- UID
- 37793
注册时间2007-12-1
阅读权限30
最后登录1970-1-1
龙战于野
该用户从未签到
|
软件名称:考易电子试卷制作软件 v3.2
因为看到了一个帖子,地址:https://www.chinapyg.com/viewthr ... &extra=page%3D1
我就做了这个教程姑且叫做原创吧!
软件的下载到:https://www.chinapyg.com/viewthr ... &extra=page%3D1
不多说了我们开始吧!
Peid:Borland Delphi 4.0 - 5.0
这个软件一运行就提示:软件过期
我们先来解决这个问题:
用OD载入:
下断点:
bp MessageBoxA
f9来到:
77D50702 > 8BFF mov edi, edi ; 考易电子.004160C0
77D50704 55 push ebp
77D50705 8BEC mov ebp, esp
77D50707 833D BC14D777 0>cmp dword ptr [77D714BC], 0
77D5070E 74 24 je short 77D50734
77D50710 64:A1 18000000 mov eax, dword ptr fs:[18]
77D50716 6A 00 push 0
77D50718 FF70 24 push dword ptr [eax+24]
77D5071B 68 241BD777 push 77D71B24
77D50720 FF15 C412D177 call dword ptr [<&KERNEL32.Interlocke>; kernel32.InterlockedCompareExchange
77D50726 85C0 test eax, eax
77D50728 75 0A jnz short 77D50734
alt+f9来到:
00415F86 |. 9B wait
00415F87 |. 8D45 FC lea eax, dword ptr [ebp-4]
00415F8A |. BA 8C604100 mov edx, 0041608C ; yyyy-mm-dd
00415F8F |. E8 E8BBFEFF call <jmp.&Vcl50.Sysutils::DateTimeTo>
00415F94 |. 8B45 FC mov eax, dword ptr [ebp-4]
00415F97 |. BA A0604100 mov edx, 004160A0 ; 2005-10-03
00415F9C |. E8 27B2FEFF call <jmp.&Vcl50.System::LStrCmp>
00415FA1 |. 77 0F ja short 00415FB2
00415FA3 |. 8B45 FC mov eax, dword ptr [ebp-4]
00415FA6 |. BA B4604100 mov edx, 004160B4 ; 2004-10-03
00415FAB |. E8 18B2FEFF call <jmp.&Vcl50.System::LStrCmp>
00415FB0 |. 73 24 jnb short 00415FD6
00415FB2 |> 6A 00 push 0
00415FB4 |. B9 C0604100 mov ecx, 004160C0 ; 提示3.2
00415FB9 |. BA C8604100 mov edx, 004160C8 ; 该版本软件已过期,请到http://www.yyebook.com下载更新版本使用!
00415FBE |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00415FC3 |. 8B00 mov eax, dword ptr [eax]
00415FC5 |. E8 B6B5FEFF call <jmp.&Vcl50.Forms::TApplication:>
00415FCA |. BA 10614100 mov edx, 00416110 ; kkright
00415FCF |. 8BC3 mov eax, ebx
00415FD1 |. E8 B6BCFEFF call <jmp.&Vcl50.Controls::TControl::>
我们在断首下好断点然后取消刚才的断点
00415ED0 /. 55 push ebp 这里f2
00415ED1 |. 8BEC mov ebp, esp
00415ED3 |. 33C9 xor ecx, ecx
00415ED5 |. 51 push ecx
00415ED6 |. 51 push ecx
00415ED7 |. 51 push ecx
00415ED8 |. 51 push ecx
00415ED9 |. 51 push ecx
重新运行:
00415ED0 /. 55 push ebp
00415ED1 |. 8BEC mov ebp, esp
00415ED3 |. 33C9 xor ecx, ecx
00415ED5 |. 51 push ecx
00415ED6 |. 51 push ecx
00415ED7 |. 51 push ecx
00415ED8 |. 51 push ecx
00415ED9 |. 51 push ecx
00415EDA |. 51 push ecx
00415EDB |. 53 push ebx
00415EDC |. 56 push esi
00415EDD |. 8BF2 mov esi, edx
00415EDF |. 8BD8 mov ebx, eax
00415EE1 |. 33C0 xor eax, eax
00415EE3 |. 55 push ebp
00415EE4 |. 68 75604100 push 00416075
00415EE9 |. 64:FF30 push dword ptr fs:[eax]
00415EEC |. 64:8920 mov dword ptr fs:[eax], esp
00415EEF |. C683 61170500>mov byte ptr [ebx+51761], 1
00415EF6 |. 33D2 xor edx, edx
00415EF8 |. 8B83 D0020000 mov eax, dword ptr [ebx+2D0]
00415EFE |. E8 09C4FEFF call <jmp.&Vcl50.Comctrls::TPageContr>
00415F03 |. 33C0 xor eax, eax
00415F05 |. 8983 280A0500 mov dword ptr [ebx+50A28], eax
00415F0B |. 68 AF030000 push 3AF
00415F10 |. 8D55 F8 lea edx, dword ptr [ebp-8]
00415F13 |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00415F18 |. 8B00 mov eax, dword ptr [eax]
00415F1A |. E8 69B6FEFF call <jmp.&Vcl50.Forms::TApplication:>
00415F1F |. 8B55 F8 mov edx, dword ptr [ebp-8]
00415F22 |. 33C9 xor ecx, ecx
00415F24 |. 8BC3 mov eax, ebx
00415F26 |. E8 15060000 call 00416540
00415F2B |. 8D55 F0 lea edx, dword ptr [ebp-10]
00415F2E |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00415F33 |. 8B00 mov eax, dword ptr [eax]
00415F35 |. E8 4EB6FEFF call <jmp.&Vcl50.Forms::TApplication:>
00415F3A |. 8B45 F0 mov eax, dword ptr [ebp-10]
00415F3D |. 8D55 F4 lea edx, dword ptr [ebp-C]
00415F40 |. E8 C7BBFEFF call <jmp.&Vcl50.Sysutils::ExtractFil>
00415F45 |. 8B55 F4 mov edx, dword ptr [ebp-C]
00415F48 |. 8B83 6C030000 mov eax, dword ptr [ebx+36C]
00415F4E |. E8 E1C1FEFF call <jmp.&Vcl50.Dialogs::TOpenDialog>
00415F53 |. 8D55 E8 lea edx, dword ptr [ebp-18]
00415F56 |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00415F5B |. 8B00 mov eax, dword ptr [eax]
00415F5D |. E8 26B6FEFF call <jmp.&Vcl50.Forms::TApplication:>
00415F62 |. 8B45 E8 mov eax, dword ptr [ebp-18]
00415F65 |. 8D55 EC lea edx, dword ptr [ebp-14]
00415F68 |. E8 9FBBFEFF call <jmp.&Vcl50.Sysutils::ExtractFil>
00415F6D |. 8B55 EC mov edx, dword ptr [ebp-14]
00415F70 |. 8B83 68030000 mov eax, dword ptr [ebx+368]
00415F76 |. E8 B9C1FEFF call <jmp.&Vcl50.Dialogs::TOpenDialog>
00415F7B |. E8 ECBBFEFF call <jmp.&Vcl50.Sysutils::Date>
00415F80 |. 83C4 F8 add esp, -8
00415F83 |. DD1C24 fstp qword ptr [esp]
00415F86 |. 9B wait
00415F87 |. 8D45 FC lea eax, dword ptr [ebp-4]
00415F8A |. BA 8C604100 mov edx, 0041608C ; ASCII "yyyy-mm-dd"
00415F8F |. E8 E8BBFEFF call <jmp.&Vcl50.Sysutils::DateTimeTo>
00415F94 |. 8B45 FC mov eax, dword ptr [ebp-4]
00415F97 |. BA A0604100 mov edx, 004160A0 ; ASCII "2005-10-03"
00415F9C |. E8 27B2FEFF call <jmp.&Vcl50.System::LStrCmp>
00415FA1 |. 77 0F ja short 00415FB2 这里跳走了 NOP掉
00415FA3 |. 8B45 FC mov eax, dword ptr [ebp-4]
00415FA6 |. BA B4604100 mov edx, 004160B4 ; ASCII "2004-10-03"
00415FAB |. E8 18B2FEFF call <jmp.&Vcl50.System::LStrCmp>
00415FB0 |. 73 24 jnb short 00415FD6
下面我们来解决注册的问题:
修改后保存一份(假设文件名为:1)我们运行一下程序1看看,可是程序不能运行!
用OD载入修改后的文件1,单步走:
0042009C >/$ 55 push ebp
0042009D |. 8BEC mov ebp, esp
0042009F |. 83C4 EC add esp, -14
004200A2 |. 33C0 xor eax, eax
004200A4 |. 8945 EC mov dword ptr [ebp-14], eax
004200A7 |. 8945 F0 mov dword ptr [ebp-10], eax
004200AA |. B8 8CFE4100 mov eax, 0041FE8C
004200AF |. E8 E012FEFF call 00401394
004200B4 |. 33C0 xor eax, eax
004200B6 |. 55 push ebp
004200B7 |. 68 55014200 push 00420155
004200BC |. 64:FF30 push dword ptr fs:[eax]
004200BF |. 64:8920 mov dword ptr fs:[eax], esp
004200C2 |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
004200C7 |. 8B00 mov eax, dword ptr [eax]
004200C9 |. E8 9214FEFF call <jmp.&Vcl50.Forms::TApplication:>
004200CE |. 8B0D B0174200 mov ecx, dword ptr [4217B0] ; 考易电子.00423A9C
004200D4 |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
004200D9 |. 8B00 mov eax, dword ptr [eax]
004200DB |. 8B15 103C4100 mov edx, dword ptr [413C10] ; 考易电子.00413C5C
004200E1 |. E8 8214FEFF call <jmp.&Vcl50.Forms::TApplication:>
004200E6 |. 8D55 F0 lea edx, dword ptr [ebp-10]
004200E9 |. A1 B0174200 mov eax, dword ptr [4217B0]
004200EE |. 8B00 mov eax, dword ptr [eax]
004200F0 |. E8 8F1BFEFF call <jmp.&Vcl50.Controls::TControl::>
004200F5 |. 8B45 F0 mov eax, dword ptr [ebp-10]
004200F8 |. BA 6C014200 mov edx, 0042016C ; ASCII "closeform"
004200FD |. E8 C610FEFF call <jmp.&Vcl50.System::LStrCmp>
00420102 |. 74 1E je short 00420122
00420104 |. 8D55 EC lea edx, dword ptr [ebp-14]
00420107 |. A1 B0174200 mov eax, dword ptr [4217B0]
0042010C |. 8B00 mov eax, dword ptr [eax]
0042010E |. E8 711BFEFF call <jmp.&Vcl50.Controls::TControl::>
00420113 |. 8B45 EC mov eax, dword ptr [ebp-14]
00420116 |. BA 80014200 mov edx, 00420180 ; ASCII "kkright"
0042011B |. E8 A810FEFF call <jmp.&Vcl50.System::LStrCmp>
00420120 |. 75 0C jnz short 0042012E 这里让它跳就行了 改为JZ
00420122 |> A1 B0174200 mov eax, dword ptr [4217B0]
00420127 |. 8B00 mov eax, dword ptr [eax]
00420129 |. E8 DA13FEFF call <jmp.&Vcl50.Forms::TCustomForm::>
0042012E |> A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00420133 |. 8B00 mov eax, dword ptr [eax]
00420135 |. E8 3614FEFF call <jmp.&Vcl50.Forms::TApplication:>
0042013A |. 33C0 xor eax, eax
0042013C |. 5A pop edx
0042013D |. 59 pop ecx
0042013E |. 59 pop ecx
0042013F |. 64:8910 mov dword ptr fs:[eax], edx
00420142 |. 68 5C014200 push 0042015C
00420147 |> 8D45 EC lea eax, dword ptr [ebp-14]
0042014A |. BA 02000000 mov edx, 2
0042014F |. E8 0C10FEFF call <jmp.&Vcl50.System::LStrArrayClr>
00420154 \. C3 retn
修改后文件保存为:2
运行程序2,运行正常
OD载入文件2:
因为程序运行后标题显示未注册,点击注册后其中的注册号中内容为:未注册
我们就从这里下手吧
查找字符串:
本机未注册
(商用版)
(非商用版)
未注册
regkysoft.dll(这个应该是注册文件在字符串参考中有两处这里只是其中的一处,大家自己研究一下)
注册版
未注册版
双击本机未注册来到:
004138B4 /. 55 push ebp 下好断点
004138B5 |. 8BEC mov ebp, esp
004138B7 |. 6A 00 push 0
004138B9 |. 6A 00 push 0
004138BB |. 6A 00 push 0
004138BD |. 53 push ebx
004138BE |. 8BD8 mov ebx, eax
004138C0 |. 33C0 xor eax, eax
004138C2 |. 55 push ebp
004138C3 |. 68 7C3A4100 push 00413A7C
004138C8 |. 64:FF30 push dword ptr fs:[eax]
004138CB |. 64:8920 mov dword ptr fs:[eax], esp
004138CE |. A1 B0174200 mov eax, dword ptr [4217B0]
004138D3 |. 8B00 mov eax, dword ptr [eax]
004138D5 |. 8B90 54110500 mov edx, dword ptr [eax+51154]
004138DB |. 8B83 0C030000 mov eax, dword ptr [ebx+30C]
004138E1 |. E8 A6E3FEFF call <jmp.&Vcl50.Controls::TControl::>
004138E6 |. BA 903A4100 mov edx, 00413A90 ; 3.2
004138EB |. 8B83 F4020000 mov eax, dword ptr [ebx+2F4]
004138F1 |. E8 96E3FEFF call <jmp.&Vcl50.Controls::TControl::>
004138F6 |. BA 9C3A4100 mov edx, 00413A9C ; 本机未注册
004138FB |. 8B83 10030000 mov eax, dword ptr [ebx+310]
00413901 |. E8 86E3FEFF call <jmp.&Vcl50.Controls::TControl::>
00413906 |. A1 B0174200 mov eax, dword ptr [4217B0]
0041390B |. 8B00 mov eax, dword ptr [eax]
双击regkysoft.dll来到:
00415B9D |. E8 6ABFFEFF call <jmp.&Vcl50.Sysutils::ExtractFil>
00415BA2 |. 8D45 DC lea eax, dword ptr [ebp-24]
00415BA5 |. BA D85C4100 mov edx, 00415CD8 ; regkysoft.dll
00415BAA |. E8 01B6FEFF call <jmp.&Vcl50.System::LStrCat>
在断首下好断点(就是004159E0 /$ 55 push ebp)
开始分析了f9来到了:
004159E0 /$ 55 push ebp
004159E1 |. 8BEC mov ebp, esp
004159E3 |. B9 06000000 mov ecx, 6
.......
.......
.......
.......
00415B6E |. 8D83 5C170500 lea eax, dword ptr [ebx+5175C]
00415B74 |. BA C45C4100 mov edx, 00415CC4 ; 00000066
00415B79 |. E8 EAB5FEFF call <jmp.&Vcl50.System::LStrAsg>
00415B7E |. C783 64170500>mov dword ptr [ebx+51764], 30
00415B88 |. 8D55 D8 lea edx, dword ptr [ebp-28]
00415B8B |. A1 88464200 mov eax, dword ptr [<&Vcl50.Forms::A>
00415B90 |. 8B00 mov eax, dword ptr [eax]
00415B92 |. E8 F1B9FEFF call <jmp.&Vcl50.Forms::TApplication:>
00415B97 |. 8B45 D8 mov eax, dword ptr [ebp-28]
00415B9A |. 8D55 DC lea edx, dword ptr [ebp-24]
00415B9D |. E8 6ABFFEFF call <jmp.&Vcl50.Sysutils::ExtractFil>
00415BA2 |. 8D45 DC lea eax, dword ptr [ebp-24]
00415BA5 |. BA D85C4100 mov edx, 00415CD8 ; regkysoft.dll
00415BAA |. E8 01B6FEFF call <jmp.&Vcl50.System::LStrCat>
00415BAF |. 8B55 DC mov edx, dword ptr [ebp-24]
00415BB2 |. 8BC3 mov eax, ebx
00415BB4 |. E8 EF810000 call 0041DDA8
00415BB9 |. 48 dec eax
00415BBA |. 75 51 jnz short 00415C0D 不让它跳 JZ
00415BBC |. C683 61170500>mov byte ptr [ebx+51761], 0C
00415BC3 |. C783 64170500>mov dword ptr [ebx+51764], 3EA
00415BCD |. BA F05C4100 mov edx, 00415CF0 ; 软件信息
00415BD2 |. 8B83 40030000 mov eax, dword ptr [ebx+340]
00415BD8 |. E8 3FC3FEFF call <jmp.&Vcl50.Menus::TMenuItem::Se>
00415BDD |. 33D2 xor edx, edx
00415BDF |. 8B83 1C040000 mov eax, dword ptr [ebx+41C]
00415BE5 |. E8 7AC0FEFF call <jmp.&Vcl50.Controls::TControl::>
00415BEA |. 8D55 D4 lea edx, dword ptr [ebp-2C]
00415BED |. 8BC3 mov eax, ebx
00415BEF |. E8 90C0FEFF call <jmp.&Vcl50.Controls::TControl::>
00415BF4 |. 8D45 D4 lea eax, dword ptr [ebp-2C]
00415BF7 |. BA 045D4100 mov edx, 00415D04 ; 注册版
00415BFC |. E8 AFB5FEFF call <jmp.&Vcl50.System::LStrCat>
00415C01 |. 8B55 D4 mov edx, dword ptr [ebp-2C]
00415C04 |. 8BC3 mov eax, ebx
00415C06 |. E8 81C0FEFF call <jmp.&Vcl50.Controls::TControl::>
00415C0B |. EB 21 jmp short 00415C2E
00415C0D |> 8D55 D0 lea edx, dword ptr [ebp-30]
00415C10 |. 8BC3 mov eax, ebx
00415C12 |. E8 6DC0FEFF call <jmp.&Vcl50.Controls::TControl::>
00415C17 |. 8D45 D0 lea eax, dword ptr [ebp-30]
00415C1A |. BA 185D4100 mov edx, 00415D18 ; 未注册版
00415C1F |. E8 8CB5FEFF call <jmp.&Vcl50.System::LStrCat>
00415C24 |. 8B55 D0 mov edx, dword ptr [ebp-30]
00415C27 |. 8BC3 mov eax, ebx
00415C29 |. E8 5EC0FEFF call <jmp.&Vcl50.Controls::TControl::>
00415C2E |> 33C0 xor eax, eax
00415C30 |. 5A pop edx
00415C31 |. 59 pop ecx
00415C32 |. 59 pop ecx
00415C33 |. 64:8910 mov dword ptr fs:[eax], edx
00415C36 |. 68 5D5C4100 push 00415C5D
00415C3B |> 8D45 D0 lea eax, dword ptr [ebp-30]
00415C3E |. BA 02000000 mov edx, 2
00415C43 |. E8 18B5FEFF call <jmp.&Vcl50.System::LStrArrayClr>
00415C48 |. 8D45 D8 lea eax, dword ptr [ebp-28]
00415C4B |. BA 0A000000 mov edx, 0A
00415C50 |. E8 0BB5FEFF call <jmp.&Vcl50.System::LStrArrayClr>
00415C55 \. C3 retn
00415C56 .^ E9 C5B4FEFF jmp <jmp.&Vcl50.System::HandleFinall>
00415C5B .^ EB DE jmp short 00415C3B
00415C5D . 5B pop ebx
00415C5E . 8BE5 mov esp, ebp
00415C60 . 5D pop ebp
00415C61 . C3 retn
程序运行后(f9)点击软件信息到了:
004138B4 /. 55 push ebp
004138B5 |. 8BEC mov ebp, esp
004138B7 |. 6A 00 push 0
004138B9 |. 6A 00 push 0
004138BB |. 6A 00 push 0
004138BD |. 53 push ebx
004138BE |. 8BD8 mov ebx, eax
004138C0 |. 33C0 xor eax, eax
004138C2 |. 55 push ebp
004138C3 |. 68 7C3A4100 push 00413A7C
004138C8 |. 64:FF30 push dword ptr fs:[eax]
004138CB |. 64:8920 mov dword ptr fs:[eax], esp
004138CE |. A1 B0174200 mov eax, dword ptr [4217B0]
004138D3 |. 8B00 mov eax, dword ptr [eax]
004138D5 |. 8B90 54110500 mov edx, dword ptr [eax+51154]
004138DB |. 8B83 0C030000 mov eax, dword ptr [ebx+30C]
004138E1 |. E8 A6E3FEFF call <jmp.&Vcl50.Controls::TControl::>
004138E6 |. BA 903A4100 mov edx, 00413A90 ; 3.2
004138EB |. 8B83 F4020000 mov eax, dword ptr [ebx+2F4]
004138F1 |. E8 96E3FEFF call <jmp.&Vcl50.Controls::TControl::>
004138F6 |. BA 9C3A4100 mov edx, 00413A9C ; 本机未注册
004138FB |. 8B83 10030000 mov eax, dword ptr [ebx+310]
00413901 |. E8 86E3FEFF call <jmp.&Vcl50.Controls::TControl::>
00413906 |. A1 B0174200 mov eax, dword ptr [4217B0]
0041390B |. 8B00 mov eax, dword ptr [eax]
0041390D |. 80B8 61170500>cmp byte ptr [eax+51761], 0C
00413914 |. 0F85 05010000 jnz 00413A1F
0041391A |. B2 01 mov dl, 1
0041391C |. 8B83 24030000 mov eax, dword ptr [ebx+324]
00413922 |. E8 3DE3FEFF call <jmp.&Vcl50.Controls::TControl::>
00413927 |. 33D2 xor edx, edx
00413929 |. 8B83 D0020000 mov eax, dword ptr [ebx+2D0]
0041392F |. E8 30E3FEFF call <jmp.&Vcl50.Controls::TControl::>
00413934 |. BA DF000000 mov edx, 0DF
00413939 |. A1 943A4200 mov eax, dword ptr [423A94]
0041393E |. E8 F1E2FEFF call <jmp.&Vcl50.Controls::TControl::>
00413943 |. A1 B0174200 mov eax, dword ptr [4217B0]
00413948 |. 8B00 mov eax, dword ptr [eax]
0041394A |. 8B80 5C170500 mov eax, dword ptr [eax+5175C]
00413950 |. E8 87E1FEFF call <jmp.&Vcl50.Sysutils::StrToInt>
00413955 |. 3D 30750000 cmp eax, 7530
0041395A |. 7E 19 jle short 00413975
0041395C |. A1 B0174200 mov eax, dword ptr [4217B0]
00413961 |. 8B00 mov eax, dword ptr [eax]
00413963 |. 8B80 5C170500 mov eax, dword ptr [eax+5175C]
00413969 |. E8 6EE1FEFF call <jmp.&Vcl50.Sysutils::StrToInt>
0041396E |. 3D 50C30000 cmp eax, 0C350
00413973 |. 7C 32 jl short 004139A7
00413975 |> A1 B0174200 mov eax, dword ptr [4217B0]
0041397A |. 8B00 mov eax, dword ptr [eax]
0041397C |. 8B80 5C170500 mov eax, dword ptr [eax+5175C]
00413982 |. E8 55E1FEFF call <jmp.&Vcl50.Sysutils::StrToInt>
00413987 |. 3D C8000000 cmp eax, 0C8
0041398C |. 7E 43 jle short 004139D1 不让它跳 NOP
0041398E |. A1 B0174200 mov eax, dword ptr [4217B0]
00413993 |. 8B00 mov eax, dword ptr [eax]
00413995 |. 8B80 5C170500 mov eax, dword ptr [eax+5175C]
0041399B |. E8 3CE1FEFF call <jmp.&Vcl50.Sysutils::StrToInt>
004139A0 |. 3D E8030000 cmp eax, 3E8
004139A5 |. 7D 2A jge short 004139D1
004139A7 |> A1 B0174200 mov eax, dword ptr [4217B0]
004139AC |. 8B00 mov eax, dword ptr [eax]
004139AE |. 8B90 5C170500 mov edx, dword ptr [eax+5175C]
004139B4 |. 8D45 FC lea eax, dword ptr [ebp-4]
004139B7 |. B9 B03A4100 mov ecx, 00413AB0 ; (商用版)
004139BC |. E8 F7D7FEFF call <jmp.&Vcl50.System::LStrCat3>
004139C1 |. 8B55 FC mov edx, dword ptr [ebp-4]
004139C4 |. 8B83 10030000 mov eax, dword ptr [ebx+310]
004139CA |. E8 BDE2FEFF call <jmp.&Vcl50.Controls::TControl::>
004139CF |. EB 28 jmp short 004139F9
保存后即可
[ 本帖最后由 xinldy 于 2008-9-2 11:08 编辑 ] |
评分
-
查看全部评分
|
IP卡
发表于 2008-9-2 10:42:13
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2008-9-3 13:34:36
发表于 2008-9-16 14:14:35
发表于 2012-3-22 18:42:00