話費清單精簡版破解過程
下載地址:http://www.inhua.com/down/dial4609.exe
一個免費註冊的軟體,給初學者看看吧-------我也是初學者
用Trw2000載入dialpad.exe,
在註冊欄輸入註冊姓名:conanxu[BCG]註冊號碼:sanjer註冊密碼:121212
下斷點bpx messageboxa點選"註冊已確認!",被截下
016F:004C0CAC MOV EAX,[EBP-04]
016F:004C0CAF CALL 00456F90
016F:004C0CB4 MOV EAX,[EBP-18]
016F:004C0CB7 MOV EDX,[EBP-0C]
016F:004C0CBA CALL 0040401C
-->這個call很可以進去看看
016F:004C0CBF JZ 004C0CDC
-->這個跳轉可以帶過下面的call
016F:004C0CC1 PUSH BYTE +00
016F:004C0CC3 PUSH DWORD 004C0DA0
016F:004C0CC8 PUSH DWORD 004C0DB0
016F:004C0CCD MOV EAX,EBX
016F:004C0CCF CALL 004377D4
016F:004C0CD4 PUSH EAX
016F:004C0CD5 CALL `USER32!MessageBoxA` -->停在了這裡
016F:004C0CDA JMP SHORT 004C0D40
016F:004C0CDC MOV ECX,[EBP-04]
016F:004C0CDF MOV EDX,004C0E1C
016F:004C0CE4 MOV EAX,[EBP-10]
016F:004C0CE7 CALL 00451280
016F:004C0CEC MOV ECX,[EBP-08]
016F:004C0CEF MOV EDX,004C0E30
016F:004C0CF4 MOV EAX,[EBP-10]
016F:004C0CF7 CALL 00451280
016F:004C0CFC MOV ECX,[EBP-0C]
016F:004C0CFF MOV EDX,004C0E44
016F:004C0D04 MOV EAX,[EBP-10]
016F:004C0D07 CALL 00451280
016F:004C0D0C XOR EDX,EDX
016F:004C0D0E MOV EAX,[EBX+0B6C]
016F:004C0D14 MOV ECX,[EAX]
016F:004C0D16 CALL NEAR [ECX+5C]
016F:004C0D19 XOR EDX,EDX
016F:004C0D1B MOV EAX,[EBX+0B74]
016F:004C0D21 MOV ECX,[EAX]
016F:004C0D23 CALL NEAR [ECX+5C]
016F:004C0D26 XOR EDX,EDX
016F:004C0D28 MOV EAX,[EBX+0B70]
016F:004C0D2E MOV ECX,[EAX]
016F:004C0D30 CALL NEAR [ECX+5C]
016F:004C0D33 XOR EDX,EDX
016F:004C0D35 MOV EAX,[EBX+0B78]
016F:004C0D3B CALL 00431594
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
016F:00404019 LEA EAX,[EAX+00]
016F:0040401C PUSH EBX
016F:0040401D PUSH ESI
016F:0040401E PUSH EDI
016F:0040401F MOV ESI,EAX
016F:00404021 MOV EDI,EDX
016F:00404023 CMP EAX,EDX
-->這裡下d eax看到正確的註冊碼:84763g7ia
d edx看到錯誤的註冊碼:121212
016F:00404025 JZ NEAR 004040BA
016F:0040402B TEST ESI,ESI
016F:0040402D JZ 00404097
016F:0040402F TEST EDI,EDI
016F:00404031 JZ 0040409E
016F:00404033 MOV EAX,[ESI-04]
016F:00404036 MOV EDX,[EDI-04]
016F:00404039 SUB EAX,EDX
016F:0040403B JA 0040403F
016F:0040403D ADD EDX,EAX
016F:0040403F PUSH EDX
016F:00404040 SHR EDX,02
016F:00404043 JZ 0040406B
016F:00404045 MOV ECX,[ESI]
016F:00404047 MOV EBX,[EDI]
016F:00404049 CMP ECX,EBX
016F:0040404B JNZ 004040A5
016F:0040404D DEC EDX
016F:0040404E JZ 00404065
016F:00404050 MOV ECX,[ESI+04]
016F:00404053 MOV EBX,[EDI+04]
016F:00404056 CMP ECX,EBX
016F:00404058 JNZ 004040A5
016F:0040405A ADD ESI,BYTE +08
016F:0040405D ADD EDI,BYTE +08
016F:00404060 DEC EDX
016F:00404061 JNZ 00404045
016F:00404063 JMP SHORT 0040406B
016F:00404065 ADD ESI,BYTE +04
016F:00404068 ADD EDI,BYTE +04
016F:0040406B POP EDX
016F:0040406C AND EDX,BYTE +03
016F:0040406F JZ 00404093
016F:00404071 MOV ECX,[ESI]
016F:00404073 MOV EBX,[EDI]
016F:00404075 CMP CL,BL
016F:00404077 JNZ 004040BA
016F:00404079 DEC EDX
016F:0040407A JZ 00404093
016F:0040407C CMP CH,BH
016F:0040407E JNZ 004040BA
016F:00404080 DEC EDX
016F:00404081 JZ 00404093
016F:00404083 AND EBX,00FF0000
016F:00404089 AND ECX,00FF0000
016F:0040408F CMP ECX,EBX
016F:00404091 JNZ 004040BA
016F:00404093 ADD EAX,EAX
016F:00404095 JMP SHORT 004040BA
016F:00404097 MOV EDX,[EDI-04]
016F:0040409A SUB EAX,EDX
016F:0040409C JMP SHORT 004040BA
016F:0040409E MOV EAX,[ESI-04]
016F:004040A1 SUB EAX,EDX
016F:004040A3 JMP SHORT 004040BA
016F:004040A5 POP EDX
016F:004040A6 CMP CL,BL
016F:004040A8 JNZ 004040BA
016F:004040AA CMP CH,BH
016F:004040AC JNZ 004040BA
016F:004040AE SHR ECX,10
016F:004040B1 SHR EBX,10
016F:004040B4 CMP CL,BL
016F:004040B6 JNZ 004040BA
016F:004040B8 CMP CH,BH
016F:004040BA POP EDI
016F:004040BB POP ESI
016F:004040BC POP EBX
016F:004040BD NOP
conanxu[BCG]
Email:conanxu@eastday.com