请问高手们,打印功能被限制如果破解?
最近在学破解在破一个软件,软件下载地址如下:http://www.etosoft.com/down/software/HRN.exe
这个软件未注册时有不能导出(已解决)和不能打印的限制,我弄了半天都没半天头绪,有谁能指点一下迷堻吗,不胜感激! 简单看了下,下面的是不是打印的代码啊!!!
这个网络版好像需要狗的,启动的时候读驱动了(推测)。:loveliness:00439A20 6A FF push -1
00439A22 68 B1455B00 push 005B45B1
00439A27 64:A1 00000000mov eax, dword ptr fs:
00439A2D 50 push eax
00439A2E 64:8925 0000000>mov dword ptr fs:, esp
00439A35 81EC 34010000 sub esp, 134
00439A3B 53 push ebx
00439A3C 55 push ebp
00439A3D 56 push esi
00439A3E 57 push edi
00439A3F 33DB xor ebx, ebx
00439A41 53 push ebx
00439A42 68 01001400 push 140001
00439A47 8BE9 mov ebp, ecx
00439A49 53 push ebx
00439A4A 8D4C24 50 lea ecx, dword ptr
00439A4E E8 0D511700 call <jmp.&MFC71.#508_CPrintDialog::CPrintDialog>
00439A53 33C0 xor eax, eax
00439A55 B9 10000000 mov ecx, 10
00439A5A 8DBC24 00010000 lea edi, dword ptr
00439A61 F3:AB rep stos dword ptr es:
00439A63 899C24 4C010000 mov dword ptr , ebx
00439A6A 66:AB stos word ptr es:
00439A6C E8 E7461700 call <jmp.&MFC71.#1084_AfxGetModuleState>
00439A71 8B40 04 mov eax, dword ptr
00439A74 8D8C24 00010000 lea ecx, dword ptr
00439A7B 51 push ecx
00439A7C 8BC8 mov ecx, eax
00439A7E E8 F7481700 call <jmp.&MFC71.#3105_CWinApp::GetPrinterDeviceDefaults>
00439A83 8B9424 08010000 mov edx, dword ptr
00439A8A 52 push edx
00439A8B FF15 88F15D00 call dword ptr [<&kernel32.GlobalLock>] ; kernel32.GlobalLock
00439A91 8B95 C4000000 mov edx, dword ptr
00439A97 8BF0 mov esi, eax
00439A99 8D4424 14 lea eax, dword ptr
00439A9D 50 push eax
00439A9E 8B85 C0000000 mov eax, dword ptr
00439AA4 8D4C24 14 lea ecx, dword ptr
00439AA8 51 push ecx
00439AA9 52 push edx
00439AAA 50 push eax
00439AAB 8BCD mov ecx, ebp
00439AAD 895C24 20 mov dword ptr , ebx
00439AB1 895C24 24 mov dword ptr , ebx
00439AB5 E8 B67AFFFF call 00431570
00439ABA BF 01000000 mov edi, 1
00439ABF 3BC7 cmp eax, edi
00439AC1 75 14 jnz short 00439AD7
00439AC3 66:8B4C24 10 mov cx, word ptr
00439AC8 66:8B5424 14 mov dx, word ptr
00439ACD 66:894E 2E mov word ptr , cx
00439AD1 66:8956 2C mov word ptr , dx
00439AD5 EB 28 jmp short 00439AFF
00439AD7 66:C746 2E 0001 mov word ptr , 100
00439ADD 66:897E 2C mov word ptr , di
00439AE1 66:8B85 C000000>mov ax, word ptr
00439AE8 66:6BC0 0A imul ax, ax, 0A
00439AEC 66:8946 30 mov word ptr , ax
00439AF0 66:8B8D C400000>mov cx, word ptr
00439AF7 66:6BC9 0A imul cx, cx, 0A
00439AFB 66:894E 32 mov word ptr , cx
00439AFF 8B9424 08010000 mov edx, dword ptr
00439B06 52 push edx
00439B07 FF15 8CF15D00 call dword ptr [<&kernel32.GlobalUnlock>] ; kernel32.GlobalUnlock
00439B0D 8B8424 B8000000 mov eax, dword ptr
00439B14 8970 08 mov dword ptr , esi
00439B17 66:8B8D EC02000>mov cx, word ptr
00439B1E 8B9424 B8000000 mov edx, dword ptr
00439B25 66:894A 20 mov word ptr , cx
00439B29 66:8B85 D800000>mov ax, word ptr
00439B30 8B8C24 B8000000 mov ecx, dword ptr
00439B37 66:8941 1E mov word ptr , ax
00439B3B 8B9424 B8000000 mov edx, dword ptr
00439B42 66:897A 1C mov word ptr , di
00439B46 66:8B85 E402000>mov ax, word ptr
00439B4D 8B8C24 B8000000 mov ecx, dword ptr
00439B54 66:8941 18 mov word ptr , ax
00439B58 66:8B95 E802000>mov dx, word ptr
00439B5F 8B8424 B8000000 mov eax, dword ptr
00439B66 8D4C24 44 lea ecx, dword ptr
00439B6A 66:8950 1A mov word ptr , dx
00439B6E E8 E74F1700 call <jmp.&MFC71.#2034_CPrintDialog::DoModal>
00439B73 3BC7 cmp eax, edi
00439B75 0F85 F3020000 jnz 00439E6E
00439B7B 8B8C24 B8000000 mov ecx, dword ptr
00439B82 0FB751 20 movzx edx, word ptr
00439B86 8995 EC020000 mov dword ptr , edx
00439B8C 8B51 14 mov edx, dword ptr
00439B8F 8BC2 mov eax, edx
00439B91 D1E8 shr eax, 1
00439B93 23C7 and eax, edi
00439B95 75 1B jnz short 00439BB2
00439B97 F6C2 01 test dl, 1
00439B9A 75 16 jnz short 00439BB2
00439B9C 0FB741 1C movzx eax, word ptr
00439BA0 8985 E4020000 mov dword ptr , eax
00439BA6 0FB751 1E movzx edx, word ptr
00439BAA 8995 E8020000 mov dword ptr , edx
00439BB0 EB 36 jmp short 00439BE8
00439BB2 3BC3 cmp eax, ebx
00439BB4 74 27 je short 00439BDD
00439BB6 0FB741 18 movzx eax, word ptr
00439BBA 8985 E4020000 mov dword ptr , eax
00439BC0 F641 14 02 test byte ptr , 2
00439BC4 74 0C je short 00439BD2
00439BC6 0FB741 1A movzx eax, word ptr
00439BCA 8985 E8020000 mov dword ptr , eax
00439BD0 EB 16 jmp short 00439BE8
00439BD2 83C8 FF or eax, FFFFFFFF
00439BD5 8985 E8020000 mov dword ptr , eax
00439BDB EB 0B jmp short 00439BE8
00439BDD F6C2 01 test dl, 1
00439BE0 74 06 je short 00439BE8
00439BE2 89BD F0020000 mov dword ptr , edi
00439BE8 8B71 10 mov esi, dword ptr
00439BEB 3BF3 cmp esi, ebx
00439BED 75 25 jnz short 00439C14
00439BEF 8BCD mov ecx, ebp
00439BF1 E8 9AACFFFF call 00434890
00439BF6 8BF0 mov esi, eax
00439BF8 3BF3 cmp esi, ebx
00439BFA 75 18 jnz short 00439C14
00439BFC 6A 10 push 10
00439BFE 68 CC305F00 push 005F30CC ; 错误
00439C03 68 B8305F00 push 005F30B8 ; 打印机初始化失败!
00439C08 8BCD mov ecx, ebp
00439C0A E8 D94B1700 call <jmp.&MFC71.#4104_CWnd::MessageBoxA>
00439C0F E9 5A020000 jmp 00439E6E
00439C14 8D4C24 1C lea ecx, dword ptr
00439C18 E8 BD471700 call <jmp.&MFC71.#347_CDC::CDC>
00439C1D 56 push esi
00439C1E 8D4C24 20 lea ecx, dword ptr
00439C22 C68424 50010000>mov byte ptr , 1
00439C2A E8 5D471700 call <jmp.&MFC71.#1279_CDC::Attach>
00439C2F 395D 74 cmp dword ptr , ebx
00439C32 6A 08 push 8
00439C34 8D75 78 lea esi, dword ptr
00439C37 89BD 84000000 mov dword ptr , edi
00439C3D 0F84 42010000 je 00439D85
00439C43 8B8D DC000000 mov ecx, dword ptr
00439C49 8B95 D8000000 mov edx, dword ptr
00439C4F 8B85 E4020000 mov eax, dword ptr
00439C55 898D 80000000 mov dword ptr , ecx
00439C5B 8B8D E8020000 mov ecx, dword ptr
00439C61 8916 mov dword ptr , edx
00439C63 8B95 EC020000 mov edx, dword ptr
00439C69 8985 90000000 mov dword ptr , eax
00439C6F 8B85 F0020000 mov eax, dword ptr
00439C75 898D 94000000 mov dword ptr , ecx
00439C7B 8D4C24 20 lea ecx, dword ptr
00439C7F 8995 98000000 mov dword ptr , edx
00439C85 8985 9C000000 mov dword ptr , eax
00439C8B E8 D44A1700 call <jmp.&MFC71.#5888_CDC::SetMapMode>
00439C90 68 58020000 push 258
00439C95 68 20030000 push 320
00439C9A 8D4C24 1C lea ecx, dword ptr
00439C9E 51 push ecx
00439C9F 8D4C24 28 lea ecx, dword ptr
00439CA3 E8 9E4A1700 call <jmp.&MFC71.#6060_CDC::SetWindowExt>
00439CA8 8B5424 24 mov edx, dword ptr
00439CAC 8B3D 98F05D00 mov edi, dword ptr [<&GDI32.GetDeviceCaps>] ; GDI32.GetDeviceCaps
00439CB2 6A 58 push 58
00439CB4 52 push edx
00439CB5 FFD7 call edi
00439CB7 894424 10 mov dword ptr , eax
00439CBB 8B4424 24 mov eax, dword ptr
00439CBF 6A 5A push 5A
00439CC1 50 push eax
00439CC2 FFD7 call edi
00439CC4 894424 14 mov dword ptr , eax
00439CC8 DB4424 14 fild dword ptr
00439CCC DC0D B0305F00 fmul qword ptr
00439CD2 E8 61541700 call 005AF138
00439CD7 DB4424 10 fild dword ptr
00439CDB 50 push eax
00439CDC DC0D A8305F00 fmul qword ptr
00439CE2 E8 51541700 call 005AF138
00439CE7 50 push eax
00439CE8 8D4C24 1C lea ecx, dword ptr
00439CEC 51 push ecx
00439CED 8D4C24 28 lea ecx, dword ptr
00439CF1 E8 5C4A1700 call <jmp.&MFC71.#6054_CDC::SetViewportExt>
00439CF6 895C24 30 mov dword ptr , ebx
00439CFA C74424 2C A40A5>mov dword ptr , 005E0AA4
00439D02 68 FFFFFF00 push 0FFFFFF
00439D07 C68424 50010000>mov byte ptr , 2
00439D0F FF15 D0F05D00 call dword ptr [<&GDI32.CreateSolidBrush>] ; GDI32.CreateSolidBrush
00439D15 50 push eax
00439D16 8D4C24 30 lea ecx, dword ptr
00439D1A E8 31461700 call <jmp.&MFC71.#1280_CGdiObject::Attach>
00439D1F 8B85 BC000000 mov eax, dword ptr
00439D25 8B8D B8000000 mov ecx, dword ptr
00439D2B 8B5424 30 mov edx, dword ptr
00439D2F 894424 40 mov dword ptr , eax
00439D33 52 push edx
00439D34 8D4424 38 lea eax, dword ptr
00439D38 894C24 40 mov dword ptr , ecx
00439D3C 8B4C24 24 mov ecx, dword ptr
00439D40 50 push eax
00439D41 51 push ecx
00439D42 895C24 40 mov dword ptr , ebx
00439D46 895C24 44 mov dword ptr , ebx
00439D4A FF15 E0FF5D00 call dword ptr [<&USER32.FillRect>] ; USER32.FillRect
00439D50 83EC 28 sub esp, 28
00439D53 8D5424 44 lea edx, dword ptr
00439D57 8BFC mov edi, esp
00439D59 B9 0A000000 mov ecx, 0A
00439D5E 52 push edx
00439D5F F3:A5 rep movs dword ptr es:, dword ptr
00439D61 FF55 74 call dword ptr
00439D64 83C4 2C add esp, 2C
00439D67 8D4C24 2C lea ecx, dword ptr
00439D6B C68424 4C010000>mov byte ptr , 1
00439D73 C74424 2C 900A5>mov dword ptr , 005E0A90
00439D7B E8 34451700 call <jmp.&MFC71.#1934_CGdiObject::DeleteObject>
00439D80 E9 C0000000 jmp 00439E45
00439D85 8B8D D8000000 mov ecx, dword ptr
00439D8B 8B85 DC000000 mov eax, dword ptr
00439D91 8B95 E4020000 mov edx, dword ptr
00439D97 890E mov dword ptr , ecx
00439D99 8B8D EC020000 mov ecx, dword ptr
00439D9F 8985 80000000 mov dword ptr , eax
00439DA5 8B85 E8020000 mov eax, dword ptr
00439DAB 8995 90000000 mov dword ptr , edx
00439DB1 8B95 F0020000 mov edx, dword ptr
00439DB7 898D 98000000 mov dword ptr , ecx
00439DBD 8D4C24 20 lea ecx, dword ptr
00439DC1 8985 94000000 mov dword ptr , eax
00439DC7 8995 9C000000 mov dword ptr , edx
00439DCD E8 92491700 call <jmp.&MFC71.#5888_CDC::SetMapMode>
00439DD2 68 58020000 push 258
00439DD7 68 20030000 push 320
00439DDC 8D4424 34 lea eax, dword ptr
00439DE0 50 push eax
00439DE1 8D4C24 28 lea ecx, dword ptr
00439DE5 E8 5C491700 call <jmp.&MFC71.#6060_CDC::SetWindowExt>
00439DEA 8B4C24 24 mov ecx, dword ptr
00439DEE 8B3D 98F05D00 mov edi, dword ptr [<&GDI32.GetDeviceCaps>] ; GDI32.GetDeviceCaps
00439DF4 6A 58 push 58
00439DF6 51 push ecx
00439DF7 FFD7 call edi
00439DF9 8B5424 24 mov edx, dword ptr
00439DFD 6A 5A push 5A
00439DFF 52 push edx
00439E00 894424 18 mov dword ptr , eax
00439E04 FFD7 call edi
00439E06 894424 14 mov dword ptr , eax
00439E0A DB4424 14 fild dword ptr
00439E0E DC0D B0305F00 fmul qword ptr
00439E14 E8 1F531700 call 005AF138
00439E19 DB4424 10 fild dword ptr
00439E1D 50 push eax
00439E1E DC0D A8305F00 fmul qword ptr
00439E24 E8 0F531700 call 005AF138
00439E29 50 push eax
00439E2A 8D4424 34 lea eax, dword ptr
00439E2E 50 push eax
00439E2F 8D4C24 28 lea ecx, dword ptr
00439E33 E8 1A491700 call <jmp.&MFC71.#6054_CDC::SetViewportExt>
00439E38 56 push esi
00439E39 8D4C24 20 lea ecx, dword ptr
00439E3D 51 push ecx
00439E3E 8BCD mov ecx, ebp
00439E40 E8 DBF8FFFF call 00439720
00439E45 8D4C24 1C lea ecx, dword ptr
00439E49 E8 C24B1700 call <jmp.&MFC71.#1929_CDC::DeleteDC>
00439E4E 8D4C24 1C lea ecx, dword ptr
00439E52 899D F0020000 mov dword ptr , ebx
00439E58 C785 EC020000 0>mov dword ptr , 1
00439E62 889C24 4C010000 mov byte ptr , bl
00439E69 E8 66451700 call <jmp.&MFC71.#602_CDC::~CDC>
00439E6E 8D4C24 44 lea ecx, dword ptr
00439E72 C78424 4C010000>mov dword ptr , -1
00439E7D E8 54431700 call <jmp.&MFC71.#605_CDialog::~CDialog>
00439E82 8B8C24 44010000 mov ecx, dword ptr
00439E89 5F pop edi
00439E8A 5E pop esi
00439E8B 5D pop ebp
00439E8C 64:890D 0000000>mov dword ptr fs:, ecx
00439E93 5B pop ebx
00439E94 81C4 40010000 add esp, 140
00439E9A C3 retn 高手啊有狗你都敢上 多次标志位而已:loveliness:
打印可以打印,导出无反应,是我安装EXCEL2000的问题吗,请高手指点!
[ 本帖最后由 zykissyan 于 2008-6-5 18:24 编辑 ]
页:
[1]