《漂葉網咖管理系統4.0》破解心得: (9千字)
軟體名稱:漂葉網咖管理系統
版 本:4.0
下載地址:http://go4.163.com/~piaoyes/
破解工具:softice for win95
破解過程:(第一次寫心得,亂遭遭的,各位別笑)
執行該軟體,註冊,隨便輸入網咖名稱:abcd及註冊碼:123456,按^D啟用softice,下中斷bpx hmemcpy,按F5返回,點註冊,立即被中斷,再bc
*,按12次F12和幾次F10後,來到這裡:
016F:00517733 MOV EAX,[EBP+FFFFFDF8]
016F:00517739 LEA EDX,[EBP+FFFFFDFC]
016F:0051773F CALL 004096D4
016F:00517744 MOV EAX,[EBP+FFFFFDFC]
016F:0051774A MOV ECX,09
016F:0051774F MOV EDX,0A
016F:00517754 CALL 00404134
016F:00517759 LEA EAX,[EBP-28]
016F:0051775C PUSH EAX
016F:0051775D LEA EDX,[EBP+FFFFFDF0]
016F:00517763 MOV EAX,[EBP-04]
016F:00517766 MOV EAX,[EAX+0314]
016F:0051776C CALL 00433E30
016F:00517771 MOV EAX,[EBP+FFFFFDF0]
016F:00517777 LEA EDX,[EBP+FFFFFDF4]
016F:0051777D CALL 004096D4
016F:00517782 MOV EAX,[EBP+FFFFFDF4]
016F:00517788 MOV ECX,08
016F:0051778D MOV EDX,01
016F:00517792 CALL 00404134
016F:00517797 LEA EDX,[EBP-08]
016F:0051779A MOV EAX,[EBP-34]
016F:0051779D CALL 00402C88
016F:005177A2 CMP DWORD [EBP-08],BYTE +00 ;檢查註冊碼的格式是否合格
016F:005177A6 JZ 005177C2 ;是則跳過去
016F:005177A8 PUSH BYTE +00
016F:005177AA MOV CX,[00517E68]
016F:005177B1 XOR EDX,EDX
016F:005177B3 MOV EAX,00517E74
016F:005177B8 CALL 00457674 ;顯示錯誤資訊
016F:005177BD JMP 00517D86
結果由於輸入的註冊碼格式不合而跳不過去,經分析它要求的格式是這樣的:XXXXXXXX-XXXXXXXXX(其中的X為數字),於是重新輸入註冊碼:12345678-987654321便可跳過這步,來到
016F:005177C2 MOV EAX,[EBP-34]
016F:005177C5 CALL 00409984
016F:005177CA MOV EBX,EAX
016F:005177CC MOV EAX,EBX
016F:005177CE MOV ECX,B5
016F:005177D3 CDQ
016F:005177D4 IDIV ECX
016F:005177D6 IMUL EAX,EAX,C4
016F:005177DC XOR EAX,025DAFF2
016F:005177E1 CDQ
016F:005177E2 XOR EAX,EDX
016F:005177E4 SUB EAX,EDX
016F:005177E6 ADD EAX,08392AF4
016F:005177EB MOV EBX,EAX
016F:005177ED LEA EAX,[EBP-0C]
016F:005177F0 PUSH EAX
016F:005177F1 LEA EDX,[EBP+FFFFFDEC]
016F:005177F7 MOV EAX,EBX
016F:005177F9 CALL 00409954
016F:005177FE MOV EAX,[EBP+FFFFFDEC]
016F:00517804 MOV ECX,08
016F:00517809 MOV EDX,01
016F:0051780E CALL 00404134
016F:00517813 LEA EAX,[EBP-10]
016F:00517816 MOV EDX,00517E94
016F:0051781B CALL 00403D44
016F:00517820 LEA EAX,[EBP-14]
016F:00517823 CALL 00403CAC
016F:00517828 MOV EBX,01
016F:0051782D LEA EAX,[EBP+FFFFFDE8]
016F:00517833 MOV EDX,[EBP-10]
016F:00517836 MOVZX EDX,BYTE [EDX+EBX-01]
016F:0051783B SUB EDX,BYTE +31
016F:0051783E MOV ECX,[EBP-0C]
016F:00517841 MOV DL,[ECX+EDX]
016F:00517844 CALL 00403E54
016F:00517849 MOV EDX,[EBP+FFFFFDE8]
016F:0051784F LEA EAX,[EBP-14]
016F:00517852 CALL 00403F34
016F:00517857 INC EBX
016F:00517858 CMP EBX,BYTE +09
016F:0051785B JNZ 0051782D
016F:0051785D MOV EAX,[EBP-14]
016F:00517860 MOV EDX,[EBP-28]
016F:00517863 CALL 0040403C ;在此處下中斷,這個CALL是檢查註冊碼的前8位與後9位之間的某種聯絡。
中斷後,下命令d eax可見到“97641521”的字樣,d edx則見到的是假註冊碼的前8位(即“12345678”),顯然,如果註冊碼的前8位不是“97641521”的話,下一句就跳不過去而出錯。
016F:00517868 JZ 00517884
016F:0051786A PUSH BYTE +00
016F:0051786C MOV CX,[00517E68]
016F:00517873 XOR EDX,EDX
016F:00517875 MOV EAX,00517EA8
016F:0051787A CALL 00457674 ;顯示錯誤資訊
016F:0051787F JMP 00517D86
重新輸入註冊碼:97641521-987654321,則可來到
016F:00517884 LEA EDX,[EBP+FFFFFDE4]
016F:0051788A MOV EAX,[EBP-04]
016F:0051788D MOV EAX,[EAX+0304]
016F:00517893 CALL 00433E30
016F:00517898 MOV EAX,[EBP+FFFFFDE4]
016F:0051789E LEA EDX,[EBP-18]
016F:005178A1 CALL 004096D4
016F:005178A6 LEA EAX,[EBP-1C]
016F:005178A9 MOV EDX,00517EC8
016F:005178AE CALL 00403D44
016F:005178B3 MOV EAX,[00522408]
016F:005178B8 PUSH EAX
016F:005178B9 LEA EDX,[EBP+FFFFFDDC]
016F:005178BF MOV EAX,[EBP-04]
016F:005178C2 MOV EAX,[EAX+0314]
016F:005178C8 CALL 00433E30
016F:005178CD MOV EAX,[EBP+FFFFFDDC]
016F:005178D3 LEA EDX,[EBP+FFFFFDE0]
016F:005178D9 CALL 004096D4
016F:005178DE MOV EAX,[EBP+FFFFFDE0]
016F:005178E4 MOV ECX,03
016F:005178E9 MOV EDX,0A
016F:005178EE CALL 00404134
016F:005178F3 MOV ESI,01
016F:005178F8 MOV EDI,005556B5
016F:005178FD MOV EAX,[EBP-18]
016F:00517900 CALL 00403F2C
016F:00517905 MOV ECX,EAX
016F:00517907 TEST ECX,ECX
016F:00517909 JNG 00517932
016F:0051790B MOV EBX,01
016F:00517910 MOV EAX,[EBP-18]
016F:00517913 MOVZX EAX,BYTE [EAX+EBX-01]
016F:00517918 IMUL ESI
016F:0051791A ADD EAX,0F48
016F:0051791F CDQ
016F:00517920 XOR EAX,EDX
016F:00517922 SUB EAX,EDX
016F:00517924 MOV ESI,000F4240
016F:00517929 CDQ
016F:0051792A IDIV ESI
016F:0051792C MOV ESI,EDX
016F:0051792E INC EBX
016F:0051792F DEC ECX
016F:00517930 JNZ 00517910
016F:00517932 MOV EAX,[EBP-1C]
016F:00517935 CALL 00403F2C
016F:0051793A MOV ECX,EAX
016F:0051793C SUB ECX,BYTE +02
016F:0051793F JL 00517969
016F:00517941 INC ECX
016F:00517942 MOV EBX,02
016F:00517947 MOV EAX,[EBP-1C]
016F:0051794A MOVZX EAX,BYTE [EAX+EBX-01]
016F:0051794F IMUL ESI
016F:00517951 ADD EAX,0F83
016F:00517956 CDQ
016F:00517957 XOR EAX,EDX
016F:00517959 SUB EAX,EDX
016F:0051795B MOV ESI,000F4240
016F:00517960 CDQ
016F:00517961 IDIV ESI
016F:00517963 MOV ESI,EDX
016F:00517965 INC EBX
016F:00517966 DEC ECX
016F:00517967 JNZ 00517947
016F:00517969 MOV EAX,[EBP-18]
016F:0051796C CALL 00403F2C
016F:00517971 MOV EBX,EAX
016F:00517973 MOV EAX,[EBP-1C]
016F:00517976 CALL 00403F2C
016F:0051797B ADD EBX,EAX
016F:0051797D MOV EAX,EBX
016F:0051797F ADD EDI,ESI
016F:00517981 IMUL EDI
016F:00517983 CDQ
016F:00517984 XOR EAX,EDX
016F:00517986 SUB EAX,EDX
016F:00517988 ADD EAX,00A35B08
016F:0051798D MOV ESI,EAX
016F:0051798F LEA EAX,[EBP+FFFFFDD8]
016F:00517995 PUSH EAX
016F:00517996 LEA EDX,[EBP+FFFFFDD4]
016F:0051799C MOV EAX,ESI
016F:0051799E CALL 00409954
016F:005179A3 MOV EAX,[EBP+FFFFFDD4]
016F:005179A9 MOV ECX,06
016F:005179AE MOV EDX,01
016F:005179B3 CALL 00404134
016F:005179B8 MOV ECX,[EBP+FFFFFDD8]
016F:005179BE MOV EDX,[00522408]
016F:005179C4 MOV EDX,[EDX]
016F:005179C6 LEA EAX,[EBP-2C]
016F:005179C9 CALL 00403F78
016F:005179CE LEA EAX,[EBP+FFFFFDCC]
016F:005179D4 PUSH EAX
016F:005179D5 LEA EDX,[EBP+FFFFFDC8]
016F:005179DB MOV EAX,ESI
016F:005179DD CALL 00409954
016F:005179E2 MOV EAX,[EBP+FFFFFDC8]
016F:005179E8 MOV ECX,06
016F:005179ED MOV EDX,01
016F:005179F2 CALL 00404134
016F:005179F7 MOV ECX,[EBP+FFFFFDCC]
016F:005179FD MOV EDX,[00522408]
016F:00517A03 MOV EDX,[EDX]
016F:00517A05 LEA EAX,[EBP+FFFFFDD0]
016F:00517A0B CALL 00403F78
016F:00517A10 MOV EAX,[EBP+FFFFFDD0]
016F:00517A16 CALL 00409984
016F:00517A1B MOV ESI,EAX
016F:00517A1D MOV EAX,ESI
016F:00517A1F MOV ECX,B5
016F:00517A24 CDQ
016F:00517A25 IDIV ECX
016F:00517A27 IMUL EAX,EAX,C4
016F:00517A2D XOR EAX,025DAFF2
016F:00517A32 CDQ
016F:00517A33 XOR EAX,EDX
016F:00517A35 SUB EAX,EDX
016F:00517A37 ADD EAX,08392AF4
016F:00517A3C MOV ESI,EAX
016F:00517A3E LEA EAX,[EBP-18]
016F:00517A41 PUSH EAX
016F:00517A42 LEA EDX,[EBP+FFFFFDC4]
016F:00517A48 MOV EAX,ESI
016F:00517A4A CALL 00409954
016F:00517A4F MOV EAX,[EBP+FFFFFDC4]
016F:00517A55 MOV ECX,08
016F:00517A5A MOV EDX,01
016F:00517A5F CALL 00404134
016F:00517A64 LEA EAX,[EBP-1C]
016F:00517A67 MOV EDX,00517E94
016F:00517A6C CALL 00403D44
016F:00517A71 LEA EAX,[EBP-24]
016F:00517A74 CALL 00403CAC
016F:00517A79 MOV EBX,01
016F:00517A7E LEA EAX,[EBP+FFFFFDC0]
016F:00517A84 MOV EDX,[EBP-1C]
016F:00517A87 MOVZX EDX,BYTE [EDX+EBX-01]
016F:00517A8C SUB EDX,BYTE +31
016F:00517A8F MOV ECX,[EBP-18]
016F:00517A92 MOV DL,[ECX+EDX]
016F:00517A95 CALL 00403E54
016F:00517A9A MOV EDX,[EBP+FFFFFDC0]
016F:00517AA0 LEA EAX,[EBP-24]
016F:00517AA3 CALL 00403F34
016F:00517AA8 INC EBX
016F:00517AA9 CMP EBX,BYTE +09
016F:00517AAC JNZ 00517A7E
016F:00517AAE PUSH DWORD [EBP-24]
016F:00517AB1 PUSH DWORD 00517EDC
016F:00517AB6 PUSH DWORD [EBP-2C]
016F:00517AB9 LEA EAX,[EBP-20]
016F:00517ABC MOV EDX,03
016F:00517AC1 CALL 00403FEC
016F:00517AC6 LEA EAX,[EBP+FFFFFDBC]
016F:00517ACC PUSH EAX
016F:00517ACD LEA EDX,[EBP+FFFFFDB4]
016F:00517AD3 MOV EAX,[EBP-04]
016F:00517AD6 MOV EAX,[EAX+0314]
016F:00517ADC CALL 00433E30
016F:00517AE1 MOV EAX,[EBP+FFFFFDB4]
016F:00517AE7 LEA EDX,[EBP+FFFFFDB8]
016F:00517AED CALL 004096D4
016F:00517AF2 MOV EAX,[EBP+FFFFFDB8]
016F:00517AF8 MOV ECX,12
016F:00517AFD MOV EDX,01
016F:00517B02 CALL 00404134
016F:00517B07 MOV EDX,[EBP+FFFFFDBC]
016F:00517B0D MOV EAX,[EBP-20]
016F:00517B10 CALL 0040403C ;在此處下中斷,再d eax即可見到真的註冊碼,至此破解完畢。
相關文章
- python破解網咖收費系統,遠控網咖電腦裝置!2018-09-28Python
- 9、ArrayList集合完成學生管理系統2020-11-13
- 系統整合專案管理師和高階專案管理師考試心得2020-10-12專案管理
- 2024/9/10學習心得2024-09-10
- 網站後臺管理系統2019-05-11網站
- 漂過太平洋-tp5後臺cms管理系統(帶微信)(程式碼開源)2019-05-11
- 《Red Hat Enterprise Linux 9 系統管理實戰》簡介2023-04-13Linux
- Linux(9)-遠端登入Linux系統以及apt管理2021-01-02LinuxAPT
- 三步完成Source Insight 4.0 破解安裝2018-06-01
- ZKEYS:專為IDC量身打造的智慧化管理系統,破解運營困境2020-06-24
- 看完就懂,五千字長文帶你領略推薦系統2020-10-29
- Linux 網路通訊管理和系統服務管理2018-04-26Linux
- 關於WiFi密碼破解的一些心得2020-04-05WiFi密碼
- Godot 4.0 檔案系統特性的總結2023-04-28Go
- 一點點linux系統的學習心得2019-01-03Linux
- SUN4.0眾籌模式系統開發模式丨SUN4.0阿凡達模式系統開發技術方案2023-02-14模式
- 《葉問》第9期2018-12-09
- 誰還去網咖?2021-02-18
- eyoucmsPHP企業網站內容管理系統2018-07-18PHP網站
- Linux系統管理-系統概述2024-05-07Linux
- 必看的Linux系統新手進階老手心得2019-10-24Linux
- 業務單系統架構設計心得(一)2024-07-13架構
- 口罩預約管理系統——系統網站實現(前端+PHP+MySQL)2020-09-22網站前端PHPMySql
- MVC + EFCore 專案實戰 - 數倉管理系統9 - 資料來源管理完結篇2020-08-04MVC
- webpack4.0各個擊破(9)—— karma篇2018-09-03Web
- 破解某美容美髮管理系統加密狗、註冊碼、序列號的研究分析2018-06-14加密
- java版工程專案管理系統原始碼+系統管理+系統設定+專案管理2022-12-22Java專案管理原始碼
- 能耗管理系統,能源管理系統的意義2019-03-19
- 民間大神破解Windows 11安卓系統2021-11-05Windows安卓
- 網站最近攻擊防禦心得,個人網站搭建心得2019-12-11網站
- AspPhpCms v10 網站內容管理系統2019-05-11PHP網站
- WaveMetrics Igor Pro 9 破解下載「WaveMetrics Igor Pro 9 金鑰」2023-11-07Go
- 系統管理體系——軟體包管理2024-11-13
- OA系統之網路硬碟,高效管理大容量網路硬碟2020-02-05硬碟
- 多系統管理混亂?SAP系統整合其他系統實現統一管理2021-05-17
- linux系統管理2024-04-25Linux
- 地府管理系統2019-11-14
- 招聘管理系統2019-05-11
- Gms管理系統2019-05-11