誰能找出BrainsBreaker3.0(巨好的拼圖遊戲)註冊碼?《論壇精華2》沒搞定! (16千字)
誰能找出BrainsBreaker3.0(巨好的拼圖遊戲)註冊碼?《論壇精華2》沒搞定!
破這種既好玩又有極大難度的軟體才過癮!
http://www.brainsbreaker.com/download.htm或
http://ourworld.compuserve.com/homepages/jtrujillo/bbsetup.exe
==========================================================================
1、Pack:我不填
Name:zest
Your ID:aaaa
Key:CCCCCCCCCCCCCCCC
--------------------------------------------------------------------------
2、此程式老在0167:00452509~0167:0045278F處迴圈,迴圈結束後出注冊錯誤框,
注意0167:00452543 PUSH DWORD [EBP-0C]處PUSH之值,你可下斷點
bpx 452546 do"d*esp"看看,我用TRW2K122。
值依次變為full,entry,brainsbreaker,summer96,spring96,winter96,contry。
--------------------------------------------------------------------------
3、我做如下3個斷點跟蹤:①bpx 452546 do"d*esp" ②bpx 452653 ③bpx 45274e
如KEY個數小於16個,正常中斷順序為①②①②①②......
如KEY個數大於等於16個,正常中斷順序為①②③①②③......
為了便於跟蹤,我的KEY填16個c,你或許會曰:NOP掉45274e此行(key數<16還要
NOP掉452653)不就行了?的確,你註冊成功了!上WC輕鬆一刻!
--------------------------------------------------------------------------
4、一泡尿工夫你會發覺你的程式DIE得很慘!
--------------------------------------------------------------------------
5、程式註冊後(強迫註冊)會在BBRK.INI加入:
[PACKBrainsBreaker]
0=zest
1=aaaa
2=1076e9867711e9867711e9867711e9867711
3=2100
4=4e37d9b1
5=5533cba4
注:上[PACK***]中***有可能就是full,entry,brainsbreaker,summer96,spring96,
winter96,contry其中之一,細觀察斷點①。我發覺[PACKfull]會出錯,見上第3點,
[PACKentry]和[PACKBrainsBreaker]可註冊成功!其餘[PACK***]說是成功了,
但功能有限制。我愛[PACKBrainsBreaker],使用後沒任何功能限制!
--------------------------------------------------------------------------
6、每次想玩時得跟蹤註冊一次才能消除其功能限制,麻煩!誰叫我沒$19.95呢。
你可試做一個PATCH看看,或用SMC方法。
--------------------------------------------------------------------------
7、誰能找到註冊碼?
==========================================================================
0167:00452509 FF36 PUSH
DWORD [ESI]-------->迴圈開始處!
0167:0045250B 8D4DF0 LEA
ECX,[EBP-10]
0167:0045250E E891990100 CALL 0046BEA4
0167:00452513 8D45F0 LEA
EAX,[EBP-10]
0167:00452516 B9B05C4B00 MOV ECX,004B5CB0
0167:0045251B 50 PUSH
EAX
0167:0045251C E84D54FDFF CALL 0042796E
0167:00452521 837DF802 CMP
DWORD [EBP-08],BYTE +02
0167:00452525 8945D0 MOV
[EBP-30],EAX
0167:00452528 6A2C PUSH
BYTE +2C
0167:0045252A 752A JNZ
00452556
0167:0045252C E8EA380400 CALL 00495E1B
0167:00452531 8BF0 MOV
ESI,EAX
0167:00452533 59 POP
ECX
0167:00452534 85F6 TEST
ESI,ESI
0167:00452536 7440 JZ
00452578
0167:00452538 FF75E4 PUSH
DWORD [EBP-1C]-------->$$CCCCCCCCCCCCCCCC
0167:0045253B 8BCE MOV
ECX,ESI
0167:0045253D FF75DC PUSH
DWORD [EBP-24]-------->aaaa
0167:00452540 FF75C8 PUSH
DWORD [EBP-38]-------->zest
0167:00452543 FF75F4 PUSH
DWORD [EBP-0C]-------->注意變化!
0167:00452546 E8EC55FDFF CALL 00427B37
0167:0045254B C706847C4A00 MOV DWORD [ESI],004A7C84
0167:00452551 8975FC MOV
[EBP-04],ESI
0167:00452554 EB26 JMP
SHORT 0045257C
0167:00452556 E8C0380400 CALL 00495E1B
0167:0045255B 85C0 TEST
EAX,EAX
0167:0045255D 59 POP
ECX
0167:0045255E 7418 JZ
00452578
0167:00452560 FF75E4 PUSH
DWORD [EBP-1C]
0167:00452563 8BC8 MOV
ECX,EAX
0167:00452565 FF75DC PUSH
DWORD [EBP-24]
0167:00452568 FF75C8 PUSH
DWORD [EBP-38]
0167:0045256B FF75F4 PUSH
DWORD [EBP-0C]
0167:0045256E E8C455FDFF CALL 00427B37
0167:00452573 8945FC MOV
[EBP-04],EAX
0167:00452576 EB04 JMP
SHORT 0045257C
0167:00452578 8365FC00 AND
DWORD [EBP-04],BYTE +00
0167:0045257C 8B4DFC MOV
ECX,[EBP-04]
0167:0045257F 8D951CFFFFFF LEA EDX,[EBP+FFFFFF1C]
0167:00452585 52 PUSH
EDX
0167:00452586 8B01 MOV
EAX,[ECX]
0167:00452588 FF5008 CALL
NEAR [EAX+08]-------->此CALL估計重要!
0167:0045258B 8BF0 MOV
ESI,EAX-------->注意EAX值變化!
0167:0045258D 6A08 PUSH
BYTE +08
0167:0045258F 59 POP
ECX
0167:00452590 0FB63E MOVZX
EDI,BYTE [ESI]
0167:00452593 8BC7 MOV
EAX,EDI
0167:00452595 6A01 PUSH
BYTE +01
0167:00452597 99 CDQ
0167:00452598 F7F9 IDIV
ECX
0167:0045259A 8BC7 MOV
EAX,EDI
0167:0045259C 5B POP
EBX
0167:0045259D C1E803 SHR
EAX,03
0167:004525A0 0FB6443001 MOVZX EAX,BYTE
[EAX+ESI+01]
0167:004525A5 8BCA MOV
ECX,EDX
0167:004525A7 D3E3 SHL
EBX,CL
0167:004525A9 23D8 AND
EBX,EAX
0167:004525AB 895D08 MOV
[EBP+08],EBX
0167:004525AE 7406 JZ
004525B6
0167:004525B0 6A01 PUSH
BYTE +01
0167:004525B2 5B POP
EBX
0167:004525B3 895D08 MOV
[EBP+08],EBX
0167:004525B6 8A4604 MOV
AL,[ESI+04]
0167:004525B9 6A08 PUSH
BYTE +08
0167:004525BB 0C04 OR
AL,04
0167:004525BD 59 POP
ECX
0167:004525BE C0E002 SHL
AL,02
0167:004525C1 884604 MOV
[ESI+04],AL
0167:004525C4 8BC7 MOV
EAX,EDI
0167:004525C6 99 CDQ
0167:004525C7 F7F9 IDIV
ECX
0167:004525C9 6A08 PUSH
BYTE +08
0167:004525CB 8BC8 MOV
ECX,EAX
0167:004525CD 8BC7 MOV
EAX,EDI
0167:004525CF 99 CDQ
0167:004525D0 5F POP
EDI
0167:004525D1 F7FF IDIV
EDI
0167:004525D3 85DB TEST
EBX,EBX
0167:004525D5 751B JNZ
004525F2
0167:004525D7 8D7C3101 LEA
EDI,[ECX+ESI+01]
0167:004525DB 8D4A01 LEA
ECX,[EDX+01]
0167:004525DE B001 MOV
AL,01
0167:004525E0 B301 MOV
BL,01
0167:004525E2 D2E0 SHL
AL,CL
0167:004525E4 8BCA MOV
ECX,EDX
0167:004525E6 D2E3 SHL
BL,CL
0167:004525E8 F6D0 NOT
AL
0167:004525EA 0A1F OR
BL,[EDI]
0167:004525EC 22C3 AND
AL,BL
0167:004525EE 8807 MOV
[EDI],AL
0167:004525F0 EB0E JMP
SHORT 00452600
0167:004525F2 8D443101 LEA
EAX,[ECX+ESI+01]
0167:004525F6 B301 MOV
BL,01
0167:004525F8 8BCA MOV
ECX,EDX
0167:004525FA D2E3 SHL
BL,CL
0167:004525FC F6D3 NOT
BL
0167:004525FE 2018 AND
[EAX],BL
0167:00452600 0FB63E MOVZX
EDI,BYTE [ESI]
0167:00452603 8BC7 MOV
EAX,EDI
0167:00452605 6A08 PUSH
BYTE +08
0167:00452607 99 CDQ
0167:00452608 59 POP
ECX
0167:00452609 F7F9 IDIV
ECX
0167:0045260B 8BC8 MOV
ECX,EAX
0167:0045260D 8D4101 LEA
EAX,[ECX+01]
0167:00452610 3D80000000 CMP EAX,80
0167:00452615 7E02 JNG
00452619
0167:00452617 33C0 XOR
EAX,EAX
0167:00452619 8A543001 MOV
DL,[EAX+ESI+01]
0167:0045261D 8D443001 LEA
EAX,[EAX+ESI+01]
0167:00452621 80CA04 OR
DL,04
0167:00452624 BBDE100000 MOV EBX,10DE
0167:00452629 C0EA02 SHR
DL,02
0167:0045262C 8810 MOV
[EAX],DL
0167:0045262E A1E86C4B00 MOV EAX,[004B6CE8]
0167:00452633 99 CDQ
0167:00452634 F7FB IDIV
EBX
0167:00452636 85D2 TEST
EDX,EDX
0167:00452638 750E JNZ
00452648
0167:0045263A 8BC7 MOV
EAX,EDI
0167:0045263C 6A08 PUSH
BYTE +08
0167:0045263E 99 CDQ
0167:0045263F 5F POP
EDI
0167:00452640 8D4C3102 LEA
ECX,[ECX+ESI+02]
0167:00452644 F7FF IDIV
EDI
0167:00452646 0811 OR
[ECX],DL
0167:00452648 FF05E86C4B00 INC DWORD [004B6CE8]
0167:0045264E 8A4601 MOV
AL,[ESI+01]
0167:00452651 A804 TEST
AL,04
0167:00452653 740B JZ
00452660-------->NOP掉它!!!!!!
0167:00452655 33C9 XOR
ECX,ECX
0167:00452657 394D08 CMP
[EBP+08],ECX
0167:0045265A 0F94C1 SETZ
CL
0167:0045265D 894D08 MOV
[EBP+08],ECX
0167:00452660 F6D0 NOT
AL
0167:00452662 884601 MOV
[ESI+01],AL
0167:00452665 33C0 XOR
EAX,EAX
0167:00452667 394508 CMP
[EBP+08],EAX
0167:0045266A 0F84F2000000 JZ NEAR 00452762
0167:00452670 8B4DFC MOV
ECX,[EBP-04]
0167:00452673 50 PUSH
EAX
0167:00452674 50 PUSH
EAX
0167:00452675 8D45B0 LEA
EAX,[EBP-50]
0167:00452678 8B11 MOV
EDX,[ECX]
0167:0045267A 50 PUSH
EAX
0167:0045267B FF5210 CALL
NEAR [EDX+10]
0167:0045267E 8BF0 MOV
ESI,EAX
0167:00452680 6A08 PUSH
BYTE +08
0167:00452682 59 POP
ECX
0167:00452683 0FB63E MOVZX
EDI,BYTE [ESI]
0167:00452686 8BC7 MOV
EAX,EDI
0167:00452688 6A01 PUSH
BYTE +01
0167:0045268A 99 CDQ
0167:0045268B F7F9 IDIV
ECX
0167:0045268D 8BC7 MOV
EAX,EDI
0167:0045268F 5B POP
EBX
0167:00452690 C1E803 SHR
EAX,03
0167:00452693 0FB6443001 MOVZX EAX,BYTE
[EAX+ESI+01]
0167:00452698 8BCA MOV
ECX,EDX
0167:0045269A D3E3 SHL
EBX,CL
0167:0045269C 23D8 AND
EBX,EAX
0167:0045269E 7403 JZ
004526A3
0167:004526A0 6A01 PUSH
BYTE +01
0167:004526A2 5B POP
EBX
0167:004526A3 8A4604 MOV
AL,[ESI+04]
0167:004526A6 6A08 PUSH
BYTE +08
0167:004526A8 0C04 OR
AL,04
0167:004526AA 59 POP
ECX
0167:004526AB C0E002 SHL
AL,02
0167:004526AE 884604 MOV
[ESI+04],AL
0167:004526B1 8BC7 MOV
EAX,EDI
0167:004526B3 99 CDQ
0167:004526B4 F7F9 IDIV
ECX
0167:004526B6 6A08 PUSH
BYTE +08
0167:004526B8 8BC8 MOV
ECX,EAX
0167:004526BA 8BC7 MOV
EAX,EDI
0167:004526BC 99 CDQ
0167:004526BD 5F POP
EDI
0167:004526BE F7FF IDIV
EDI
0167:004526C0 85DB TEST
EBX,EBX
0167:004526C2 7521 JNZ
004526E5
0167:004526C4 8D7C3101 LEA
EDI,[ECX+ESI+01]
0167:004526C8 8D4A01 LEA
ECX,[EDX+01]
0167:004526CB B001 MOV
AL,01
0167:004526CD D2E0 SHL
AL,CL
0167:004526CF 8BCA MOV
ECX,EDX
0167:004526D1 F6D0 NOT
AL
0167:004526D3 88450B MOV
[EBP+0B],AL
0167:004526D6 B001 MOV
AL,01
0167:004526D8 D2E0 SHL
AL,CL
0167:004526DA 8A4D0B MOV
CL,[EBP+0B]
0167:004526DD 0A07 OR
AL,[EDI]
0167:004526DF 22C8 AND
CL,AL
0167:004526E1 880F MOV
[EDI],CL
0167:004526E3 EB14 JMP
SHORT 004526F9
0167:004526E5 8D443101 LEA
EAX,[ECX+ESI+01]
0167:004526E9 B101 MOV
CL,01
0167:004526EB 884D0B MOV
[EBP+0B],CL
0167:004526EE 8BCA MOV
ECX,EDX
0167:004526F0 8A550B MOV
DL,[EBP+0B]
0167:004526F3 D2E2 SHL
DL,CL
0167:004526F5 F6D2 NOT
DL
0167:004526F7 2010 AND
[EAX],DL
0167:004526F9 0FB606 MOVZX
EAX,BYTE [ESI]
0167:004526FC 894508 MOV
[EBP+08],EAX
0167:004526FF 6A08 PUSH
BYTE +08
0167:00452701 99 CDQ
0167:00452702 59 POP
ECX
0167:00452703 F7F9 IDIV
ECX
0167:00452705 8BF8 MOV
EDI,EAX
0167:00452707 8D4701 LEA
EAX,[EDI+01]
0167:0045270A 3D80000000 CMP EAX,80
0167:0045270F 7E02 JNG
00452713
0167:00452711 33C0 XOR
EAX,EAX
0167:00452713 8A4C3001 MOV
CL,[EAX+ESI+01]
0167:00452717 8D443001 LEA
EAX,[EAX+ESI+01]
0167:0045271B 80C904 OR
CL,04
0167:0045271E C0E902 SHR
CL,02
0167:00452721 8808 MOV
[EAX],CL
0167:00452723 A1E86C4B00 MOV EAX,[004B6CE8]
0167:00452728 99 CDQ
0167:00452729 B9DE100000 MOV ECX,10DE
0167:0045272E F7F9 IDIV
ECX
0167:00452730 85D2 TEST
EDX,EDX
0167:00452732 750F JNZ
00452743
0167:00452734 8B4508 MOV
EAX,[EBP+08]
0167:00452737 6A08 PUSH
BYTE +08
0167:00452739 8D4C3E02 LEA
ECX,[ESI+EDI+02]
0167:0045273D 5F POP
EDI
0167:0045273E 99 CDQ
0167:0045273F F7FF IDIV
EDI
0167:00452741 0811 OR
[ECX],DL
0167:00452743 FF05E86C4B00 INC DWORD [004B6CE8]
0167:00452749 8A4601 MOV
AL,[ESI+01]
0167:0045274C A804 TEST
AL,04
0167:0045274E 7409 JZ
00452759-------->NOP掉它!!!!!!!!
0167:00452750 33C9 XOR
ECX,ECX
0167:00452752 85DB TEST
EBX,EBX
0167:00452754 0F94C1 SETZ
CL-------->CL應為1
0167:00452757 8BD9 MOV
EBX,ECX-------->賦值
0167:00452759 F6D0 NOT
AL
0167:0045275B 85DB TEST
EBX,EBX-------->ebx不應為0
0167:0045275D 884601 MOV
[ESI+01],AL
0167:00452760 7539 JNZ
0045279B-------->應該讓它跳!
0167:00452762 837DFC00 CMP
DWORD [EBP-04],BYTE +00
0167:00452766 7411 JZ
00452779
0167:00452768 8B4DFC MOV
ECX,[EBP-04]
0167:0045276B E819F3FAFF CALL 00401A89
0167:00452770 FF75FC PUSH
DWORD [EBP-04]
0167:00452773 E8002F0400 CALL 00495678
0167:00452778 59 POP
ECX
0167:00452779 8B75D4 MOV
ESI,[EBP-2C]
0167:0045277C 83C604 ADD
ESI,BYTE +04
0167:0045277F 8975D4 MOV
[EBP-2C],ESI
0167:00452782 833E00 CMP
DWORD [ESI],BYTE +00
0167:00452785 740D JZ
00452794
0167:00452787 8D4DF0 LEA
ECX,[EBP-10]
0167:0045278A E8B5970100 CALL 0046BF44
0167:0045278F E975FDFFFF JMP 00452509-------->大迴圈,跳到上面第一行!
0167:00452794 33F6 XOR
ESI,ESI
0167:00452796 E9ED010000 JMP 00452988-------->此JMP跳過了註冊成功的CALL!
0167:0045279B 33FF XOR
EDI,EDI
0167:0045279D 397DD0 CMP
[EBP-30],EDI
0167:004527A0 7C11 JL
004527B3
0167:004527A2 FF75D0 PUSH
DWORD [EBP-30]
0167:004527A5 BBB05C4B00 MOV EBX,004B5CB0
0167:004527AA 8BCB MOV
ECX,EBX
0167:004527AC E865730000 CALL 00459B16
0167:004527B1 EB05 JMP
SHORT 004527B8
0167:004527B3 BBB05C4B00 MOV EBX,004B5CB0
0167:004527B8 393D845A4B00 CMP [004B5A84],EDI
0167:004527BE 7518 JNZ
004527D8
0167:004527C0 6A05 PUSH
BYTE +05
0167:004527C2 C705BC584B000100+MOV DWORD [004B58BC],01
0167:004527CC E821560000 CALL 00457DF2
0167:004527D1 59 POP
ECX
0167:004527D1 59 POP
ECX
0167:004527D2 893DBC584B00 MOV [004B58BC],EDI
0167:004527D8 6848010000 PUSH DWORD 0148
0167:004527DD E8D0E20200 CALL 00480AB2
0167:004527E2 3BC7 CMP
EAX,EDI
0167:004527E4 59 POP
ECX
0167:004527E5 7410 JZ
004527F7
0167:004527E7 FF75DC PUSH
DWORD [EBP-24]
0167:004527EA 8BC8 MOV
ECX,EAX
0167:004527EC FF75C8 PUSH
DWORD [EBP-38]
0167:004527EF FF75F4 PUSH
DWORD [EBP-0C]
0167:004527F2 E83660FEFF CALL 0043882D-------->此CALL註冊成功!
0167:004527F7 8B45EC MOV
EAX,[EBP-14]
0167:004527FA FF7004 PUSH
DWORD [EAX+04]
0167:004527FD FF1564754A00 CALL `USER32!UpdateWindow`
0167:00452803 8B75FC MOV
ESI,[EBP-04]
0167:00452806 8D4508 LEA
EAX,[EBP+08]
0167:00452809 6A01 PUSH
BYTE +01
/\zest/\2000.2
相關文章
- 拼圖遊戲 (32千字)2015-11-15遊戲
- 註冊碼演算法 (2千字)2001-01-14演算法
- 找出BootStar V6.02的註冊碼2015-11-15boot
- 很對不起,因為出了兩天差。動態找出winhex的註冊碼.請進...... (2千字)2001-07-23
- winimp1.11註冊碼破解 (2千字)2000-07-16
- FINAL DATA註冊碼計算 (2千字)2000-07-24
- 《MAGICWIN RELEASE 1.2》註冊碼破解 高手莫入! (2千字)2001-05-07
- vfp&exe1.70註冊碼計算 (2千字)2001-06-04
- 鬥地主4.0註冊演算法,序號產生器在OCG論壇
(22千字)2015-11-15演算法
- IP搜尋客 1.61 註冊碼計算 (2千字)2000-05-16
- 《EASY MP3 2.2》的註冊碼破解 高手莫入! (2千字)2001-05-05
- Flash ActionScript Tool 的註冊碼! (22千字)2001-05-04
- 《TxEdit 4.6》的註冊碼破解 (11千字)2001-07-28
- 快捷反垃圾郵件破解手記--找出註冊碼2015-11-15
- 看教程累了,測了一下論壇的註冊人數2023-12-20
- 《OFFLINE EXPLORER 1.0》的註冊碼破解 高手莫入!! (2千字)2001-05-18
- S-DEMO2 註冊分析 (14千字)2002-06-25
- 圖片沒有註冊類怎麼辦_win10開啟圖片沒有註冊類的解決方法2020-01-06Win10
- pycharm 2016.3.2註冊碼2017-05-15PyCharm
- Pycharm 2016註冊碼2017-11-22PyCharm
- 重新貼過註冊演算法分析 (16千字)2001-10-23演算法
- 一種非明碼比較程式的註冊------NS-SHAFT註冊碼破解 (9千字)2015-11-15
- 如何破解Cool ASCII Art Maker V1.21註冊碼 (2千字)2001-05-03ASCII
- egis釋出了adsubstract pro 2.1註冊器,帶原始碼的。
(2千字)2001-02-02原始碼
- Regediter 1.3 破解(得到註冊碼) (9千字)2002-01-23
- 誰能搞定此程式==>zoom(內詳),我吃方便麵N天了!
(6千字)2001-04-08OOM
- [ yjunzhao ]的Super Vidoe CD Verifier破解過程,註冊器我也寫出,到贏徵論壇去看
(4千字)2002-02-07
- estiprojm 註冊 (12千字)2001-11-08
- Navicat 16 註冊教程2024-03-18
- CPUCOOL 5.1000註冊碼分析 (6千字)2001-01-19
- IconToy 3.1 註冊碼快速破解 (11千字)2001-03-02
- BabyGame 破解方法及註冊碼錶 (1千字)2001-07-04GAM
- "竹影棋友"圍棋程式註冊雞 (2千字)2001-05-19
- OICQ 圖形留言系統 v3.2註冊碼演算法 不知有沒有人貼過,呵呵! (11千字)2001-06-23演算法
- SMailserver2.5註冊碼的破解手記 (1千字)2001-03-01AIServer
- 離線註冊你的Fast Browser v4.0 (2千字)2001-09-14AST
- 讓SyGate 4.0 build712自己告訴你註冊碼. (2千字)2001-05-03UI
- 用dede3和trw追Fast Browser Pro V5.0註冊碼
(16千字)2002-03-27AST