菜鸟破解录之 DlgXRSizer,菜鸟破解录,系统底层 2008年06月23日 星期一 下午 01:11 软件名称: DlgXRSizer 软件版本: 4.2.1.2 软件大小: 1658KB 软件授权: 共享软件 使用平台: Win95/98/NT 发布公司: http://web.access.net.au/jag/gajits/ 软件简介: 可用来使用于打开文件、另存文件或按浏览文件夹时将浏览资料的对话方块、设成自己喜欢、习惯的大小及位置,也可设成全屏幕浏览,且可设定为打开时以文件列表的方式、也可加入日期、文件名、大小、文件格式的排序,真的大大改善Windows此方面的不便性。 作 者:xiA Qin 级 别:很菜....很菜..... 解密工具:Trw2000 1.22 破解目的:学习注册码的破解。(★★) 说 明: 本文是在我的软件破解记录上整理出来的。如若有纰漏,请各位大侠多指教! 首先运行DlgXRSizer 输入注册信息 Registration key: 1234567890 &任意输入 下指令bpx hmemcpy //下中断点 按F5回到程序,按确定,这时会被Trw2000拦截到。 下指令bd * //屏障中断点 下指令pmodule //直接跳到程序的领空 按F10来到下面指令 ................. 015F:0048CCB1 PUSH EBX 015F:0048CCB2 MOV EBX,EAX 015F:0048CCB4 XOR EAX,EAX 015F:0048CCB6 PUSH EBP 015F:0048CCB7 PUSH DWORD 0048CD6C 015F:0048CCBC PUSH DWORD [FS:EAX] 015F:0048CCBF MOV [FS:EAX],ESP 015F:0048CCC2 LEA EAX,[EBP-04] 015F:0048CCC5 PUSH EAX 015F:0048CCC6 MOV ECX,[EBX 0830] 015F:0048CCCC MOV EDX,0048CD80 015F:0048CCD1 MOV EAX,0048CDA8 //输入的假的注册码 015F:0048CCD6 CALL 00453610 //有问题按F8进入。 015F:0048CCDB CMP DWORD [EBP-04],BYTE 00 015F:0048CCDF JZ 0048CD56 015F:0048CCE1 MOV EDX,[EBP-04] 015F:0048CCE4 MOV EAX,0048CDC8 015F:0048CCE9 CALL 00456940 015F:0048CCEE TEST AL,AL 015F:0048CCF0 JNZ 0048CD09 015F:0048CCF2 PUSH BYTE 00 015F:0048CCF4 MOV CX,[0048CDD4] 015F:0048CCFB MOV DL,01 015F:0048CCFD MOV EAX,0048CDE0 015F:0048CD02 CALL 004531FC //注册失败对话框, 015F:0048CD07 JMP SHORT 0048CD56 。。。。。。。。。。。。。。 按F8进入0048CCD6 CALL 00453610 改按F10来到下面指令 ................... 015F:004569D8 CALL 00403E7C 015F:004569DD MOV EDX,[EBP-08] 015F:004569E0 MOV EAX,00456A94 015F:004569E5 CALL 00403F60 015F:004569EA TEST EAX,EAX 015F:004569EC JNZ 00456989 015F:004569EE LEA EDX,[EBP-14] 015F:004569F1 MOV EAX,[EBP-0C] 015F:004569F4 CALL 00408100 015F:004569F9 MOV EDX,[EBP-14] //输入的假注册码 D EDX 015F:004569FC LEA EAX,[EBP-0C] 015F:004569FF CALL 00403A94 015F:00456A04 LEA EAX,[EBP-10] 015F:00456A07 MOV EDX,[EBP-08] 015F:00456A0A CALL 00403A94 //输入的假注册码 D EDX 015F:00456A0F PUSH DWORD [EBP-0C] 015F:00456A12 PUSH DWORD 00456A94 015F:00456A17 PUSH DWORD [EBP-10] 015F:00456A1A LEA EAX,[EBP-18] 015F:00456A1D MOV EDX,03 015F:00456A22 CALL 00403D38 015F:00456A27 MOV EAX,[EBP-18] //看看假的注册码有什么变化。D EAX 015F:00456A2A LEA EDX,[EBP-14] 在假注册码前面加了一个空格。 015F:00456A2D CALL 00407F50 015F:00456A32 MOV EAX,[EBP-14] 015F:00456A35 PUSH EAX 015F:00456A36 LEA ECX,[EBP-1C] 015F:00456A39 MOV EDX,[EBP-0C] 015F:00456A3C MOV EAX,[EBP-04] 015F:00456A3F CALL 00456A98 015F:00456A44 MOV EAX,[EBP-1C] 015F:00456A47 LEA EDX,[EBP-18] //正确的注册码 D EAX 015F:00456A4A CALL 00407F50 015F:00456A4F MOV EDX,[EBP-18] 015F:00456A52 POP EAX 015F:00456A53 CALL 00403D88 015F:00456A58 JZ 00456A5E 015F:00456A5A XOR EBX,EBX 015F:00456A5C JMP SHORT 00456A60 015F:00456A5E MOV BL,01 015F:00456A60 XOR EAX,EAX 015F:00456A62 POP EDX 015F:00456A63 POP ECX 015F:00456A64 POP ECX 015F:00456A65 MOV [FS:EAX],EDX 015F:00456A68 PUSH DWORD 00456A82 015F:00456A6D LEA EAX,[EBP-1C] 015F:00456A70 MOV EDX,07 015F:00456A75 CALL 00403A20 015F:00456A7A RET 015F:00456A7B JMP 00403438 015F:00456A80 JMP SHORT 00456A6D 015F:00456A82 MOV EAX,EBX 015F:00456A84 POP EBX 015F:00456A85 MOV ESP,EBP 015F:00456A87 POP EBP 015F:00456A88 RET .......................... 整理一下,输入注册信息。 Registration key: 636298121 <--注意:注册码前面有一个空格 ^ 空格 注册信息在注册表中: [HKEY_CURRENT_USER\Software\Gajits\DlgXRSizer] "Reg String"=" 636298121" |
|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )
GMT+8, 2024-9-30 01:32 , Processed in 0.130207 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.