|
|
【破文标题】爆破亚太卫星网络电视
【破文作者】lhl8730
【作者邮箱】[email protected]
【作者主页】无
【破解工具】OD,PEID。UE
【破解平台】XP
【软件名称】亚太卫星网络电视
【软件大小】1。65MB
【原版下载】http://www.dot-soft.com/
【保护方式】注册码
【软件简介】采用了众多最新技术开发的亚太卫星网络电视将为您带来上百套国内外电视接目!全部节目与有线电视一样同步实时直播!东森电影,美亚电影,龙祥电影,凤凰电影,卫视国际电影,HBO家庭电影,凤凰卫视,星空卫视,华娱卫视,东风卫视,各省市电视...
软件最新集成了近200款在线游戏,给您带来更超值的享受!
无限期免费升级,内嵌自动升级引擎,启动后自动检测新版本,自动完成软件的升级更新。
------------------------------------------------------------------------
用PEID查没壳,直接用OD载入查找字符串“注册成功”往上走找到PUSH EBP设断点运行,输入假码点注册断在这
00503358 . 55 PUSH EBP
00503359 . 68 22365000 PUSH 亚太卫星.00503622
0050335E . 64:FF30 PUSH DWORD PTR FS:[EAX]
00503361 . 64:8920 MOV DWORD PTR FS:[EAX],ESP
00503364 . A1 5C755100 MOV EAX,DWORD PTR DS:[51755C]
00503369 . 8038 00 CMP BYTE PTR DS:[EAX],0
0050336C . 74 1A JE SHORT 亚太卫星.00503388
0050336E . 6A 00 PUSH 0 ; /Arg1 = 00000000
00503370 . 66:8B0D 30365>MOV CX,WORD PTR DS:[503630] ; |
00503377 . B2 02 MOV DL,2 ; |
00503379 . B8 3C365000 MOV EAX,亚太卫星.0050363C ; |
0050337E . E8 51DAF2FF CALL 亚太卫星.00430DD4 ; \亚太卫星.00430DD4
00503383 . E9 67020000 JMP 亚太卫星.005035EF
00503388 > 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
0050338B . 8B83 1C030000 MOV EAX,DWORD PTR DS:[EBX+31C]
00503391 . E8 4E6BF8FF CALL 亚太卫星.00489EE4 ; 得假码
00503396 . 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00503399 . 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
0050339C . E8 8356F0FF CALL 亚太卫星.00408A24
005033A1 . 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
005033A4 . 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
005033A7 . E8 6855F0FF CALL 亚太卫星.00408914
005033AC . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005033AF . E8 BC11F0FF CALL 亚太卫星.00404570 ; 得假码位数
005033B4 . 83F8 0B CMP EAX,0B ; 看是不是等于11位
005033B7 . 75 37 JNZ SHORT 亚太卫星.005033F0 ; 不是就跳,如果是,就是IP地址,去比较IP对不对
005033B9 . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005033BC . E8 97F8FFFF CALL 亚太卫星.00502C58
005033C1 . 84C0 TEST AL,AL
005033C3 . 74 2B JE SHORT 亚太卫星.005033F0
005033C5 . 6A 00 PUSH 0
005033C7 . B9 68365000 MOV ECX,亚太卫星.00503668
005033CC . BA 70365000 MOV EDX,亚太卫星.00503670
005033D1 . A1 04745100 MOV EAX,DWORD PTR DS:[517404]
005033D6 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
005033D8 . E8 ABF2F6FF CALL 亚太卫星.00472688
005033DD . 8B83 1C030000 MOV EAX,DWORD PTR DS:[EBX+31C]
005033E3 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
005033E5 . FF92 C4000000 CALL DWORD PTR DS:[EDX+C4]
005033EB . E9 FF010000 JMP 亚太卫星.005035EF
005033F0 > 33C0 XOR EAX,EAX
005033F2 . 55 PUSH EBP
005033F3 . 68 91355000 PUSH 亚太卫星.00503591
005033F8 . 64:FF30 PUSH DWORD PTR FS:[EAX]
005033FB . 64:8920 MOV DWORD PTR FS:[EAX],ESP
005033FE . 68 90365000 PUSH 亚太卫星.00503690 ; ASCII "http://222.88.223.204/admin/action.asp?user="
00503403 . FF75 FC PUSH DWORD PTR SS:[EBP-4]
00503406 . 68 C8365000 PUSH 亚太卫星.005036C8
0050340B . A1 DC6F5100 MOV EAX,DWORD PTR DS:[516FDC]
00503410 . FF30 PUSH DWORD PTR DS:[EAX]
00503412 . 68 F8365000 PUSH 亚太卫星.005036F8 ; ASCII "&winver="
00503417 . A1 C8745100 MOV EAX,DWORD PTR DS:[5174C8]
0050341C . FF30 PUSH DWORD PTR DS:[EAX]
0050341E . 68 0C375000 PUSH 亚太卫星.0050370C ; ASCII "&wmpver="
00503423 . A1 20755100 MOV EAX,DWORD PTR DS:[517520]
00503428 . FF30 PUSH DWORD PTR DS:[EAX]
0050342A . 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
0050342D . BA 08000000 MOV EDX,8
00503432 . E8 F911F0FF CALL 亚太卫星.00404630 ; 把上面的数据进行处理,参与下面的计算。
00503437 . 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
0050343A . 8D4D EC LEA ECX,DWORD PTR SS:[EBP-14]
0050343D . A1 8C755100 MOV EAX,DWORD PTR DS:[51758C]
00503442 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
00503444 . 8B80 30030000 MOV EAX,DWORD PTR DS:[EAX+330]
0050344A . E8 51EFFAFF CALL 亚太卫星.004B23A0 ; 关键CALL,跟了很多次没有搞定。
0050344F . 8B45 EC MOV EAX,DWORD PTR SS:[EBP-14]
00503452 . BA 20375000 MOV EDX,亚太卫星.00503720 ; ASCII "ok"
00503457 . E8 6012F0FF CALL 亚太卫星.004046BC ; 比较CALL,上面的处理结果与OK比较,如果是就成功。
0050345C . 74 51 JE SHORT 亚太卫星.005034AF ; 爆破点。不过我是这样改的,把OK去掉。
0050345E . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ; 用UE找到503720处,把OK去掉保存即可。
00503461 . E8 F2F7FFFF CALL 亚太卫星.00502C58
00503466 . 84C0 TEST AL,AL
00503468 . 75 1A JNZ SHORT 亚太卫星.00503484
0050346A . 6A 00 PUSH 0
0050346C . B9 68365000 MOV ECX,亚太卫星.00503668
00503471 . BA 24375000 MOV EDX,亚太卫星.00503724
00503476 . A1 04745100 MOV EAX,DWORD PTR DS:[517404]
0050347B . 8B00 MOV EAX,DWORD PTR DS:[EAX]
0050347D . E8 06F2F6FF CALL 亚太卫星.00472688
00503482 . EB 18 JMP SHORT 亚太卫星.0050349C
00503484 > 6A 00 PUSH 0
00503486 . B9 68365000 MOV ECX,亚太卫星.00503668
0050348B . BA 70365000 MOV EDX,亚太卫星.00503670
00503490 . A1 04745100 MOV EAX,DWORD PTR DS:[517404]
00503495 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
00503497 . E8 ECF1F6FF CALL 亚太卫星.00472688
0050349C > 8B83 1C030000 MOV EAX,DWORD PTR DS:[EBX+31C]
005034A2 . 8B10 MOV EDX,DWORD PTR DS:[EAX]
005034A4 . FF92 C4000000 CALL DWORD PTR DS:[EDX+C4]
005034AA . E9 D8000000 JMP 亚太卫星.00503587
005034AF > 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
005034B2 . A1 04745100 MOV EAX,DWORD PTR DS:[517404]
005034B7 . 8B00 MOV EAX,DWORD PTR DS:[EAX]
005034B9 . E8 4AF6F6FF CALL 亚太卫星.00472B08
005034BE . 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
005034C1 . 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
005034C4 . E8 0F5FF0FF CALL 亚太卫星.004093D8
005034C9 . 8D45 E4 LEA EAX,DWORD PTR SS:[EBP-1C]
005034CC . BA 44375000 MOV EDX,亚太卫星.00503744 ; ASCII "setting.dat"
005034D1 . E8 A210F0FF CALL 亚太卫星.00404578
005034D6 . 8B4D E4 MOV ECX,DWORD PTR SS:[EBP-1C]
005034D9 . B2 01 MOV DL,1
005034DB . A1 3C7D4300 MOV EAX,DWORD PTR DS:[437D3C]
005034E0 . E8 0749F3FF CALL 亚太卫星.00437DEC
005034E5 . 8945 F8 MOV DWORD PTR SS:[EBP-8],EAX
005034E8 . 33C0 XOR EAX,EAX
005034EA . 55 PUSH EBP
005034EB . 68 22355000 PUSH 亚太卫星.00503522
005034F0 . 64:FF30 PUSH DWORD PTR FS:[EAX]
005034F3 . 64:8920 MOV DWORD PTR FS:[EAX],ESP
005034F6 . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005034F9 . 50 PUSH EAX
005034FA . B9 58375000 MOV ECX,亚太卫星.00503758 ; ASCII "Reg"
005034FF . BA 64375000 MOV EDX,亚太卫星.00503764 ; ASCII "Option"
00503504 . 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00503507 . 8B18 MOV EBX,DWORD PTR DS:[EAX]
00503509 . FF53 04 CALL DWORD PTR DS:[EBX+4]
0050350C . 33C0 XOR EAX,EAX
0050350E . 5A POP EDX
0050350F . 59 POP ECX
00503510 . 59 POP ECX
00503511 . 64:8910 MOV DWORD PTR FS:[EAX],EDX
00503514 . 68 29355000 PUSH 亚太卫星.00503529
00503519 > 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
0050351C . E8 BBFEEFFF CALL 亚太卫星.004033DC
00503521 . C3 RETN
00503522 .^ E9 0906F0FF JMP 亚太卫星.00403B30
00503527 .^ EB F0 JMP SHORT 亚太卫星.00503519
00503529 . 6A 00 PUSH 0 ; /Arg1 = 00000000
0050352B . 66:8B0D 30365>MOV CX,WORD PTR DS:[503630] ; |
00503532 . B2 02 MOV DL,2 ; |
00503534 . B8 74375000 MOV EAX,亚太卫星.00503774 ; |
00503539 . E8 96D8F2FF CALL 亚太卫星.00430DD4 ; \亚太卫星.00430DD4
0050353E . 48 DEC EAX
0050353F . 75 46 JNZ SHORT 亚太卫星.00503587
00503541 . A1 54915100 MOV EAX,DWORD PTR DS:[519154]
00503546 . E8 DDB7F6FF CALL 亚太卫星.0046ED28
0050354B . A1 5C755100 MOV EAX,DWORD PTR DS:[51755C]
00503550 . C600 01 MOV BYTE PTR DS:[EAX],1
00503553 . A1 686E5100 MOV EAX,DWORD PTR DS:[516E68]
00503558 . 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
0050355B . E8 A40DF0FF CALL 亚太卫星.00404304
00503560 . A1 846E5100 MOV EAX,DWORD PTR DS:[516E84]
00503565 . 33D2 XOR EDX,EDX
00503567 . 8910 MOV DWORD PTR DS:[EAX],EDX
00503569 . A1 8C755100 MOV EAX,DWORD PTR DS:[51758C]
0050356E . 8B00 MOV EAX,DWORD PTR DS:[EAX]
00503570 . 8B80 38030000 MOV EAX,DWORD PTR DS:[EAX+338]
00503576 . 8B40 34 MOV EAX,DWORD PTR DS:[EAX+34]
00503579 . 33D2 XOR EDX,EDX
0050357B . E8 0411F6FF CALL 亚太卫星.00464684
00503580 . 33D2 XOR EDX,EDX
00503582 . E8 3511F6FF CALL 亚太卫星.004646BC
00503587 > 33C0 XOR EAX,EAX
00503589 . 5A POP EDX
0050358A . 59 POP ECX
0050358B . 59 POP ECX
0050358C . 64:8910 MOV DWORD PTR FS:[EAX],EDX
0050358F . EB 5E JMP SHORT 亚太卫星.005035EF
------------------------------------------------------------------------
------------------------------------------------------------------------
【版权声明】本文纯属技术交流[请支持正版], 转载请注明作者并保持文章的完整, 谢谢!
[ 本帖最后由 lhl8730 于 2006-4-27 08:30 编辑 ] |
|
IP卡
发表于 2006-4-27 08:26:40
提升卡
置顶卡
变色卡
千斤顶
显身卡