一个字节干掉DTMM4.2<接着来!>
【文章标题】: 一个字节干掉DTMM4.2【文章作者】: JJDG
【软件名称】: DTMM4.2
【软件大小】: 1594K
【下载地址】: http://www.polyhedron.com/dtmm/setuplimited.exe
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
DTMM是一个简单易用的3维分子模型显示、编辑与构建程序,可以以各种模式显示3维分子,并能进行编辑。
今天上网的时候居然发现这个软件版本更新了,所以想看看它的保护是否也做了相应调整,于是down下来,
在安装的时候会要求填入相应的信息(我乱填的!^_^),否则就无法继续,装完一运行,弹出对话框:your license file for dtmm is invalid!然后程序自己就挂了!
PEID显示无壳!
打开OD载入,查找字符串,在“your license file for dtmm is invalid”上面双击来到下面:
004EC75E 833D F8365000>CMP DWORD PTR DS:,0 <----在这里改!就改一个字节!将CMP改为AND即可!
004EC765|.0F85 E2000000 JNZ DTMM.004EC84D
004EC76B|.8B06 MOV EAX,DWORD PTR DS:
004EC76D|.E8 0260FAFF CALL DTMM.00492774
004EC772|.8B06 MOV EAX,DWORD PTR DS:
004EC774|.BA B8C84E00 MOV EDX,DTMM.004EC8B8 ;desktop molecular modeller
004EC779|.E8 EE5BFAFF CALL DTMM.0049236C
004EC77E|.A1 90F44E00 MOV EAX,DWORD PTR DS:
004EC783|.C600 00 MOV BYTE PTR DS:,0
004EC786|.8B0D 64F24E00 MOV ECX,DWORD PTR DS: ;DTMM.005036B0
004EC78C|.8B06 MOV EAX,DWORD PTR DS:
004EC78E|.8B15 88714D00 MOV EDX,DWORD PTR DS: ;DTMM.004D71D4
004EC794|.E8 F35FFAFF CALL DTMM.0049278C
004EC799|.8B0D 64EF4E00 MOV ECX,DWORD PTR DS: ;DTMM.004F2144
004EC79F|.8B06 MOV EAX,DWORD PTR DS:
004EC7A1|.8B15 88FC4B00 MOV EDX,DWORD PTR DS: ;DTMM.004BFCD4
004EC7A7|.E8 E05FFAFF CALL DTMM.0049278C
004EC7AC|.8B0D F0F34E00 MOV ECX,DWORD PTR DS: ;DTMM.004F215C
004EC7B2|.8B06 MOV EAX,DWORD PTR DS:
004EC7B4|.8B15 0C2D4C00 MOV EDX,DWORD PTR DS: ;DTMM.004C2D58
004EC7BA|.E8 CD5FFAFF CALL DTMM.0049278C
004EC7BF|.8B0D A4F34E00 MOV ECX,DWORD PTR DS: ;DTMM.004F2164
004EC7C5|.8B06 MOV EAX,DWORD PTR DS:
004EC7C7|.8B15 503C4C00 MOV EDX,DWORD PTR DS: ;DTMM.004C3C9C
004EC7CD|.E8 BA5FFAFF CALL DTMM.0049278C
004EC7D2|.8B0D 08F54E00 MOV ECX,DWORD PTR DS: ;DTMM.004F21A0
004EC7D8|.8B06 MOV EAX,DWORD PTR DS:
004EC7DA|.8B15 34294D00 MOV EDX,DWORD PTR DS: ;DTMM.004D2980
004EC7E0|.E8 A75FFAFF CALL DTMM.0049278C
004EC7E5|.8B0D F0F14E00 MOV ECX,DWORD PTR DS: ;DTMM.004F216C
004EC7EB|.8B06 MOV EAX,DWORD PTR DS:
004EC7ED|.8B15 E8424C00 MOV EDX,DWORD PTR DS: ;DTMM.004C4334
004EC7F3|.E8 945FFAFF CALL DTMM.0049278C
004EC7F8|.8B0D 54EF4E00 MOV ECX,DWORD PTR DS: ;DTMM.004F2180
004EC7FE|.8B06 MOV EAX,DWORD PTR DS:
004EC800|.8B15 E0604C00 MOV EDX,DWORD PTR DS: ;DTMM.004C612C
004EC806|.E8 815FFAFF CALL DTMM.0049278C
004EC80B|.8B0D 9CF04E00 MOV ECX,DWORD PTR DS: ;DTMM.004F2188
004EC811|.8B06 MOV EAX,DWORD PTR DS:
004EC813|.8B15 E0624C00 MOV EDX,DWORD PTR DS: ;DTMM.004C632C
004EC819|.E8 6E5FFAFF CALL DTMM.0049278C
004EC81E|.8B0D B8F04E00 MOV ECX,DWORD PTR DS: ;DTMM.00503698
004EC824|.8B06 MOV EAX,DWORD PTR DS:
004EC826|.8B15 746D4D00 MOV EDX,DWORD PTR DS: ;DTMM.004D6DC0
004EC82C|.E8 5B5FFAFF CALL DTMM.0049278C
004EC831|.8B0D 80F14E00 MOV ECX,DWORD PTR DS: ;DTMM.004F2154
004EC837|.8B06 MOV EAX,DWORD PTR DS:
004EC839|.8B15 BC2A4C00 MOV EDX,DWORD PTR DS: ;DTMM.004C2B08
004EC83F|.E8 485FFAFF CALL DTMM.0049278C
004EC844|.8B06 MOV EAX,DWORD PTR DS:
004EC846|.E8 C15FFAFF CALL DTMM.0049280C
004EC84B|.EB 2B JMP SHORT DTMM.004EC878
004EC84D|>833D F8365000>CMP DWORD PTR DS:,62
004EC854|.75 12 JNZ SHORT DTMM.004EC868
004EC856|.6A 00 PUSH 0 ; /Style = MB_OK|MB_APPLMODAL
004EC858|.6A 00 PUSH 0 ; |Title = NULL
004EC85A|.68 D4C84E00 PUSH DTMM.004EC8D4 ; |your authorisation code has expired
004EC85F|.6A 00 PUSH 0 ; |hOwner = NULL
004EC861|.E8 F6B5F1FF CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
004EC866|.EB 10 JMP SHORT DTMM.004EC878
004EC868|>6A 00 PUSH 0 ; /Style = MB_OK|MB_APPLMODAL
004EC86A|.6A 00 PUSH 0 ; |Title = NULL
004EC86C|.68 F8C84E00 PUSH DTMM.004EC8F8 ; |your license file for dtmm is invalid
004EC871|.6A 00 PUSH 0 ; |hOwner = NULL
004EC873|.E8 E4B5F1FF CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
大致看了一下,没有什么好说的,和4.1版一样,还是就改一个字节干掉它!
将004EC75E 8325 F8365000>CMP DWORD PTR DS:,0 改为
004EC75E 833D F8365000>AND DWORD PTR DS:,0 即可!
F9试试,哈哈直接就进去了!
OK!将修改保存一下吧!
2006年08月17日 17:23:47 学习,不错。。。。。。。
页:
[1]