- UID
- 63412
注册时间2009-11-1
阅读权限20
最后登录1970-1-1
以武会友
 
TA的每日心情 | 擦汗
2022-4-19 14:09 |
|---|
签到天数: 3 天 [LV.2]偶尔看看I
|
https://www.chinapyg.com/viewthr ... &extra=page%3D1
软件自己大家下载吧,下面是分析代码:
00556E4D . E8 3656F8FF call PicAlbum.004DC488 ; 关键
call
00556E52 . 8B95 3CFEFF>mov edx,dword ptr ss:[ebp-1C4]
00556E58 A1 CC1D5700 mov eax,dword ptr ds:[571DCC]
00556E5D . E8 26E2EAFF call PicAlbum.00405088
00556E62 . A1 CC1D5700 mov eax,dword ptr ds:[571DCC]
00556E67 . 8B00 mov eax,dword ptr ds:[eax]
00556E69 . BA F4825500 mov edx,PicAlbum.005582F4 ; ASCII
"OK"
00556E6E . E8 BDE5EAFF call PicAlbum.00405430
00556E73 0F84 410100>je PicAlbum.00556FBA
004DC4EF /74 1F je short PicAlbum.004DC510 ; 这里要
跳
004DC694 |. 83F8 13 cmp eax,13
004DC697 0F85 F50000>jnz PicAlbum.004DC792 ; 这里不
可以跳
004DC756 |. 8B45 F0 mov eax,dword ptr ss:[ebp-10] ; 出注册
码
004DC759 |. 8B55 F4 mov edx,dword ptr ss:[ebp-C] ; eax出
注册码
Stack ss:[0012FBA0]=013E890C, (ASCII "HSJO-6EKG-SQU8-0IQO")
eax=00000001
00562A56 /EB 2B jmp short crack.00562A83 ; 这里跳
00562A58 |. |B8 04000000 mov eax,4
00562A5D |. |E8 C6C7F7FF call crack.004DF228
00562A62 |. |6A 07 push 7
00562A64 |. |68 2C2D5600 push crack.00562D2C
00562A69 |. |68 2C2D5600 push crack.00562D2C
00562A6E |. |8B86 284201>mov eax,dword ptr ds:[esi+14228]
00562A74 |. |E8 6B2AEAFF call crack.004054E4
00562A79 |. |50 push eax ; |FileName
00562A7A |. |6A 00 push 0 ; |Operation = NULL
00562A7C |. |6A 00 push 0 ; |hWnd = NULL
00562A7E |. |E8 A9EBEDFF call <jmp.&shell32.ShellExecuteA> ; \跳出网页
00562A83 |> \33C0 xor eax,eax
00562A85 |. 5A pop edx
00562A86 |. 59 pop ecx
00562A87 |. 59 pop ecx
00562A88 |. 64:8910 mov dword ptr fs:[eax],edx
00562A8B |. 68 B52A5600 push crack.00562AB5
00557F9B /EB 40 jmp short crack33.00557FDD ; 这里跳才会不出网页
00557F9D . |A1 AC1D5700 mov eax,dword ptr ds:[571DAC]
00557FA2 . |8338 02 cmp dword ptr ds:[eax],2
00557FA5 . |74 1C je short crack33.00557FC3
00557FA7 . |6A 07 push 7 ; /IsShown = 7
00557FA9 . |68 84875500 push crack33.00558784 ; |DefDir = ""
00557FAE . |68 84875500 push crack33.00558784 ; |Parameters = ""
00557FB3 . |68 88875500 push crack33.00558788 ; |FileName = "http://www.hfjsj.com/PicAlbum"
00557FB8 . |6A 00 push 0 ; |Operation = NULL
00557FBA . |6A 00 push 0 ; |hWnd = NULL
00557FBC . |E8 6B96EEFF call <jmp.&shell32.ShellExecuteA> ; \ShellExecuteA
00557FC1 . |EB 1A jmp short crack33.00557FDD
00557FC3 > |6A 07 push 7 ; /IsShown = 7
00557FC5 . |68 84875500 push crack33.00558784 ; |DefDir = ""
00557FCA . |68 84875500 push crack33.00558784 ; |Parameters = ""
00557FCF . |68 A8875500 push crack33.005587A8 ; |FileName = "http://www.hfjsj.com/PicAlbum/en"
00557FD4 . |6A 00 push 0 ; |Operation = NULL
00557FD6 . |6A 00 push 0 ; |hWnd = NULL
00557FD8 . |E8 4F96EEFF call <jmp.&shell32.ShellExecuteA> ; \ShellExecuteA
00557FDD > \33C0 xor eax,eax
00557FDF . 5A pop edx
00557FE0 . 59 pop ecx
00557FE1 . 59 pop ecx
作者不厚道加了弹窗网页 |
|
IP卡
发表于 2010-5-26 22:00:13
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2010-6-1 07:09:12
