用SOFTICE破解Audio Companion Ver1.13(轉載請保持完整)
作者:Pcrocker
檔案大小:189KB
軟體授權:共享軟體
使用平臺:Win95/98
軟體簡介:
抓CD音軌,WAV到CD,CD到WAV,透過卡錄音。下面是E文簡介:
This program consists of three parts: one to read from the computer's CD-ROM
unit digitally (CD Ripper), a wav to MP3/WMA encoder, a MP3 to wav decoder
and a maximizer (Batch Processor) and a sound recorder allowing you to record
music via your computer's sound card (Audio Splitter).
http://software.wx88.net/down/audiocom.zip (從新浪當的)
安裝後,執行,出現干擾資訊,讓你註冊。它根據你的機器算出一個ID(可能與硬體有關),我這裡是9C8FDCD8。在選單中有一項是password(也就是Serial
Number)。隨便填,出現註冊失敗的提示,可氣的是接著還跟出記事本,而且在程式結束時記事本還出現,可惡!!!
注意,本軟體在未註冊版本會有一定的使用限制。
好了,不多說了。下面搬出S-ICE,執行程式,在PASSWORD中填入:67676767;
^D到S-ICE,下bpx hmemcpy;
^D再回來,按OK,到S-ICE,下bd *;
按F12數次,到Audio Companion,程式碼如下:
:00404C6E 8BB424CC000000 mov esi, dword
ptr [esp+000000CC]
:00404C75 6A1E
push 0000001E
:00404C77 68D4FF4300 push
0043FFD4
* Possible Reference to Dialog: PASSWORDDIALOG, CONTROL_ID:041A, ""
|
:00404C7C 681A040000 push
0000041A
:00404C81 56
push esi
* Reference To: USER32.GetDlgItemTextA, Ord:0104h
|
:00404C82 FF15E4524200 Call dword
ptr [004252E4] ;<---- F12會返回在這裡
:00404C88 E873FDFFFF call
00404A00 ;<----
判斷password的call,不正確時eax=0
:00404C8D 85C0
test eax, eax ;<----
跳下去就完了,提示註冊失敗
:00404C8F 7456
je 00404CE7
:00404C91 8D442404
lea eax, dword ptr [esp+04]
* Possible StringData Ref from Data Obj ->"Uibolt~gps~sfhjtufsjoh!"
|
:00404C95 68A4BB4200 push
0042BBA4
追進 call 00404a00,向前走不遠就發現一個 Call 後面跟的是 test eax,eax, 有點可疑。果然。。。。
* Referenced by a CALL at Addresses:
|:004012C0 , :00404C88 , :00404D7C , :0040A5CA , :0040B24B
|:00411674
|
:00404A00 83EC50
sub esp, 00000050
:00404A03 E858FEFFFF call
00404860
:00404A08 50
push eax
:00404A09 8D442434
lea eax, dword ptr [esp+34]
:00404A0D 50
push eax
:00404A0E B998FA4300 mov ecx,
0043FA98
:00404A13 E8080D0000 call
00405720
:00404A18 8D4C2430
lea ecx, dword ptr [esp+30]
:00404A1C 51
push ecx
:00404A1D E89EFFFFFF call
004049C0
:00404A22 83C404
add esp, 00000004
:00404A25 8D542418
lea edx, dword ptr [esp+18]
:00404A29 B998FA4300 mov ecx,
0043FA98
:00404A2E 52
push edx
:00404A2F E84C0F0000 call
00405980
:00404A34 50
push eax
:00404A35 B998FA4300 mov ecx,
0043FA98
:00404A3A E881110000 call
00405BC0
:00404A3F 8D4C2400
lea ecx, dword ptr [esp]
:00404A43 6A10
push 00000010
:00404A45 51
push ecx
:00404A46 50
push eax
:00404A47 E80BFE0100 call
00424857
:00404A4C 83C40C
add esp, 0000000C
:00404A4F 8D542400
lea edx, dword ptr [esp]
:00404A53 B998FA4300 mov ecx,
0043FA98
:00404A58 52
push edx
:00404A59 E8E20E0000 call
00405940
:00404A5E 8D442430
lea eax, dword ptr [esp+30] ;<---- 在這裡 d eax,看到的就是程式算出的password,趕快記下來:Bn9-pW-56z-aa
:00404A62 68D4FF4300 push
0043FFD4 ;<----
在這裡 d 43ffd4,是輸入的內容:67676767
:00404A67 50
push eax
:00404A68 B998FA4300 mov ecx,
0043FA98
:00404A6D E86E0C0000 call
004056E0 ;<----
進行比較
:00404A72 85C0
test eax, eax ;<----
password正確時,eax=1
:00404A74 741E
je 00404A94 ;<----
不正確時,eax=0,跳到下面去繼續比較,不重要了
:00404A76 8D4C2400
lea ecx, dword ptr [esp]
:00404A7A 68D4FF4300 push
0043FFD4
:00404A7F 51
push ecx
:00404A80 B998FA4300 mov ecx,
0043FA98
:00404A85 E8560C0000 call
004056E0
:00404A8A 85C0
test eax, eax
:00404A8C 7406
je 00404A94
:00404A8E 33C0
xor eax, eax
:00404A90 83C450
add esp, 00000050
:00404A93 C3
ret
返回程式中,仍提示註冊失敗,該死的記事本又出來了,不管它。重新輸入password:Bn9-pW-56z-aa,出現感謝註冊的訊息框,Yeah!又搞定了一個,經驗值+1。^_^
共耗時10(寫這個攻略卻至少有30分鐘,呵呵),給大家的元宵節禮物。
完成時間:2001/02/07
22:00