- UID
- 14526
注册时间2006-5-31
阅读权限10
最后登录1970-1-1
周游历练
TA的每日心情 | 开心
2020-7-30 15:55 |
|---|
签到天数: 58 天 [LV.5]常住居民I
|
软件简介:Speed Video Splitter 4.3.17是一款小巧而快速的视频分割软件。他可以对支持的视频文件依据您指定的头和尾进行分割。目前支持的类型有:AVI(Divx,xDiv),MPEG-4,mpeg(vcd,svcd,dvd兼容格式),wmv,asf,Quick Time,VOB,DAT。
破解思路:
查壳:Microsoft Visual C++ 6.0 无壳,看来老外不太喜欢加壳哟,这点我喜欢,省去了不少麻烦!
一,OD载入,F9运行,试注册,提示“invalid username or registration code”
重载程序,查找字串“invalid username or registration code”,双击或回车,在段首下断:
F9运行,断下来了,F8跟踪,
004048F0 . 6A FF PUSH -1 ; //段首下断
004048F2 . 68 088F4100 PUSH Speed_Vi.00418F08 ; SE 处理程序安装
004048F7 . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0]
004048FD . 50 PUSH EAX
004048FE . 64:8925 00000>MOV DWORD PTR FS:[0],ESP
00404905 . 51 PUSH ECX
00404906 . 56 PUSH ESI
00404907 . 57 PUSH EDI
00404908 . 6A 01 PUSH 1
0040490A . 8BF1 MOV ESI,ECX
0040490C . E8 FD340100 CALL <JMP.&MFC42.#6334_?UpdateData@CWnd@>
00404911 . 8B46 60 MOV EAX,DWORD PTR DS:[ESI+60]
00404914 . 8B4E 64 MOV ECX,DWORD PTR DS:[ESI+64]
00404917 . 8D7E 64 LEA EDI,DWORD PTR DS:[ESI+64]
0040491A . 50 PUSH EAX
0040491B . 51 PUSH ECX
0040491C . E8 FF990000 CALL Speed_Vi.0040E320 ; //F7跟进
0040E320 /$ 8B5424 04 MOV EDX,DWORD PTR SS:[ESP+4] ; //进入子程序
0040E324 |. 56 PUSH ESI
0040E325 |. 57 PUSH EDI
0040E326 |. BF 7C474200 MOV EDI,Speed_Vi.0042477C
0040E32B |. 8BF2 MOV ESI,EDX
0040E32D |. B9 01000000 MOV ECX,1
0040E332 |. 33C0 XOR EAX,EAX
0040E334 |. F3:A6 REPE CMPS BYTE PTR ES:[EDI],BYTE PTR DS:>
0040E336 |. 74 2A JE SHORT Speed_Vi.0040E362
0040E338 |. 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+10]
0040E33C |. 53 PUSH EBX
0040E33D |. BF 7C474200 MOV EDI,Speed_Vi.0042477C
0040E342 |. 8BF0 MOV ESI,EAX
0040E344 |. B9 01000000 MOV ECX,1
0040E349 |. 33DB XOR EBX,EBX
0040E34B |. F3:A6 REPE CMPS BYTE PTR ES:[EDI],BYTE PTR DS:>
0040E34D |. 5B POP EBX
0040E34E |. 74 12 JE SHORT Speed_Vi.0040E362
0040E350 |. 50 PUSH EAX
0040E351 |. 52 PUSH EDX
0040E352 |. E8 99FDFFFF CALL Speed_Vi.0040E0F0 ; //F7再跟进
0040E0F0 /$ 6A FF PUSH -1
0040E0F2 |. 68 40A04100 PUSH Speed_Vi.0041A040 ; 杠; SE 处理程序安装
0040E0F7 |. 64:A1 0000000>MOV EAX,DWORD PTR FS:[0]
0040E0FD |. 50 PUSH EAX
0040E0FE |. 64:8925 00000>MOV DWORD PTR FS:[0],ESP
0040E105 |. 83EC 14 SUB ESP,14
0040E108 |. 8B4424 24 MOV EAX,DWORD PTR SS:[ESP+24]
0040E10C |. 53 PUSH EBX
0040E10D |. 55 PUSH EBP
0040E10E |. 56 PUSH ESI
0040E10F |. 57 PUSH EDI
0040E110 |. 50 PUSH EAX
0040E111 |. 8D4C24 18 LEA ECX,DWORD PTR SS:[ESP+18]
0040E115 |. E8 D49B0000 CALL <JMP.&MFC42.#537_??0CString@@QAE@PB>
0040E11A |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14]
0040E11E |. C74424 2C 000>MOV DWORD PTR SS:[ESP+2C],0
0040E126 |. E8 7FA00000 CALL <JMP.&MFC42.#6282_?TrimLeft@CString>
0040E12B |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14]
0040E12F |. E8 70A00000 CALL <JMP.&MFC42.#6283_?TrimRight@CStrin>
0040E134 |. 6A 20 PUSH 20
0040E136 |. 8D4C24 18 LEA ECX,DWORD PTR SS:[ESP+18]
0040E13A |. E8 BF9D0000 CALL <JMP.&MFC42.#2915_?GetBuffer@CStrin>
0040E13F |. 8B4C24 38 MOV ECX,DWORD PTR SS:[ESP+38]
0040E143 |. 8BD8 MOV EBX,EAX
0040E145 |. 51 PUSH ECX
0040E146 |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14]
0040E14A |. E8 9F9B0000 CALL <JMP.&MFC42.#537_??0CString@@QAE@PB>
0040E14F |. 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10]
0040E153 |. C64424 2C 01 MOV BYTE PTR SS:[ESP+2C],1
0040E158 |. E8 4DA00000 CALL <JMP.&MFC42.#6282_?TrimLeft@CString>
0040E15D |. 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10]
0040E161 |. E8 3EA00000 CALL <JMP.&MFC42.#6283_?TrimRight@CStrin>
0040E166 |. 6A 20 PUSH 20
0040E168 |. 8D4C24 14 LEA ECX,DWORD PTR SS:[ESP+14]
0040E16C |. E8 8D9D0000 CALL <JMP.&MFC42.#2915_?GetBuffer@CStrin>
0040E171 |. 8BD0 MOV EDX,EAX
0040E173 |. 83CE FF OR ESI,FFFFFFFF
0040E176 |. 8BFA MOV EDI,EDX
0040E178 |. 8BCE MOV ECX,ESI
0040E17A |. 33C0 XOR EAX,EAX
0040E17C |. 895424 20 MOV DWORD PTR SS:[ESP+20],EDX
0040E180 |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0040E182 |. F7D1 NOT ECX
0040E184 |. 49 DEC ECX
0040E185 |. 8BFB MOV EDI,EBX
0040E187 |. 8BE9 MOV EBP,ECX
0040E189 |. 8BCE MOV ECX,ESI
0040E18B |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0040E18D |. F7D1 NOT ECX
0040E18F |. 49 DEC ECX
0040E190 |. 3BCD CMP ECX,EBP
0040E192 |. 0F87 54010000 JA Speed_Vi.0040E2EC
0040E198 |. 8BFB MOV EDI,EBX
0040E19A |. 8BCE MOV ECX,ESI
0040E19C |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0040E19E |. F7D1 NOT ECX
0040E1A0 |. 49 DEC ECX
0040E1A1 |. 0F84 45010000 JE Speed_Vi.0040E2EC
0040E1A7 |. 8BFA MOV EDI,EDX
0040E1A9 |. 8BCE MOV ECX,ESI
0040E1AB |. F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0040E1AD |. F7D1 NOT ECX
0040E1AF |. 49 DEC ECX
0040E1B0 |. 0F84 36010000 JE Speed_Vi.0040E2EC
0040E1B6 |. 894424 38 MOV DWORD PTR SS:[ESP+38],EAX
0040E1BA |> 8B5424 38 /MOV EDX,DWORD PTR SS:[ESP+38]
0040E1BE |. 8D4C24 34 |LEA ECX,DWORD PTR SS:[ESP+34]
0040E1C2 |. 8A82 00444200 |MOV AL,BYTE PTR DS:[EDX+424400]
0040E1C8 |. 884424 18 |MOV BYTE PTR SS:[ESP+18],AL
0040E1CC |. E8 AF990000 |CALL <JMP.&MFC42.#540_??0CString@@QAE@X>
0040E1D1 |. 8BFB |MOV EDI,EBX
0040E1D3 |. 83C9 FF |OR ECX,FFFFFFFF
0040E1D6 |. 33C0 |XOR EAX,EAX
0040E1D8 |. 33ED |XOR EBP,EBP
0040E1DA |. F2:AE |REPNE SCAS BYTE PTR ES:[EDI]
0040E1DC |. F7D1 |NOT ECX
0040E1DE |. 49 |DEC ECX
0040E1DF |. C64424 2C 02 |MOV BYTE PTR SS:[ESP+2C],2
0040E1E4 |. 74 4B |JE SHORT Speed_Vi.0040E231
0040E1E6 |> 8A042B |/MOV AL,BYTE PTR DS:[EBX+EBP]
0040E1E9 |. 33F6 ||XOR ESI,ESI
0040E1EB |> 3A0475 984342>||/CMP AL,BYTE PTR DS:[ESI*2+424398]
0040E1F2 |. 74 08 |||JE SHORT Speed_Vi.0040E1FC
0040E1F4 |. 46 |||INC ESI
0040E1F5 |. 83FE 34 |||CMP ESI,34
0040E1F8 |.^ 7C F1 ||\JL SHORT Speed_Vi.0040E1EB
0040E1FA |. EB 11 ||JMP SHORT Speed_Vi.0040E20D
0040E1FC |> 8A0C75 994342>||MOV CL,BYTE PTR DS:[ESI*2+424399]
0040E203 |. 51 ||PUSH ECX
0040E204 |. 8D4C24 38 ||LEA ECX,DWORD PTR SS:[ESP+38]
0040E208 |. E8 919F0000 ||CALL <JMP.&MFC42.#940_??YCString@@QAEA>
0040E20D |> 83FE 34 ||CMP ESI,34
0040E210 |. 75 0E ||JNZ SHORT Speed_Vi.0040E220
0040E212 |. 8B5424 18 ||MOV EDX,DWORD PTR SS:[ESP+18]
0040E216 |. 8D4C24 34 ||LEA ECX,DWORD PTR SS:[ESP+34]
0040E21A |. 52 ||PUSH EDX
0040E21B |. E8 7E9F0000 ||CALL <JMP.&MFC42.#940_??YCString@@QAEA>
0040E220 |> 8BFB ||MOV EDI,EBX
0040E222 |. 83C9 FF ||OR ECX,FFFFFFFF
0040E225 |. 33C0 ||XOR EAX,EAX
0040E227 |. 45 ||INC EBP
0040E228 |. F2:AE ||REPNE SCAS BYTE PTR ES:[EDI]
0040E22A |. F7D1 ||NOT ECX
0040E22C |. 49 ||DEC ECX
0040E22D |. 3BE9 ||CMP EBP,ECX
0040E22F |.^ 72 B5 |\JB SHORT Speed_Vi.0040E1E6
0040E231 |> 8B4424 34 |MOV EAX,DWORD PTR SS:[ESP+34]
0040E235 |. 8B48 F8 |MOV ECX,DWORD PTR DS:[EAX-8]
0040E238 |. 83F9 10 |CMP ECX,10
0040E23B |. 7D 3A |JGE SHORT Speed_Vi.0040E277
0040E23D |. 8BC1 |MOV EAX,ECX
0040E23F |. B9 10000000 |MOV ECX,10
0040E244 |. 2BC8 |SUB ECX,EAX
0040E246 |. 8D5424 1C |LEA EDX,DWORD PTR SS:[ESP+1C]
0040E24A |. 51 |PUSH ECX
0040E24B |. 52 |PUSH EDX
0040E24C |. B9 60484200 |MOV ECX,Speed_Vi.00424860
0040E251 |. E8 129F0000 |CALL <JMP.&MFC42.#4129_?Left@CString@@Q>
0040E256 |. 50 |PUSH EAX
0040E257 |. 8D4C24 38 |LEA ECX,DWORD PTR SS:[ESP+38]
0040E25B |. C64424 30 03 |MOV BYTE PTR SS:[ESP+30],3
0040E260 |. E8 2D9C0000 |CALL <JMP.&MFC42.#939_??YCString@@QAEAB>
0040E265 |. 8D4C24 1C |LEA ECX,DWORD PTR SS:[ESP+1C]
0040E269 |. C64424 2C 02 |MOV BYTE PTR SS:[ESP+2C],2
0040E26E |. E8 01990000 |CALL <JMP.&MFC42.#800_??1CString@@QAE@X>
0040E273 |. 8B4424 34 |MOV EAX,DWORD PTR SS:[ESP+34]
0040E277 |> 8B4C24 20 |MOV ECX,DWORD PTR SS:[ESP+20] ; //寄存器出现注册码
0040E27B |. 51 |PUSH ECX ; /s2
0040E27C |. 50 |PUSH EAX ; |s1
0040E27D |. FF15 2CB74100 |CALL DWORD PTR DS:[<&MSVCRT._mbscmp>] ; \
0040E277 |> \8B4C24 20 |MOV ECX,DWORD PTR SS:[ESP+20] ; //寄存器出现注册码
EAX 0113D4F0 ASCII "eeeeeeaeLHlXiwoP" //这就是注册码了
验证:
用户名:小人物
注册码:eeeeeeaeLHlXiwoP
我们来验证一下吧,注册成功了,追码就结束了!
下面我们来做一下内存注册机吧:
中断地址:0040E277
中断次数:1
第一字节:8B
指令长度:4
内存方式--寄存器--EAX
注册码保存在Settings文件里,我们把它删除后又变成未注册版本,这样就可以继续调试,好了,今天的教程就到此为此,不足之处就高手指点,谢谢!
再见!
By:小人物
动画教程下载页面地址:
|
|
IP卡
发表于 2009-10-9 19:36:10
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2009-10-9 22:18:02
发表于 2009-10-9 22:46:22
发表于 2009-10-10 07:23:59
发表于 2009-10-10 14:51:42
发表于 2009-10-10 15:32:45
