DFCG破解入门第十课
-
用DeDe破解DELPHI编写程序的教程,在网上“我要”可能是第一个。其它论坛的朋友,未经本人同意请勿转载此破解教程及动画。
-----------------------------------------------------------------------
DeDe破解用DELPHI编写程序的教程
破解工具:DeDe.exe
教学用具:Crkme4.exe(在风飘雪下载)
做注册机:Keymake1.63以上的版本
破解过程:用DeDe v1.05装入Crkme4,点PROCESS→OK→点工具栏DCU,在左窗口里选Unit1→在右窗口双击Button1Click,双击后停在这里:
0042DAD4 55 push ebp
0042DAD5 8BEC mov ebp, esp
0042DAD7 6A00 push $00
0042DAD9 6A00 push $00
0042DADB 53 push ebx
0042DADC 56 push esi
0042DADD 57 push edi
0042DADE 8BD8 mov ebx, eax
0042DAE0 BE5CF74200 mov esi, $0042F75C
0042DAE5 BF64F74200 mov edi, $0042F764
0042DAEA 33C0 xor eax, eax
0042DAEC 55 push ebp
0042DAED 680EDD4200 push $0042DD0E
0042DAF2 64FF30 push dword ptr fs:[eax]
0042DAF5 648920 mov fs:[eax], esp
0042DAF8 B804000000 mov eax, $00000004
0042DAFD E8AE4AFDFF call 004025B0
0042DB02 A344F74200 mov dword ptr [$42F744], eax
0042DB07 6A00 push $00
0042DB09 6A00 push $00
0042DB0B 684CF74200 push $0042F74C
0042DB10 6848F74200 push $0042F748
0042DB15 A144F74200 mov eax, dword ptr [$42F744]
0042DB1A 50 push eax
0042DB1B 6A00 push $00
0042DB1D 6A00 push $00
0042DB1F 6A00 push $00
* Reference to: kernel32.GetVolumeInFORMationA
|
0042DB21 E85E75FDFF call 00405084
0042DB26 A144F74200 mov eax, dword ptr [$42F744]
0042DB2B 8B00 mov eax, [eax]
0042DB2D A350F74200 mov dword ptr [$42F750], eax
0042DB32 8D55FC lea edx, [ebp-$04]
0042DB35 8B83E0010000 mov eax, [ebx+$01E0]
0042DB3B E8E8C6FEFF call 0041A228
0042DB40 837DFC00 cmp dword ptr [ebp-$04], +$00
0042DB44 751A jnz 0042DB60
0042DB46 6A00 push $00
0042DB48 668B0D1CDD4200 mov cx, word ptr [$42DD1C]
0042DB4F B202 mov dl, $02
* Possible String Reference to: "Please typ in your name !!"
|
0042DB51 B828DD4200 mov eax, $0042DD28
0042DB56 E8E5F2FFFF call 0042CE40
0042DB5B E990010000 jmp 0042DCF0
0042DB60 8D55FC lea edx, [ebp-$04]
0042DB63 8B83E0010000 mov eax, [ebx+$01E0]
0042DB69 E8BAC6FEFF call 0041A228
0042DB6E 8B45FC mov eax, [ebp-$04]
0042DB71 E84A5CFDFF call 004037C0
0042DB76 83F806 cmp eax, +$06
0042DB79 7D1A jnl 0042DB95
0042DB7B 6A00 push $00
0042DB7D 668B0D1CDD4200 mov cx, word ptr [$42DD1C]
0042DB84 B202 mov dl, $02
* Possible String Reference to: "Type at least 6 chars for your name
| ! !"
|
0042DB86 B84CDD4200 mov eax, $0042DD4C
0042DB8B E8B0F2FFFF call 0042CE40
0042DB90 E95B010000 jmp 0042DCF0
0042DB95 8D55FC lea edx, [ebp-$04]
0042DB98 8B83E4010000 mov eax, [ebx+$01E4]
0042DB9E E885C6FEFF call 0041A228
0042DBA3 837DFC00 cmp dword ptr [ebp-$04], +$00
0042DBA7 751A jnz 0042DBC3
0042DBA9 6A00 push $00
0042DBAB 668B0D1CDD4200 mov cx, word ptr [$42DD1C]
0042DBB2 B202 mov dl, $02
* Possible String Reference to: "Please enter your serial !"
|
0042DBB4 B87CDD4200 mov eax, $0042DD7C
0042DBB9 E882F2FFFF call 0042CE40
0042DBBE E92D010000 jmp 0042DCF0
0042DBC3 8BC7 mov eax, edi
0042DBC5 E87A59FDFF call 00403544
0042DBCA C70602000000 mov dword ptr [esi], $00000002
0042DBD0 8D55FC lea edx, [ebp-$04]
0042DBD3 8B83E0010000 mov eax, [ebx+$01E0]
0042DBD9 E84AC6FEFF call 0041A228
0042DBDE 8B45FC mov eax, [ebp-$04]
0042DBE1 8B16 mov edx, [esi]
0042DBE3 0FB64410FF movzx eax, byte ptr [eax+edx-$01]
0042DBE8 8D55F8 lea edx, [ebp-$08]
0042DBEB E88889FDFF call 00406578
0042DBF0 8B55F8 mov edx, [ebp-$08]
0042DBF3 8BC7 mov eax, edi
0042DBF5 E8CE5BFDFF call 004037C8
0042DBFA FF06 inc dword ptr [esi]
0042DBFC 833E07 cmp dword ptr [esi], +$07
0042DBFF 75CF jnz 0042DBD0
0042DC01 8D45F8 lea eax, [ebp-$08]
0042DC04 50 push eax
0042DC05 B903000000 mov ecx, $00000003
0042DC0A BA01000000 mov edx, $00000001
0042DC0F 8B07 mov eax, [edi]
0042DC11 E8AE5DFDFF call 004039C4
0042DC16 8B45F8 mov eax, [ebp-$08]
0042DC19 E88A89FDFF call 004065A8
0042DC1E A358F74200 mov dword ptr [$42F758], eax
0042DC23 8BC7 mov eax, edi
0042DC25 E81A59FDFF call 00403544
0042DC2A 8BC3 mov eax, ebx
0042DC2C E8B3FCFFFF call 0042D8E4
0042DC31 A150F74200 mov eax, dword ptr [$42F750]
0042DC36 A350F74200 mov dword ptr [$42F750], eax
0042DC3B 8BC3 mov eax, ebx
0042DC3D E8F2FCFFFF call 0042D934
0042DC42 A158F74200 mov eax, dword ptr [$42F758]
0042DC47 A358F74200 mov dword ptr [$42F758], eax
0042DC4C 8BC3 mov eax, ebx
0042DC4E E835FDFFFF call 0042D988
0042DC53 8BC3 mov eax, ebx
0042DC55 E87EFDFFFF call 0042D9D8
0042DC5A A158F74200 mov eax, dword ptr [$42F758]
0042DC5F A358F74200 mov dword ptr [$42F758], eax
0042DC64 8BC3 mov eax, ebx
0042DC66 E8B1FDFFFF call 0042DA1C
0042DC6B 8BC3 mov eax, ebx
0042DC6D E8B6FDFFFF call 0042DA28
0042DC72 A158F74200 mov eax, dword ptr [$42F758]
0042DC77 A358F74200 mov dword ptr [$42F758], eax
0042DC7C 8BC3 mov eax, ebx
0042DC7E E8B1FDFFFF call 0042DA34
0042DC83 8BC3 mov eax, ebx
0042DC85 E8F2FDFFFF call 0042DA7C
0042DC8A 8BC3 mov eax, ebx
0042DC8C E80BFEFFFF call 0042DA9C
0042DC91 A150F74200 mov eax, dword ptr [$42F750]
0042DC96 010558F74200 add [$42F758], eax
0042DC9C 8D55FC lea edx, [ebp-$04]
0042DC9F 8B83E4010000 mov eax, [ebx+$01E4]
0042DCA5 E87EC5FEFF call 0041A228
0042DCAA 8B45FC mov eax, [ebp-$04]
0042DCAD E8F688FDFF call 004065A8
0042DCB2 A360F74200 mov dword ptr [$42F760], eax
0042DCB7 A158F74200 mov eax, dword ptr [$42F758]
0042DCBC 3B0560F74200 cmp eax, [$42F760] → 比较
0042DCC2 7517 jnz 0042DCDB → 关键跳转
0042DCC4 6A00 push $00
0042DCC6 668B0D1CDD4200 mov cx, word ptr [$42DD1C]
0042DCCD B202 mov dl, $02
* Possible String Reference to: "Good Serial, Thanks For trying this → 注册成功提示
| Crackme bY nIabI !"
|
0042DCCF B8A0DD4200 mov eax, $0042DDA0
0042DCD4 E867F1FFFF call 0042CE40
0042DCD9 EB15 jmp 0042DCF0
0042DCDB 6A00 push $00
0042DCDD 668B0D1CDD4200 mov cx, word ptr [$42DD1C]
0042DCE4 B202 mov dl, $02
* Possible String Reference to: "Bad Name Or Serial Number !!!!!" → 注册错误提示
|
0042DCE6 B8E0DD4200 mov eax, $0042DDE0
0042DCEB E850F1FFFF call 0042CE40
0042DCF0 33C0 xor eax, eax
0042DCF2 5A pop edx
0042DCF3 59 pop ecx
0042DCF4 59 pop ecx
0042DCF5 648910 mov fs:[eax], edx
0042DCF8 6815DD4200 push $0042DD15
0042DCFD 8D45F8 lea eax, [ebp-$08]
0042DD00 E83F58FDFF call 00403544
0042DD05 8D45FC lea eax, [ebp-$04]
0042DD08 E83758FDFF call 00403544
0042DD0D C3 ret
现在已经看到这个软件在那里有注册成功与否的提示了!分析一下,在注册成功提示上面的“JNZ”就是关键跳转所在,再向上看一行,这就是比较的位置。好了!现在我们可以为它做一个注册机,各位慢看:
一、启动Keymake → 其它 → 另类注册机 → 浏览 → Crkme4.exe → 添加 → 写入如下信息:
中断地址:42DCBC
中断次数:1
第一字节:3B
指令长度:6
二、点选“寄存器方式” → “EAX” → “十进制” → 点“生成”。
三、选择注册机的界面,为注册机起名“cr-Crkme4”,保存后退出即可在Crkme4的安装目录里生成一个名为cr-Crkme4的注册机,用这个就可成功注册了!!!
四、这个Crkme4我是在风飘雪那里下载的,它只允许用guodong这个名去注册,有兴趣的朋友可试试用其它名去注册,但不一定能成功注册的,你用Ollydbg去破它也有这个问题,“我要”这次主要是教会大家用DeDe破解DELPHI编写的程序,其它的我就不在探讨了!!!
五、破解用DELPHI编写的程序,用DeDe去破解比用W32dsm还方便直接,这是我本人的意见,你说呢?
相关视频
相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么
- 文章评论
-
热门文章
去除winrar注册框方法
最新文章
比特币病毒怎么破解 比去除winrar注册框方法
华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)通过Access破解MSSQL获得数据人气排行 华为无线路由器HG522-C破解教程(附超级密码JEB格式文件京东电子书下载和阅读限制破解教UltraISO注册码全集(最新)qq相册密码破解方法去除winrar注册框方法(适应任何版本)怎么用手机破解收费游戏华为无线猫HG522破解如何给软件脱壳基础教程
查看所有0条评论>>