最新半仙 新华字典 破解过程
新手制作半仙 新华字典 破解过程
下载地址:http://www.fuzi.cn/rj/xhzd090315.exe
005459C4 .64:FF30 push dword ptr fs: 在这里下断点
005459C7 .64:8920 mov dword ptr fs:, esp
005459CA .8D95 A8FEFFFF lea edx, dword ptr
005459D0 .8B45 FC mov eax, dword ptr
005459D3 .8B80 1C050000 mov eax, dword ptr
005459D9 .E8 3E1CF0FF call 0044761C
005459DE .8B85 A8FEFFFF mov eax, dword ptr
005459E4 .50 push eax
005459E5 .8D95 A0FEFFFF lea edx, dword ptr
005459EB .8B45 FC mov eax, dword ptr
005459EE .8B80 14050000 mov eax, dword ptr
005459F4 .E8 231CF0FF call 0044761C
005459F9 .8B85 A0FEFFFF mov eax, dword ptr
005459FF .E8 F03DECFF call 004097F4
00545A04 .6BC0 13 imul eax, eax, 13
00545A07 .8D95 A4FEFFFF lea edx, dword ptr
00545A0D .E8 AAFEFFFF call 005458BC
00545A12 .8B95 A4FEFFFF mov edx, dword ptr
00545A18 .58 pop eax
00545A19 .E8 D6F5EBFF call 00404FF4 这里是真码和假码的对比可以在这里做内存注册机
00545A1E .0F85 14010000 jnz 00545B38这里是关键跳注册码正确不跳,不正确就跳到00545B38
00545A24 .BA 845B5400 mov edx, 00545B84 ;xhcz.d11
00545A29 .8D85 ACFEFFFF lea eax, dword ptr
00545A2F .E8 10D5EBFF call 00402F44
00545A34 .BA 01000000 mov edx, 1
00545A39 .8D85 ACFEFFFF lea eax, dword ptr
00545A3F .E8 B4DAEBFF call 004034F8
00545A44 .E8 33CFEBFF call 0040297C
00545A49 .33C0 xor eax, eax
00545A4B .55 push ebp
00545A4C .68 BE5A5400 push 00545ABE
00545A51 .64:FF30 push dword ptr fs:
00545A54 .64:8920 mov dword ptr fs:, esp
00545A57 .6A 00 push 0 ; /Arg1 = 00000000
00545A59 .8D55 FB lea edx, dword ptr ; |
00545A5C .B9 01000000 mov ecx, 1 ; |
00545A61 .8D85 ACFEFFFF lea eax, dword ptr ; |
00545A67 .E8 34D6EBFF call 004030A0 ; \xhzd_unp.004030A0
00545A6C .E8 0BCFEBFF call 0040297C
00545A71 .BA 88AD1000 mov edx, 10AD88
00545A76 .8D85 ACFEFFFF lea eax, dword ptr
00545A7C .E8 83DAEBFF call 00403504
00545A81 .E8 F6CEEBFF call 0040297C
00545A86 .6A 00 push 0 ; /Arg1 = 00000000
00545A88 .8D55 FB lea edx, dword ptr ; |
00545A8B .B9 01000000 mov ecx, 1 ; |
00545A90 .8D85 ACFEFFFF lea eax, dword ptr ; |
00545A96 .E8 05D6EBFF call 004030A0 ; \xhzd_unp.004030A0
00545A9B .E8 DCCEEBFF call 0040297C
00545AA0 .33C0 xor eax, eax
00545AA2 .5A pop edx
00545AA3 .59 pop ecx
00545AA4 .59 pop ecx
00545AA5 .64:8910 mov dword ptr fs:, edx
00545AA8 .68 C55A5400 push 00545AC5
00545AAD >8D85 ACFEFFFF lea eax, dword ptr
00545AB3 .E8 08D6EBFF call 004030C0
00545AB8 .E8 BFCEEBFF call 0040297C
00545ABD .C3 retn
00545ABE .^ E9 D9E9EBFF jmp 0040449C
00545AC3 .^ EB E8 jmp short 00545AAD
00545AC5 .B8 985B5400 mov eax, 00545B98 ;软件注册成功!
00545ACA .E8 35ADEFFF call 00440804
00545ACF .8B45 FC mov eax, dword ptr
00545AD2 .8B80 EC040000 mov eax, dword ptr
00545AD8 .BA B05B5400 mov edx, 00545BB0 ;软件已注册
00545ADD .E8 6A1BF0FF call 0044764C
00545AE2 .8B45 FC mov eax, dword ptr
00545AE5 .8B90 18040000 mov edx, dword ptr
00545AEB .8B45 FC mov eax, dword ptr
00545AEE .8B80 30040000 mov eax, dword ptr
00545AF4 .E8 23CBF8FF call 004D261C
00545AF9 .8B45 FC mov eax, dword ptr
00545AFC .8B80 30040000 mov eax, dword ptr
00545B02 .BA C45B5400 mov edx, 00545BC4 ;解释
00545B07 .E8 5CCBF8FF call 004D2668
00545B0C .8B45 FC mov eax, dword ptr
00545B0F .8B90 F0020000 mov edx, dword ptr
00545B15 .8B45 FC mov eax, dword ptr
00545B18 .8B80 74040000 mov eax, dword ptr
00545B1E .E8 1DCFF8FF call 004D2A40
00545B23 .8B45 FC mov eax, dword ptr
00545B26 .8B80 74040000 mov eax, dword ptr
00545B2C .BA D45B5400 mov edx, 00545BD4 ;content
00545B31 .E8 56CFF8FF call 004D2A8C
00545B36 .EB 0A jmp short 00545B42
00545B38 >B8 E45B5400 mov eax, 00545BE4 ;注册失败,请重试!\n\n注册用户重试失败请与作者联系!
00545B3D .E8 C2ACEFFF call 00440804
这是我的注册信息
验证码:911 注册码:74711667 壳貌似是BD的,, 学习,学习 新手测试,请别见笑
工具:PEiD waspack脱壳机 OD
PEiD v0.94(汉化版)查壳,用waspack脱壳机脱壳,OD载入脱壳后的程序,超级字符串参考+,“软件注册成功”跟随---地址为:00545AC5。“注册失败,请重试!\n\n注册用户重试失败请与作者联系!”跟随,汇编“MOV EAX,545BE4”改为“jmp 00545AC5"(跳转到注册成功的地址),另存文件,退出OD,打开存好的文件,随便输入验证码和注册码,确认注册,提示软件注册成功。完毕。初学者还没有达到追号的能力,不知道这样算不算注册成功. 这可确实是个非常实用的啊.谢谢提供. 看一下大家的发言,进来顺便问好! 学习一下了,感谢分享,顶起 现在新版已经改了,这种方法已经行不通了 是什么东西看看 谢谢分享啊
页:
[1]
2