ini文件验证问题
bp GetPrivateProfileStringA下断后,很多地方在读取config.ini文件中的内容,包括ZCM注册码,gbds-ywzy-sf2007是机器码。不知哪个是关键,请大侠指点,谢谢。008D2E2F 55 push ebp
008D2E30 68 98458D00 push AAAAAA?008D4598
008D2E35 64:FF30 push dword ptr fs:
008D2E38 64:8920 mov dword ptr fs:,esp
008D2E3B 8D45 BC lea eax,dword ptr ss:
008D2E3E E8 F928B3FF call AAAAAA?0040573C
008D2E43 8D45 B8 lea eax,dword ptr ss:
008D2E46 E8 F128B3FF call AAAAAA?0040573C
008D2E4B 8D45 B4 lea eax,dword ptr ss:
008D2E4E E8 E928B3FF call AAAAAA?0040573C
008D2E53 8D45 B0 lea eax,dword ptr ss:
008D2E56 E8 E128B3FF call AAAAAA?0040573C
008D2E5B 8D95 78FFFFFF lea edx,dword ptr ss:
008D2E61 33C0 xor eax,eax
008D2E63 E8 6001B3FF call AAAAAA?00402FC8
008D2E68 8B85 78FFFFFF mov eax,dword ptr ss:
008D2E6E 8D95 7CFFFFFF lea edx,dword ptr ss:
008D2E74 E8 A794B3FF call AAAAAA?0040C320
008D2E79 8D85 7CFFFFFF lea eax,dword ptr ss:
008D2E7F BA B4458D00 mov edx,AAAAAA?008D45B4 ; config.ini
008D2E84 E8 A72BB3FF call AAAAAA?00405A30
008D2E89 8B8D 7CFFFFFF mov ecx,dword ptr ss:
008D2E8F B2 01 mov dl,1
008D2E91 A1 4C144500 mov eax,dword ptr ds:
008D2E96 E8 61E6B7FF call AAAAAA?004514FC
008D2E9B 8945 A8 mov dword ptr ss:,eax
008D2E9E 6A 00 push 0
008D2EA0 8D85 74FFFFFF lea eax,dword ptr ss:
008D2EA6 50 push eax
008D2EA7 B9 C8458D00 mov ecx,AAAAAA?008D45C8 ; zcm
008D2EAC BA D4458D00 mov edx,AAAAAA?008D45D4 ; 设置
008D2EB1 8B45 A8 mov eax,dword ptr ss:
008D2EB4 8B18 mov ebx,dword ptr ds:
008D2EB6 FF13 call dword ptr ds:
008D2EB8 8B85 74FFFFFF mov eax,dword ptr ss:
008D2EBE 50 push eax
008D2EBF E8 DC2FF4FF call AAAAAA?00815EA0
008D2EC4 8BD0 mov edx,eax
008D2EC6 8D85 68FFFFFF lea eax,dword ptr ss:
008D2ECC E8 732AB3FF call AAAAAA?00405944
008D2ED1 8B85 68FFFFFF mov eax,dword ptr ss:
008D2ED7 8D95 6CFFFFFF lea edx,dword ptr ss:
008D2EDD E8 8E83B3FF call AAAAAA?0040B270
008D2EE2 FFB5 6CFFFFFF push dword ptr ss:
008D2EE8 68 E4458D00 push AAAAAA?008D45E4 ; -
008D2EED 68 F0458D00 push AAAAAA?008D45F0 ; gbds
008D2EF2 8D85 64FFFFFF lea eax,dword ptr ss:
008D2EF8 50 push eax
008D2EF9 B9 00468D00 mov ecx,AAAAAA?008D4600 ; ywzy
008D2EFE BA D4458D00 mov edx,AAAAAA?008D45D4 ; 设置
008D2F03 8B45 A8 mov eax,dword ptr ss:
008D2F06 8B18 mov ebx,dword ptr ds:
008D2F08 FF13 call dword ptr ds:
008D2F0A FFB5 64FFFFFF push dword ptr ss:
008D2F10 68 10468D00 push AAAAAA?008D4610 ; sf2007
008D2F15 8D85 70FFFFFF lea eax,dword ptr ss:
008D2F1B BA 04000000 mov edx,4
008D2F20 E8 C32BB3FF call AAAAAA?00405AE8
008D2F25 8B85 70FFFFFF mov eax,dword ptr ss:
008D2F2B 5A pop edx
008D2F2C E8 D7AFF4FF call AAAAAA?0081DF08
008D2F31 8B15 48D79400 mov edx,dword ptr ds: ; AAAAAA?00955135
008D2F37 8802 mov byte ptr ds:,al
008D2F39 A1 04D99400 mov eax,dword ptr ds:
008D2F3E 8B00 mov eax,dword ptr ds:
008D2F40 8B80 FC020000 mov eax,dword ptr ds:
008D2F46 E8 DD73C4FF call AAAAAA?0051A328
008D2F4B 8B45 FC mov eax,dword ptr ss:
008D2F4E 8B80 1C030000 mov eax,dword ptr ds:
008D2F54 8B80 6C020000 mov eax,dword ptr ds:
008D2F5A 8B55 FC mov edx,dword ptr ss:
008D2F5D 3B82 88030000 cmp eax,dword ptr ds:
008D2F63 75 26 jnz short AAAAAA?008D2F8B
008D2F65 8D45 AC lea eax,dword ptr ss:
008D2F68 BA 20468D00 mov edx,AAAAAA?008D4620 ; tabsheet15
008D2F6D E8 6228B3FF call AAAAAA?004057D4
008D2F72 8D45 C4 lea eax,dword ptr ss:
008D2F75 BA 34468D00 mov edx,AAAAAA?008D4634 ; 项目总表
008D2F7A E8 5528B3FF call AAAAAA?004057D4
008D2F7F 8B45 FC mov eax,dword ptr ss:
008D2F82 8B80 8C030000 mov eax,dword ptr ds:
008D2F88 8945 A4 mov dword ptr ss:,eax
008D2F8B 8B45 FC mov eax,dword ptr ss:
008D2F8E 8B80 1C030000 mov eax,dword ptr ds:
008D2F94 8B80 6C020000 mov eax,dword ptr ds:
008D2F9A 8B55 FC mov edx,dword ptr ss:
008D2F9D 3B82 20030000 cmp eax,dword ptr ds:
008D2FA3 75 26 jnz short AAAAAA?008D2FCB
008D2FA5 8D45 AC lea eax,dword ptr ss:
008D2FA8 BA 20468D00 mov edx,AAAAAA?008D4620 ; tabsheet15
008D2FAD E8 2228B3FF call AAAAAA?004057D4
008D2FB2 8D45 C4 lea eax,dword ptr ss:
008D2FB5 BA 48468D00 mov edx,AAAAAA?008D4648 ; 项目明细
008D2FBA E8 1528B3FF call AAAAAA?004057D4
008D2FBF 8B45 FC mov eax,dword ptr ss:
008D2FC2 8B80 28030000 mov eax,dword ptr ds:
008D2FC8 8945 A4 mov dword ptr ss:,eax
008D2FCB 8B45 FC mov eax,dword ptr ss:
008D2FCE 8B80 1C030000 mov eax,dword ptr ds:
008D2FD4 8B80 6C020000 mov eax,dword ptr ds:
008D2FDA 8B55 FC mov edx,dword ptr ss:
008D2FDD 3B82 24030000 cmp eax,dword ptr ds:
008D2FE3 75 26 jnz short AAAAAA?008D300B
008D2FE5 8D45 AC lea eax,dword ptr ss:
008D2FE8 BA 5C468D00 mov edx,AAAAAA?008D465C ; b5hz
008D2FED E8 E227B3FF call AAAAAA?004057D4
008D2FF2 8D45 C4 lea eax,dword ptr ss:
008D2FF5 BA 6C468D00 mov edx,AAAAAA?008D466C ; 表五汇总
008D2FFA E8 D527B3FF call AAAAAA?004057D4
008D2FFF 8B45 FC mov eax,dword ptr ss:
008D3002 8B80 5C030000 mov eax,dword ptr ds:
008D3008 8945 A4 mov dword ptr ss:,eax
008D300B 8D95 58FFFFFF lea edx,dword ptr ss:
008D3011 33C0 xor eax,eax
008D3013 E8 B0FFB2FF call AAAAAA?00402FC8
008D3018 8B85 58FFFFFF mov eax,dword ptr ss:
008D301E 8D95 5CFFFFFF lea edx,dword ptr ss:
008D3024 E8 F792B3FF call AAAAAA?0040C320
008D3029 FFB5 5CFFFFFF push dword ptr ss:
008D302F 68 80468D00 push AAAAAA?008D4680 ; report\
008D3034 FF75 AC push dword ptr ss:
008D3037 68 90468D00 push AAAAAA?008D4690 ; .txt
008D303C 8D85 60FFFFFF lea eax,dword ptr ss:
008D3042 BA 04000000 mov edx,4
008D3047 E8 9C2AB3FF call AAAAAA?00405AE8
008D304C 8B85 60FFFFFF mov eax,dword ptr ss:
008D3052 E8 0D8FB3FF call AAAAAA?0040BF64
008D3057 84C0 test al,al
008D3059 0F84 BB000000 je AAAAAA?008D311A
008D305F 8D95 4CFFFFFF lea edx,dword ptr ss:
008D3065 33C0 xor eax,eax
008D3067 E8 5CFFB2FF call AAAAAA?00402FC8
008D306C 8B85 4CFFFFFF mov eax,dword ptr ss:
008D3072 8D95 50FFFFFF lea edx,dword ptr ss:
008D3078 E8 A392B3FF call AAAAAA?0040C320
008D307D FFB5 50FFFFFF push dword ptr ss:
008D3083 68 80468D00 push AAAAAA?008D4680 ; report\
008D3088 FF75 AC push dword ptr ss:
008D308B 68 90468D00 push AAAAAA?008D4690 ; .txt
008D3090 8D85 54FFFFFF lea eax,dword ptr ss:
008D3096 BA 04000000 mov edx,4
008D309B E8 482AB3FF call AAAAAA?00405AE8
008D30A0 8B95 54FFFFFF mov edx,dword ptr ss:
008D30A6 A1 04D99400 mov eax,dword ptr ds:
008D30AB 8B00 mov eax,dword ptr ds:
008D30AD 8B80 FC020000 mov eax,dword ptr ds:
008D30B3 E8 6C82C4FF call AAAAAA?0051B324
008D30B8 A1 04D99400 mov eax,dword ptr ds:
008D30BD 8B00 mov eax,dword ptr ds:
008D30BF 8B80 FC020000 mov eax,dword ptr ds:
008D30C5 E8 0627C3FF call AAAAAA?005057D0
008D30CA 48 dec eax
008D30CB 85C0 test eax,eax 说实话,我没看出来/:L 把 读出的注册码项 下个访问断点追踪 下载地址:
http://www.rayfile.com/files/75b775ae-213e-11df-88f6-0015c55db73d/
高手们看看
[ 本帖最后由 longtop 于 2010-3-9 21:53 编辑 ]
页:
[1]