大话2-私人订制完整版爆破
查壳,无壳,od载入,先让程序跑起来。
alt+e 选择主程序
00401000 .33C0 xor eax,eax //易语言的特征头
00401002 .C3 retn
00401003 90 nop
00401004/$55 push ebp
00401005|.8BEC mov ebp,esp
00401007|.E8 0E000000 call LUAMain5.0040101A
0040100C|.B8 00000000 mov eax,0x0
00401011|.E9 00000000 jmp LUAMain5.00401016
00401016|>8BE5 mov esp,ebp
00401018|.5D pop ebp
00401019\.C3 retn
0040101A/$55 push ebp
0040101B|.8BEC mov ebp,esp
0040101D|.8BE5 mov esp,ebp
0040101F|.5D pop ebp
下面我们来下按钮断点
FF 55 FC 5F 5E
0047F72D|> \FF55 FC call ;
LUAMain5.00422718 //断在这里f7 跟进
0047F730|.5F pop edi
0047F731|.5E pop esi
0047F732|.895D F4 mov ,ebx
0047F735|.8945 F8 mov ,eax
0047F738|.8B55 E8 mov edx,
0047F73B|.C782 F0010000>mov dword ptr ds:,0x0
0047F745|.837D F4 00 cmp ,0x0
0047F749|.74 13 je short LUAMain5.0047F75E
0047F74B|.8B45 08 mov eax,
004227C5|.6A 00 push 0x0
004227C7|.68 00000000 push 0x0
004227CC|.68 04000080 push 0x80000004
004227D1|.6A 00 push 0x0
004227D3|.68 77055100 push LUAMain5.00510577 ;账号掉线请点击掉线注销
004227D8|.68 03000000 push 0x3
004227DD|.BB 30FE4500 mov ebx,LUAMain5.0045FE30
004227E2|.E8 3F8F0300 call LUAMain5.0045B726
004227E7|.83C4 28 add esp,0x28
004227EA|.E9 C0000000 jmp LUAMain5.004228AF
004227EF|>837D FC 04 cmp ,0x4
004227F3|.0F85 B6000000 jnz LUAMain5.004228AF//关键跳转 改 je
爆破前:
爆破后:
无壳无V的按钮事件使用方法。。很简单的教程,感谢楼主。{:5_117:}
很详细啊适合我这样的新手看
学习了··我去下载练练手
这是什么网络验证噢,下载来练练手{:5_121:}
哇撒?这是神马东东
{:6_200:}0--吾爱的帖子吧!!
楼主讲的不错,挺详细的,顶
{:5_188:}早就搞定了
早就搞定了