軟體名稱:Flash32 3.08
破解目的:做成漢化版後無法執行,提示軟體沒有正確安裝云云,解除安裝後重新安裝任何英文版都無法執行,有貓膩!
破解工具:W32Dsm89 黃金版、UltraEdit
首先用 W32Dsm89 反編譯後,查詢提示資訊,可以找到兩處如下:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00411F45(C) <---- 看看是從哪裡跳過來的
|
:00411F9D 6A10
push 00000010
* Possible StringData Ref from Data Obj ->"Flash 32"
|
:00411F9F 6870804500 push
00458070
* Possible StringData Ref from Data Obj ->"Flash 32 is not correctly installed...
Please "
->"execute
install."
|
:00411FA4 68F8C34500 push
0045C3F8
:00411FA9 6A00
push 00000000
:00411FAB EB0D
jmp 00411FBA
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00411D02(C) <---- 看看是從哪裡跳過來的
|
:00411FAD 6A10
push 00000010
* Possible StringData Ref from Data Obj ->"Flash 32"
|
:00411FAF 6870804500 push
00458070
* Possible StringData Ref from Data Obj ->"Flash 32 is not correctly installed...
Please "
->"execute
install."
|
:00411FB4 68F8C34500 push
0045C3F8
:00411FB9 53
push ebx
我們先來看看第一處:
* Possible Ref to Menu: MenuID_00E3, Item: "Quitter"
|
:00411EE0 6A01
push 00000001
:00411EE2 68A0134800 push
004813A0
:00411EE7 6820FE4700 push
0047FE20
:00411EEC 68D0084800 push
004808D0
:00411EF1 68C0064800 push
004806C0
:00411EF6 68C01B4800 push
00481BC0
:00411EFB 68F8054800 push
004805F8
:00411F00 6880054800 push
00480580
:00411F05 6800054800 push
00480500
:00411F0A 6868054800 push
00480568
:00411F0F 6820044800 push
00480420
:00411F14 68F0FA4700 push
0047FAF0
:00411F19 6860FA4700 push
0047FA60
:00411F1E 6850FA4700 push
0047FA50
:00411F23 6800F94700 push
0047F900
:00411F28 68F0F84700 push
0047F8F0
:00411F2D 6820F94700 push
0047F920
:00411F32 68E0054800 push
004805E0
:00411F37 6880EF4700 push
0047EF80
:00411F3C E8AF6C0200 call
00438BF0
:00411F41 83C44C
add esp, 0000004C
:00411F44 48
dec eax
:00411F45 7456
je 00411F9D <---- 這裡
:00411F47 48
dec eax
:00411F48 742B
je 00411F75 <---- 這也是一個可疑的地方
:00411F4A 8B9424BC010000 mov edx, dword
ptr [esp+000001BC]
:00411F51 6A00
push 00000000
:00411F53 6830D84000 push
0040D830
:00411F58 6A00
push 00000000
* Possible Reference to Dialog: DialogID_009C
|
:00411F5A 689C000000 push
0000009C
:00411F5F 52
push edx
再來看看第二處:
* Possible Ref to Menu: MenuID_007F, Item: "? r"
|
:00411CD4 C705AC04480000010000 mov dword ptr [004804AC], 00000100
:00411CDE C70570FA4700FFFFFFFF mov dword ptr [0047FA70], FFFFFFFF
:00411CE8 891D68054800 mov dword
ptr [00480568], ebx
:00411CEE 8915FC054800 mov dword
ptr [004805FC], edx
:00411CF4 A3DC084800 mov dword
ptr [004808DC], eax
:00411CF9 E8F26E0200 call
00438BF0
:00411CFE 83C44C
add esp, 0000004C
:00411D01 48
dec eax
:00411D02 0F84A5020000 je 00411FAD
<---- 這裡
:00411D08 6880EF4700 push
0047EF80
:00411D0D 8D8C24B8000000 lea ecx, dword
ptr [esp+000000B8]
* Possible StringData Ref from Data Obj ->"%s\Flash 32.lic"
|
:00411D14 6808C54500 push
0045C508
:00411D19 51
push ecx
看明白後就很容易了,用 UltraEdit 修改:
查詢 83 C4 4C 48 0F 84 A5 02 00 00
改為 83 C4 4C 48 90 90 90 90 90 90
查詢 83 C4 4C 48 74 56 48 74 2B
改為 83 C4 4C 48 90 90 48 90 90
fishs
http://fishs.126.com