如何追delphi程序的注册码?
菜鸟学破解,一个加ASPack 2.12 -> Alexey Solodovnikov壳的软件,脱壳后发现是Borland Delphi 6.0 - 7.0写的,有自校验,弄了两天,去掉了自校验,再用DEDE找到了注册验证关键CALL,但总是追不到真码,有可能有些程序根本就追不到真码吗?追delphi程序注册码下什么断?下面附一些代码,运行程序点注册,断下来后,按ALT+F9 ,就到了如下代码段.请高手们指点:
0051D8E0 $55 PUSH EBP
0051D8E1 .8BEC MOV EBP,ESP
0051D8E3 .B9 07000000 MOV ECX,7
0051D8E8 >6A 00 PUSH 0
0051D8EA .6A 00 PUSH 0
0051D8EC .49 DEC ECX
0051D8ED .^ 75 F9 JNZ SHORT unpack12.0051D8E8
0051D8EF .53 PUSH EBX
0051D8F0 .56 PUSH ESI
0051D8F1 .57 PUSH EDI
0051D8F2 .8BD8 MOV EBX,EAX
0051D8F4 .33C0 XOR EAX,EAX
0051D8F6 .55 PUSH EBP
0051D8F7 .68 E2DA5100 PUSH unpack12.0051DAE2
0051D8FC .64:FF30 PUSH DWORD PTR FS:
0051D8FF .64:8920 MOV DWORD PTR FS:,ESP
0051D902 .C645 FF 00 MOV BYTE PTR SS:,0
0051D906 .8D55 E4 LEA EDX,DWORD PTR SS:
0051D909 .33C0 XOR EAX,EAX
0051D90B .E8 2452EEFF CALL unpack12.00402B34
0051D910 .8B45 E4 MOV EAX,DWORD PTR SS:
0051D913 .8D55 E8 LEA EDX,DWORD PTR SS:
0051D916 .E8 99C1EEFF CALL unpack12.00409AB4
0051D91B .FF75 E8 PUSH DWORD PTR SS:
0051D91E .8D55 DC LEA EDX,DWORD PTR SS:
0051D921 .33C0 XOR EAX,EAX
0051D923 .E8 0C52EEFF CALL unpack12.00402B34
0051D928 .8B45 DC MOV EAX,DWORD PTR SS:
0051D92B .8D55 E0 LEA EDX,DWORD PTR SS:
0051D92E .E8 2DFEFFFF CALL unpack12.0051D760
0051D933 .FF75 E0 PUSH DWORD PTR SS:
0051D936 .68 FCDA5100 PUSH unpack12.0051DAFC ;ASCII ".ini"
0051D93B .8D45 F4 LEA EAX,DWORD PTR SS:
0051D93E .BA 03000000 MOV EDX,3 这个"ini"实在弄不懂,到程序目录里也
0051D943 .E8 A874EEFF CALL unpack12.00404DF0 找不到,首先以为是用来装注册信息的
0051D948 .80BB A6010000>CMP BYTE PTR DS:,0
0051D94F .0F85 95000000 JNZ unpack12.0051D9EA
0051D955 .8B45 F4 MOV EAX,DWORD PTR SS:
0051D958 .E8 D3BFEEFF CALL unpack12.00409930
0051D95D .84C0 TEST AL,AL
0051D95F .0F84 38010000 JE unpack12.0051DA9D
0051D965 .B2 01 MOV DL,1
0051D967 .A1 BCB94100 MOV EAX,DWORD PTR DS:
0051D96C .E8 6B62EEFF CALL unpack12.00403BDC
0051D971 .8945 EC MOV DWORD PTR SS:,EAX
0051D974 .8B55 F4 MOV EDX,DWORD PTR SS:
0051D977 .8B45 EC MOV EAX,DWORD PTR SS:
0051D97A .8B08 MOV ECX,DWORD PTR DS:
0051D97C .FF51 68 CALL DWORD PTR DS:
0051D97F .8B45 EC MOV EAX,DWORD PTR SS:
0051D982 .8B10 MOV EDX,DWORD PTR DS:
0051D984 .FF52 14 CALL DWORD PTR DS:
0051D987 .8BF0 MOV ESI,EAX
0051D989 .4E DEC ESI
0051D98A .85F6 TEST ESI,ESI
0051D98C .0F8C 0B010000 JL unpack12.0051DA9D
0051D992 .46 INC ESI
0051D993 .C745 F8 00000>MOV DWORD PTR SS:,0
0051D99A >8D4D F0 LEA ECX,DWORD PTR SS:
0051D99D .8B55 F8 MOV EDX,DWORD PTR SS:
0051D9A0 .8B45 EC MOV EAX,DWORD PTR SS:
0051D9A3 .8B38 MOV EDI,DWORD PTR DS:
0051D9A5 .FF57 0C CALL DWORD PTR DS:
0051D9A8 .8D55 D8 LEA EDX,DWORD PTR SS:
0051D9AB .8B83 F4020000 MOV EAX,DWORD PTR DS:
0051D9B1 .E8 F6F3F2FF CALL unpack12.0044CDAC
0051D9B6 .8B45 D8 MOV EAX,DWORD PTR SS:
0051D9B9 .50 PUSH EAX
0051D9BA .8D4D D4 LEA ECX,DWORD PTR SS:
0051D9BD .8B83 10030000 MOV EAX,DWORD PTR DS:
0051D9C3 .8B55 F0 MOV EDX,DWORD PTR SS:
0051D9C6 .E8 91FAFFFF CALL unpack12.0051D45C
0051D9CB .8B55 D4 MOV EDX,DWORD PTR SS:
0051D9CE .58 POP EAX
0051D9CF .E8 A074EEFF CALL unpack12.00404E74
0051D9D4 .75 09 JNZ SHORT unpack12.0051D9DF
0051D9D6 .C645 FF 01 MOV BYTE PTR SS:,1
0051D9DA .E9 BE000000 JMP unpack12.0051DA9D
0051D9DF >FF45 F8 INC DWORD PTR SS:
0051D9E2 .4E DEC ESI
0051D9E3 .^ 75 B5 JNZ SHORT unpack12.0051D99A
0051D9E5 .E9 B3000000 JMP unpack12.0051DA9D
0051D9EA >8D55 D0 LEA EDX,DWORD PTR SS:
0051D9ED .8B83 FC020000 MOV EAX,DWORD PTR DS:
0051D9F3 .E8 B4F3F2FF CALL unpack12.0044CDAC
0051D9F8 .8B55 D0 MOV EDX,DWORD PTR SS:
0051D9FB .8D4D F0 LEA ECX,DWORD PTR SS:
0051D9FE .8B83 10030000 MOV EAX,DWORD PTR DS:
0051DA04 .E8 53FAFFFF CALL unpack12.0051D45C
0051DA09 .8D55 CC LEA EDX,DWORD PTR SS:
0051DA0C .8B83 F4020000 MOV EAX,DWORD PTR DS:
0051DA12 .E8 95F3F2FF CALL unpack12.0044CDAC
0051DA17 .8B45 CC MOV EAX,DWORD PTR SS:
0051DA1A .8B55 F0 MOV EDX,DWORD PTR SS:
0051DA1D .E8 5274EEFF CALL unpack12.00404E74
0051DA22 .75 79 JNZ SHORT unpack12.0051DA9D
0051DA24 .C645 FF 01 MOV BYTE PTR SS:,1
0051DA28 .33C0 XOR EAX,EAX
0051DA2A .55 PUSH EBP
0051DA2B .68 96DA5100 PUSH unpack12.0051DA96
0051DA30 .64:FF30 PUSH DWORD PTR FS:
0051DA33 .64:8920 MOV DWORD PTR FS:,ESP
0051DA36 .B2 01 MOV DL,1
0051DA38 .A1 BCB94100 MOV EAX,DWORD PTR DS:
0051DA3D .E8 9A61EEFF CALL unpack12.00403BDC
0051DA42 .8945 EC MOV DWORD PTR SS:,EAX
0051DA45 .8B45 F4 MOV EAX,DWORD PTR SS:
0051DA48 .E8 E3BEEEFF CALL unpack12.00409930
0051DA4D .84C0 TEST AL,AL
0051DA4F .74 0B JE SHORT unpack12.0051DA5C
0051DA51 .8B55 F4 MOV EDX,DWORD PTR SS:
0051DA54 .8B45 EC MOV EAX,DWORD PTR SS:
0051DA57 .8B08 MOV ECX,DWORD PTR DS:
0051DA59 .FF51 68 CALL DWORD PTR DS:
0051DA5C >8D55 C8 LEA EDX,DWORD PTR SS:
0051DA5F .8B83 FC020000 MOV EAX,DWORD PTR DS:
0051DA65 .E8 42F3F2FF CALL unpack12.0044CDAC
0051DA6A .8B55 C8 MOV EDX,DWORD PTR SS:
0051DA6D .8B45 EC MOV EAX,DWORD PTR SS:
0051DA70 .8B08 MOV ECX,DWORD PTR DS:
0051DA72 .FF51 38 CALL DWORD PTR DS:
0051DA75 .8B55 F4 MOV EDX,DWORD PTR SS:
0051DA78 .8B45 EC MOV EAX,DWORD PTR SS:
0051DA7B .8B08 MOV ECX,DWORD PTR DS:
0051DA7D .FF51 74 CALL DWORD PTR DS:
0051DA80 .33C0 XOR EAX,EAX
0051DA82 .5A POP EDX
0051DA83 .59 POP ECX
0051DA84 .59 POP ECX
0051DA85 .64:8910 MOV DWORD PTR FS:,EDX
0051DA88 .68 9DDA5100 PUSH unpack12.0051DA9D
0051DA8D >8B45 EC MOV EAX,DWORD PTR SS:
0051DA90 .E8 7761EEFF CALL unpack12.00403C0C
0051DA95 .C3 RETN
0051DA96 .^ E9 0569EEFF JMP unpack12.004043A0
0051DA9B .^ EB F0 JMP SHORT unpack12.0051DA8D
0051DA9D >33C0 XOR EAX,EAX
0051DA9F .5A POP EDX
0051DAA0 .59 POP ECX
0051DAA1 .59 POP ECX
0051DAA2 .64:8910 MOV DWORD PTR FS:,EDX
0051DAA5 .68 E9DA5100 PUSH unpack12.0051DAE9
0051DAAA >8D45 C8 LEA EAX,DWORD PTR SS:
0051DAAD .BA 03000000 MOV EDX,3
0051DAB2 .E8 E56FEEFF CALL unpack12.00404A9C
0051DAB7 .8D45 D4 LEA EAX,DWORD PTR SS:
0051DABA .E8 B96FEEFF CALL unpack12.00404A78
0051DABF .8D45 D8 LEA EAX,DWORD PTR SS:
0051DAC2 .E8 B16FEEFF CALL unpack12.00404A78
0051DAC7 .8D45 DC LEA EAX,DWORD PTR SS:
0051DACA .BA 04000000 MOV EDX,4
0051DACF .E8 C86FEEFF CALL unpack12.00404A9C
0051DAD4 .8D45 F0 LEA EAX,DWORD PTR SS:
0051DAD7 .BA 02000000 MOV EDX,2
0051DADC .E8 BB6FEEFF CALL unpack12.00404A9C
0051DAE1 .C3 RETN
0051DAE2 .^ E9 B968EEFF JMP unpack12.004043A0
0051DAE7 .^ EB C1 JMP SHORT unpack12.0051DAAA
0051DAE9 .8A45 FF MOV AL,BYTE PTR SS:
0051DAEC .5F POP EDI
0051DAED .5E POP ESI
0051DAEE .5B POP EBX
0051DAEF .8BE5 MOV ESP,EBP
0051DAF1 .5D POP EBP
0051DAF2 .C3 RETN鸟
[ 本帖最后由 洞庭风 于 2008-4-17 23:17 编辑 ] 发个地址大家一起看看啊! 填了才有ini吧. 支持洞庭风老兄!!!
页:
[1]