翻譯一篇很簡單的暴力破解installshield! (6千字)

破解installshield script的教程
翻譯者：Petetchen
        [      ]的翻譯是我的好朋友windos2k協助！在些多謝他！
       
Author : SiraX / [NaTzGUL/SiraX Production 98]
Email  : sirax@dongle.net

目錄：
    1.介紹
    2.工具教程
    3.反譯破解教程
    4.總結
    5.聯絡

1.介紹
  這個教程是試範Windows Installshield Decompiler v1.00的用法。
透過這個教程你將看到如何破解install的密碼保護，一般多數軟體都是用它打包。
希望透過這個教程，你將學會靈活工具和最重要正確使用這些方法來對付script.

2.工具教程
  相信只有它才能反序破解installshield的保護了。
  它具有CRC校正自動修改和儲存的功能，這樣它就有別的工具沒有的功能。
  這個教程裡的破解物件是Adobe PhotoShop V4.0的圖象編輯工具。它是用
  Installshield 3.0製成的密碼保護。

3.反譯破解教程
  在這一節，我就以破解Adobe PhotoShop V4.0逐步逐步分析。每個步都指出
  對圖形窗的運用。

  1.裝載Installshield Decompiler
  2.執行setup.exe，直到註冊窗出來如:
    name:
    company:
    serial number:
  任意輸入密碼之類, 點選Next當看到
  "The serial number xxxxxxxxxx is not a valid Adobe PhotoShop serial number,
  Please re-enter your serial number."為止。
  3.現在寫下錯誤提示如："invalid".我們要在反譯後在"text later on"上找這樣的提示。
  4.退出setup,開始備份setup.ins
  5.點開啟選單上的"file"(熱鍵ctrl-O ),在開啟視窗中選取Adobe PhotoShop的setup.ins檔案。
  6.緊著按F2或者打選單上"decompile"->"star"不久你就看見反譯程式。如果你想終止，可以點
    工具欄上的"cancel"按扭。
  7.當反譯後，我開始找"invalid"的提示。這樣的提示在工具欄"text box"上找得到,然後點選。
    就來到：
    <LABEL_002> REF:00000F97 00001016 00001388
  |
00000DB9: 0128    IF (SdRegisterUserEx_[LABEL_0214]=000000C) THEN
00000DD9: 002C        Goto (LABEL_0001)
00000DDA: 0000  ENDIF
00000DE6: 0125  StrVar[002F] = SUPPORTDIR ^ "PSSupprt.DLL"
00000E12: 0128  IF (UseDLL (StrVar[002F]) != 00000000) THEN
00000E32: 0013        StrVar[001A] = "An Error occurred during the setup process! Please contact Adobe Systems Technical Support."
00000E95: 0104        SprintfBox (FFFF0003,"Adobe Photoshop Setup",StrVar[001A])
00000EBA: 002B        Exit ()
00000EBB: 0000  ENDIF
00000ED4: 0128  IF (PSSupprt.PSFunc1 (StrVar[0024]) = 00000000) THEN  //function return value is compared to 0.  0 is bad.
00000EF4: 00B3        UnUseDLL ("PSSupprt")                              [函式返回值是與0比較，相等是不好的]
00000F01: 0013        StrVar[001A] = "The serial number %s is not a valid Adobe Photoshop serial number. Please re-enter your serial number."
00000F6F: 0104        SprintfBox (FFFF0002,"Adobe Photoshop Setup",StrVar[001A],StrVar[0024])  ////Displays the error message
                                                                                                  [顯示錯誤資訊]

00000F97: 002C        Goto (LABEL_0002)  //Loops back and let user to re-enter info
00000F98: 0000  ENDIF                    [後退並且容許使用者重輸入資訊]
00000FA4: 0125  StrVar[002F] = SUPPORTDIR ^ "PSSupprt.DLL"
00000FBB: 00B3  UnUseDLL (StrVar[002F])
00000FF6: 0128  IF (SdConfirmRegistration_[LABEL_0260] = 00000000) THEN
00001016: 002C        Goto (LABEL_0002)
00001017: 0000  ENDIF
00001023: 0013  StrVar[0023] = "File Components"
0000103A: 00B5  Call Function_0055_[LABEL_00F4]  (StrVar[0023])
...............
  8.在上面反譯的內容，你能清楚看到要改的地方。
    At 0000E12:0128, we have a comparison with the return value of a function and the value 0.
    If the return value is zero, then we're in trouble.  The error message will be displayed
    at line 00000F6F:0104.  Then at line 00000F97:002C, we go back to Label_002 so that this
    process is repeated and user can re-enter the info.
    (在0000E12:0128我們可參考[函式返回值是與0比較，相等是不好的]如果返回宣告是0，這樣你就麻煩了！
    在00000F6F:0104[顯示錯誤資訊]。然後00000F97:002C跳回Label_002[後退並且容許使用者重輸入資訊])
  9.Since we have identified the spot to be changed, now it's time to crack it.  To make a
    change so that it will accept our wrong serial, we can change the "=" operator at line
    00000ED4:0128 to "!=".  Clear enough!
    (當我們確認修改的地方，那麼就把00000ED4:0128的"="變成"!=".)

10.To make the change, it's very simple.  First, double click on the "=" operator.  Then
    right-click your mouse to bring up the popup menu.  Choose "Change To" and pick the "!="
    operator.  After this, you should see that the operator is now "!=".
    (修改方法很簡單。首先正確雙擊"="，之後顯示一個浮動選單。從中選取"Change To"和點選"!="，然後
    你會看見"="變成了"!="。)
   
11.Once the above is done, we need to save the changes we made.  You can either goto "Misc"
    menu to pick "CRC Correction" or you can quit the IS decompiler and you will automatically
    be asked whether you want to save changes or not.  Click on "yes" when you're asked.  And
    then just sit back and relax.  In a few minutes, you will see it in action.
    (當你儲存修改的地方後，就去點選單上的"Misc"->"CRC Correction"或者快速的退出 is decompiler
    它會自動的提示你是否儲存結果選"yes")
12.After it's done, simply run the Adobe PhotoShop setup again, and enter any info and serials
    at that screen.  Then click on "Next".  Whoaaaa.  Beauti!  A confirm box popped up this time,
    asking us whether this information is correct or not.  We DID NOT see the error message box.
    Now, just click on "yes" to confirm this info is right and follow the instructions to
    install the rest.
    (當你做完以上工作，再一次安裝Adobe PhotoShop時出現註冊窗你只要按下一步就連密碼也不要校正。)
     
13.Hey, wasn't that easy!  I did it in about 10 min.  The decompile process took a while.  But
    would you rather spent a few hours tracing through the code or POINT and CLICK to defeat it?
  (多麼的容易！我只用了10秒鐘。如果你想追出密碼就要分一些時間了？)
4.總結：
    From the above walk through, we can see how easy it is to defeat such Installshield
protection with this decompiler.  I hope I have made the steps clear enough for you to walk
through and get some general feel for this tool.  If you have any questions, suggestions, or
even bug reports regarding this tool, we would love to hear from you.  You can email us, or find
us on EFNET.  After all,  this is still in beta.
         
5.聯絡：
Groups:
    DONGLE, GPF, REVOLT, GLoW, ENTITY, CONCEPT, PNC, etc
PERSONAL:
    NaTzGUL, Vizion, BLeetz, Krazy_N, Niabi, Deviant, Norway, FaNt0m, Knoweffex, JoG, Pitty, Info[e], [Mad], [Sketch]
    Hazzy, Perish, JJJ, 45mBit, CoPhiber, Spanky, Doc-Man, SuperChic, Wildwendy, Tane, TeRaPhY, Razzia, +ORC, Fravia+
    LordCaligo, Dap24, Op-Ivy, Ghi, etc.....


(c) 1998 SiraX / [NaTzGUL/SiraX Production] All rights reversed