EZ Screen Recorder V3.17破文
【破文标题】EZ Screen Recorder V3.17破文【破文作者】tianxj
【作者邮箱】
【作者主页】无
【破解工具】PEiD,OD
【破解平台】Windows XP
【软件名称】EZ Screen Recorder V3.17(2007-06-23版)
【软件大小】596 KB
【原版下载】天空软件站
【保护方式】注册码
【软件简介】是一款简单易用的屏幕视频记录软件。它可以记录屏幕上发生的一切活动并以标准的avi视频格式输出。用户可以自定义捕捉范围,包括全屏幕,窗口,固定区域等。用户还可以利用麦克风或外接音源在视频捕捉中加入音频。
【破解声明】我是一只小菜鸟,偶得一点心得,愿与大家分享:)
--------------------------------------------------------------------------------
【破解内容】
--------------------------------------------------------------------------------
**************************************************************
一、运行程序,进行注册,输入错误的注册信息进行检测,有提示信息"wrong serial number"
**************************************************************
二、用PEiD对这个软件查壳,无壳,为 Microsoft Visual C++ 6.0编写
**************************************************************
三、运行OD,打开Recorder,右键—超级字串参考—查找ASCII.
找到“wrong serial number”了,双击,来到
0040896A .50 PUSH EAX
★★★★★★在此下断后,F9运行,输入假的注册信息,程序在此停下来,F8单步
0040896B .68 1F040000 PUSH 41F
00408970 .C74424 1C 000>MOV DWORD PTR SS:,0
00408978 .E8 0BDF0000 CALL <JMP.&MFC42.#3092_?GetDlgItem@CWnd@>
0040897D .8BC8 MOV ECX,EAX
0040897F .E8 FEDE0000 CALL <JMP.&MFC42.#3874_?GetWindowTextA@C>
00408984 .51 PUSH ECX
00408985 .8D5424 08 LEA EDX,DWORD PTR SS:
00408989 .8BCC MOV ECX,ESP
0040898B .896424 0C MOV DWORD PTR SS:,ESP
0040898F .52 PUSH EDX
00408990 .E8 47DF0000 CALL <JMP.&MFC42.#535_??0CString@@QAE@AB>
00408995 .E8 96DC0000 CALL Recorder.00416630
★★★★★★关键CALL,F7跟进
0040899A .83C4 04 ADD ESP,4
0040899D .84C0 TEST AL,AL
0040899F .6A 30 PUSH 30 ; /Style = MB_OK|MB_ICONEXCLAMATION|MB_APPLMODAL
004089A1 .68 40F64100 PUSH Recorder.0041F640 ; |Title = "Note"
004089A6 .74 25 JE SHORT Recorder.004089CD ; |
★★★★★★关键跳转
004089A8 .68 E4F84100 PUSH Recorder.0041F8E4 ; |Text = "Succeed! Thank you very much for using our software."
004089AD .6A 00 PUSH 0 ; |hOwner = NULL
004089AF .FF15 1C974100 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; \MessageBoxA
004089B5 .8D4424 04 LEA EAX,DWORD PTR SS:
004089B9 .B9 200F4200 MOV ECX,Recorder.00420F20
004089BE .50 PUSH EAX
004089BF .E8 FADE0000 CALL <JMP.&MFC42.#858_??4CString@@QAEABV>
004089C4 .8BCE MOV ECX,ESI
004089C6 .E8 ABDE0000 CALL <JMP.&MFC42.#4853_?OnOK@CDialog@@MA>
004089CB .EB 0D JMP SHORT Recorder.004089DA
004089CD >68 D0F84100 PUSH Recorder.0041F8D0 ; |wrong serial number
★★★★★★错误提示在这里出现了,向上看
004089D2 .6A 00 PUSH 0 ; |hOwner = NULL
004089D4 .FF15 1C974100 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; \MessageBoxA
004089DA >8D4C24 04 LEA ECX,DWORD PTR SS:
004089DE .C74424 14 FFF>MOV DWORD PTR SS:,-1
004089E6 .E8 91DE0000 CALL <JMP.&MFC42.#800_??1CString@@QAE@XZ>
004089EB .8B4C24 0C MOV ECX,DWORD PTR SS:
004089EF .5E POP ESI
004089F0 .64:890D 00000>MOV DWORD PTR FS:,ECX
004089F7 .83C4 14 ADD ESP,14
004089FA .C3 RETN
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
跟进00408995,来到
00416630/$64:A1 0000000>MOV EAX,DWORD PTR FS:
00416636|.6A FF PUSH -1
00416638|.68 28884100 PUSH Recorder.00418828
0041663D|.50 PUSH EAX
0041663E|.64:8925 00000>MOV DWORD PTR FS:,ESP
00416645|.53 PUSH EBX
00416646|.56 PUSH ESI
00416647|.8B4424 18 MOV EAX,DWORD PTR SS:
★★★★★★将假注册码送入EAX
0041664B|.BE 64094200 MOV ESI,Recorder.00420964 ;fkeu430-mtdh3377-78w2-87dca-qetr47n
★★★★★★将真注册fkeu430-mtdh3377-78w2-87dca-qetr47n送入ESI
00416650|>8A10 /MOV DL,BYTE PTR DS:
★★★★★★将假注册码逐一送入DL
00416652|.8A1E |MOV BL,BYTE PTR DS:
★★★★★★将真注册码逐一送入BL
00416654|.8ACA |MOV CL,DL
00416656|.3AD3 |CMP DL,BL
★★★★★★将真假注册码单个对比
00416658|.75 1E |JNZ SHORT Recorder.00416678
★★★★★★不相等则跳转
0041665A|.84C9 |TEST CL,CL
0041665C|.74 16 |JE SHORT Recorder.00416674
0041665E|.8A50 01 |MOV DL,BYTE PTR DS:
00416661|.8A5E 01 |MOV BL,BYTE PTR DS:
00416664|.8ACA |MOV CL,DL
00416666|.3AD3 |CMP DL,BL
00416668|.75 0E |JNZ SHORT Recorder.00416678
0041666A|.83C0 02 |ADD EAX,2
0041666D|.83C6 02 |ADD ESI,2
00416670|.84C9 |TEST CL,CL
00416672|.^ 75 DC \JNZ SHORT Recorder.00416650
★★★★★★循环对比
00416674|>33C0 XOR EAX,EAX
00416676|.EB 05 JMP SHORT Recorder.0041667D
00416678|>1BC0 SBB EAX,EAX
0041667A|.83D8 FF SBB EAX,-1
0041667D|>85C0 TEST EAX,EAX
0041667F|.C74424 10 FFF>MOV DWORD PTR SS:,-1
00416687|.8D4C24 18 LEA ECX,DWORD PTR SS:
0041668B|.75 18 JNZ SHORT Recorder.004166A5
0041668D|.E8 EA010000 CALL <JMP.&MFC42.#800_??1CString@@QAE@XZ>
00416692|.B0 01 MOV AL,1
00416694|.8B4C24 08 MOV ECX,DWORD PTR SS:
00416698|.64:890D 00000>MOV DWORD PTR FS:,ECX
0041669F|.5E POP ESI
004166A0|.5B POP EBX
004166A1|.83C4 0C ADD ESP,0C
004166A4|.C3 RETN
004166A5|>E8 D2010000 CALL <JMP.&MFC42.#800_??1CString@@QAE@XZ>
004166AA|.8B4C24 08 MOV ECX,DWORD PTR SS:
004166AE|.5E POP ESI
004166AF|.32C0 XOR AL,AL
004166B1|.64:890D 00000>MOV DWORD PTR FS:,ECX
004166B8|.5B POP EBX
004166B9|.83C4 0C ADD ESP,0C
004166BC\.C3 RETN
--------------------------------------------------------------------------------
【破解总结】
固定注册码:fkeu430-mtdh3377-78w2-87dca-qetr47n
--------------------------------------------------------------------------------
希望以后可以在猫老大和PYG 5.4Cracker学习小组的帮助下进一步提高自己。
感谢飘云老大、猫老大以及很多前辈们的学习教程以及所有帮助过我的论坛兄弟姐妹们!谢谢
--------------------------------------------------------------------------------
【版权声明】本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! 支持一下,下载试看看 再接再厉!加油 不懂算法,看不懂,希望以后能在这里多多学习`顶下了
回复 4# 的帖子
/:014 这些不是什么算法了 固定注册码而已:loveliness:
页:
[1]