ipsearch 1.7的破解心得
-
ipsearch 1.7的破解
ipsearch 1.7
下载地址:http://sq.onlinedown.net/down/ipsrch17.zip
软件说明:该软件可以查找指定 IP 地址范围内的 Web 站点,并生成 HTML 格式的报表,内置 Whois、域名解析功能。
破解人:happymg[dfcg]
工具:trw,w32dsm
使用FI查一下,发现没有加壳,我喜欢。
用W32Dsm89反编译发现串式"Thank you for registering!",点击看到
* Reference To: MFC42.Ordinal:0217, Ord:0217h
|
:0040572B E88AC20000 Call 004119BA
:00405730 898570FFFFFF mov dword ptr [ebp+FFFFFF70], eax
:00405736 8D4588 lea eax, dword ptr [ebp-78]
:00405739 50 push eax
:0040573A 8B4D84 mov ecx, dword ptr [ebp-7C]
:0040573D 81C1D0000000 add ecx, 000000D0
:00405743 E8D82C0000 call 00408420
:00405748 89856CFFFFFF mov dword ptr [ebp+FFFFFF6C], eax
:0040574E C645FC01 mov [ebp-04], 01
:00405752 8B4D88 mov ecx, dword ptr [ebp-78]
:00405755 33D2 xor edx, edx
:00405757 8379F800 cmp dword ptr [ecx-08], 00000000
:0040575B 0F94C2 sete dl
:0040575E 85D2 test edx, edx
:00405760 0F858D000000 jne 004057F3
:00405766 8B45EC mov eax, dword ptr [ebp-14]
:00405769 898578FFFFFF mov dword ptr [ebp+FFFFFF78], eax
:0040576F 8B4D88 mov ecx, dword ptr [ebp-78]
:00405772 898D7CFFFFFF mov dword ptr [ebp+FFFFFF7C], ecx
:00405778 8B9578FFFFFF mov edx, dword ptr [ebp+FFFFFF78]
:0040577E 52 push edx ----->D EDX假的注册码
:0040577F 8B857CFFFFFF mov eax, dword ptr [ebp+FFFFFF7C]
:00405785 50 push eax ----->D EAX真的注册码
* Reference To: MSVCRT._mbscmp, Ord:0159h
|
:00405786 FF15B0454100 Call dword ptr [004145B0]
:0040578C 83C408 add esp, 00000008
:0040578F F7D8 neg eax
:00405791 1BC0 sbb eax, eax
:00405793 40 inc eax
:00405794 25FF000000 and eax, 000000FF
:00405799 85C0 test eax, eax
:0040579B 7456 je 004057F3 ----->跳就死
:0040579D 8B4DF0 mov ecx, dword ptr [ebp-10]
:004057A0 51 push ecx
* Possible StringData Ref from Data Obj ->"Name"
|
:004057A1 68DC834100 push 004183DC
* Possible StringData Ref from Data Obj ->"User"
|
:004057A6 68D4834100 push 004183D4
:004057AB 8B4D84 mov ecx, dword ptr [ebp-7C]
:004057AE 81C1C4000000 add ecx, 000000C4
:004057B4 E8173D0000 call 004094D0
:004057B9 8B55EC mov edx, dword ptr [ebp-14]
:004057BC 52 push edx
* Possible StringData Ref from Data Obj ->"Code"
|
:004057BD 68CC834100 push 004183CC
* Possible StringData Ref from Data Obj ->"User"
|
:004057C2 68D4834100 push 004183D4
:004057C7 8B4D84 mov ecx, dword ptr [ebp-7C]
:004057CA 81C1C4000000 add ecx, 000000C4
:004057D0 E8FB3C0000 call 004094D0
:004057D5 8B4D84 mov ecx, dword ptr [ebp-7C]
:004057D8 81C1D0000000 add ecx, 000000D0
:004057DE E85D100000 call 00406840
:004057E3 6A00 push 00000000
:004057E5 6A00 push 00000000
* Possible StringData Ref from Data Obj ->"Thank you for registering!"
|
:004057E7 68B0834100 push 004183B0
* Reference To: MFC42.Ordinal:04B0, Ord:04B0h
|
:004057EC E80DC30000 Call 00411AFE
:004057F1 EB0E jmp 00405801
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00405760(C), :0040579B(C)
|
:004057F3 6A00 push 00000000
:004057F5 6A00 push 00000000
* Possible StringData Ref from Data Obj ->"Name / Code mis-match. Try again."
|
:004057F7 688C834100 push 0041838C
注册机制作:
启动Keymake1.73,按F8做另类注册机输入
中断地址:405785
中断次数:1
第一字节:50
指令长度:1
内存方式:EAX
生成即可。
相关视频
相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么
- 文章评论
-
热门文章
去除winrar注册框方法
最新文章
比特币病毒怎么破解 比去除winrar注册框方法
华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)通过Access破解MSSQL获得数据人气排行 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)qq相册密码破解方法去除winrar注册框方法(适应任何版本)怎么用手机破解收费游戏华为无线猫HG522破解如何给软件脱壳基础教程
查看所有0条评论>>