- UID
- 1980
注册时间2005-6-13
阅读权限20
最后登录1970-1-1
以武会友
 
该用户从未签到
|
【破文标题】超级查询工具箱1.3.0破解记录
【破文作者】ihhvqu[OCN][CZG]
【作者邮箱】[email protected]
【作者主页】http://www.chinaocn.net
【破解工具】PE-scan
【破解平台】win2000serevr
【软件名称】超级查询工具箱1.3.0
【软件大小】下载后有4M多
【原版下载】http://www.5down.com/soft/26282.htm
【保护方式】序列号
【软件简介】略
------------------------------------------------------------------------
【破解过程】超级查询工具箱1.3.0
下载页面:http://www.5down.com/soft/26282.htm
本机机器码:00B3881487AE
pe-scan一查 aspack 2.12 ,就用他一下就搞定了。
OD载入:
很容易来到:
005006DF 53 push ebx
005006E0 56 push esi
005006E1 57 push edi
005006E2 8BD8 mov ebx,eax
005006E4 33C0 xor eax,eax
005006E6 55 push ebp
005006E7 68 1B0C5000 push dump.00500C1B
005006EC 64:FF30 push dword ptr fs:[eax]
005006EF 64:8920 mov dword ptr fs:[eax],esp
005006F2 8D95 44FFFFFF lea edx,dword ptr ss:[ebp-BC]
005006F8 8B83 FC070000 mov eax,dword ptr ds:[ebx+7FC]
005006FE E8 5DB3F4FF call dump.0044BA60
00500703 8B85 44FFFFFF mov eax,dword ptr ss:[ebp-BC] ; 注册码送eax
00500709 8D95 48FFFFFF lea edx,dword ptr ss:[ebp-B8]
0050070F E8 0C86F0FF call dump.00408D20
00500714 83BD 48FFFFFF >cmp dword ptr ss:[ebp-B8],0
0050071B 75 2B jnz short dump.00500748 ; 输入了注册码则跳
0050071D 6A 40 push 40
0050071F B9 2C0C5000 mov ecx,dump.00500C2C ; 提示信息
00500724 BA 380C5000 mov edx,dump.00500C38 ; 请输入正确的注册码
00500729 A1 A8175100 mov eax,dword ptr ds:[5117A8]
0050072E 8B00 mov eax,dword ptr ds:[eax]
00500730 E8 E3D5F6FF call dump.0046DD18
00500735 8B83 FC070000 mov eax,dword ptr ds:[ebx+7FC]
0050073B 8B10 mov edx,dword ptr ds:[eax]
0050073D FF92 D0000000 call dword ptr ds:[edx+D0]
00500743 E9 6C040000 jmp dump.00500BB4
00500748 8D45 FC lea eax,dword ptr ss:[ebp-4]
0050074B BA 580C5000 mov edx,dump.00500C58
00500750 E8 733DF0FF call dump.004044C8
00500755 68 7C0C5000 push dump.00500C7C ; ASCII "You can take my breath away. 28881096SuperBox1.0"
0050075A 8B45 FC mov eax,dword ptr ss:[ebp-4]
0050075D 50 push eax
0050075E 8D85 40FFFFFF lea eax,dword ptr ss:[ebp-C0]
00500764 E8 B761FFFF call dump.004F6920
00500769 8B85 40FFFFFF mov eax,dword ptr ss:[ebp-C0] ; 机器码用eax=00B3881487AE
0050076F 50 push eax
00500770 8D45 F8 lea eax,dword ptr ss:[ebp-8]
00500773 50 push eax
00500774 E8 A35AFFFF call dump.004F621C ; ????
00500779 8D95 3CFFFFFF lea edx,dword ptr ss:[ebp-C4]
0050077F 8B83 FC070000 mov eax,dword ptr ds:[ebx+7FC]
00500785 E8 D6B2F4FF call dump.0044BA60
0050078A 8B85 3CFFFFFF mov eax,dword ptr ss:[ebp-C4] ; 注册码送eax
00500790 8D55 F4 lea edx,dword ptr ss:[ebp-C]
00500793 E8 8885F0FF call dump.00408D20 ; 应该是产生真码的CALL
00500798 8B45 F4 mov eax,dword ptr ss:[ebp-C] ; 注册码送eax
0050079B 8B55 F8 mov edx,dword ptr ss:[ebp-8]
0050079E E8 9940F0FF call dump.0040483C ; edx中看到一个东西31536-86394-23495-39043-41333
005007A3 74 2B je short dump.005007D0
005007A5 6A 40 push 40
005007A7 B9 2C0C5000 mov ecx,dump.00500C2C ; 提示信息
005007AC BA B00C5000 mov edx,dump.00500CB0 ; 您输入的注册码不正确,请重新输入正确的注册码
005007B1 A1 A8175100 mov eax,dword ptr ds:[5117A8]
005007B6 8B00 mov eax,dword ptr ds:[eax]
005007B8 E8 5BD5F6FF call dump.0046DD18
005007BD 8B83 FC070000 mov eax,dword ptr ds:[ebx+7FC]
005007C3 8B10 mov edx,dword ptr ds:[eax]
005007C5 FF92 D0000000 call dword ptr ds:[edx+D0]
005007CB E9 E4030000 jmp dump.00500BB4
005007D0 B2 01 mov dl,1
005007D2 A1 3CBF4100 mov eax,dword ptr ds:[41BF3C]
005007D7 E8 602DF0FF call dump.0040353C
005007DC BA E40C5000 mov edx,dump.00500CE4
005007E1 8B45 F4 mov eax,dword ptr ss:[ebp-C]
005007E4 E8 07FEFFFF call dump.005005F0
005007E9 8BF0 mov esi,eax
005007EB 8BC6 mov eax,esi
005007ED 8B10 mov edx,dword ptr ds:[eax]
005007EF FF52 14 call dword ptr ds:[edx+14]
005007F2 83F8 05 cmp eax,5
005007F5 74 32 je short dump.00500829
005007F7 6A 40 push 40
005007F9 B9 2C0C5000 mov ecx,dump.00500C2C ; 提示信息
005007FE BA B00C5000 mov edx,dump.00500CB0 ; 您输入的注册码不正确,请重新输入正确的注册码
00500803 A1 A8175100 mov eax,dword ptr ds:[5117A8]
00500808 8B00 mov eax,dword ptr ds:[eax]
0050080A E8 09D5F6FF call dump.0046DD18
0050080F 8B83 FC070000 mov eax,dword ptr ds:[ebx+7FC]
00500815 8B10 mov edx,dword ptr ds:[eax]
00500817 FF92 D0000000 call dword ptr ds:[edx+D0]
0050081D 8BC6 mov eax,esi
0050081F E8 482DF0FF call dump.0040356C
00500824 E9 8B030000 jmp dump.00500BB4
00500829 8D95 34FFFFFF lea edx,dword ptr ss:[ebp-CC]
0050082F A1 A8175100 mov eax,dword ptr ds:[5117A8]
00500834 8B00 mov eax,dword ptr ds:[eax]
00500836 E8 51DAF6FF call dump.0046E28C
0050083B 8B85 34FFFFFF mov eax,dword ptr ss:[ebp-CC]
00500841 8D95 38FFFFFF lea edx,dword ptr ss:[ebp-C8]
00500847 E8 948FF0FF call dump.004097E0
0050084C 8B95 38FFFFFF mov edx,dword ptr ss:[ebp-C8]
00500852 8D45 F0 lea eax,dword ptr ss:[ebp-10]
00500855 B9 F00C5000 mov ecx,dump.00500CF0 ; ASCII "TelData.dat"
0050085A E8 DD3EF0FF call dump.0040473C
0050085F 8B45 F0 mov eax,dword ptr ss:[ebp-10]
00500862 E8 ED8DF0FF call dump.00409654
00500867 40 inc eax
00500868 75 1D jnz short dump.00500887
0050086A 6A 40 push 40
0050086C B9 2C0C5000 mov ecx,dump.00500C2C
00500871 BA FC0C5000 mov edx,dump.00500CFC
00500876 A1 A8175100 mov eax,dword ptr ds:[5117A8]
0050087B 8B00 mov eax,dword ptr ds:[eax]
0050087D E8 96D4F6FF call dump.0046DD18
00500882 E9 2D030000 jmp dump.00500BB4
00500887 33C0 xor eax,eax
00500889 55 push ebp
0050088A 68 810B5000 push dump.00500B81
0050088F 64:FF30 push dword ptr fs:[eax]
00500892 64:8920 mov dword ptr fs:[eax],esp
00500895 8B45 F0 mov eax,dword ptr ss:[ebp-10]
00500898 E8 B78DF0FF call dump.00409654
0050089D 40 inc eax
0050089E 75 40 jnz short dump.005008E0
005008A0 8D85 30FFFFFF lea eax,dword ptr ss:[ebp-D0]
005008A6 50 push eax
005008A7 8B45 F0 mov eax,dword ptr ss:[ebp-10]
005008AA 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
005008B0 C685 2CFFFFFF >mov byte ptr ss:[ebp-D4],0B
005008B7 8D95 28FFFFFF lea edx,dword ptr ss:[ebp-D8]
005008BD 33C9 xor ecx,ecx
005008BF B8 180D5000 mov eax,dump.00500D18
005008C4 E8 1797F0FF call dump.00409FE0
005008C9 8B8D 30FFFFFF mov ecx,dword ptr ss:[ebp-D0]
005008CF B2 01 mov dl,1
005008D1 A1 E87D4000 mov eax,dword ptr ds:[407DE8]
005008D6 E8 15C9F0FF call dump.0040D1F0
005008DB E8 5C35F0FF call dump.00403E3C
005008E0 6A 02 push 2
005008E2 8D85 4CFFFFFF lea eax,dword ptr ss:[ebp-B4]
005008E8 50 push eax
005008E9 8B45 F0 mov eax,dword ptr ss:[ebp-10]
005008EC E8 FF3FF0FF call dump.004048F0
005008F1 50 push eax
005008F2 E8 D565F0FF call
005008F7 8BF8 mov edi,eax
005008F9 8BC7 mov eax,edi
005008FB 33D2 xor edx,edx
005008FD 83FA FF cmp edx,-1
00500900 75 45 jnz short dump.00500947
00500902 83F8 FF cmp eax,-1
00500905 75 40 jnz short dump.00500947
00500907 8D85 24FFFFFF lea eax,dword ptr ss:[ebp-DC]
0050090D 50 push eax
0050090E 8B45 F0 mov eax,dword ptr ss:[ebp-10]
00500911 8985 28FFFFFF mov dword ptr ss:[ebp-D8],eax
00500917 C685 2CFFFFFF >mov byte ptr ss:[ebp-D4],0B
0050091E 8D95 28FFFFFF lea edx,dword ptr ss:[ebp-D8]
00500924 33C9 xor ecx,ecx
00500926 B8 340D5000 mov eax,dump.00500D34
0050092B E8 B096F0FF call dump.00409FE0
00500930 8B8D 24FFFFFF mov ecx,dword ptr ss:[ebp-DC]
00500936 B2 01 mov dl,1
00500938 A1 E87D4000 mov eax,dword ptr ds:[407DE8]
0050093D E8 AEC8F0FF call dump.0040D1F0
00500942 E8 F534F0FF call dump.00403E3C
00500947 68 480D5000 push dump.00500D48 ; ASCII "QQWryMapFile"
0050094C 8B45 E8 mov eax,dword ptr ss:[ebp-18]
0050094F 50 push eax
00500950 6A 00 push 0
00500952 6A 04 push 4
00500954 6A 00 push 0
00500956 57 push edi
00500957 E8 C863F0FF call
0050095C 8945 DC mov dword ptr ss:[ebp-24],eax
0050095F 837D DC 00 cmp dword ptr ss:[ebp-24],0
00500963 75 1C jnz short dump.00500981
00500965 57 push edi
00500966 E8 9963F0FF call
0050096B B9 600D5000 mov ecx,dump.00500D60
00500970 B2 01 mov dl,1
00500972 A1 E87D4000 mov eax,dword ptr ds:[407DE8]
00500977 E8 74C8F0FF call dump.0040D1F0
0050097C E8 BB34F0FF call dump.00403E3C
00500981 6A 00 push 0
00500983 6A 00 push 0
00500985 6A 00 push 0
00500987 68 1F000F00 push 0F001F
0050098C 8B45 DC mov eax,dword ptr ss:[ebp-24]
0050098F 50 push eax
00500990 E8 1F65F0FF call
00500995 8945 D4 mov dword ptr ss:[ebp-2C],eax
00500998 837D D4 00 cmp dword ptr ss:[ebp-2C],0
0050099C 75 25 jnz short dump.005009C3
0050099E 57 push edi
0050099F E8 6063F0FF call
005009A4 8B45 DC mov eax,dword ptr ss:[ebp-24]
005009A7 50 push eax
005009A8 E8 5763F0FF call
005009AD B9 800D5000 mov ecx,dump.00500D80
005009B2 B2 01 mov dl,1
005009B4 A1 E87D4000 mov eax,dword ptr ds:[407DE8]
005009B9 E8 32C8F0FF call dump.0040D1F0
005009BE E8 7934F0FF call dump.00403E3C
005009C3 B8 CB660000 mov eax,66CB
005009C8 E8 3791F0FF call dump.00409B04
005009CD 8945 D8 mov dword ptr ss:[ebp-28],eax
005009D0 8B5D D8 mov ebx,dword ptr ss:[ebp-28]
005009D3 B9 CB660000 mov ecx,66CB
005009D8 8B55 D4 mov edx,dword ptr ss:[ebp-2C]
005009DB 8BC3 mov eax,ebx
005009DD E8 E26DF0FF call dump.004077C4
005009E2 837D D4 00 cmp dword ptr ss:[ebp-2C],0
005009E6 74 09 je short dump.005009F1
005009E8 8B45 D4 mov eax,dword ptr ss:[ebp-2C]
005009EB 50 push eax
005009EC E8 2365F0FF call
005009F1 837D DC 00 cmp dword ptr ss:[ebp-24],0
005009F5 74 09 je short dump.00500A00
005009F7 8B45 DC mov eax,dword ptr ss:[ebp-24]
005009FA 50 push eax
005009FB E8 0463F0FF call
00500A00 85FF test edi,edi
00500A02 74 06 je short dump.00500A0A
00500A04 57 push edi
00500A05 E8 FA62F0FF call
00500A0A 8B5D D8 mov ebx,dword ptr ss:[ebp-28]
00500A0D 83C3 19 add ebx,19
00500A10 8D8D 20FFFFFF lea ecx,dword ptr ss:[ebp-E0]
00500A16 33D2 xor edx,edx
00500A18 8BC6 mov eax,esi
00500A1A 8B38 mov edi,dword ptr ds:[eax]
00500A1C FF57 0C call dword ptr ds:[edi+C]
00500A1F 8B85 20FFFFFF mov eax,dword ptr ss:[ebp-E0]
00500A25 E8 BE88F0FF call dump.004092E8
00500A2A 8945 E0 mov dword ptr ss:[ebp-20],eax
00500A2D 8955 E4 mov dword ptr ss:[ebp-1C],edx
00500A30 8D55 E0 lea edx,dword ptr ss:[ebp-20]
00500A33 B9 03000000 mov ecx,3
00500A38 8BC3 mov eax,ebx
00500A3A E8 856DF0FF call dump.004077C4
00500A3F 83C3 15 add ebx,15
00500A42 8D8D 1CFFFFFF lea ecx,dword ptr ss:[ebp-E4]
00500A48 BA 01000000 mov edx,1
00500A4D 8BC6 mov eax,esi
00500A4F 8B38 mov edi,dword ptr ds:[eax]
00500A51 FF57 0C call dword ptr ds:[edi+C]
00500A54 8B85 1CFFFFFF mov eax,dword ptr ss:[ebp-E4]
00500A5A E8 8988F0FF call dump.004092E8
00500A5F 8945 E0 mov dword ptr ss:[ebp-20],eax
00500A62 8955 E4 mov dword ptr ss:[ebp-1C],edx
00500A65 8D55 E0 lea edx,dword ptr ss:[ebp-20]
00500A68 B9 03000000 mov ecx,3
00500A6D 8BC3 mov eax,ebx
00500A6F E8 506DF0FF call dump.004077C4
00500A74 83C3 0F add ebx,0F
00500A77 8D8D 18FFFFFF lea ecx,dword ptr ss:[ebp-E8]
00500A7D BA 02000000 mov edx,2
00500A82 8BC6 mov eax,esi
00500A84 8B38 mov edi,dword ptr ds:[eax]
00500A86 FF57 0C call dword ptr ds:[edi+C]
00500A89 8B85 18FFFFFF mov eax,dword ptr ss:[ebp-E8]
00500A8F E8 5488F0FF call dump.004092E8
00500A94 8945 E0 mov dword ptr ss:[ebp-20],eax
00500A97 8955 E4 mov dword ptr ss:[ebp-1C],edx
00500A9A 8D55 E0 lea edx,dword ptr ss:[ebp-20]
00500A9D B9 03000000 mov ecx,3
00500AA2 8BC3 mov eax,ebx
00500AA4 E8 1B6DF0FF call dump.004077C4
00500AA9 83C3 1C add ebx,1C
00500AAC 8D8D 14FFFFFF lea ecx,dword ptr ss:[ebp-EC]
00500AB2 BA 03000000 mov edx,3
00500AB7 8BC6 mov eax,esi
00500AB9 8B38 mov edi,dword ptr ds:[eax]
00500ABB FF57 0C call dword ptr ds:[edi+C]
00500ABE 8B85 14FFFFFF mov eax,dword ptr ss:[ebp-EC]
00500AC4 E8 1F88F0FF call dump.004092E8
00500AC9 8945 E0 mov dword ptr ss:[ebp-20],eax
00500ACC 8955 E4 mov dword ptr ss:[ebp-1C],edx
00500ACF 8D55 E0 lea edx,dword ptr ss:[ebp-20]
00500AD2 B9 03000000 mov ecx,3
00500AD7 8BC3 mov eax,ebx
00500AD9 E8 E66CF0FF call dump.004077C4
00500ADE 83C3 3A add ebx,3A
00500AE1 8D8D 10FFFFFF lea ecx,dword ptr ss:[ebp-F0]
00500AE7 BA 04000000 mov edx,4
00500AEC 8BC6 mov eax,esi
00500AEE 8B30 mov esi,dword ptr ds:[eax]
00500AF0 FF56 0C call dword ptr ds:[esi+C]
00500AF3 8B85 10FFFFFF mov eax,dword ptr ss:[ebp-F0]
00500AF9 E8 EA87F0FF call dump.004092E8
00500AFE 8945 E0 mov dword ptr ss:[ebp-20],eax
00500B01 8955 E4 mov dword ptr ss:[ebp-1C],edx
00500B04 8D55 E0 lea edx,dword ptr ss:[ebp-20]
00500B07 B9 03000000 mov ecx,3
00500B0C 8BC3 mov eax,ebx
00500B0E E8 B16CF0FF call dump.004077C4
00500B13 8B5D D8 mov ebx,dword ptr ss:[ebp-28]
00500B16 81C3 CB660000 add ebx,66CB
00500B1C B2 01 mov dl,1
00500B1E A1 2CC24100 mov eax,dword ptr ds:[41C22C]
00500B23 E8 142AF0FF call dump.0040353C
00500B28 8BF0 mov esi,eax
00500B2A 8BFB mov edi,ebx
00500B2C 2B7D D8 sub edi,dword ptr ss:[ebp-28]
00500B2F 8BD7 mov edx,edi
00500B31 8BC6 mov eax,esi
00500B33 8B08 mov ecx,dword ptr ds:[eax]
00500B35 FF51 04 call dword ptr ds:[ecx+4]
00500B38 8BCF mov ecx,edi
00500B3A 8B55 D8 mov edx,dword ptr ss:[ebp-28]
00500B3D 8BC6 mov eax,esi
00500B3F E8 F405F2FF call dump.00421138
00500B44 8B55 F0 mov edx,dword ptr ss:[ebp-10]
00500B47 8BC6 mov eax,esi
00500B49 E8 960AF2FF call dump.004215E4
00500B4E 8B45 D8 mov eax,dword ptr ss:[ebp-28]
00500B51 E8 FA8FF0FF call dump.00409B50
00500B56 B2 01 mov dl,1
00500B58 8BC6 mov eax,esi
00500B5A 8B08 mov ecx,dword ptr ds:[eax]
00500B5C FF51 FC call dword ptr ds:[ecx-4]
00500B5F 6A 40 push 40
00500B61 B9 2C0C5000 mov ecx,dump.00500C2C ; 提示信息
00500B66 BA 980D5000 mov edx,dump.00500D98 ; 软件注册成功,感谢您的支持,请重启本软件
00500B6B A1 A8175100 mov eax,dword ptr ds:[5117A8]
00500B70 8B00 mov eax,dword ptr ds:[eax]
00500B72 E8 A1D1F6FF call dump.0046DD18
00500B77 33C0 xor eax,eax
00500B79 5A pop edx
00500B7A 59 pop ecx
00500B7B 59 pop ecx
00500B7C 64:8910 mov dword ptr fs:[eax],edx
00500B7F EB 33 jmp short dump.00500BB4
00500B81 ^ E9 3230F0FF jmp dump.00403BB8
------------------------------------------------------------------------
【破解总结】明码,没什么写的,很想看算法,但是我注册后没办法清除,很长时间没提高,烦..............
------------------------------------------------------------------------
【版权声明】本文纯属技术交流, 转载请注明作者信息并保持文章的完整, 谢谢!
ihhvqu 2005-10-8 |
|
IP卡
发表于 2005-10-14 11:53:30
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2005-10-14 16:18:15