这个软件一破解了就退出怎么办呢？

xiaoquzb · 发表于 2008-9-16 12:04:37

楼上你发的那个LPK.dll 能干什么呢啊？

xiaoquzb · 发表于 2008-9-16 12:08:30

楼上的帮我破解看看。。。这软件很诡异。。。。。

clw · 发表于 2008-9-16 12:26:51

把 LPK.dll 放到软件文件夹内，运行软件，显示注册版
破解了软件启动验证

xiaoquzb · 发表于 2008-9-16 13:11:27

谢谢楼上的但是没完全搞定啊

[ 本帖最后由 xiaoquzb 于 2008-9-16 13:25 编辑 ]

xiaoquzb · 发表于 2008-9-16 13:24:44

楼上的兄弟不行啊。。生成个试题就提示您用的是破解版本。。。。。

不能生成试题啊。。。

clw · 发表于 2008-9-17 22:27:09

0047A442 . 75 13 jnz short 0047A457
脱壳验证比较，修改此处，软件就不会退出了
破解还是自己跟踪吧

xiaoquzb · 发表于 2008-9-19 09:51:40

破解有难度啊。。。。那软件可郁闷呢。。

金华 · 发表于 2008-9-28 13:02:01

看看这个

sqcsl · 发表于 2008-9-28 17:22:12

ExitProcess 应该通用的！

jmzhwf · 发表于 2008-9-28 21:26:31

破解后,有一弹出对话框,,,,,,,,顺便也干掉了它

00478C4C  |.  E8 8B8D0000 CALL 4567.004819DC
00478C51  |.  48          DEC EAX
00478C52  |.  75 51       JNZ SHORT 4567.00478CA5                   /////////此处JNZ改JE    保存后为已注册版...但有信息框
00478C54  |.  C683 45160500>MOV BYTE PTR DS:[EBX+51645],0C
00478C5B  |.  C783 48160500>MOV DWORD PTR DS:[EBX+51648],3EA
00478C65  |.  BA 888D4700 MOV EDX,4567.00478D88                   ;  软件信息
00478C6A  |.  8B83 40030000 MOV EAX,DWORD PTR DS:[EBX+340]
00478C70  |.  E8 AF30FCFF CALL 4567.0043BD24
00478C75  |.  33D2       XOR EDX,EDX
00478C77  |.  8B83 1C040000 MOV EAX,DWORD PTR DS:[EBX+41C]
00478C7D  |.  E8 462FFBFF CALL 4567.0042BBC8
00478C82  |.  8D55 D4    LEA EDX,DWORD PTR SS:[EBP-2C]
00478C85  |.  8BC3       MOV EAX,EBX
00478C87  |.  E8 2430FBFF CALL 4567.0042BCB0
00478C8C  |.  8D45 D4    LEA EAX,DWORD PTR SS:[EBP-2C]
00478C8F  |.  BA 9C8D4700 MOV EDX,4567.00478D9C                   ; 注册版
00478C94  |.  E8 33B1F8FF CALL 4567.00403DCC
00478C99  |.  8B55 D4    MOV EDX,DWORD PTR SS:[EBP-2C]
00478C9C  |.  8BC3       MOV EAX,EBX
00478C9E  |.  E8 3D30FBFF CALL 4567.0042BCE0
00478CA3  |.  EB 21       JMP SHORT 4567.00478CC6
00478CA5  |>  8D55 D0    LEA EDX,DWORD PTR SS:[EBP-30]
00478CA8  |.  8BC3       MOV EAX,EBX
00478CAA  |.  E8 0130FBFF CALL 4567.0042BCB0
00478CAF  |.  8D45 D0    LEA EAX,DWORD PTR SS:[EBP-30]
00478CB2  |.  BA B08D4700 MOV EDX,4567.00478DB0                   ; 未注册版

###########################################################

下面干掉信息框

下ShowWindow断点
两次运行回溯到00446761
00446684 .  80B8 17020000>CMP BYTE PTR DS:[EAX+217],1
0044668B .  0F85 B5000000 JNZ 10.00446746                         ////////////这里改JE
00446691 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
00446694 .  80B8 13020000>CMP BYTE PTR DS:[EAX+213],2
0044669B .  75 36       JNZ SHORT 10.004466D3                   /////////////这里改jmp 保存后暴破成功
0044669D .  6A 00       PUSH 0
0044669F .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004466A2 .  E8 49B7FEFF CALL 10.00431DF0
004466A7 .  50          PUSH EAX                               ; |wParam
004466A8 .  68 23020000 PUSH 223                               ; |Message = WM_MDIRESTORE
004466AD .  A1 D4674800 MOV EAX,DWORD PTR DS:[4867D4]          ; |
004466B2 .  8B40 38    MOV EAX,DWORD PTR DS:[EAX+38]          ; |
004466B5 .  8B80 3C020000 MOV EAX,DWORD PTR DS:[EAX+23C]          ; |
004466BB .  50          PUSH EAX                               ; |hWnd
004466BC .  E8 EF0CFCFF CALL <JMP.&user32.SendMessageA>       ; \SendMessageA
004466C1 .  6A 03       PUSH 3
004466C3 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004466C6 .  E8 25B7FEFF CALL 10.00431DF0
004466CB .  50          PUSH EAX                               ; |hWnd
004466CC .  E8 A70DFCFF CALL <JMP.&user32.ShowWindow>          ; \ShowWindow
004466D1 .  EB 51       JMP SHORT 10.00446724
004466D3 >  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004466D6 .  0FB680 130200>MOVZX EAX,BYTE PTR DS:[EAX+213]
004466DD .  8B0485 AC4948>MOV EAX,DWORD PTR DS:[EAX*4+4849AC]
004466E4 .  50          PUSH EAX
004466E5 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004466E8 .  E8 03B7FEFF CALL 10.00431DF0
004466ED .  50          PUSH EAX                               ; |hWnd
004466EE .  E8 850DFCFF CALL <JMP.&user32.ShowWindow>          ; \ShowWindow
004466F3 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
004466F6 .  8B40 38    MOV EAX,DWORD PTR DS:[EAX+38]
004466F9 .  8B55 FC    MOV EDX,DWORD PTR SS:[EBP-4]
004466FC .  8B52 3C    MOV EDX,DWORD PTR DS:[EDX+3C]
004466FF .  C1E2 10    SHL EDX,10
00446702 .  0BC2       OR EAX,EDX
00446704 .  50          PUSH EAX
00446705 .  6A 00       PUSH 0
00446707 .  6A 05       PUSH 5
00446709 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
0044670C .  E8 DFB6FEFF CALL 10.00431DF0
00446711 .  50          PUSH EAX                               ; |hWnd
00446712 .  68 F86F4000 PUSH <JMP.&user32.DefMDIChildProcA>    ; |PrevProc = 10.00406FF8
00446717 .  E8 7C08FCFF CALL <JMP.&user32.CallWindowProcA>    ; \CallWindowProcA
0044671C .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
0044671F .  E8 D057FEFF CALL 10.0042BEF4
00446724 >  6A 00       PUSH 0                                  ; /lParam = 0
00446726 .  6A 00       PUSH 0                                  ; |wParam = 0
00446728 .  68 34020000 PUSH 234                               ; |Message = WM_MDIREFRESHMENU
0044672D .  A1 D4674800 MOV EAX,DWORD PTR DS:[4867D4]          ; |
00446732 .  8B40 38    MOV EAX,DWORD PTR DS:[EAX+38]          ; |
00446735 .  8B80 3C020000 MOV EAX,DWORD PTR DS:[EAX+23C]          ; |
0044673B .  50          PUSH EAX                               ; |hWnd
0044673C .  E8 6F0CFCFF CALL <JMP.&user32.SendMessageA>       ; \SendMessageA
00446741 .  E9 2A010000 JMP 10.00446870
00446746 >  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
00446749 .  0FB680 130200>MOVZX EAX,BYTE PTR DS:[EAX+213]
00446750 .  8B0485 AC4948>MOV EAX,DWORD PTR DS:[EAX*4+4849AC]
00446757 .  50          PUSH EAX
00446758 .  8B45 FC    MOV EAX,DWORD PTR SS:[EBP-4]
0044675B .  E8 90B6FEFF CALL 10.00431DF0
00446760 .  50          PUSH EAX                               ; |hWnd
00446761 .  E8 120DFCFF CALL <JMP.&user32.ShowWindow>          ; \ShowWindow
00446766 .  E9 05010000 JMP 10.00446870
0044676B >  33C0       XOR EAX,EAX

[ 本帖最后由 jmzhwf 于 2008-10-8 21:24 编辑 ]

		自动登录	找回密码
密码			加入我们

[求助] 这个软件一破解了就退出怎么办呢？

本帖子中包含更多资源

本帖子中包含更多资源