Delphi代码转换到CS软件分析(Delphi2CS)
本帖最后由 yujunqiang 于 2022-6-8 14:52 编辑运行环境:WIN7、10、11
涉及工具:dnSpy、ExeinfoPe
教程类型:逆向限制,算法分析等
是否讲解思路和原理:是
以下为图文内容:
转换 Delphi 5,6,7 和 Delphi.NET 到 C#
官方下载地址(Delphi2CS4.1):
http://www.netcoole.com/delphi2cs.html
http://www.netcoole.com/download/delphi2cs.zip
类似还有 VB6TOCS 地址(转换VB6到C#4.0)
http://www.netcoole.com/download/vb6tocs.zip
下载安装为试用版本,转换代码不能超过500行,使用ExeinfoPe测试软件为 .NET,用dnSpy打开软件delphi2cs.exe调试:
1、以数字/字符串搜索500:
在 BB 类 中有
If Global.QB.B <> 100 Then
Me.ED("Delphi2CS has expired.")
stringBuilder3.Append("// Delphi2CS has expired, please purchase the final version. " & vbCrLf)
flag = True
ElseIf Me.GB.A > 500 Then
Me.ED("Delphi2CS trial converts the .pas file that is less than 500 lines.")
stringBuilder3.Append(" // Delphi2CS trial converts the .PAS file that is less than 500 lines. " & vbCrLf)
Dim fileName As String = Path.GetFileName(Me.O)
stringBuilder3.Append(String.Concat(New Object() { " // ", fileName, " is ", Me.GB.A, " lines. " & vbCrLf }))
stringBuilder3.Append(" // Please purchse the final version to avoid the limitation." & vbCrLf)
flag = True
End If
分析代码 QB.B <> 100 表示软件过期,GB.A > 500 表示代码行超过 500 行,在此鼠标右键,使用编辑IL指令,
将500改为50000,或者条件语句内指令为空,IL指令如下:
133 0181 ldarg.0
134 0182 ldfld class DB BB::GB
135 0187 ldfld int32 DB::A
136 018C ldc.i4 0x1F4------->0x1F4改为50000
137 0191 ble 186 (0216) ldloc.1
或者条件语句内容改为空:
If Global.QB.B <> 100 Then
ElseIf Me.GB.A > 500 Then
End If
鼠标在每行指令下,编辑IL指令,默认多行,按DEL,选择删除。
再继续搜索 100 找到 类 QB.B ,分析为软件过期代码如下:
Public Shared Function B(A As KD) As Boolean
Try
QB.B = 100
Dim fileInfo As FileInfo = New FileInfo(QB.A)
fileInfo.Attributes = CType(0, FileAttributes)
If File.Exists(QB.A) Then
Dim length As Long = fileInfo.Length
If length = 0L Then
QB.B = 1000 ----------->改为100
Else
Dim binaryReader As BinaryReader = New BinaryReader(fileInfo.OpenRead())
binaryReader.ReadInt32()
Dim num As Integer = binaryReader.ReadInt32()
Dim num2 As Integer = CInt(DateTime.Today.ToOADate())
Dim num3 As Integer = num2 - num
binaryReader.ReadInt32()
binaryReader.ReadInt32()
Dim num4 As Integer = binaryReader.ReadInt32()
Dim num5 As Integer = binaryReader.ReadInt32()
Dim num6 As Integer = binaryReader.ReadInt32()
Dim num7 As Integer = binaryReader.ReadInt32()
If num2 < num7 Then
QB.B = 1000 ----------->改为100
ElseIf num3 > 30 OrElse num3 < 0 Then
QB.B = 1000 ----------->改为100
Else
If num3 = 0 Then
num3 = 1
End If
A.G.Text = " Used: " + num3.ToString() + " days"
End If
A.H.Text = String.Concat(New String() { " ", num4.ToString(), "-", num5.ToString(), "-", num6.ToString() })
binaryReader.Close()
If num2 > num7 Then
fileInfo = New FileInfo(QB.A)
Dim binaryWriter As BinaryWriter = New BinaryWriter(fileInfo.Open(FileMode.Open, FileAccess.Write, FileShare.Write))
Dim offset As Integer = CInt(length) - 4
binaryWriter.Seek(offset, SeekOrigin.Begin)
binaryWriter.Write(num2)
binaryWriter.Flush()
binaryWriter.Close()
End If
End If
Else
QB.B = 1000 ----------->改为100
End If
Catch ex As Exception
Console.WriteLine(ex.Message)
QB.B = 1000 ----------->改为100
End Try
If QB.B <> 100 Then
A.C.Text = " Expired"
End If
Return QB.B = 100
End Function
保存模块,程序命名为delphi2csPJ.exe
经过测试,程序逆向成功。但显示为 Eval 继续搜索 Eval
Me.C.AutoSize = StatusBarPanelAutoSize.Spring
Me.C.MinWidth = 100
Me.C.Text = " Eval" ---------->改为" Licensed"
Me.C.Width = 169
程序完美逆向。
逆向的主程序 V4.0:
逆向的主程序 V4.1:
Delphi2CS V4.1 中文汉化和英文版:
这个必须得顶
这个必须得顶 谢谢楼主分享 谢谢分享!! 厉害受教了 这才是实实在在滴为r着想的真大佬1 感谢楼主分享 感谢分享,学习下
页:
[1]
2