- UID
- 2
注册时间2004-12-1
阅读权限255
最后登录1970-1-1
总坛主
TA的每日心情 | 开心
2024-12-1 11:04 |
|---|
签到天数: 12 天 [LV.3]偶尔看看II
|
【破文标题】与P-code 亲密接触
【破文作者】飘云[PYG]
【作者邮箱】[email protected]
【作者主页】www.chinapyg.com
【破解工具】Peid0.94,WKTVBDE,VC++
【破解平台】Win9x/NT/2000/XP
【软件名称】VBAnti-CrackMe3
【软件大小】20kb
【原版下载】论坛下载
【保护方式】用户名+注册码
【特别说明】这是 VBParser1.2 压缩包中自带的一个 CrackMe,我拿来和大家讲解~~ 嘿嘿~ 希望大家对P-code有一定认识~------------------------------------------------------------------------
WKTVBDE 打开程序---点Form Manager,拉下拉框选择form1,点"command"按钮,然后选择command1,再点"BPX"
F5运行程序,输入信息:
******************
name:piaoyun1
serial:123456789
******************
点"Check"按钮后中断:
F8单步跟踪
00403BD8: 28 5C FF 00 00 LitVarI2 PushVarInteger 0000
00403BDD: FC F6 6C FF FStVar
00403BE1: F4 00 LitI2_Byte: Push 00
00403BE3: EB CR8I2
00403BE4: 08 08 00 FLdPr [SR]=[stack_08]
00403BE7: 92 4C 00 MemStFPR8
00403BEA: 4B D8 00 OnErrorGoto
00403BED: 04 54 FF FLdRfVar Push local_AC
00403BF0: 21 FLdPrThis [SR]=[stack2]
00403BF1: 0F FC 02 VCallAd
00403BF4: 19 58 FF FStAdFunc
00403BF7: 08 58 FF FLdPr [SR]=[local_A8]
00403BFA: 0D A0 00 08 00 VCallHresult
00403BFF: 3E 54 FF FLdZeroAd Push#4 [local_AC]; [local_AC]=0
00403C02: 46 44 FF CVarStr
00403C05: 08 08 00 FLdPr [SR]=[stack_08]
00403C08: FD 86 34 00 MemStVar
00403C0C: 1A 58 FF FFree1Ad Push [local_A8]; Call [[[local_A8]]+8]; [[local_A8]]=0
00403C0F: 35 44 FF FFree1Var
00403C12: 04 54 FF FLdRfVar Push local_AC
00403C15: 21 FLdPrThis [SR]=[stack2]
00403C16: 0F 04 03 VCallAd
00403C19: 19 58 FF FStAdFunc
00403C1C: 08 58 FF FLdPr [SR]=[local_A8]
00403C1F: 0D A0 00 08 00 VCallHresult
00403C24: 6C 54 FF ILdRf Push#4 [local_AC]
00403C27: FC 33 CR8Str
00403C29: 08 08 00 FLdPr [SR]=[stack_08]
00403C2C: 92 44 00 MemStFPR8
00403C2F: 2F 54 FF FFree1Str SysFreeString [local_AC]; [local_AC]=0
00403C32: 1A 58 FF FFree1Ad Push [local_A8]; Call [[[local_A8]]+8]; [[local_A8]]=0
00403C35: 10 F8 06 06 00 ThisVCallHresult 00403B90->00403B20 // 这里就是一个Call了 跟踪来到下面:
Private Sub UnkNameProc()
'-=-=-=-=-=-=-= ProcAddr Range: [00403B20 - 00403B90] , ProcSize: 70 =-=-=-=-=-=-=-
00403B20: 28 34 FF 01 00 LitVarI2 PushVarInteger 0001 //参数1 for循环的起始条件
00403B25: 04 64 FF FLdRfVar Push local_9C
00403B28: 28 44 FF 08 00 LitVarI2 PushVarInteger 0008 //参数8 for循环的终止条件
00403B2D: FE 68 14 FF 5E 00 ForVar //for 语句
00403B33: 28 04 FF 01 00 LitVarI2 PushVarInteger 0001 //参数1
00403B38: 04 64 FF FLdRfVar Push local_9C
00403B3B: FC 22 CI4Var vbaI4Var //这里有个计数器i
00403B3D: 08 08 00 FLdPr [SR]=[stack_08]
00403B40: 06 34 00 MemLdRfVar Push [SR]+stack_34
00403B43: 04 F4 FE FLdRfVar Push local_10C
00403B46: 0A 17 00 10 00 ImpAdCallFPR4 Call Ptr_0040105E; //rtcMidCharVar 截取函数 mid$(str,i,1)
00403B4B: 04 F4 FE FLdRfVar Push local_10C
00403B4E: FD FE F0 FE CStrVarVal
00403B52: 0B 18 00 04 00 ImpAdCallI2 Call Ptr_00401064; //rtcAnsiValueBstr 取asciii值 ASC$(char)
00403B57: EB CR8I2
00403B58: 74 74 FF FStFPR8 Fstp#8 [local_8C]
00403B5B: 2F F0 FE FFree1Str SysFreeString [local_110]; [local_110]=0
00403B5E: 36 04 00 04 FF F4 FFreeVar Free 0004 variants : 04 FF F4 FE
FE
00403B65: 08 08 00 FLdPr [SR]=[stack_08]
00403B68: 8D 4C 00 MemLdFPR8
00403B6B: 6F 74 FF FLdFPR8 Fld#8 [local_8C] //上面几句是对数据的处理
00403B6E: AB AddR8 //累加保存到某处~~
00403B6F: 08 08 00 FLdPr [SR]=[stack_08]
00403B72: 92 4C 00 MemStFPR8
00403B75: 04 64 FF FLdRfVar Push local_9C
00403B78: FE 7E 14 NextStepVar // 循环,直到i为 >8 时终止
//上面一截的算法就是:用户名前8位(这就是为什么要输入8位才能使按钮可见的缘故)ascii相加
下面这些需要 WKTV中才能看到:
00403B7E: 08 FLdPr
00403B81: 8D MemLdFPR8
00403B84: F4 LitI2_Byte: -> 7h 7 //参数7
00403B86: EB CR8I2
00403B87: B3 MulR8 // 用户名前8位累加的值*7
00403B88: 08 FLdPr
00403B8B: 92 MemStFPR8
00403B8E: 13 ExitProcHresult //返回~
00403B8F: 00 LargeBos
00403B91: 24 NewIfNullPr 00401980
00403B94: 04 FLdRfVar 00127FACh
00403B97: 00 LargeBos
------------------------------------------------------------------------
【算法总结】
用户名长度需要8位(多了也没有意义),此时按钮才能可见.
注册码:前8位ascii相加,然后乘以7;
随便写的注册机:
- #include "iOStream.h"
- #include "string.h"
- #include "stdio.h"
- void main()
- {
- char name[50];
- int sum=0;
- cout<<"Please Input Your Name:\n";
- cin>>name;
- if(strlen(name)>=8)
- {
- for(int i=0;i<=7;i++)
- sum+=name[i];
- sum*=7;
- cout<<"Your Serial is:"<<sum<<endl;
- getchar();
- }
- else
- cout<<"Wrong!"<<endl;
- }
------------------------------------------------------------------------
【版权声明】本文纯属技术交流,转载请注明作者信息并保持文章的完整,谢谢! |
|
IP卡
发表于 2006-1-12 13:47:45
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2006-1-12 13:52:31
发表于 2006-1-12 18:11:39
发表于 2006-1-13 15:23:39
楼主
发表于 2006-1-16 16:02:41
