简单吗,我可是门外汉哦
我晕,怎么下载了是一个什么超级启动软件啊
晕,不会哦~~~
载入后
00401708 > $68 484C4000 PUSH SuperBoo.00404C48
0040170D .E8 F0FFFFFF CALL <JMP.&MSVBVM60.#100>--------用VB6.0编的
ALT+E,选MSVBVM60 ,CTRL+N, 选vbaStrComp至于为什么选它,学的时候就是选它(现在大概有点明白了,是比较的意思吧)
下断点,运行.输入11111-222222-33333-44444-55555
运行停到这,看堆贱
0012E6B0 0040BE80UNICODE "xpq4g"
0012E6B4 0018EBBCUNICODE "55555"
最后一组真假码比较
F8单步
依次类推
0012E6BC 0040B094UNICODE "6crcc"
0012E6C0 001A7494UNICODE "44444"
0012E6BC 0040B150UNICODE "frt9j"
0012E6C0 00165894UNICODE "33333"
0012E6BC 0040B140UNICODE "b9tky"
0012E6C0 001894C4UNICODE "22222"
0012E6BC 0040B1D4UNICODE "dg8fv"
0012E6C0 0017B64CUNICODE "11111"
注册码就出来了
dg8fv-b9tky-frt9j-6crcc-xpq4g
明码比较,比较简单
再难点的,偶就不会了,呵呵
明码比较,简单死了
来一份粗粉(粗分析^_^)和内存注册机制作
在所有Call EBX下断拦码
内存方式:ESP
ESP=0012E6BC
写注册机时选
地址指针1层
0012E6BC 0040BE80UNICODE "xpq4g"
0012E6C0 001A170CUNICODE "fffff"
注册码是从后算起的,所以0041E444中断最后添加
0041E415 .FF92 A0000000 CALL DWORD PTR DS:
0041E41B .3BC7 CMP EAX,EDI
0041E41D .DBE2 FCLEX
0041E41F .7D 14 JGE SHORT SuperBoo.0041E435
0041E421 .8B95 3CFFFFFF MOV EDX,DWORD PTR SS:
0041E427 .68 A0000000 PUSH 0A0
0041E42C .68 B8B84000 PUSH SuperBoo.0040B8B8
0041E431 .52 PUSH EDX
0041E432 .50 PUSH EAX
0041E433 .FFD3 CALL EBX
0041E435 >8B45 B0 MOV EAX,DWORD PTR SS:
0041E438 .8B1D 64104000 MOV EBX,DWORD PTR DS:[<&MSVBVM60.__vbaSt>;MSVBVM60.__vbaStrCmp
0041E43E .50 PUSH EAX
0041E43F .68 80BE4000 PUSH SuperBoo.0040BE80 ;UNICODE "xpq4g"
0041E444 .FFD3 CALL EBX ;
<&MSVBVM60.__vbaStrCmp>-----------------------------------------------下断拦码(5)
0041E446 .8B4D B4 MOV ECX,DWORD PTR SS:
0041E449 .8BF8 MOV EDI,EAX
0041E44B .F7DF NEG EDI
0041E44D .1BFF SBB EDI,EDI
0041E44F .51 PUSH ECX
0041E450 .47 INC EDI
0041E451 .68 94B04000 PUSH SuperBoo.0040B094 ;UNICODE "6crcc"
0041E456 .F7DF NEG EDI
0041E458 .FFD3 CALL EBX-----------------------------------下断拦码(4)
0041E45A .8B55 B8 MOV EDX,DWORD PTR SS:
0041E45D .F7D8 NEG EAX
0041E45F .1BC0 SBB EAX,EAX
0041E461 .52 PUSH EDX
0041E462 .40 INC EAX
0041E463 .68 50B14000 PUSH SuperBoo.0040B150 ;UNICODE "frt9j"
0041E468 .F7D8 NEG EAX
0041E46A .23F8 AND EDI,EAX
0041E46C .FFD3 CALL EBX-----------------------------------下断拦码(3)
0041E46E .F7D8 NEG EAX
0041E470 .1BC0 SBB EAX,EAX
0041E472 .40 INC EAX
0041E473 .F7D8 NEG EAX
0041E475 .23F8 AND EDI,EAX
0041E477 .8B45 BC MOV EAX,DWORD PTR SS:
0041E47A .50 PUSH EAX
0041E47B .68 40B14000 PUSH SuperBoo.0040B140 ;UNICODE "b9tky"
0041E480 .FFD3 CALL EBX-----------------------------------下断拦码(2)
0041E482 .8B4D C0 MOV ECX,DWORD PTR SS:
0041E485 .F7D8 NEG EAX
0041E487 .1BC0 SBB EAX,EAX
0041E489 .51 PUSH ECX
0041E48A .40 INC EAX
0041E48B .68 D4B14000 PUSH SuperBoo.0040B1D4 ;UNICODE "dg8fv"
0041E490 .F7D8 NEG EAX
0041E492 .23F8 AND EDI,EAX
0041E494 .FFD3 CALL EBX-----------------------------------下断拦码(1)
0041E496 .8B55 C4 MOV EDX,DWORD PTR SS:
0041E499 .F7D8 NEG EAX
0041E49B .1BC0 SBB EAX,EAX
0041E49D .52 PUSH EDX
0041E49E .40 INC EAX
注册码为:dg8fv-b9tky-frt9j-6crcc-xpq4g
注册机使用方法:
1,输入任意注册码后,点注册认证5次,
即可得注册码。
2,注意“#”号后的不要,“#”号前的为
注册码。
说明一下,最后一部分注册码后有乱码。
不知道是不是注册机编写器的原因,还是内存那个UNICODE字符的原因。我已用“#”区分开了。^_^
那位高手有解决的办法不?记得给我说一下。先谢谢了!
好吓人哦,............................
谢谢 联系中
DG8FV-B9TKY-FRT9J-6CRCC-XPQ4G
跟到的码是一样的,原来是固定码的,我下的是_VBASTRCMP,同样都可以得到的。