-
-
菜鸟也玩.net(WinXP总管)
-
发表于:
2004-12-28 21:38
6795
-
菜鸟也玩.net(WinXP总管)
算法部分未完成
目标:WinXP总管
OS:win2000+sp4 ,.net 平台(那个单词太长不会写)
工具:OllyDbg Reflector V 4.12 5
目的:今天发现WinXP总管支持2000了所以...........
下面开始:
运行程序输入用户名:winroot
输入注册码:78787878
程序会提示你,重新启动他自己。
打开注册表:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Yanicsoft]
[HKEY_CURRENT_USER\Software\Yanicsoft\WinXP Manager]
"CreateSR"="True"
"Date"="78787878"
"Name"="winroot"
112B46FE >- FF25 00200011 JMP DWORD PTR DS:[<&mscoree._CorExeMain>>; mscoree._CorExeMain
112B4704 0000 ADD BYTE PTR DS:[EAX],AL
112B4706 0000 ADD BYTE PTR DS:[EAX],AL
0012F584 00ADA795 /CALL to RegQueryValueExW from 00ADA792
0012F588 0000031C |hKey = 31C
0012F58C 00C38884 |ValueName = "Date"
0012F590 00000000 |Reserved = NULL
0012F594 0012F5FC |pValueType = 0012F5FC
0012F598 00000000 |Buffer = NULL
0012F59C 0012F5F8 \pBufSize = 0012F5F8
Date出现两次才读注册码继续运行
0012F060 791BD0F8 /CALL to RegQueryValueExW from mscorwks.791BD0F2
0012F064 0000017C |hKey = 17C
0012F068 7933AD00 |ValueName = "Name"
0012F06C 00000000 |Reserved = NULL
0012F070 0012F0CC |pValueType = 0012F0CC
0012F074 00000000 |Buffer = NULL
0012F078 0012F0E0 \pBufSize = 0012F0E0
Name出现两次
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!