有没有大牛能破这个暗装Delphi

adsljz · 发表于 2018-10-30 14:29

http://weihu168.com/download_detail.php?id=197 软件官方链接
有注销，重启，关机暗桩。
最后一个暗桩不知道怎么破。
0097441C $  55          push ebp
0097441D .  8BEC       mov ebp,esp
0097441F .  B9 80000000 mov ecx,0x80
00974424 >  6A 00       push 0x0
00974426 .  6A 00       push 0x0
00974428 .  49          dec ecx                               ;  ntdll_14.77232F6D
00974429 .^ 75 F9       jnz short 000.00974424
0097442B .  8945 FC    mov dword ptr ss:[ebp-0x4],eax
0097442E .  33C0       xor eax,eax
00974430 .  55          push ebp
00974431 .  68 FA629700 push 000.009762FA
00974436 .  64:FF30    push dword ptr fs:[eax]
00974439 .  64:8920    mov dword ptr fs:[eax],esp
0097443C .  8B45 FC    mov eax,dword ptr ss:[ebp-0x4]
0097443F .  8B80 F4020000 mov eax,dword ptr ds:[eax+0x2F4]
00974445 .  8B80 D8020000 mov eax,dword ptr ds:[eax+0x2D8]
0097444B .  8945 F8    mov dword ptr ss:[ebp-0x8],eax
0097444E .  8B45 FC    mov eax,dword ptr ss:[ebp-0x4]
00974451 .  8B80 80010000 mov eax,dword ptr ds:[eax+0x180]
00974457 .  83C0 0A    add eax,0xA
0097445A .  83F8 6E    cmp eax,0x6E
0097445D .  90          nop
0097445E .  90          nop
0097445F .  90          nop
00974460 .  90          nop
00974461 .  90          nop
00974462 .  90          nop
00974463 .  8A80 70449700 mov al,byte ptr ds:[eax+0x974470]
00974469 .- FF2485 DF4497>jmp dword ptr ds:[eax*4+0x9744DF]    所有的跳转通个这个实现的。这怎么改？一但删除数据成功后就会跳向试用。
00974470 .  01          db 01                                  ;  分支 009744DF 索引表
00974471 .  00          db 00
00974472 .  00          db 00
00974473 .  00          db 00
00974474 .  00          db 00
00974475 .  00          db 00
00974476 .  00          db 00
00974477 .  00          db 00
00974478 .  02          db 02
00974479 .  03          db 03
0097447A .  04          db 04
0097447B .  05          db 05
0097447C .  06          db 06
0097447D .  07          db 07
0097447E .  08          db 08
0097447F .  09          db 09
00974480 .  0A          db 0A
00974481 .  0B          db 0B
00974482 .  0C          db 0C
00974483 .  0D          db 0D
00974484 .  0E          db 0E
00974485 .  0F          db 0F
00974486 .  00          db 00
00974487 .  00          db 00
00974488 .  00          db 00
00974489 .  00          db 00
0097448A .  00          db 00
0097448B .  00          db 00
0097448C .  00          db 00
0097448D .  00          db 00
0097448E .  10          db 10
0097448F .  11          db 11
00974490 .  12          db 12
00974491 .  00          db 00
00974492 .  13          db 13
00974493 .  14          db 14
00974494 .  00          db 00
00974495 .  00          db 00
00974496 .  00          db 00
00974497 .  00          db 00
00974498 .  00          db 00
00974499 .  00          db 00
0097449A .  00          db 00
0097449B .  00          db 00
0097449C .  00          db 00
0097449D .  00          db 00
0097449E .  00          db 00
0097449F .  00          db 00
009744A0 .  00          db 00
009744A1 .  00          db 00
009744A2 .  00          db 00
009744A3 .  00          db 00
009744A4 .  00          db 00
009744A5 .  00          db 00
009744A6 .  00          db 00
009744A7 .  00          db 00
009744A8 .  00          db 00
009744A9 .  00          db 00
009744AA .  00          db 00
009744AB .  00          db 00
009744AC .  15          db 15
009744AD .  16          db 16
009744AE .  17          db 17
009744AF .  18          db 18
009744B0 .  19          db 19
009744B1 .  1A          db 1A
009744B2 .  1B          db 1B
009744B3 .  00          db 00
009744B4 .  00          db 00
009744B5 .  00          db 00
009744B6 .  00          db 00
009744B7 .  00          db 00
009744B8 .  00          db 00
009744B9 .  00          db 00
009744BA .  00          db 00
009744BB .  00          db 00
009744BC .  00          db 00
009744BD .  00          db 00
009744BE .  00          db 00
009744BF .  00          db 00
009744C0 .  1C          db 1C
009744C1 .  1D          db 1D
009744C2 .  1E          db 1E
009744C3 .  1F          db 1F
009744C4 .  20          db 20
009744C5 .  21          db 21
009744C6 .  22          db 22
009744C7 .  00          db 00
009744C8 .  00          db 00
009744C9 .  00          db 00
009744CA .  00          db 00
009744CB .  00          db 00
009744CC .  00          db 00
009744CD .  00          db 00
009744CE .  00          db 00
009744CF .  00          db 00
009744D0 .  00          db 00
009744D1 .  00          db 00
009744D2 .  00          db 00
009744D3 .  00          db 00
009744D4 .  00          db 00
009744D5 .  00          db 00
009744D6 .  00          db 00
009744D7 .  00          db 00
009744D8 .  00          db 00
009744D9 .  00          db 00
009744DA .  00          db 00
009744DB .  00          db 00
009744DC .  00          db 00
009744DD .  00          db 00
009744DE .  23          db 23
009744DF .  39619700    dd 000.00976139                         ;  分支表被用于 00974469
009744E3 .  6F459700    dd 000.0097456F
009744E7 .  D7459700    dd 000.009745D7
009744EB .  ED459700    dd 000.009745ED
009744EF .  63469700    dd 000.00974663
009744F3 .  72469700    dd 000.00974672
009744F7 .  24479700    dd 000.00974724
009744FB .  D6479700    dd 000.009747D6
009744FF .  95499700    dd 000.00974995
00974503 .  0D4A9700    dd 000.00974A0D
00974507 .  E74B9700    dd 000.00974BE7
0097450B .  B44C9700    dd 000.00974CB4
0097450F .  434D9700    dd 000.00974D43
00974513 .  DB4D9700    dd 000.00974DDB
00974517 .  A34E9700    dd 000.00974EA3
0097451B .  404F9700    dd 000.00974F40
0097451F .  E94F9700    dd 000.00974FE9
00974523 .  B3509700    dd 000.009750B3
00974527 .  7D519700    dd 000.0097517D
0097452B .  47529700    dd 000.00975247
0097452F .  39539700    dd 000.00975339
00974533 .  F5539700    dd 000.009753F5
00974537 .  F3549700    dd 000.009754F3
0097453B .  8F559700    dd 000.0097558F
0097453F .  58569700    dd 000.00975658
00974543 .  4D579700    dd 000.0097574D
00974547 .  14589700    dd 000.00975814
0097454B .  D2589700    dd 000.009758D2
0097454F .  265A9700    dd 000.00975A26
00974553 .  AC5B9700    dd 000.00975BAC
00974557 .  675C9700    dd 000.00975C67
0097455B .  B35D9700    dd 000.00975DB3
0097455F .  095F9700    dd 000.00975F09
00974563 .  9B5F9700    dd 000.00975F9B
00974567 .  1F609700    dd 000.0097601F
0097456B .  AC609700    dd 000.009760AC
0097456F >  33C0       xor eax,eax
00974571 .  55          push ebp
00974572 .  68 D0459700 push 000.009745D0
00974577 .  64:FF30    push dword ptr fs:[eax]
0097457A .  64:8920    mov dword ptr fs:[eax],esp
0097457D .  E8 B646ABFF call 000.00428C38
00974582 .  DD5D F0    fstp qword ptr ss:[ebp-0x10]
00974585 .  9B          wait
00974586 .  FF75 F4    push dword ptr ss:[ebp-0xC]
00974589 .  FF75 F0    push dword ptr ss:[ebp-0x10]
0097458C .  8D55 EC    lea edx,dword ptr ss:[ebp-0x14]
0097458F .  A1 CC399E00 mov eax,dword ptr ds:[0x9E39CC]
00974594 .  E8 0B58ABFF call 000.00429DA4
00974599 .  8D85 78FDFFFF lea eax,dword ptr ss:[ebp-0x288]
0097459F .  B9 14639700 mov ecx,000.00976314                   ; : 试用版本只能删除两页，请购买正版...
009745A4 .  8B55 EC    mov edx,dword ptr ss:[ebp-0x14]
009745A7 .  E8 547DA9FF call 000.0040C300
009745AC .  8B95 78FDFFFF mov edx,dword ptr ss:[ebp-0x288]
009745B2 .  8B45 F8    mov eax,dword ptr ss:[ebp-0x8]          ;  nvinit.71020065
009745B5 .  8B08       mov ecx,dword ptr ds:[eax]
009745B7 .  FF51 3C    call dword ptr ds:[ecx+0x3C]
009745BA .  33C0       xor eax,eax
009745BC .  5A          pop edx
009745BD .  59          pop ecx                               ;  ntdll_14.77232F6D
009745BE .  59          pop ecx                               ;  ntdll_14.77232F6D
QQ图片20181030003834.jpg

雨语 · 发表于 2018-10-30 14:29

最佳答案本应属于楼主私有，因此限制查看

您还有0次查看次数，点此查看答案

点此购买查看次数
也可以兑换VIP特权或加入解密专家，每日可免费查看5次最佳答案！

ladybe · 发表于 2018-10-30 18:25

大神总会有的只是不知道他愿不愿意

adsljz · 发表于 2018-10-30 19:05

ladybe 发表于 2018-10-30 18:25
大神总会有的只是不知道他愿不愿意

来个大牛啊~~~

adsljz · 发表于 2018-10-30 22:36

雨语发表于 2018-10-30 19:56
可以从试用版下手，试用版没限制。通过下Delphi断点，找到试用版出的判断~，让试用按钮出现

不行哦，试用版就是这个限制

雨语 · 发表于 2018-10-30 23:41

adsljz 发表于 2018-10-30 22:36
不行哦，试用版就是这个限制

软件上不是写着试用版无限制么，我发了个逆向图文，还在审核，你明天可以看下，没有店铺，不知道怎么用

adsljz · 发表于 2018-10-31 13:29

雨语发表于 2018-10-30 23:41
软件上不是写着试用版无限制么，我发了个逆向图文，还在审核，你明天可以看下，没有店铺，不知道怎么用

试用版就是那个限制。我这边可以提供账号。账号 tb26020317:test
密码12345678a 我收到短消息认证的话我就过来发贴回复

雨语 · 发表于 2018-10-31 13:52

adsljz 发表于 2018-10-31 13:29
试用版就是那个限制。我这边可以提供账号。账号 tb26020317:test
密码12345678a 我收到短消息认证的话 ...

0097C619  |.  8BEC       mov ebp,esp
0097C61B  |.  33C9       xor ecx,ecx
0097C61D  |.  51          push ecx
0097C61E  |.  51          push ecx
0097C61F  |.  51          push ecx
0097C620  |.  51          push ecx
0097C621  |.  51          push ecx
0097C622  |.  8945 FC    mov [local.1],eax
0097C625  |.  33C0       xor eax,eax
0097C627  |.  55          push ebp
0097C628  |.  68 F9C69700 push TaoBaoTo.0097C6F9
0097C62D  |.  64:FF30    push dword ptr fs:[eax]
0097C630  |.  64:8920    mov dword ptr fs:[eax],esp
0097C633  |.  6A 24       push 0x24
0097C635  |.  8D55 F8    lea edx,[local.2]
0097C638  |.  A1 44309E00 mov eax,dword ptr ds:[0x9E3044]
0097C63D  |.  8B00       mov eax,dword ptr ds:[eax]
0097C63F  |.  E8 D05AB9FF call TaoBaoTo.00512114
0097C644  |.  8B45 F8    mov eax,[local.2]
0097C647  |.  E8 48FAA8FF call TaoBaoTo.0040C094
0097C64C  |.  50          push eax
0097C64D  |.  68 10C79700 push TaoBaoTo.0097C710                ;  UNICODE "请核实软件收集的数量跟店铺的实际数量是否一致，目前共搜集了 "
0097C652  |.  8D55 F0    lea edx,[local.4]
0097C655  |.  A1 54379E00 mov eax,dword ptr ds:[0x9E3754]
0097C65A  |.  8B00       mov eax,dword ptr ds:[eax]
0097C65C  |.  E8 C786AAFF call TaoBaoTo.00424D28
0097C661  |.  FF75 F0    push [local.4]
0097C664  |.  68 5CC79700 push TaoBaoTo.0097C75C                ;  UNICODE " 个宝贝的图片 "
0097C669  |.  8D55 EC    lea edx,[local.5]
0097C66C  |.  A1 D42E9E00 mov eax,dword ptr ds:[0x9E2ED4]
0097C671  |.  8B00       mov eax,dword ptr ds:[eax]
0097C673  |.  E8 B086AAFF call TaoBaoTo.00424D28
0097C678  |.  FF75 EC    push [local.5]
0097C67B  |.  68 7CC79700 push TaoBaoTo.0097C77C                ;  UNICODE " 张，图片数量大概是宝贝数量的30到60倍，可以估算一下，请核实是否正确无误！"
0097C680  |.  68 D8C79700 push TaoBaoTo.0097C7D8                ;  UNICODE "\r\n"
0097C685  |.  68 ECC79700 push TaoBaoTo.0097C7EC                ;  UNICODE "如果店铺的宝贝有变动，比如说下架、上架了宝贝，导致店铺实际数量和软件搜集数量不一致，请重新搜集宝贝图"
0097C68A  |.  68 D8C79700 push TaoBaoTo.0097C7D8                ;  UNICODE "\r\n"
0097C68F  |.  68 D8C79700 push TaoBaoTo.0097C7D8                ;  UNICODE "\r\n"
0097C694  |.  68 64C89700 push TaoBaoTo.0097C864                ;  UNICODE "选“是”可以开始删除图片！"
0097C699  |.  68 D8C79700 push TaoBaoTo.0097C7D8                ;  UNICODE "\r\n"
0097C69E  |.  68 8CC89700 push TaoBaoTo.0097C88C                ;  UNICODE "选“否”停止运行！"
0097C6A3  |.  8D45 F4    lea eax,[local.3]
0097C6A6  |.  BA 0C000000 mov edx,0xC
0097C6AB  |.  E8 D8FCA8FF call TaoBaoTo.0040C388
0097C6B0  |.  8B45 F4    mov eax,[local.3]
0097C6B3  |.  E8 DCF9A8FF call TaoBaoTo.0040C094
0097C6B8  |.  8BD0       mov edx,eax
0097C6BA  |.  A1 28369E00 mov eax,dword ptr ds:[0x9E3628]
0097C6BF  |.  8B00       mov eax,dword ptr ds:[eax]
0097C6C1  |.  59          pop ecx
0097C6C2  |.  E8 39CAC6FF call TaoBaoTo.005E9100
0097C6C7  |.  83F8 06    cmp eax,0x6
0097C6CA  |.  0F94C0       sete al
0097C6CD  |.  8B55 FC    mov edx,[local.1]
0097C6D0  |.  8882 6F010000 mov byte ptr ds:[edx+0x16F],al
0097C6D6  |.  33C0       xor eax,eax
0097C6D8  |.  5A          pop edx
0097C6D9  |.  59          pop ecx
0097C6DA  |.  59          pop ecx
0097C6DB  |.  64:8910    mov dword ptr fs:[eax],edx
0097C6DE  |.  68 00C79700 push TaoBaoTo.0097C700
0097C6E3  |>  8D45 EC    lea eax,[local.5]
0097C6E6  |.  BA 03000000 mov edx,0x3
0097C6EB  |.  E8 24EAA8FF call TaoBaoTo.0040B114
0097C6F0  |.  8D45 F8    lea eax,[local.2]
0097C6F3  |.  E8 BCE9A8FF call TaoBaoTo.0040B0B4
0097C6F8  \.  C3          retn
0097C6F9 .^ E9 0EDEA8FF jmp TaoBaoTo.0040A50C
0097C6FE .^ EB E3       jmp XTaoBaoTo.0097C6E3
0097C700 .  8BE5       mov esp,ebp
0097C702 .  5D          pop ebp
0097C703 .  C3          retn
那个检测好像在这里，你自己调试吧。再不行，我也不清楚了。我没有店铺调试不了。。

adsljz · 发表于 2018-10-31 14:44

发下验证码，刚刚没看手机。~

adsljz · 发表于 2018-10-31 14:47

本帖最后由 adsljz 于 2018-10-31 14:48 编辑

雨语发表于 2018-10-31 13:52
0097C619  |.  8BEC       mov ebp,esp
0097C61B  |.  33C9       xor ecx,ecx
0097C61D  |.  51 ...

tb26020317:test
密码12345678a
不好意思刚刚没看手机。
重新发下。

		自动登录	找回密码
密码			立即注册