FISH精美屏保暴力破解---WD32ASM893版 (6千字)
FISH精美屏保暴力破解---WD32ASM893版
作者:孫鋒
Email:sffs@263.net
主頁:http://sffs.6to23.com
先用WD32ASM8.93超級中文版進行反彙編,然後查詢,會看到:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040D097(C)
|
:0040D0AD 6A03
push 00000003
:0040D0AF E82C67FFFF call
004037E0
:0040D0B4 83C404
add esp, 00000004
:0040D0B7 8945F8
mov dword ptr [ebp-08], eax
:0040D0BA 837DF800
cmp dword ptr [ebp-08], 00000000
:0040D0BE 7414
je 0040D0D4 //----->修改74-75即jne->je
:0040D0C0 C70500FE410003000000 mov dword ptr [0041FE00], 00000003
:0040D0CA 6A01
push 00000001
:0040D0CC E8A86EFFFF call
00403F79
:0040D0D1 83C404
add esp, 00000004
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040D0BE(C) //---------->修改處,往上找。
|
:0040D0D4 833D00FE410000 cmp dword ptr [0041FE00],
00000000
:0040D0DB 7458
je 0040D135 //---------------修改74->75即jne->je
:0040D0DD C605B1DD410001 mov byte ptr [0041DDB1],
01
:0040D0E4 C605B2DD410001 mov byte ptr [0041DDB2],
01
:0040D0EB 833D00FE410001 cmp dword ptr [0041FE00],
00000001
:0040D0F2 7514
jne 0040D108 //-------------------修改74->75即jne->je
* Possible StringData Ref from Data Obj ->"TEMP registration OK" //-----2條魚!
|
:0040D0F4 6834E54100 push
0041E534
:0040D0F9 6892000000 push
00000092
:0040D0FE 8B4D08
mov ecx, dword ptr [ebp+08]
:0040D101 51
push ecx
* Reference To: USER32.SetDlgItemTextA, Ord:022Ch
|
:0040D102 FF1514A24100 Call dword
ptr [0041A214]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040D0F2(C) //-------------修改的地方,往上找
|
:0040D108 833D00FE410002 cmp dword ptr [0041FE00],
00000002
:0040D10F 7514
jne 0040D125
* Possible StringData Ref from Data Obj ->"BASIC registration OK" //-------3條魚!
|
:0040D111 684CE54100 push
0041E54C
:0040D116 6892000000 push
00000092
:0040D11B 8B5508
mov edx, dword ptr [ebp+08]
:0040D11E 52
push edx
* Reference To: USER32.SetDlgItemTextA, Ord:022Ch
|
:0040D11F FF1514A24100 Call dword
ptr [0041A214]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040D10F(C)
|
:0040D125 833D00FE410003 cmp dword ptr [0041FE00],
00000003 //----->
:0040D12C 7D07
jge 0040D135 //------> 比較大於則跳,所以改為小於7D->7E
:0040D12E 33C0
xor eax, eax
:0040D130 E91B010000 jmp 0040D250
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0040D0DB(C), :0040D12C(C)
|
:0040D135 833D00FE410003 cmp dword ptr [0041FE00],
00000003
:0040D13C 7545
jne 0040D183 //--------修改75-74即jne->je
* Possible StringData Ref from Data Obj ->"DELUXE registration OK" //-----7條魚!
|
:0040D13E 6864E54100 push
0041E564
:0040D143 6892000000 push
00000092
:0040D148 8B4508
mov eax, dword ptr [ebp+08]
:0040D14B 50
push eax
* Reference To: USER32.SetDlgItemTextA, Ord:022Ch
|
:0040D14C FF1514A24100 Call dword
ptr [0041A214]
:0040D152 C605B1DD410001 mov byte ptr [0041DDB1],
01 //----
:0040D159 C605B2DD410001 mov byte ptr [0041DDB2],
01 //----
:0040D160 C605B3DD410001 mov byte ptr [0041DDB3],
01 //----
:0040D167 C605B4DD410001 mov byte ptr [0041DDB4],
01 //----
:0040D16E C605B5DD410001 mov byte ptr [0041DDB5],
01 //----
:0040D175 C605B6DD410001 mov byte ptr [0041DDB6],
01 //----
:0040D17C 33C0
xor eax, eax
:0040D17E E9CD000000 jmp 0040D250
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040D13C(C) //-------------------------根據上面的值變化,也要修改。
|
:0040D183 6878104200 push
00421078
:0040D188 6892000000 push
00000092
:0040D18D 8B4D08
mov ecx, dword ptr [ebp+08]
:0040D190 51
push ecx
* Reference To: USER32.SetDlgItemTextA, Ord:022Ch
|
:0040D191 FF1514A24100 Call dword
ptr [0041A214]
:0040D197 33C0
xor eax, eax
:0040D199 E9B2000000 jmp 0040D250
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040CFD1(C)
下面是參考dyiyd兄的提示寫的:感謝dyiyd兄。
修改了上面的內容註冊就是任意註冊碼了。而且是DELUXE,7條魚!!!但是還有啟動註冊框NAG,下面來去掉他!
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00404194(C)
|
:004041A0 833D00FE410000 cmp dword ptr [0041FE00],
00000000 //----0041FE00是否為0
:004041A7 740E
je 004041B7 //-----等於0就跳,玩完了。 74->75即je->jne
:004041A9 C605B1DD410001 mov byte ptr [0041DDB1],
01
:004041B0 C605B2DD410001 mov byte ptr [0041DDB2],
01
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004041A7(C)
|
:004041B7 6A03
push 00000003
:004041B9 E822F6FFFF call
004037E0
:004041BE 83C404
add esp, 00000004
:004041C1 85C0
test eax, eax
:004041C3 7434
je 004041F9 //------>eax=0就跳,玩完了。74->75即je->jne
:004041C5 C70500FE410003000000 mov dword ptr [0041FE00], 00000003
//-----使0041FE00=3
:004041CF C605B1DD410001 mov byte ptr [0041DDB1],
01
:004041D6 C605B2DD410001 mov byte ptr [0041DDB2],
01
:004041DD C605B3DD410001 mov byte ptr [0041DDB3],
01
:004041E4 C605B4DD410001 mov byte ptr [0041DDB4],
01
:004041EB C605B5DD410001 mov byte ptr [0041DDB5],
01
:004041F2 C605B6DD410001 mov byte ptr [0041DDB6],
01
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00404186(C), :004041C3(C)
|
:004041F9 833D00FE410000 cmp dword ptr [0041FE00],
00000000
:00404200 7410
je 00404212
:00404202 837DFC00
cmp dword ptr [ebp-04], 00000000
:00404206 740A
je 00404212
:00404208 6A01
push 00000001
:0040420A E86AFDFFFF call
00403F79
所以只要使0041FE00=3就可以了,所以我們可以這麼修改。
<------------完--------->
相關文章
- 精美的mac屏保需要?試試Aerial 2.1.3漢化版支援big sur!2020-11-18Mac
- 榮耀10青春版手機屏保怎麼設定?榮耀10青春版動態屏保設定教程2018-12-06
- win10神州網信政府版去掉屏保2024-07-05Win10
- 暴力破解2020-12-17
- Fish Redux 使用指南2019-03-20Redux
- fish_redux 「食用指南」2020-02-21Redux
- windows10怎樣取消屏保_w10系統如何取消屏保2020-02-23Windows
- win10關閉屏保的方法_win10怎樣取消屏保2020-07-03Win10
- 什麼是暴力破解?暴力破解的方法有哪些?2023-11-06
- win10屏保圖片在哪裡_win10屏保資料夾位置2020-07-22Win10
- 暴力破解測試2019-05-20
- Desktop Aquarium Wallpapers for Mac(高清水族館屏保)v3.3.0免啟用版2021-10-13Mac
- Dynamic Wallpaper for Mac(精美的動態桌布)v9.1免啟用版2021-12-07Mac
- Dynamic Wallpaper for Mac(精美的動態桌布)v8.8免啟用版2021-11-11Mac
- 好訊息,fish 3.0.0 釋出2019-01-29
- Hyperspace 炫酷太空隧道穿梭屏保2020-10-16
- 七款酷炫的 Mac 屏保2019-03-13Mac
- 迭代暴力破解域名工具2020-08-19
- Linux防止SSH暴力破解2021-08-03Linux
- win10怎麼設定屏保密碼_win10屏保密碼如何設定2020-06-24Win10密碼
- win10屏保密碼設定方法_window10如何設屏保鎖屏密碼2020-07-30Win10密碼
- 為精美,FButton&FSwitch2020-04-23
- 千字分享|自然語言分析NLA2022-05-30
- Fish Shell 的使用特性和優勢2023-11-20
- 屏保設定不生效怎麼做?2020-11-05
- 分享兩個超可愛的屏保2020-10-12
- Browns lazy shuffle (布朗熊爬動屏保)2020-10-13
- 初識Fish Redux在Flutter中使用2019-07-08ReduxFlutter
- Flutter 入坑指南(dio +fish_redux)2019-06-16FlutterRedux
- CF547D Mike and Fish 題解2024-07-24
- fish shell 自動補全子命令2021-04-22
- Flutter Fish Redux架構演進2.02021-05-18FlutterRedux架構
- 官宣 .NET 6 預覽版 62021-08-21
- web類靶機暴力破解2020-10-21Web
- DVWA-Brute Force暴力破解2020-11-14
- 暴力破解zip加密檔案2024-09-26加密
- Macos精美的動態桌布:Dynamic Wallpaper for Mac v16.4中文版2023-10-26Mac
- win10屏保自動更換怎麼設定 win10屏保幻燈片如何設定2020-10-15Win10
- 如何解決win10系統不能設定屏保 win10系統設定屏保的方法2022-05-01Win10