- UID
- 42027
注册时间2007-12-19
阅读权限20
最后登录1970-1-1
以武会友
 
TA的每日心情 | 开心
2022-8-10 19:15 |
|---|
签到天数: 33 天 [LV.5]常住居民I
|
该软件破解方法基本上与精算师差不多的,用OD载入后查找“注册码无效”
00596C3C |. 33C0 XOR EAX,EAX
00596C3E |. 55 PUSH EBP ;这里下断点
00596C3F |. 68 896F5900 PUSH 乐透彩精.00596F89
00596C44 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
00596C47 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
00596C4A |. 8B86 04030000 MOV EAX,DWORD PTR DS:[ESI+304]
00596C50 |. 8378 0C 05 CMP DWORD PTR DS:[EAX+C],5
00596C54 |. 7E 0A JLE SHORT 乐透彩精.00596C60
00596C56 |. A1 ACBF5A00 MOV EAX,DWORD PTR DS:[5ABFAC]
00596C5B |. E8 44A8EEFF CALL 乐透彩精.004814A4
00596C60 |> 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
00596C63 |. 8B86 04030000 MOV EAX,DWORD PTR DS:[ESI+304]
00596C69 |. E8 BAD2ECFF CALL 乐透彩精.00463F28
00596C6E |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] ;这里出现假码
00596C71 |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
00596C74 |. E8 6F29E7FF CALL 乐透彩精.004095E8
00596C79 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] ;假码取大写
00596C7C |. 50 PUSH EAX ;把大写假码放入EAX
00596C7D |. 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
00596C80 |. A1 B4C45900 MOV EAX,DWORD PTR DS:[59C4B4]
00596C85 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596C87 |. 8B80 08030000 MOV EAX,DWORD PTR DS:[EAX+308]
00596C8D |. E8 96D2ECFF CALL 乐透彩精.00463F28
00596C92 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C] ;这时寄存器EDX中显示真的注册码
00596C95 |. 58 POP EAX
00596C96 |. E8 59E7E6FF CALL 乐透彩精.004053F4 ;这时寄存器EAX中显示大写假码, EDX中显示真的注册码
若看算法可以在这个关键CALL跟进去
00596C9B |. 0F85 B8000000 JNZ 乐透彩精.00596D59 ;注册码不对,跳向注册失败处。关 键跳
00596CA1 |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596CA6 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596CA8 |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596CAE |. E8 EDECF1FF CALL 乐透彩精.004B59A0
00596CB3 |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596CB8 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596CBA |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596CC0 |. BA A06F5900 MOV EDX,乐透彩精.00596FA0 ; a20
00596CC5 |. E8 A2D4F1FF CALL 乐透彩精.004B416C
00596CCA |. BA AC6F5900 MOV EDX,乐透彩精.00596FAC ; l
00596CCF |. 8B08 MOV ECX,DWORD PTR DS:[EAX]
00596CD1 |. FF91 B0000000 CALL DWORD PTR DS:[ECX+B0]
00596CD7 |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596CDC |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596CDE |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596CE4 |. 8B10 MOV EDX,DWORD PTR DS:[EAX]
00596CE6 |. FF92 4C020000 CALL DWORD PTR DS:[EDX+24C]
00596CEC |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596CF1 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596CF3 |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596CF9 |. E8 E2EBF1FF CALL 乐透彩精.004B58E0
00596CFE |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596D03 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596D05 |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596D0B |. E8 B0C2F1FF CALL 乐透彩精.004B2FC0
00596D10 |. A1 4CC65900 MOV EAX,DWORD PTR DS:[59C64C]
00596D15 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
00596D17 |. 8B80 38010000 MOV EAX,DWORD PTR DS:[EAX+138]
00596D1D |. E8 92C2F1FF CALL 乐透彩精.004B2FB4
00596D22 |. 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
00596D25 |. 8B86 04030000 MOV EAX,DWORD PTR DS:[ESI+304]
00596D2B |. E8 F8D1ECFF CALL 乐透彩精.00463F28
00596D30 |. 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
00596D33 |. 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
00596D36 |. E8 AD28E7FF CALL 乐透彩精.004095E8
00596D3B |. 8B4D EC MOV ECX,DWORD PTR SS:[EBP-14]
00596D3E |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00596D41 |. BA B86F5900 MOV EDX,乐透彩精.00596FB8 ; 注册成功!请记住您的密码:
00596D46 |. E8 A9E5E6FF CALL 乐透彩精.004052F4
00596D4B |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00596D4E |. 33C9 XOR ECX,ECX
00596D50 |. 33D2 XOR EDX,EDX
00596D52 |. E8 3590F4FF CALL 乐透彩精.004DFD8C
00596D57 |. EB 37 JMP SHORT 乐透彩精.00596D90
00596D59 |> 33C9 XOR ECX,ECX
00596D5B |. 33D2 XOR EDX,EDX
00596D5D |. B8 DC6F5900 MOV EAX,乐透彩精.00596FDC ; 跳到这里!注册码无效,请重 新输入
EAX 0103AFE0 ASCII "XYJK888"
ECX FFFFFFF2
EDX 0104169C ASCII "67MHRG3KMJXJ"
附上关键CALL
00596C96 |. E8 59E7E6FF CALL 乐透彩精.004053F4
中F7跟进去的代码
004053F4 /$ 53 PUSH EBX
004053F5 |. 56 PUSH ESI
004053F6 |. 57 PUSH EDI
004053F7 |. 89C6 MOV ESI,EAX
004053F9 |. 89D7 MOV EDI,EDX ;这里看寄存器窗口EAX假码;EDX真 的注册码
004053FB |. 39D0 CMP EAX,EDX
004053FD |. 0F84 8F000000 JE 乐透彩精.00405492
00405403 |. 85F6 TEST ESI,ESI
00405405 |. 74 68 JE SHORT 乐透彩精.0040546F
00405407 |. 85FF TEST EDI,EDI
00405409 |. 74 6B JE SHORT 乐透彩精.00405476
0040540B |. 8B46 FC MOV EAX,DWORD PTR DS:[ESI-4]
0040540E |. 8B57 FC MOV EDX,DWORD PTR DS:[EDI-4]
00405411 |. 29D0 SUB EAX,EDX
00405413 |. 77 02 JA SHORT 乐透彩精.00405417
00405415 |. 01C2 ADD EDX,EAX
00405417 |> 52 PUSH EDX
00405418 |. C1EA 02 SHR EDX,2
0040541B |. 74 26 JE SHORT 乐透彩精.00405443
0040541D |> 8B0E /MOV ECX,DWORD PTR DS:[ESI]
0040541F |. 8B1F |MOV EBX,DWORD PTR DS:[EDI]
00405421 |. 39D9 |CMP ECX,EBX
00405423 |. 75 58 |JNZ SHORT 乐透彩精.0040547D
00405425 |. 4A |DEC EDX
00405426 |. 74 15 |JE SHORT 乐透彩精.0040543D
00405428 |. 8B4E 04 |MOV ECX,DWORD PTR DS:[ESI+4]
0040542B |. 8B5F 04 |MOV EBX,DWORD PTR DS:[EDI+4]
0040542E |. 39D9 |CMP ECX,EBX
00405430 |. 75 4B |JNZ SHORT 乐透彩精.0040547D
00405432 |. 83C6 08 |ADD ESI,8
但是不知什么原因我在这个地址
制作注册机老是不能用,还望各位师傅指点一下!!!!上一个软件--精算大师的注册机是完全可以用的
这个不知怎么回事
00596C96 |. E8 59E7E6FF CALL 乐透彩精.004053F4 ;这时寄存器EAX中显示大写假码, EDX中显示真的注册码 |
|
IP卡
发表于 2008-1-20 12:46:15
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2008-1-20 15:34:49
楼主
发表于 2008-1-20 19:21:03
发表于 2008-1-21 10:10:58
发表于 2008-1-21 23:45:34
发表于 2008-1-22 01:18:05
