找不到关键跳与关键的CALL
我在破解先知起名大师 2009已下了注册事件断点但找不到关键跳与关键CALL,谁指点一下我,谢谢!05DC49D/> /55 push ebp
005DC49E|. |8DAC24 64FEFF>lea ebp, dword ptr
005DC4A5|. |81EC 1C020000 sub esp, 21C
005DC4AB|. |A1 40EA6100 mov eax, dword ptr
005DC4B0|. |53 push ebx
005DC4B1|. |56 push esi
005DC4B2|. |57 push edi
005DC4B3|. |8BF1 mov esi, ecx
005DC4B5|. |33FF xor edi, edi
005DC4B7|. |57 push edi
005DC4B8|. |8985 98010000 mov dword ptr , eax
005DC4BE|. |8975 84 mov dword ptr , esi
005DC4C1|. |E8 D8B4F6FF call 0054799E
005DC4C6|. |8D45 8C lea eax, dword ptr
005DC4C9|. |50 push eax
005DC4CA|. |57 push edi
005DC4CB|. |E8 D5B3F6FF call 005478A5
005DC4D0|. |8BD8 mov ebx, eax
005DC4D2|. |3B5D 8C cmp ebx, dword ptr
005DC4D5|. |895D 80 mov dword ptr , ebx
005DC4D8|. |74 09 je short 005DC4E3
005DC4DA|. |6A 01 push 1 ; /Enable = TRUE
005DC4DC|. |53 push ebx ; |hWnd
005DC4DD|. |FF15 08165400 call dword ptr [<&USER32.EnableWindow>; \EnableWindow
005DC4E3|> |85DB test ebx, ebx
005DC4E5|. |74 18 je short 005DC4FF
005DC4E7 >|. |6A 00 push 0 ; /lParam = 0
005DC4E9|. |6A 00 push 0 ; |wParam = 0
005DC4EB|. |68 76030000 push 376 ; |Message = MSG(376)
005DC4F0|. |53 push ebx ; |hWnd
005DC4F1|. |FF15 A8155400 call dword ptr [<&USER32.SendMessageW>; \SendMessageW
005DC4F7|. |85C0 test eax, eax
005DC4F9|. |74 04 je short 005DC4FF
005DC4FB|. |8BF8 mov edi, eax
005DC4FD|. |EB 07 jmp short 005DC506
005DC4FF|> |85F6 test esi, esi
005DC501|. |74 03 je short 005DC506
005DC503|. |8D7E 78 lea edi, dword ptr
005DC506|> |8365 88 00 and dword ptr , 0
005DC50A|. |85FF test edi, edi
005DC50C|. |74 16 je short 005DC524
005DC50E|. |8B07 mov eax, dword ptr
005DC510|. |8945 88 mov dword ptr , eax
005DC513|. |8B85 AC010000 mov eax, dword ptr
005DC519|. |85C0 test eax, eax
005DC51B|. |74 07 je short 005DC524
005DC51D|. |05 00000300 add eax, 30000
005DC522|. |8907 mov dword ptr , eax
005DC524|> |F685 A8010000>test byte ptr , 0F0
005DC52B|. |75 1F jnz short 005DC54C
005DC52D|. |8B85 A8010000 mov eax, dword ptr
005DC533|. |83E0 0F and eax, 0F
005DC536|. |83F8 01 cmp eax, 1
005DC539|. |76 0A jbe short 005DC545
005DC53B|. |83F8 02 cmp eax, 2
005DC53E|. |76 0C jbe short 005DC54C
005DC540|. |83F8 04 cmp eax, 4
005DC543|. |77 07 ja short 005DC54C
005DC545|> |838D A8010000>or dword ptr , 30
005DC54C|> |66:8365 90 00 and word ptr , 0
005DC551|. |85F6 test esi, esi
005DC553|. |74 05 je short 005DC55A ;
005DC555|. |8B5E 50 mov ebx, dword ptr
005DC558|. |EB 23 jmp short 005DC57D
005DC55A|> |8D5D 90 lea ebx, dword ptr
005DC55D|. |BE 04010000 mov esi, 104
005DC562|. |56 push esi ; /BufSize => 104 (260.)
005DC563|. |8BC3 mov eax, ebx ; |
005DC565|. |50 push eax ; |PathBuffer
005DC566|. |6A 00 push 0 ; |hModule = NULL
005DC568|. |FF15 28125400 call dword ptr [<&KERNEL32.GetModuleF>; \GetModuleFileNameW
005DC56E|. |3BC6 cmp eax, esi
005DC570|. |8B75 84 mov esi, dword ptr
005DC573|. |75 08 jnz short 005DC57D
005DC575|. |66:83A5 96010>and word ptr , 0
005DC57D|> |FFB5 A8010000 push dword ptr ; /Style
005DC583|. |53 push ebx ; |Title
005DC584|. |FFB5 A4010000 push dword ptr ; |Text
005DC58A|. |FF75 80 push dword ptr ; |hOwner
005DC58D|. |FF15 28165400 call dword ptr [<&USER32.MessageBoxW>>; \注册出错提示
005DC593|. |85FF test edi, edi
005DC595|. |8BD8 mov ebx, eax
005DC597|. |74 05 je short 005DC59E
005DC599|. |8B45 88 mov eax, dword ptr
005DC59C|. |8907 mov dword ptr , eax
005DC59E|> |837D 8C 00 cmp dword ptr , 0
005DC5A2|. |74 0B je short 005DC5AF
005DC5A4|. |6A 01 push 1 ; /Enable = TRUE
005DC5A6|. |FF75 8C push dword ptr ; |hWnd
005DC5A9|. |FF15 08165400 call dword ptr [<&USER32.EnableWindow>; \EnableWindow
005DC5AF|> |6A 01 push 1
005DC5B1|. |8BCE mov ecx, esi
005DC5B3|. |E8 E6B3F6FF call 0054799E
005DC5B8|. |8B8D 98010000 mov ecx, dword ptr
005DC5BE|. |5F pop edi
005DC5BF|. |5E pop esi
005DC5C0|. |8BC3 mov eax, ebx
005DC5C2|. |5B pop ebx
005DC5C3|. |E8 EDDAF7FF call 0055A0B5
005DC5C8|. |81C5 9C010000 add ebp, 19C
005DC5CE|. |C9 leave
005DC5CF|. |C2 0C00 retn 0C
005DC5D2|$ |55 push ebp
005DC5D3|. |8BEC mov ebp, esp
005DC5D5|. |E8 587AF8FF call 00564032
005DC5DA|. |8B40 04 mov eax, dword ptr
005DC5DD|. |85C0 test eax, eax
005DC5DF|. |74 0B je short 005DC5EC
005DC5E1|. |8B10 mov edx, dword ptr
005DC5E3|. |8BC8 mov ecx, eax
005DC5E5|. |5D pop ebp
005DC5E6|. |FFA2 A0000000 jmp dword ptr
005DC5EC|> |33C9 xor ecx, ecx
005DC5EE|. |5D pop ebp
005DC5EF\.^\E9 A9FEFFFF jmp 005DC49D
005DC5F4/$B8 049C6000 mov eax, 00609C04
005DC5F9|.E8 52DCF7FF call 0055A250
005DC5FE|.51 push ecx
005DC5FF|.E8 3F85F8FF call 00564B43
005DC604|.8B10 mov edx, dword ptr
005DC606|.8BC8 mov ecx, eax
005DC608|.FF52 0C call dword ptr
005DC60B|.83C0 10 add eax, 10
005DC60E|.8945 F0 mov dword ptr , eax
005DC611|.FF75 08 push dword ptr
005DC614|.8365 FC 00 and dword ptr , 0
005DC618|.8D4D F0 lea ecx, dword ptr
005DC61B|.E8 435CF7FF call 00552263
005DC620|.8B45 10 mov eax, dword ptr
005DC623|.83F8 FF cmp eax, -1
005DC626|.75 03 jnz short 005DC62B
005DC628|.8B45 08 mov eax, dword ptr
005DC62B|>56 push esi
005DC62C|.8B75 F0 mov esi, dword ptr
005DC62F|.57 push edi
005DC630|.50 push eax
005DC631|.FF75 0C push dword ptr
005DC634|.56 push esi
005DC635|.E8 98FFFFFF call 005DC5D2
005DC63A|.8D4E F0 lea ecx, dword ptr
005DC63D|.8BF8 mov edi, eax
005DC63F|.E8 3A85F8FF call 00564B7E
005DC644|.8B4D F4 mov ecx, dword ptr
005DC647|.8BC7 mov eax, edi
005DC649|.5F pop edi
005DC64A|.5E pop esi
005DC64B|.64:890D 00000>mov dword ptr fs:, ecx
005DC652|.C9 leave
005DC653\.C2 0C00 retn 0C
软件下载地址在华军:http://www.newhua.com/soft/79200.htm
是不是注册正确与否都会由同一个窗口跳出提示信息。还有提示错误了,为什么程序还往下走 005DC568|. |FF15 28125400 call dword ptr [<&KERNEL32.GetModuleF>; \GetModuleFileNameW 这应该是一个关键CALL,应该跟进去。
005DC56E|. |3BC6 cmp eax, esi 看一下这2个的值
005DC570|. |8B75 84 mov esi, dword ptr
005DC573|. |75 08 jnz short 005DC57D 跳向错误
005DC575|. |66:83A5 96010>and word ptr , 0
005DC57D|> |FFB5 A8010000 push dword ptr ; /Style
005DC583|. |53 push ebx ; |Title
005DC584|. |FFB5 A4010000 push dword ptr ; |Text
005DC58A|. |FF75 80 push dword ptr ; |hOwner
005DC58D|. |FF15 28165400 call dword ptr [<&USER32.MessageBoxW>>; \注册出错提示
005DC593|. |85FF test edi, edi 原帖由 老海 于 2009-3-28 20:09 发表 https://www.chinapyg.com/images/common/back.gif
005DC568|. |FF15 28125400 call dword ptr [; \GetModuleFileNameW 这应该是一个关键CALL,应该跟进去。
005DC56E|. |3BC6 cmp eax, esi 看一下这2个的值
005DC570|. |8B75 84 ...
我把eax与 esi改成了一样,结果提示注册长度不对 最好是能实际调试才知道 这个软件看的头晕,给你个注册码吧
QMUOSLIJAKU58GEQ5AS99JDQXXS32VJ2RHZS
但貌似用的人多了,会失效,呵呵,够绝的/:014 同意海老兄的观点,楼主多跟跟/:014 ::004054F5::68 2C144100 PUSH 41142C \->: 注册成功!谢谢!祝你好运!
::004067F0::68 DC174100 PUSH 4117DC \->: 点此进行正版注册,正版有更多信息
::004054EA::68 48144100 PUSH 411448 \->: 注册码长度不对,请仔细核对
::0040550B::68 14144100 PUSH 411414 \:BYJMP JmpBy:004054F3, \->: 注册失败!请仔细核对
我是小菜,不小心找到了,剩下的交给楼主了:loveliness:
页:
[1]