- UID
- 7521
注册时间2006-1-28
阅读权限10
最后登录1970-1-1
周游历练
该用户从未签到
|
单词博士1.66
无壳
下载地址:http://soft.btbbt.com/SoftView/SoftView_17182.html
用OD载入,在所有 SendMessageA 函数下断点
0045FE54 . /75 58 jnz short easyGet.0045FEAE
0045FE56 . |8B06 mov eax,dword ptr ds:[esi]
0045FE58 . |804E 24 80 or byte ptr ds:[esi+24],80
0045FE5C . |8BCE mov ecx,esi
0045FE5E . |FF90 88000000 call dword ptr ds:[eax+88]
0045FE64 . |EB 48 jmp short easyGet.0045FEAE
0045FE66 > |8B46 24 mov eax,dword ptr ds:[esi+24]
0045FE69 . |8B1D 94D54600 mov ebx,dword ptr ds:[<&USER32.SendM>; USER32.SendMessageA 输入注册码点确定后拦停在此函数
0045FE6F . |A8 80 test al,80
0045FE71 . |55 push ebp
0045FE72 . |74 25 je short easyGet.0045FE99
0045FE74 . |24 7F and al,7F
0045FE76 . |8BCE mov ecx,esi
0045FE78 . |8946 24 mov dword ptr ds:[esi+24],eax
0045FE7B . |8B06 mov eax,dword ptr ds:[esi]
0045FE7D . |FF90 8C000000 call dword ptr ds:[eax+8C]
0045FE83 . |8B6E 1C mov ebp,dword ptr ds:[esi+1C]
0045FE86 . |FF15 30D54600 call dword ptr ds:[<&USER32.GetActiv>; [GetActiveWindow
0045FE8C . |3BC5 cmp eax,ebp
0045FE8E . |75 09 jnz short easyGet.0045FE99
0045FE90 . |6A 00 push 0 ; /lParam = 0
0045FE92 . |6A 01 push 1 ; |wParam = 1
0045FE94 . |6A 06 push 6 ; |Message = WM_ACTIVATE
0045FE96 . |55 push ebp ; |hWnd
0045FE97 . |FFD3 call ebx ; \SendMessageA
0045FE99 > |F646 24 20 test byte ptr ds:[esi+24],20
0045FE9D . |5D pop ebp
0045FE9E . |74 0E je short easyGet.0045FEAE
0045FEA0 . |6A 00 push 0
0045FEA2 . |6A 01 push 1
0045FEA4 . |68 86000000 push 86
0045FEA9 . |FF76 1C push dword ptr ds:[esi+1C]
0045FEAC . |FFD3 call ebx
0045FEAE > \F7DF neg edi
0045FEB0 . 1BFF sbb edi,edi
0045FEB2 . 8BCE mov ecx,esi
0045FEB4 . 83E7 F0 and edi,FFFFFFF0
0045FEB7 . 83C7 20 add edi,20
0045FEBA . 57 push edi
0045FEBB . E8 06000000 call easyGet.0045FEC6
0045FEC0 > 5F pop edi
0045FEC1 . 5E pop esi
0045FEC2 . 5B pop ebx
有好心人能帮我分析一下哪一个是关键算法CALL,哪一个是关键跳转并把分析思路写出来吗 |
|
IP卡
发表于 2006-2-10 06:48:38
提升卡
置顶卡
变色卡
千斤顶
显身卡