帮忙破解一下 OD 会的帮一下
0040B1C4 /0F85 E8010000 JNZ flower.0040B3B2 ;不相等就制定位置0040B1CA . |A1 60F24400 MOV EAX,DWORD PTR DS:
0040B1CF . |68 54240000 PUSH 2454 ; /Arg2 = 00002454
0040B1D4 . |8DAE C4000000 LEA EBP,DWORD PTR DS: ; |
0040B1DA . |50 PUSH EAX ; |Arg1 => 00000000
0040B1DB . |8BCD MOV ECX,EBP ; |
0040B1DD . |E8 CE4A0000 CALL flower.0040FCB0 ; \flower.0040FCB0
0040B1E2 . |85C0 TEST EAX,EAX
0040B1E4 . |8986 F0000000 MOV DWORD PTR DS:,EAX
0040B1EA |75 1D JNZ SHORT flower.0040B209 ;不相等就指定位置
0040B1EC . |8B8E 14010000 MOV ECX,DWORD PTR DS:
0040B1F2 . |68 682C4400 PUSH flower.00442C68 ; /连接失败,无法认证!
0040B1F7 . |50 PUSH EAX ; |wParam
0040B1F8 . |68 81010000 PUSH 181 ; |Message = LB_INSERTSTRING
0040B1FD . |51 PUSH ECX ; |hWnd
0040B1FE . |FF15 14454300 CALL DWORD PTR DS:[<&USER32.SendMessageA>; \SendMessageA
0040B204 . |E9 6D030000 JMP flower.0040B576 ;无条件跳转
0040B209 > |E8 DC030200 CALL flower.0042B5EA
0040B20E . |8B10 MOV EDX,DWORD PTR DS:
0040B210 . |8BC8 MOV ECX,EAX
0040B212 . |FF52 0C CALL DWORD PTR DS:
0040B215 . |8D58 10 LEA EBX,DWORD PTR DS:
0040B218 . |895C24 14 MOV DWORD PTR SS:,EBX
0040B21C . |C78424 3C0100>MOV DWORD PTR SS:,0
0040B227 . |E8 BE030200 CALL flower.0042B5EA
0040B22C . |8B10 MOV EDX,DWORD PTR DS:
0040B22E . |8BC8 MOV ECX,EAX
0040B230 . |FF52 0C CALL DWORD PTR DS:
0040B233 . |83C0 10 ADD EAX,10
0040B236 . |894424 18 MOV DWORD PTR SS:,EAX
0040B23A . |6A 06 PUSH 6
0040B23C . |68 602C4400 PUSH flower.00442C60 ;请求号
0040B241 . |8D4C24 20 LEA ECX,DWORD PTR SS:
0040B245 . |C68424 440100>MOV BYTE PTR SS:,1
0040B24D . |E8 6E7BFFFF CALL flower.00402DC0
0040B252 . |8B7C24 18 MOV EDI,DWORD PTR SS:
0040B256 . |8B47 F4 MOV EAX,DWORD PTR DS:
0040B259 . |6A 03 PUSH 3
0040B25B . |50 PUSH EAX
0040B25C . |57 PUSH EDI
0040B25D . |8BCD MOV ECX,EBP
0040B25F . |E8 6C4B0000 CALL flower.0040FDD0
0040B264 . |85C0 TEST EAX,EAX
0040B266 |7F 69 JG SHORT flower.0040B2D1 ;若大于就跳
0040B268 . |8B86 14010000 MOV EAX,DWORD PTR DS:
0040B26E . |68 682C4400 PUSH flower.00442C68 ; /连接失败,无法认证!
0040B273 . |6A 00 PUSH 0 ; |wParam = 0
0040B275 . |68 81010000 PUSH 181 ; |Message = LB_INSERTSTRING
0040B27A . |50 PUSH EAX ; |hWnd
0040B27B . |FF15 14454300 CALL DWORD PTR DS:[<&USER32.SendMessageA>; \SendMessageA
0040B281 . |83C7 F0 ADD EDI,-10
0040B284 . |C68424 3C0100>MOV BYTE PTR SS:,0
0040B28C . |8D4F 0C LEA ECX,DWORD PTR DS:
0040B28F . |83CA FF OR EDX,FFFFFFFF
0040B292 . |F0:0FC111 LOCK XADD DWORD PTR DS:,EDX ;LOCK 前缀
0040B296 . |4A DEC EDX
0040B297 . |85D2 TEST EDX,EDX
0040B299 |7F 08 JG SHORT flower.0040B2A3 ;若大于就跳
0040B29B . |8B0F MOV ECX,DWORD PTR DS:
0040B29D . |8B01 MOV EAX,DWORD PTR DS:
0040B29F . |57 PUSH EDI
0040B2A0 . |FF50 04 CALL DWORD PTR DS:
0040B2A3 > |8D43 F0 LEA EAX,DWORD PTR DS:
0040B2A6 > |C78424 3C0100>MOV DWORD PTR SS:,-1
0040B2B1 . |8D48 0C LEA ECX,DWORD PTR DS:
0040B2B4 . |83CA FF OR EDX,FFFFFFFF
0040B2B7 . |F0:0FC111 LOCK XADD DWORD PTR DS:,EDX ;LOCK 前缀
0040B2BB . |4A DEC EDX
0040B2BC . |85D2 TEST EDX,EDX
0040B2BE |0F8F B2020000 JG flower.0040B576 ;若大于就跳
0040B2C4 . |8B08 MOV ECX,DWORD PTR DS:
0040B2C6 . |8B11 MOV EDX,DWORD PTR DS:
0040B2C8 . |50 PUSH EAX
0040B2C9 . |FF52 04 CALL DWORD PTR DS:
0040B2CC . |E9 A5020000 JMP flower.0040B576 ;无条件跳转
0040B2D1 > |6A 03 PUSH 3 ; /Arg3 = 00000003
0040B2D3 . |68 FF000000 PUSH 0FF ; |Arg2 = 000000FF
0040B2D8 . |8D4424 38 LEA EAX,DWORD PTR SS: ; |
0040B2DC . |50 PUSH EAX ; |Arg1
0040B2DD . |8BCD MOV ECX,EBP ; |
0040B2DF . |E8 CC470000 CALL flower.0040FAB0 ; \flower.0040FAB0
0040B2E4 . |85C0 TEST EAX,EAX
0040B2E6 . |0F8E 91000000 JLE flower.0040B37D ;JL若小于就跳
0040B2EC . |8D4C24 30 LEA ECX,DWORD PTR SS:
0040B2F0 . |51 PUSH ECX
0040B2F1 . |8D4C24 18 LEA ECX,DWORD PTR SS:
0040B2F5 . |C64404 34 00MOV BYTE PTR SS:,0
0040B2FA . |E8 918FFFFF CALL flower.00404290
0040B2FF . |6A 06 PUSH 6
0040B301 . |8D5424 14 LEA EDX,DWORD PTR SS:
0040B305 . |52 PUSH EDX
0040B306 . |8D4C24 1C LEA ECX,DWORD PTR SS:
0040B30A . |E8 017DFFFF CALL flower.00403010
0040B30F . |8B00 MOV EAX,DWORD PTR DS:
0040B311 . |68 582C4400 PUSH flower.00442C58 ;通过了
0040B316 . |50 PUSH EAX
0040B317 . |E8 44E90000 CALL flower.00419C60
0040B31C . |8BD8 MOV EBX,EAX
0040B31E . |8B4424 18 MOV EAX,DWORD PTR SS:
0040B322 . |83C4 08 ADD ESP,8
0040B325 . |F7DB NEG EBX
0040B327 . |1ADB SBB BL,BL
0040B329 . |83C0 F0 ADD EAX,-10
0040B32C . |FEC3 INC BL
0040B32E . |8D48 0C LEA ECX,DWORD PTR DS:
0040B331 . |83CA FF OR EDX,FFFFFFFF
0040B334 . |F0:0FC111 LOCK XADD DWORD PTR DS:,EDX ;LOCK 前缀
0040B338 . |4A DEC EDX
0040B339 . |85D2 TEST EDX,EDX
0040B33B |7F 08 JG SHORT flower.0040B345 ;若大于就跳
0040B33D . |8B08 MOV ECX,DWORD PTR DS:
0040B33F . |8B11 MOV EDX,DWORD PTR DS:
0040B341 . |50 PUSH EAX
0040B342 . |FF52 04 CALL DWORD PTR DS:
0040B345 > |84DB TEST BL,BL
0040B347 . |74 34 JE SHORT flower.0040B37D ;相等于就跳转
0040B349 . |68 342C4400 PUSH flower.00442C34 ;认证已经通过.请再点锁定钮锁定窗口
0040B34E . |6A 00 PUSH 0
0040B350 . |8D8E F8000000 LEA ECX,DWORD PTR DS:
0040B356 . |C705 F0F14400>MOV DWORD PTR DS:,1
0040B360 . |E8 7B63FFFF CALL flower.004016E0
0040B365 . |68 2C2C4400 PUSH flower.00442C2C ;锁定
0040B36A . |68 ED030000 PUSH 3ED
0040B36F . |8BCE MOV ECX,ESI
0040B371 . |E8 52F90100 CALL flower.0042ACC8
0040B376 . |8BC8 MOV ECX,EAX
0040B378 . |E8 FAF90100 CALL flower.0042AD77
0040B37D > |8BCD MOV ECX,EBP
0040B37F . |E8 6C460000 CALL flower.0040F9F0
0040B384 . |83C7 F0 ADD EDI,-10
0040B387 . |C68424 3C0100>MOV BYTE PTR SS:,0
0040B38F . |8D47 0C LEA EAX,DWORD PTR DS:
0040B392 . |83C9 FF OR ECX,FFFFFFFF
0040B395 . |F0:0FC108 LOCK XADD DWORD PTR DS:,ECX ;LOCK 前缀
0040B399 . |49 DEC ECX
0040B39A . |85C9 TEST ECX,ECX
0040B39C . |7F 08 JG SHORT flower.0040B3A6
0040B39E . |8B0F MOV ECX,DWORD PTR DS:
0040B3A0 . |8B11 MOV EDX,DWORD PTR DS:
0040B3A2 . |57 PUSH EDI
0040B3A3 . |FF52 04 CALL DWORD PTR DS:
0040B3A6 > |8B4424 14 MOV EAX,DWORD PTR SS:
0040B3AA . |83C0 F0 ADD EAX,-10
0040B3AD .^|E9 F4FEFFFF JMP flower.0040B2A6
0040B3B2 > \6A 00 PUSH 0 ; /Title = NULL
如何跳过认证失败直接显示认证通过显示锁定
[ 本帖最后由 inux 于 2008-11-5 21:46 编辑 ]
页:
[1]