       mov ecx,eax
007D5F6F          .  81C1 1F310100 add ecx,1311F
007D5F75          .  0F80 DB0A0000 jo 搏彩王乐.007D6A56
007D5F7B          .  3BF1       cmp esi,ecx------------------------------？eax,？esi
007D5F7D          .  0F85 F4010000 jnz 搏彩王乐.007D6177
007D5F83          .  C745 FC 42000>mov dword ptr ss:[ebp-4],42
007D5F8A          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],80020004
007D5F94          .  B8 0A000000 mov eax,0A
007D5F99          .  8985 BCFBFFFF mov dword ptr ss:[ebp-444],eax
007D5F9F          .  8B57 6C    mov edx,dword ptr ds:[edi+6C]
007D5FA2          .  8B12       mov edx,dword ptr ds:[edx]
007D5FA4          .  83EC 10    sub esp,10
007D5FA7          .  8BCC       mov ecx,esp
007D5FA9          .  8901       mov dword ptr ds:[ecx],eax
007D5FAB          .  8B85 C0FBFFFF mov eax,dword ptr ss:[ebp-440]
007D5FB1          .  8941 04    mov dword ptr ds:[ecx+4],eax
007D5FB4          .  8B85 C4FBFFFF mov eax,dword ptr ss:[ebp-43C]
007D5FBA          .  8941 08    mov dword ptr ds:[ecx+8],eax
007D5FBD          .  8B85 C8FBFFFF mov eax,dword ptr ss:[ebp-438]
007D5FC3          .  8941 0C    mov dword ptr ds:[ecx+C],eax
007D5FC6          .  68 10BB5100 push 搏彩王乐.0051BB10                      ;  UNICODE "UPDATE [Regist] SET [Userserl]="
007D5FCB          .  56          push esi
007D5FCC          .  8995 A4F9FFFF mov dword ptr ss:[ebp-65C],edx
007D5FD2          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D5FD8          .  8BD0       mov edx,eax
007D5FDA          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D5FDD          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D5FE3          .  50          push eax
007D5FE4          .  FF15 74104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
007D5FEA          .  8BD0       mov edx,eax
007D5FEC          .  8D4D D4    lea ecx,dword ptr ss:[ebp-2C]
007D5FEF          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D5FF5          .  50          push eax
007D5FF6          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D5FF9          .  51          push ecx
007D5FFA          .  8B95 A4F9FFFF mov edx,dword ptr ss:[ebp-65C]
007D6000          .  FF52 5C    call dword ptr ds:[edx+5C]
007D6003          .  DBE2       fclex
007D6005          .  85C0       test eax,eax
007D6007          .  7D 12       jge short 搏彩王乐.007D601B
007D6009          .  6A 5C       push 5C
007D600B          .  68 94385100 push 搏彩王乐.00513894
007D6010          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D6013          .  51          push ecx
007D6014          .  50          push eax
007D6015          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D601B          >  8D55 D4    lea edx,dword ptr ss:[ebp-2C]
007D601E          .  52          push edx
007D601F          .  8D45 D8    lea eax,dword ptr ss:[ebp-28]
007D6022          .  50          push eax
007D6023          .  6A 02       push 2
007D6025          .  FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStrList
007D602B          .  83C4 0C    add esp,0C
007D602E          .  C745 FC 43000>mov dword ptr ss:[ebp-4],43
007D6035          .  8B4D DC    mov ecx,dword ptr ss:[ebp-24]
007D6038          .  51          push ecx
007D6039          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D603F          .  8BD0       mov edx,eax
007D6041          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6044          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D604A          .  50          push eax
007D604B          .  68 3C835100 push 搏彩王乐.0051833C                      ;  UNICODE "Sernum"
007D6050          .  68 30835100 push 搏彩王乐.00518330                      ;  UNICODE "Ini"
007D6055          .  68 1C835100 push 搏彩王乐.0051831C                      ;  UNICODE "BZBQMLT"
007D605A          .  FF15 14104000 call dword ptr ds:[<&MSVBVM60.#690>]    ;  MSVBVM60.rtcSaveSetting
007D6060          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6063          .  FF15 10134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
007D6069          .  C745 FC 44000>mov dword ptr ss:[ebp-4],44
007D6070          .  B9 04000280 mov ecx,80020004
007D6075          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D6078          .  B8 0A000000 mov eax,0A
007D607D          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D6080          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D6083          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D6086          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051BB7C
007D6090          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D6096          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D609C          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D609F          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D60A5          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D60A7          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BB8C
007D60B1          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D60B7          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D60BD          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D60C0          .  FFD6       call esi
007D60C2          .  8D55 8C    lea edx,dword ptr ss:[ebp-74]
007D60C5          .  52          push edx
007D60C6          .  8D45 9C    lea eax,dword ptr ss:[ebp-64]
007D60C9          .  50          push eax
007D60CA          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D60CD          .  51          push ecx
007D60CE          .  33F6       xor esi,esi
007D60D0          .  56          push esi
007D60D1          .  8D55 BC    lea edx,dword ptr ss:[ebp-44]
007D60D4          .  52          push edx
007D60D5          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
007D60DB          .  8D45 8C    lea eax,dword ptr ss:[ebp-74]
007D60DE          .  50          push eax
007D60DF          .  8D4D 9C    lea ecx,dword ptr ss:[ebp-64]
007D60E2          .  51          push ecx
007D60E3          .  8D55 AC    lea edx,dword ptr ss:[ebp-54]
007D60E6          .  52          push edx
007D60E7          .  8D45 BC    lea eax,dword ptr ss:[ebp-44]
007D60EA          .  50          push eax
007D60EB          .  6A 04       push 4
007D60ED          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D60F3          .  83C4 14    add esp,14
007D60F6          .  C745 FC 45000>mov dword ptr ss:[ebp-4],45
007D60FD          .  8B0F       mov ecx,dword ptr ds:[edi]
007D60FF          .  57          push edi
007D6100          .  FF91 00030000 call dword ptr ds:[ecx+300]
007D6106          .  50          push eax
007D6107          .  8D55 CC    lea edx,dword ptr ss:[ebp-34]
007D610A          .  52          push edx
007D610B          .  FF15 CC104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;  MSVBVM60.__vbaObjSet
007D6111          .  8BF8       mov edi,eax
007D6113          .  8B07       mov eax,dword ptr ds:[edi]
007D6115          .  6A FF       push -1
007D6117          .  57          push edi
007D6118          .  FF90 94000000 call dword ptr ds:[eax+94]
007D611E          .  DBE2       fclex
007D6120          .  3BC6       cmp eax,esi
007D6122          .  7D 12       jge short 搏彩王乐.007D6136
007D6124          .  68 94000000 push 94
007D6129          .  68 90B25100 push 搏彩王乐.0051B290
007D612E          .  57          push edi
007D612F          .  50          push eax
007D6130          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D6136          >  8D4D CC    lea ecx,dword ptr ss:[ebp-34]
007D6139          .  FF15 0C134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
007D613F          .  C745 FC 46000>mov dword ptr ss:[ebp-4],46
007D6146          .  66:C705 5A69F>mov word ptr ds:[F4695A],0FFFF
007D614F          .  C745 FC 47000>mov dword ptr ss:[ebp-4],47
007D6156          .  66:8935 5C69F>mov word ptr ds:[F4695C],si
007D615D          .  C745 FC 48000>mov dword ptr ss:[ebp-4],48
007D6164          .  66:8935 5E69F>mov word ptr ds:[F4695E],si
007D616B          .  C745 FC 49000>mov dword ptr ss:[ebp-4],49
007D6172          .^ E9 C7EAFFFF jmp 搏彩王乐.007D4C3E
007D6177          >  C745 FC 4A000>mov dword ptr ss:[ebp-4],4A
007D617E          .  8BC8       mov ecx,eax
007D6180          .  81C1 33310100 add ecx,13133
007D6186          .  0F80 CA080000 jo 搏彩王乐.007D6A56
007D618C          .  3BF1       cmp esi,ecx------------------------------？eax,？esi
007D618E          .  0F85 F4010000 jnz 搏彩王乐.007D6388
007D6194          .  C745 FC 4B000>mov dword ptr ss:[ebp-4],4B
007D619B          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],80020004
007D61A5          .  B8 0A000000 mov eax,0A
007D61AA          .  8985 BCFBFFFF mov dword ptr ss:[ebp-444],eax
007D61B0          .  8B57 6C    mov edx,dword ptr ds:[edi+6C]
007D61B3          .  8B12       mov edx,dword ptr ds:[edx]
007D61B5          .  83EC 10    sub esp,10
007D61B8          .  8BCC       mov ecx,esp
007D61BA          .  8901       mov dword ptr ds:[ecx],eax
007D61BC          .  8B85 C0FBFFFF mov eax,dword ptr ss:[ebp-440]
007D61C2          .  8941 04    mov dword ptr ds:[ecx+4],eax
007D61C5          .  8B85 C4FBFFFF mov eax,dword ptr ss:[ebp-43C]
007D61CB          .  8941 08    mov dword ptr ds:[ecx+8],eax
007D61CE          .  8B85 C8FBFFFF mov eax,dword ptr ss:[ebp-438]
007D61D4          .  8941 0C    mov dword ptr ds:[ecx+C],eax
007D61D7          .  68 10BB5100 push 搏彩王乐.0051BB10                      ;  UNICODE "UPDATE [Regist] SET [Userserl]="
007D61DC          .  56          push esi
007D61DD          .  8995 A0F9FFFF mov dword ptr ss:[ebp-660],edx
007D61E3          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D61E9          .  8BD0       mov edx,eax
007D61EB          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D61EE          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D61F4          .  50          push eax
007D61F5          .  FF15 74104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
007D61FB          .  8BD0       mov edx,eax
007D61FD          .  8D4D D4    lea ecx,dword ptr ss:[ebp-2C]
007D6200          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D6206          .  50          push eax
007D6207          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D620A          .  51          push ecx
007D620B          .  8B95 A0F9FFFF mov edx,dword ptr ss:[ebp-660]
007D6211          .  FF52 5C    call dword ptr ds:[edx+5C]
007D6214          .  DBE2       fclex
007D6216          .  85C0       test eax,eax
007D6218          .  7D 12       jge short 搏彩王乐.007D622C
007D621A          .  6A 5C       push 5C
007D621C          .  68 94385100 push 搏彩王乐.00513894
007D6221          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D6224          .  51          push ecx
007D6225          .  50          push eax
007D6226          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D622C          >  8D55 D4    lea edx,dword ptr ss:[ebp-2C]
007D622F          .  52          push edx
007D6230          .  8D45 D8    lea eax,dword ptr ss:[ebp-28]
007D6233          .  50          push eax
007D6234          .  6A 02       push 2
007D6236          .  FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStrList
007D623C          .  83C4 0C    add esp,0C
007D623F          .  C745 FC 4C000>mov dword ptr ss:[ebp-4],4C
007D6246          .  8B4D DC    mov ecx,dword ptr ss:[ebp-24]
007D6249          .  51          push ecx
007D624A          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D6250          .  8BD0       mov edx,eax
007D6252          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6255          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D625B          .  50          push eax
007D625C          .  68 3C835100 push 搏彩王乐.0051833C                      ;  UNICODE "Sernum"
007D6261          .  68 30835100 push 搏彩王乐.00518330                      ;  UNICODE "Ini"
007D6266          .  68 1C835100 push 搏彩王乐.0051831C                      ;  UNICODE "BZBQMLT"
007D626B          .  FF15 14104000 call dword ptr ds:[<&MSVBVM60.#690>]    ;  MSVBVM60.rtcSaveSetting
007D6271          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6274          .  FF15 10134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
007D627A          .  C745 FC 4D000>mov dword ptr ss:[ebp-4],4D
007D6281          .  B9 04000280 mov ecx,80020004
007D6286          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D6289          .  B8 0A000000 mov eax,0A
007D628E          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D6291          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D6294          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D6297          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051BB7C
007D62A1          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D62A7          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D62AD          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D62B0          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D62B6          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D62B8          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BBB4
007D62C2          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D62C8          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D62CE          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D62D1          .  FFD6       call esi
007D62D3          .  8D55 8C    lea edx,dword ptr ss:[ebp-74]
007D62D6          .  52          push edx
007D62D7          .  8D45 9C    lea eax,dword ptr ss:[ebp-64]
007D62DA          .  50          push eax
007D62DB          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D62DE          .  51          push ecx
007D62DF          .  33F6       xor esi,esi
007D62E1          .  56          push esi
007D62E2          .  8D55 BC    lea edx,dword ptr ss:[ebp-44]
007D62E5          .  52          push edx
007D62E6          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
007D62EC          .  8D45 8C    lea eax,dword ptr ss:[ebp-74]
007D62EF          .  50          push eax
007D62F0          .  8D4D 9C    lea ecx,dword ptr ss:[ebp-64]
007D62F3          .  51          push ecx
007D62F4          .  8D55 AC    lea edx,dword ptr ss:[ebp-54]
007D62F7          .  52          push edx
007D62F8          .  8D45 BC    lea eax,dword ptr ss:[ebp-44]
007D62FB          .  50          push eax
007D62FC          .  6A 04       push 4
007D62FE          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D6304          .  83C4 14    add esp,14
007D6307          .  C745 FC 4E000>mov dword ptr ss:[ebp-4],4E
007D630E          .  8B0F       mov ecx,dword ptr ds:[edi]
007D6310          .  57          push edi
007D6311          .  FF91 00030000 call dword ptr ds:[ecx+300]
007D6317          .  50          push eax
007D6318          .  8D55 CC    lea edx,dword ptr ss:[ebp-34]
007D631B          .  52          push edx
007D631C          .  FF15 CC104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;  MSVBVM60.__vbaObjSet
007D6322          .  8BF8       mov edi,eax
007D6324          .  8B07       mov eax,dword ptr ds:[edi]
007D6326          .  83CB FF    or ebx,FFFFFFFF
007D6329          .  53          push ebx
007D632A          .  57          push edi
007D632B          .  FF90 94000000 call dword ptr ds:[eax+94]
007D6331          .  DBE2       fclex
007D6333          .  3BC6       cmp eax,esi------------------------------？eax,？esi
007D6335          .  7D 12       jge short 搏彩王乐.007D6349
007D6337          .  68 94000000 push 94
007D633C          .  68 90B25100 push 搏彩王乐.0051B290
007D6341          .  57          push edi
007D6342          .  50          push eax
007D6343          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D6349          >  8D4D CC    lea ecx,dword ptr ss:[ebp-34]
007D634C          .  FF15 0C134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
007D6352          .  C745 FC 4F000>mov dword ptr ss:[ebp-4],4F
007D6359          .  66:891D 5A69F>mov word ptr ds:[F4695A],bx
007D6360          .  C745 FC 50000>mov dword ptr ss:[ebp-4],50
007D6367          .  66:891D 5C69F>mov word ptr ds:[F4695C],bx
007D636E          .  C745 FC 51000>mov dword ptr ss:[ebp-4],51
007D6375          .  66:8935 5E69F>mov word ptr ds:[F4695E],si
007D637C          .  C745 FC 52000>mov dword ptr ss:[ebp-4],52
007D6383          .^ E9 B6E8FFFF jmp 搏彩王乐.007D4C3E
007D6388          >  C745 FC 53000>mov dword ptr ss:[ebp-4],53
007D638F          .  8BC8       mov ecx,eax
007D6391          .  81C1 A6360100 add ecx,136A6
007D6397          .  0F80 B9060000 jo 搏彩王乐.007D6A56
007D639D          .  3BF1       cmp esi,ecx------------------------------？eax,？esi
007D639F          .  0F85 FC010000 jnz 搏彩王乐.007D65A1
007D63A5          .  C745 FC 54000>mov dword ptr ss:[ebp-4],54
007D63AC          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],80020004
007D63B6          .  B8 0A000000 mov eax,0A
007D63BB          .  8985 BCFBFFFF mov dword ptr ss:[ebp-444],eax
007D63C1          .  8B57 6C    mov edx,dword ptr ds:[edi+6C]
007D63C4          .  8B12       mov edx,dword ptr ds:[edx]
007D63C6          .  83EC 10    sub esp,10
007D63C9          .  8BCC       mov ecx,esp
007D63CB          .  8901       mov dword ptr ds:[ecx],eax
007D63CD          .  8B85 C0FBFFFF mov eax,dword ptr ss:[ebp-440]
007D63D3          .  8941 04    mov dword ptr ds:[ecx+4],eax
007D63D6          .  8B85 C4FBFFFF mov eax,dword ptr ss:[ebp-43C]
007D63DC          .  8941 08    mov dword ptr ds:[ecx+8],eax
007D63DF          .  8B85 C8FBFFFF mov eax,dword ptr ss:[ebp-438]
007D63E5          .  8941 0C    mov dword ptr ds:[ecx+C],eax
007D63E8          .  68 10BB5100 push 搏彩王乐.0051BB10                      ;  UNICODE "UPDATE [Regist] SET [Userserl]="
007D63ED          .  56          push esi
007D63EE          .  8995 9CF9FFFF mov dword ptr ss:[ebp-664],edx
007D63F4          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D63FA          .  8BD0       mov edx,eax
007D63FC          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D63FF          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D6405          .  50          push eax
007D6406          .  FF15 74104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
007D640C          .  8BD0       mov edx,eax
007D640E          .  8D4D D4    lea ecx,dword ptr ss:[ebp-2C]
007D6411          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D6417          .  50          push eax
007D6418          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D641B          .  51          push ecx
007D641C          .  8B95 9CF9FFFF mov edx,dword ptr ss:[ebp-664]
007D6422          .  FF52 5C    call dword ptr ds:[edx+5C]
007D6425          .  DBE2       fclex
007D6427          .  85C0       test eax,eax
007D6429          .  7D 12       jge short 搏彩王乐.007D643D
007D642B          .  6A 5C       push 5C
007D642D          .  68 94385100 push 搏彩王乐.00513894
007D6432          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D6435          .  51          push ecx
007D6436          .  50          push eax
007D6437          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D643D          >  8D55 D4    lea edx,dword ptr ss:[ebp-2C]
007D6440          .  52          push edx
007D6441          .  8D45 D8    lea eax,dword ptr ss:[ebp-28]
007D6444          .  50          push eax
007D6445          .  6A 02       push 2
007D6447          .  FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStrList
007D644D          .  83C4 0C    add esp,0C
007D6450          .  C745 FC 55000>mov dword ptr ss:[ebp-4],55
007D6457          .  8B4D DC    mov ecx,dword ptr ss:[ebp-24]
007D645A          .  51          push ecx
007D645B          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D6461          .  8BD0       mov edx,eax
007D6463          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6466          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D646C          .  50          push eax
007D646D          .  68 3C835100 push 搏彩王乐.0051833C                      ;  UNICODE "Sernum"
007D6472          .  68 30835100 push 搏彩王乐.00518330                      ;  UNICODE "Ini"
007D6477          .  68 1C835100 push 搏彩王乐.0051831C                      ;  UNICODE "BZBQMLT"
007D647C          .  FF15 14104000 call dword ptr ds:[<&MSVBVM60.#690>]    ;  MSVBVM60.rtcSaveSetting
007D6482          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6485          .  FF15 10134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
007D648B          .  C745 FC 56000>mov dword ptr ss:[ebp-4],56
007D6492          .  B9 04000280 mov ecx,80020004
007D6497          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D649A          .  B8 0A000000 mov eax,0A
007D649F          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D64A2          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D64A5          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D64A8          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051BB7C
007D64B2          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D64B8          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D64BE          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D64C1          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D64C7          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D64C9          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BBDC
007D64D3          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D64D9          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D64DF          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D64E2          .  FFD6       call esi
007D64E4          .  8D55 8C    lea edx,dword ptr ss:[ebp-74]
007D64E7          .  52          push edx
007D64E8          .  8D45 9C    lea eax,dword ptr ss:[ebp-64]
007D64EB          .  50          push eax
007D64EC          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D64EF          .  51          push ecx
007D64F0          .  6A 00       push 0
007D64F2          .  8D55 BC    lea edx,dword ptr ss:[ebp-44]
007D64F5          .  52          push edx
007D64F6          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
007D64FC          .  8D45 8C    lea eax,dword ptr ss:[ebp-74]
007D64FF          .  50          push eax
007D6500          .  8D4D 9C    lea ecx,dword ptr ss:[ebp-64]
007D6503          .  51          push ecx
007D6504          .  8D55 AC    lea edx,dword ptr ss:[ebp-54]
007D6507          .  52          push edx
007D6508          .  8D45 BC    lea eax,dword ptr ss:[ebp-44]
007D650B          .  50          push eax
007D650C          .  6A 04       push 4
007D650E          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D6514          .  83C4 14    add esp,14
007D6517          .  C745 FC 57000>mov dword ptr ss:[ebp-4],57
007D651E          .  8B0F       mov ecx,dword ptr ds:[edi]
007D6520          .  57          push edi
007D6521          .  FF91 00030000 call dword ptr ds:[ecx+300]
007D6527          .  50          push eax
007D6528          .  8D55 CC    lea edx,dword ptr ss:[ebp-34]
007D652B          .  52          push edx
007D652C          .  FF15 CC104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;  MSVBVM60.__vbaObjSet
007D6532          .  8BF0       mov esi,eax
007D6534          .  8B06       mov eax,dword ptr ds:[esi]
007D6536          .  83CF FF    or edi,FFFFFFFF
007D6539          .  57          push edi
007D653A          .  56          push esi
007D653B          .  FF90 94000000 call dword ptr ds:[eax+94]
007D6541          .  DBE2       fclex
007D6543          .  85C0       test eax,eax
007D6545          .  7D 12       jge short 搏彩王乐.007D6559
007D6547          .  68 94000000 push 94
007D654C          .  68 90B25100 push 搏彩王乐.0051B290
007D6551          .  56          push esi
007D6552          .  50          push eax
007D6553          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D6559          >  8D4D CC    lea ecx,dword ptr ss:[ebp-34]
007D655C          .  FF15 0C134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
007D6562          .  C745 FC 58000>mov dword ptr ss:[ebp-4],58
007D6569          .  66:893D 5A69F>mov word ptr ds:[F4695A],di
007D6570          .  C745 FC 59000>mov dword ptr ss:[ebp-4],59
007D6577          .  66:893D 5C69F>mov word ptr ds:[F4695C],di
007D657E          .  C745 FC 5A000>mov dword ptr ss:[ebp-4],5A
007D6585          .  66:893D 5E69F>mov word ptr ds:[F4695E],di
007D658C          .  C745 FC 5B000>mov dword ptr ss:[ebp-4],5B
007D6593          .  66:C705 6069F>mov word ptr ds:[F46960],0
007D659C          .^ E9 A4E6FFFF jmp 搏彩王乐.007D4C45
007D65A1          >  C745 FC 5C000>mov dword ptr ss:[ebp-4],5C
007D65A8          .  05 63E70B00 add eax,0BE763
007D65AD          .  0F80 A3040000 jo 搏彩王乐.007D6A56
007D65B3          .  3BF0       cmp esi,eax                            ;  ？EAX=终极版真码
007D65B5          .  0F85 FA010000 jnz 搏彩王乐.007D67B5
007D65BB          .  C745 FC 5D000>mov dword ptr ss:[ebp-4],5D
007D65C2          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],80020004
007D65CC          .  B8 0A000000 mov eax,0A
007D65D1          .  8985 BCFBFFFF mov dword ptr ss:[ebp-444],eax
007D65D7          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D65DA          .  8B11       mov edx,dword ptr ds:[ecx]
007D65DC          .  83EC 10    sub esp,10
007D65DF          .  8BCC       mov ecx,esp
007D65E1          .  8901       mov dword ptr ds:[ecx],eax
007D65E3          .  8B85 C0FBFFFF mov eax,dword ptr ss:[ebp-440]
007D65E9          .  8941 04    mov dword ptr ds:[ecx+4],eax
007D65EC          .  8B85 C4FBFFFF mov eax,dword ptr ss:[ebp-43C]
007D65F2          .  8941 08    mov dword ptr ds:[ecx+8],eax
007D65F5          .  8B85 C8FBFFFF mov eax,dword ptr ss:[ebp-438]
007D65FB          .  8941 0C    mov dword ptr ds:[ecx+C],eax
007D65FE          .  68 10BB5100 push 搏彩王乐.0051BB10                      ;  UNICODE "UPDATE [Regist] SET [Userserl]="
007D6603          .  56          push esi
007D6604          .  8995 98F9FFFF mov dword ptr ss:[ebp-668],edx
007D660A          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D6610          .  8BD0       mov edx,eax
007D6612          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D6615          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D661B          .  50          push eax
007D661C          .  FF15 74104000 call dword ptr ds:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
007D6622          .  8BD0       mov edx,eax
007D6624          .  8D4D D4    lea ecx,dword ptr ss:[ebp-2C]
007D6627          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D662D          .  50          push eax
007D662E          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D6631          .  51          push ecx
007D6632          .  8B95 98F9FFFF mov edx,dword ptr ss:[ebp-668]
007D6638          .  FF52 5C    call dword ptr ds:[edx+5C]
007D663B          .  DBE2       fclex
007D663D          .  85C0       test eax,eax
007D663F          .  7D 12       jge short 搏彩王乐.007D6653
007D6641          .  6A 5C       push 5C
007D6643          .  68 94385100 push 搏彩王乐.00513894
007D6648          .  8B4F 6C    mov ecx,dword ptr ds:[edi+6C]
007D664B          .  51          push ecx
007D664C          .  50          push eax
007D664D          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D6653          >  8D55 D4    lea edx,dword ptr ss:[ebp-2C]
007D6656          .  52          push edx
007D6657          .  8D45 D8    lea eax,dword ptr ss:[ebp-28]
007D665A          .  50          push eax
007D665B          .  6A 02       push 2
007D665D          .  FF15 58124000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStrList
007D6663          .  83C4 0C    add esp,0C
007D6666          .  C745 FC 5E000>mov dword ptr ss:[ebp-4],5E
007D666D          .  8B4D DC    mov ecx,dword ptr ss:[ebp-24]
007D6670          .  51          push ecx
007D6671          .  FF15 28104000 call dword ptr ds:[<&MSVBVM60.__vbaStrI4>;  MSVBVM60.__vbaStrI4
007D6677          .  8BD0       mov edx,eax
007D6679          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D667C          .  FF15 D8124000 call dword ptr ds:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
007D6682          .  50          push eax
007D6683          .  68 3C835100 push 搏彩王乐.0051833C                      ;  UNICODE "Sernum"
007D6688          .  68 30835100 push 搏彩王乐.00518330                      ;  UNICODE "Ini"
007D668D          .  68 1C835100 push 搏彩王乐.0051831C                      ;  UNICODE "BZBQMLT"
007D6692          .  FF15 14104000 call dword ptr ds:[<&MSVBVM60.#690>]    ;  MSVBVM60.rtcSaveSetting
007D6698          .  8D4D D8    lea ecx,dword ptr ss:[ebp-28]
007D669B          .  FF15 10134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
007D66A1          .  C745 FC 5F000>mov dword ptr ss:[ebp-4],5F
007D66A8          .  B9 04000280 mov ecx,80020004
007D66AD          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D66B0          .  B8 0A000000 mov eax,0A
007D66B5          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D66B8          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D66BB          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D66BE          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051BB7C
007D66C8          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D66CE          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D66D4          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D66D7          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D66DD          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D66DF          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BC04
007D66E9          .  899D BCFBFFFF mov dword ptr ss:[ebp-444],ebx
007D66EF          .  8D95 BCFBFFFF lea edx,dword ptr ss:[ebp-444]
007D66F5          .  8D4D BC    lea ecx,dword ptr ss:[ebp-44]
007D66F8          .  FFD6       call esi
007D66FA          .  8D55 8C    lea edx,dword ptr ss:[ebp-74]
007D66FD          .  52          push edx
007D66FE          .  8D45 9C    lea eax,dword ptr ss:[ebp-64]
007D6701          .  50          push eax
007D6702          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D6705          .  51          push ecx
007D6706          .  6A 00       push 0
007D6708          .  8D55 BC    lea edx,dword ptr ss:[ebp-44]
007D670B          .  52          push edx
007D670C          .  FF15 D0104000 call dword ptr ds:[<&MSVBVM60.#595>]    ;  MSVBVM60.rtcMsgBox
007D6712          .  8D45 8C    lea eax,dword ptr ss:[ebp-74]
007D6715          .  50          push eax
007D6716          .  8D4D 9C    lea ecx,dword ptr ss:[ebp-64]
007D6719          .  51          push ecx
007D671A          .  8D55 AC    lea edx,dword ptr ss:[ebp-54]
007D671D          .  52          push edx
007D671E          .  8D45 BC    lea eax,dword ptr ss:[ebp-44]
007D6721          .  50          push eax
007D6722          .  6A 04       push 4
007D6724          .  FF15 50104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;  MSVBVM60.__vbaFreeVarList
007D672A          .  83C4 14    add esp,14
007D672D          .  C745 FC 60000>mov dword ptr ss:[ebp-4],60
007D6734          .  8B0F       mov ecx,dword ptr ds:[edi]
007D6736          .  57          push edi
007D6737          .  FF91 00030000 call dword ptr ds:[ecx+300]
007D673D          .  50          push eax
007D673E          .  8D55 CC    lea edx,dword ptr ss:[ebp-34]
007D6741          .  52          push edx
007D6742          .  FF15 CC104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;  MSVBVM60.__vbaObjSet
007D6748          .  8BF0       mov esi,eax
007D674A          .  8B06       mov eax,dword ptr ds:[esi]
007D674C          .  83CF FF    or edi,FFFFFFFF
007D674F          .  57          push edi
007D6750          .  56          push esi
007D6751          .  FF90 94000000 call dword ptr ds:[eax+94]
007D6757          .  DBE2       fclex
007D6759          .  85C0       test eax,eax
007D675B          .  7D 12       jge short 搏彩王乐.007D676F
007D675D          .  68 94000000 push 94
007D6762          .  68 90B25100 push 搏彩王乐.0051B290
007D6767          .  56          push esi
007D6768          .  50          push eax
007D6769          .  FF15 8C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;  MSVBVM60.__vbaHresultCheckObj
007D676F          >  8D4D CC    lea ecx,dword ptr ss:[ebp-34]
007D6772          .  FF15 0C134000 call dword ptr ds:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
007D6778          .  C745 FC 61000>mov dword ptr ss:[ebp-4],61
007D677F          .  66:893D 5A69F>mov word ptr ds:[F4695A],di
007D6786          .  C745 FC 62000>mov dword ptr ss:[ebp-4],62
007D678D          .  66:893D 5C69F>mov word ptr ds:[F4695C],di
007D6794          .  C745 FC 63000>mov dword ptr ss:[ebp-4],63
007D679B          .  66:893D 5E69F>mov word ptr ds:[F4695E],di
007D67A2          .  C745 FC 64000>mov dword ptr ss:[ebp-4],64
007D67A9          .  66:893D 6069F>mov word ptr ds:[F46960],di
007D67B0          .^ E9 90E4FFFF jmp 搏彩王乐.007D4C45
007D67B5          >  C745 FC 65000>mov dword ptr ss:[ebp-4],65
007D67BC          .  B9 04000280 mov ecx,80020004
007D67C1          .  894D 94    mov dword ptr ss:[ebp-6C],ecx
007D67C4          .  B8 0A000000 mov eax,0A
007D67C9          .  8945 8C    mov dword ptr ss:[ebp-74],eax
007D67CC          .  894D A4    mov dword ptr ss:[ebp-5C],ecx
007D67CF          .  8945 9C    mov dword ptr ss:[ebp-64],eax
007D67D2          .  C785 B4FBFFFF>mov dword ptr ss:[ebp-44C],搏彩王乐.0051B6B8
007D67DC          .  899D ACFBFFFF mov dword ptr ss:[ebp-454],ebx
007D67E2          .  8D95 ACFBFFFF lea edx,dword ptr ss:[ebp-454]
007D67E8          .  8D4D AC    lea ecx,dword ptr ss:[ebp-54]
007D67EB          .  8B35 98124000 mov esi,dword ptr ds:[<&MSVBVM60.__vbaVa>;  MSVBVM60.__vbaVarDup
007D67F1          .  FFD6       call esi                               ;  <&MSVBVM60.__vbaVarDup>
007D67F3          .  C785 C4FBFFFF>mov dword ptr ss:[ebp-43C],搏彩王乐.0051BC2C

---------------------------------------------------------------------------------------
没劲，注册码还分这么多版本。

[课程]Linux pwn 探索篇！

收藏・0

免费・1

支持

最新回复 (5)
hyd009 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 143 粉丝 0 关注私信	hyd009 2 楼收藏写的很清楚 2004-12-4 01:16 0
pendan2001 雪币： 61 活跃值： (160) 能力值： ( LV9，RANK：170 ) 在线值：发帖 25 回帖 1180 粉丝 0 关注私信	pendan2001 4 3 楼不错，继续努力:D :D 2004-12-4 13:17 0
bxm 雪币： 461 活跃值： (93) 能力值： ( LV9，RANK：1170 ) 在线值：发帖 41 回帖 306 粉丝 1 关注私信	bxm 29 4 楼我是一只菜鸟,请问: 如何知道在007D5D53 处下断? 2005-11-20 18:59 0
itking 雪币： 236 活跃值： (46) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 91 粉丝 0 关注私信	itking 5 楼 so good 2005-11-20 23:25 0
hzhxiao 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 25 粉丝 0 关注私信	hzhxiao 6 楼已收藏写的很清楚,好! 2005-11-21 10:19 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

kyc

发帖

550

回帖

770

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (5)
hyd009 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 2 回帖 143 粉丝 0 关注私信	hyd009 2 楼收藏写的很清楚 2004-12-4 01:16 0
pendan2001 雪币： 61 活跃值： (160) 能力值： ( LV9，RANK：170 ) 在线值：发帖 25 回帖 1180 粉丝 0 关注私信	pendan2001 4 3 楼不错，继续努力:D :D 2004-12-4 13:17 0
bxm 雪币： 461 活跃值： (93) 能力值： ( LV9，RANK：1170 ) 在线值：发帖 41 回帖 306 粉丝 1 关注私信	bxm 29 4 楼我是一只菜鸟,请问: 如何知道在007D5D53 处下断? 2005-11-20 18:59 0
itking 雪币： 236 活跃值： (46) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 91 粉丝 0 关注私信	itking 5 楼 so good 2005-11-20 23:25 0
hzhxiao 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 25 粉丝 0 关注私信	hzhxiao 6 楼已收藏写的很清楚,好! 2005-11-21 10:19 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复