天網防火牆個人版2.0.2.98(beta)的破解,參考TAE!的破解。 (5千字)
天網防火牆個人版2.0.2.98(beta)的破解,參考TAE!的破解。
程式:電腦報合訂本2000配套光碟。
目標:找出註冊碼。
工具:TRW2K&W32DASM
如有雷同,純屬巧合。
================================================================================
1、首先:
* Possible StringData Ref from Data Obj ->" 註冊成功! 謝謝您的註冊。"
|
:0040AFBE BA11004D00 mov edx,
004D0011
:0040AFC3 8D45DC
lea eax, dword ptr [ebp-24]
:0040AFC6 E821DF0B00 call
004C8EEC
:0040AFCB FF461C
inc [esi+1C]
:0040AFCE 8B00
mov eax, dword ptr [eax]
:0040AFD0 E8A7930500 call
0046437C
:0040AFD5 FF4E1C
dec [esi+1C]
:0040AFD8 8D45DC
lea eax, dword ptr [ebp-24]
:0040AFDB BA02000000 mov edx,
00000002
:0040AFE0 E823E00B00 call
004C9008
:0040AFE5 8BC3
mov eax, ebx
:0040AFE7 E898E80400 call
00459884
:0040AFEC EB2D
jmp 0040B01B
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040AE92(C)==>注意!看看!
|
:0040AFEE 66C746103800 mov [esi+10],
0038
* Possible StringData Ref from Data Obj ->"密碼和使用者名稱不對,請注意檢查大小寫。"
|
:0040AFF4 BA2C004D00 mov edx,
004D002C
=================================================================================
2、往上看看這裡:
:0040AE51 E8C6AEFFFF call
00405D1C==>此CALL重要!進入!
* Reference To: snfw._frmMain
|
:0040AE56 8B15D8864D00 mov edx, dword
ptr [004D86D8]
:0040AE5C 8B12
mov edx, dword ptr [edx]
:0040AE5E 888205030000 mov byte ptr
[edx+00000305], al==>注意
:0040AE64 FF4E1C
dec [esi+1C]
:0040AE67 8D45F8
lea eax, dword ptr [ebp-08]
:0040AE6A BA02000000 mov edx,
00000002
:0040AE6F E894E10B00 call
004C9008
:0040AE74 FF4E1C
dec [esi+1C]
:0040AE77 8D45FC
lea eax, dword ptr [ebp-04]
:0040AE7A BA02000000 mov edx,
00000002
:0040AE7F E884E10B00 call
004C9008
:0040AE84 A1D8864D00 mov eax,
dword ptr [004D86D8]
:0040AE89 8B38
mov edi, dword ptr [eax]
:0040AE8B 80BF0503000000 cmp byte ptr [edi+00000305],
00==>注意
:0040AE92 0F8456010000 je 0040AFEE==>注意!
=================================================================================
3、進入call 00405D1C看看:
* Referenced by a CALL at Addresses:
|:004060B8 , :0040AE51 ==>可返回004060B8看看是TAE!關鍵處。
|
:00405D1C 55
push ebp
:00405D1D 8BEC
mov ebp, esp
:00405D1F 81C474FFFFFF add esp, FFFFFF74
:00405D25 B81CDA4C00 mov eax,
004CDA1C
......
......
......
......
:00405EB5 8D45EC
lea eax, dword ptr [ebp-14]
:00405EB8 5A
pop edx
:00405EB9 E82E320C00 call
004C90EC==>關鍵CALL進入!
:00405EBE 50
push eax
:00405EBF FF4E1C
dec [esi+1C]
:00405EC2 8D45E8
lea eax, dword ptr [ebp-18]
:00405EC5 BA02000000 mov edx,
00000002
:00405ECA E839310C00 call
004C9008
:00405ECF FF4E1C
dec [esi+1C]
:00405ED2 8D45EC
lea eax, dword ptr [ebp-14]
:00405ED5 BA02000000 mov edx,
00000002
:00405EDA E829310C00 call
004C9008
:00405EDF FF4E1C
dec [esi+1C]
:00405EE2 8D45F0
lea eax, dword ptr [ebp-10]
:00405EE5 BA02000000 mov edx,
00000002
:00405EEA E819310C00 call
004C9008
:00405EEF FF4E1C
dec [esi+1C]
:00405EF2 8D45F4
lea eax, dword ptr [ebp-0C]
:00405EF5 BA02000000 mov edx,
00000002
:00405EFA E809310C00 call
004C9008
:00405EFF FF4E1C
dec [esi+1C]
:00405F02 8D45F8
lea eax, dword ptr [ebp-08]
:00405F05 BA02000000 mov edx,
00000002
:00405F0A E8F9300C00 call
004C9008
:00405F0F FF4E1C
dec [esi+1C]
:00405F12 8D45FC
lea eax, dword ptr [ebp-04]
:00405F15 BA02000000 mov edx,
00000002
:00405F1A E8E9300C00 call
004C9008
:00405F1F 58
pop eax
:00405F20 8B0E
mov ecx, dword ptr [esi]
:00405F22 64890D00000000 mov dword ptr fs:[00000000],
ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00405DFE(U)
|
:00405F29 5E
pop esi
:00405F2A 5B
pop ebx
:00405F2B 8BE5
mov esp, ebp
:00405F2D 5D
pop ebp
:00405F2E C3
ret
==========================================================================
4、進入call 004C90EC看看:
* Referenced by a CALL at Addresses:
|:00405B00 , :00405B3E , :00405EB9 , :004064B3 , :00407F5B
|:00408059 , :004083C5
|
:004C90EC 55
push ebp
:004C90ED 8BEC
mov ebp, esp
:004C90EF 53
push ebx
:004C90F0 8B00
mov eax, dword ptr [eax]==>看看這裡cool code
:004C90F2 8B12
mov edx, dword ptr [edx]==>看看這裡your bad code
:004C90F4 E8E7E8FDFF call
004A79E0 ==>看看裡面
:004C90F9 0F94C0
sete al ==>看看
:004C90FC 83E001
and eax, 00000001 ==>看
:004C90FF 5B
pop ebx
:004C9100 5D
pop ebp
:004C9101 C3
ret
===========================================================================
5、結論:
UserName=zest
RegisterKey=9ED4
===========================================================================
/\zest/\
2001.2
相關文章
- 天網防火牆個人版2.0(beta)的破解!!! (20千字)2001-01-26防火牆
- 使用DEDE破解天網防火牆 2.46! (2千字)2001-11-01防火牆
- 瑞星個人防火牆1.1版破解手記 (3千字)2001-11-25防火牆
- 瑞星個人防火牆及瑞星2002防毒通用破解 (1千字)2001-09-29防火牆防毒
- 《Quick View Plus 5.0》30天試用版的破解 (5千字)2001-07-24UIView
- 天網防火牆的配置方法2016-10-19防火牆
- PolyView 破解 (5千字)2000-12-31View
- 破解MyMahj (5千字)2001-06-20
- serv-u 3.0 beta破解 (2千字)2001-04-20
- 我的破解心得(5) (16千字)2001-03-13
- 破解TurboLaunch 4.04 (5千字)2001-06-06
- jdpack的脫殼及破解 (5千字)2002-06-25
- 談談VB程式的破解 (5千字)2002-10-28
- 破解魔法轉換 v2.1 Beta 2 測試版 (11千字)2001-10-28
- 金山毒霸試用版完全破解 (5千字)2001-07-16
- 相容M/intel電腦的防火牆軟體:Radio Silence for mac 中文破解版2023-12-11Intel防火牆Mac
- 鸚鵡螺網路助手破解 (5千字)2001-01-19
- 一個簡單的破解,供初學者參考!望高手多加指點! (1千字)2001-03-26
- Vopt99 v4.31暴力破解實錄(僅供初學者參考) (5千字)2001-02-19
- 破解心得之CDRWin 4.0A BETA篇 (18千字)2001-04-24
- 破解入門5 (3千字)2000-09-23
- duelist crackme 1 破解 (5千字)2000-10-16
- IPTools 1.10 破解 (5千字)2001-02-11
- see This 破解實戰! (5千字)2000-06-26
- 如何破解CuteFTP 4.0 (5千字)2000-07-20FTP
- 破解90天試用期 (2千字)2001-04-03
- 蘋果Mac電腦簡單好用的防火牆:Radio Silence註冊碼破解版最新2023-12-29蘋果Mac防火牆
- 一個超容易破解的軟體! (5千字)2001-01-21
- PolyView再破解---請指教 (5千字)2001-01-02View
- 破解XFtpSvr =====> 請進 (5千字)2001-07-01FTPVR
- 破解MailScan V3.5.1.2 (5千字)2001-08-31AI
- 對個人防火牆XFilter的感受 (轉)2007-08-17防火牆Filter
- picturetoexe v3.60 beta #2不完全破解 (2千字)2001-04-30
- 破解badcat21---真正的初學者 (5千字)2001-05-19
- 最多 200 美元,黑客就能用微型晶片破解硬體防火牆2019-10-14黑客晶片防火牆
- 我終於破解了魔裝網神了,破解過程!!,不過是用2.70破解的。 (1千字)2001-10-15
- 改一個位元組使天網防火牆2.4.6永不過期. (6千字)2001-11-26防火牆
- 登陸奇兵3.0破解心得 (5千字)2001-05-02