【新华字典词典-刘夫子版本】追码及爆破
软件见帖子:https://www.52hb.com/thread-3442-1-1.html一、脱壳用吾爱汇编论坛工具ASPDie脱壳
二、字符串搜索搜索字符串“注册”00543F73 E8 400FECFF call Unpacked.00404EB800543F78 8B45 FC mov eax,dword ptr ss:00543F7B E8 905BECFF call Unpacked.00409B1000543F80 3C 01 cmp al,0x100543F82 75 54 jnz short Unpacked.00543FD800543F84 BA 28415400 mov edx,Unpacked.00544128 ; 软件已注册00543F89 8B83 EC040000 mov eax,dword ptr ds:00543F8F E8 B836F0FF call Unpacked.0044764C00543F94 8B93 18040000 mov edx,dword ptr ds:00543F9A 8B83 30040000 mov eax,dword ptr ds:00543FA0 E8 77E6F8FF call Unpacked.004D261C00543FA5 BA 3C415400 mov edx,Unpacked.0054413C ; 解释00543FAA 8B83 30040000 mov eax,dword ptr ds:00543FB0 E8 B3E6F8FF call Unpacked.004D266800543FB5 8B93 F0020000 mov edx,dword ptr ds:00543FBB 8B83 74040000 mov eax,dword ptr ds:00543FC1 E8 7AEAF8FF call Unpacked.004D2A4000543FC6 BA 4C415400 mov edx,Unpacked.0054414C ; content00543FCB 8B83 74040000 mov eax,dword ptr ds:00543FD1 E8 B6EAF8FF call Unpacked.004D2A8C00543FD6 EB 30 jmp short Unpacked.0054400800543FD8 BA 5C415400 mov edx,Unpacked.0054415C ; 软件未注册00543FDD 8B83 EC040000 mov eax,dword ptr ds:00543FE3 E8 6436F0FF call Unpacked.0044764C
00545A18 58 pop eax00545A19 E8 D6F5EBFF call Unpacked.00404FF400545A1E 0F85 14010000 jnz Unpacked.00545B3800545A24 BA 845B5400 mov edx,Unpacked.00545B84 ; xhcz.d1100545A29 8D85 ACFEFFFF lea eax,dword ptr ss:00545A2F E8 10D5EBFF call Unpacked.00402F4400545A34 BA 01000000 mov edx,0x100545A39 8D85 ACFEFFFF lea eax,dword ptr ss:00545A3F E8 B4DAEBFF call Unpacked.004034F800545A44 E8 33CFEBFF call Unpacked.0040297C00545A49 33C0 xor eax,eax00545A4B 55 push ebp00545A4C 68 BE5A5400 push Unpacked.00545ABE00545A51 64:FF30 push dword ptr fs:00545A54 64:8920 mov dword ptr fs:,esp00545A57 6A 00 push 0x000545A59 8D55 FB lea edx,dword ptr ss:00545A5C B9 01000000 mov ecx,0x100545A61 8D85 ACFEFFFF lea eax,dword ptr ss:00545A67 E8 34D6EBFF call Unpacked.004030A000545A6C E8 0BCFEBFF call Unpacked.0040297C00545A71 BA 88AD1000 mov edx,0x10AD8800545A76 8D85 ACFEFFFF lea eax,dword ptr ss:00545A7C E8 83DAEBFF call Unpacked.0040350400545A81 E8 F6CEEBFF call Unpacked.0040297C00545A86 6A 00 push 0x000545A88 8D55 FB lea edx,dword ptr ss:00545A8B B9 01000000 mov ecx,0x100545A90 8D85 ACFEFFFF lea eax,dword ptr ss:00545A96 E8 05D6EBFF call Unpacked.004030A000545A9B E8 DCCEEBFF call Unpacked.0040297C00545AA0 33C0 xor eax,eax00545AA2 5A pop edx00545AA3 59 pop ecx00545AA4 59 pop ecx00545AA5 64:8910 mov dword ptr fs:,edx00545AA8 68 C55A5400 push Unpacked.00545AC500545AAD 8D85 ACFEFFFF lea eax,dword ptr ss:00545AB3 E8 08D6EBFF call Unpacked.004030C000545AB8 E8 BFCEEBFF call Unpacked.0040297C00545ABD C3 retn00545ABE^ E9 D9E9EBFF jmp Unpacked.0040449C00545AC3^ EB E8 jmp short Unpacked.00545AAD00545AC5 B8 985B5400 mov eax,Unpacked.00545B98 ; 软件注册成功!00545ACA E8 35ADEFFF call Unpacked.0044080400545ACF 8B45 FC mov eax,dword ptr ss:00545AD2 8B80 EC040000 mov eax,dword ptr ds:00545AD8 BA B05B5400 mov edx,Unpacked.00545BB0 ; 软件已注册00545ADD E8 6A1BF0FF call Unpacked.0044764C00545AE2 8B45 FC mov eax,dword ptr ss:00545AE5 8B90 18040000 mov edx,dword ptr ds:00545AEB 8B45 FC mov eax,dword ptr ss:00545AEE 8B80 30040000 mov eax,dword ptr ds:00545AF4 E8 23CBF8FF call Unpacked.004D261C00545AF9 8B45 FC mov eax,dword ptr ss:00545AFC 8B80 30040000 mov eax,dword ptr ds:00545B02 BA C45B5400 mov edx,Unpacked.00545BC4 ; 解释00545B07 E8 5CCBF8FF call Unpacked.004D266800545B0C 8B45 FC mov eax,dword ptr ss:00545B0F 8B90 F0020000 mov edx,dword ptr ds:00545B15 8B45 FC mov eax,dword ptr ss:00545B18 8B80 74040000 mov eax,dword ptr ds:00545B1E E8 1DCFF8FF call Unpacked.004D2A4000545B23 8B45 FC mov eax,dword ptr ss:00545B26 8B80 74040000 mov eax,dword ptr ds:00545B2C BA D45B5400 mov edx,Unpacked.00545BD4 ; content00545B31 E8 56CFF8FF call Unpacked.004D2A8C00545B36 EB 0A jmp short Unpacked.00545B4200545B38 B8 E45B5400 moveax,Unpacked.00545BE4 ; 注册失败,请重试!\r\r注册用户重试失败请与作者联系!00545B3D E8 C2ACEFFF call Unpacked.00440804
三、改关键跳改注册关键跳
刚才还说没教程,教程现在就来了!{:5_123:}
最近论坛不是很热闹啊 感谢楼主的教程{:5_116:}
最近忙其他事去了,以后必须热闹。
{:5_116:}谢谢楼主分享
好教程,这个以前搞了好久都没搞定
这么快就出教程了来学习下
教程不错,希望以后多出些逆向分析思路教程
这么快就出教程了,谢谢了!