PolyView再破解---請指教 (5千字)
PolyView再破解
---------------------------------------------------------------------
軟體名稱:PolyView Version 3.41
軟體簡介:看圖工具,具有簡單的影像處理功能。
軟體下載:http://www.polybytes.com
破解人:阿郎
級別:處女(大笨鳥)
本人初學,如有不正確之處,請來信告知!
---------------------------------------------------------------------
前兩天破了個3.00 b5版,當時俺就說了版本有些老,用來學習就沒關係啦.今日撒(上)網
拉下一個3.41版,應該是最新版本吧。何不再試試身手,它升我也升,飛刀就是這樣煉成的
嗎?Y! 廢話少說。開工>>>>
使用工具:w32dsm、UltraEdit
首先還是老辦法開啟PolyView在註冊處添入使用者名稱賀密碼,點選確定。這時跳
出提示窗,請記住提示語。
再開啟w32dsam,裝入PolyView,查詢錯誤提示語,查詢結果如下:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00460B73(C) //注意此處
|^^^^^^^^^^
* Possible Reference to String Resource ID=00141: "Unregistered"
|
:00460C08 688D000000 push
0000008D
:00460C0D 8BCF
mov ecx, edi
:00460C0F E8655D0900 call
004F6979
:00460C14 53
push ebx
:00460C15 53
push ebx
* Possible StringData Ref from Data Obj ->"Registration unsuccessful. Please
"
->"verify that
you have entered the "
->"information
exactly as shown on "
->"your registration
letter."
//錯誤提示處
|
:00460C16 6870755600 push
00567570
:00460C1B 899E04030000 mov dword
ptr [esi+00000304], ebx
:00460C21 E8C8E10900 call
004FEDEE
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
看到00460B73(C)處了吧,老辦法跳到00460B73處:
:00460B49 898608030000 mov dword
ptr [esi+00000308], eax
:00460B4F 8D442478
lea eax, dword ptr [esp+78]
:00460B53 50
push eax
:00460B54 8BCF
mov ecx, edi
:00460B56 E841500900 call
004F5B9C
:00460B5B 8B442474
mov eax, dword ptr [esp+74]
:00460B5F 8B0F
mov ecx, dword ptr [edi]
:00460B61 50
push eax
:00460B62 51
push ecx
:00460B63 898604030000 mov dword
ptr [esi+00000304], eax
:00460B69 E82265FEFF call
00447090
:00460B6E 83C408
add esp, 00000008
:00460B71 85C0
test eax, eax
:00460B73 0F848F000000 je 00460C08
//修改
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:00460B79 3BEB
cmp ebp, ebx
:00460B7B 0F85A5000000 jne 00460C26
:00460B81 E835560900 call
004F61BB
:00460B86 3BC3
cmp eax, ebx
:00460B88 740B
je 00460B95
:00460B8A 8B10
mov edx, dword ptr [eax]
:00460B8C 8BC8
mov ecx, eax
:00460B8E FF5274
call [edx+74]
:00460B91 8BF8
mov edi, eax
:00460B93 EB02
jmp 00460B97
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
在00460B73處修改同3.00版本一樣,但要吸取上次教訓,萬萬不可拔腿走人,下面才是關鍵:
進入00460B69處:
* Referenced by a CALL at Addresses:
|:00407ECA , :00408408 , :0040909A , :00457ECB , :0045D20F
|:0045DBC3 , :0045E7BF , :00460AD5 , :00460B69 , :004625EB
|:00463204 , :00463609 , :004636B8 , :00483AB9 , :00483C71
|:0049FD98 , :0050F201
|
:00447090 64A100000000 mov eax, dword
ptr fs:[00000000]
* Possible Reference to Menu: MenuID_00FF
|
* Possible Reference to Dialog: DialogID_011C, CONTROL_ID:00FF, ""
|
:00447096 6AFF
push FFFFFFFF
:00447098 6841DE5100 push
0051DE41
:0044709D 50
push eax
:0044709E 64892500000000 mov dword ptr fs:[00000000],
esp
:004470A5 81EC24010000 sub esp, 00000124
:004470AB 53
push ebx
:004470AC 55
push ebp
:004470AD 56
push esi
:004470AE 57
push edi
:004470AF 8BBC2444010000 mov edi, dword
ptr [esp+00000144]
:004470B6 68780B5700 push
00570B78
:004470BB 57
push edi
:004470BC E89F020000 call
00447360
:004470C1 8B9C2450010000 mov ebx, dword
ptr [esp+00000150]
:004470C8 83C408
add esp, 00000008
:004470CB 3BC3
cmp eax, ebx
:004470CD 0F84AD000000 je 00447180
//改
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Possible StringData Ref from Data Obj ->"1$1AA"
|
:004470D3 68A8565600 push
005656A8
:004470D8 57
push edi
:004470D9 E882020000 call
00447360
:004470DE 83C408
add esp, 00000008
:004470E1 3BC3
cmp eax, ebx
:004470E3 0F8497000000 je 00447180
//改
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:004470E9 8D442418
lea eax, dword ptr [esp+18]
:004470ED 50
push eax
:004470EE E8EC6D0A00 call
004EDEDF
:004470F3 8B08
mov ecx, dword ptr [eax]
:004470F5 33F6
xor esi, esi
:004470F7 894C2424
mov dword ptr [esp+24], ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
看到004470CD和004470E3兩處了?著兩處檢測之後寫入登錄檔(不知俺說的對不對,若是說
的不對請告訴案,謝謝!)所以一定要將 je 改成 jmp
這回退出試試,輸入你的中文姓名、數字號,再看看關於項。如何?你的大名是不是在上面。
ok,收工>>>>
阿郎
langlirong@163.net
http://alang.shangdu.net
相關文章
- PolyView 破解 (5千字)2000-12-31View
- 破解實戰!polyview (3千字)2000-06-27View
- 破解過程-----請多多指教 (2千字)2000-12-31
- 《登入奇兵》v3.01的破解---請指教 (4千字)2001-02-16
- 破解XFtpSvr =====> 請進 (5千字)2001-07-01FTPVR
- 本人首次自己試破解(請各位高手指教一下) (1千字)2000-08-11
- 破解MyMahj (5千字)2001-06-20
- 用ollydbg破解就是爽,貼出超級屏捕的破解過程和演算法分析,請大家多多指教!! (15千字)2001-12-20演算法
- 破解TurboLaunch 4.04 (5千字)2001-06-06
- [翻譯]用dede破解-另一篇~請大家指正~~ (5千字)2015-11-15
- 破解入門5 (3千字)2000-09-23
- duelist crackme 1 破解 (5千字)2000-10-16
- IPTools 1.10 破解 (5千字)2001-02-11
- see This 破解實戰! (5千字)2000-06-26
- 如何破解CuteFTP 4.0 (5千字)2000-07-20FTP
- 申請加入BCG破文第一篇:滑鼠增強工具MouseStar 2.1破解過程。請老大多多指教。 (7千字)2001-07-27
- 今天是平安夜,忍不住拿篇破解筆記請各位指教!希望大家平安夜快樂!:) (24千字)2001-12-24筆記
- 我的破解心得(5) (16千字)2001-03-13
- 破解MailScan V3.5.1.2 (5千字)2001-08-31AI
- 昨天的面試題,請指教2006-10-21面試題
- jdpack的脫殼及破解 (5千字)2002-06-25
- 談談VB程式的破解 (5千字)2002-10-28
- 登陸奇兵3.0破解心得 (5千字)2001-05-02
- My Flash player 1.3 完全破解 (5千字)2001-12-05
- 一種偷懶的破解方法。請兄弟們多提寶貴意見。 (5千字)2001-04-25
- 申請加入BCG第三篇:破解網頁特效小精靈2.0 (5千字)2001-10-07網頁特效
- laravel選單問題,請指教2021-10-21Laravel
- BMP的JDBC問題,請指教2004-04-08JDBC
- nosql實體的疑惑,請指教2012-04-09SQL
- 鸚鵡螺網路助手破解 (5千字)2001-01-19
- 暴力破解windows Commander 4.52 (5千字)2001-02-19Windows
- RegHance v1.1破解實錄 (5千字)2001-03-26
- 如何完美破解PE EXPLORER 1.2 (5千字)2001-06-13
- 再貼一篇cd-chcek破解譯文 (4千字)2000-08-27
- 請看小弟KeyFile保護的破解 (7千字)2001-02-01
- 申請加入BCG的破解文章之一 (6千字)2001-05-06
- 申請加入BCG的破解文章之二 (3千字)2001-05-06
- 申請加入BCG之第二篇!博奧彩票白金版破解---破解初學者之嘔血篇 (5千字)2001-10-06