如何完美破解PE EXPLORER 1.2
PE EXPLORER 1.2是個非常不錯的CRACK輔助軟體
破解人: 大老
註冊方式:註冊碼
使用限制:30天試用
這是我第二次在發表破解過程寫的不好的地方請大家多提意見。好我們們來破掉它.
第一步算出它的註冊碼!
:004C8945 314708
xor dword ptr [edi+08], eax
:004C8948 B837B43D49 mov eax,
493DB437
:004C894D 31470C
xor dword ptr [edi+0C], eax
:004C8950 8B07
mov eax, dword ptr [edi]
:004C8952 334704
xor eax, dword ptr [edi+04]
:004C8955 8B5F08
mov ebx, dword ptr [edi+08]
:004C8958 335F0C
xor ebx, dword ptr [edi+0C]
:004C895B 8945F8
mov dword ptr [ebp-08], eax
:004C895E 895DF4
mov dword ptr [ebp-0C], ebx
:004C8961 61
popad
:004C8962 A1E0584E00 mov eax,
dword ptr [004E58E0]
:004C8967 E874B2F3FF call 00403BE0
:004C896C 83F810
cmp eax, 00000010 《――比較註冊碼是否是16位
:004C896F 0F8CD1010000 jl 004C8B46
:004C8975 8D45E8
lea eax, dword ptr [ebp-18]
:004C8978 50
push eax
:004C8979 B908000000 mov ecx,
00000008
:004C897E BA01000000 mov edx,
00000001
:004C8983 A1E0584E00 mov eax,
dword ptr [004E58E0]
:004C8988 E857B4F3FF call 00403DE4
:004C898D 8D45E4
lea eax, dword ptr [ebp-1C]
:004C8990 50
push eax
:004C8991 B908000000 mov ecx,
00000008
:004C8996 BA09000000 mov edx,
00000009
:004C899B A1E0584E00 mov eax,
dword ptr [004E58E0]
:004C89A0 E83FB4F3FF call 00403DE4
:004C89A5 8D4DBC
lea ecx, dword ptr [ebp-44]
:004C89A8 BA08000000 mov edx,
00000008
:004C89AD 8B45F8
mov eax, dword ptr [ebp-08]
:004C89B0 E87BE6F3FF call 00407030
:004C89B5 8B55BC
mov edx, dword ptr [ebp-44]
:004C89B8 8B45E8
mov eax, dword ptr [ebp-18]前8位的真假註冊碼
:004C89BB E830B3F3FF call 00403CF0
《―比較前八位註冊碼
:004C89C0 0F8560010000 jne 004C8B26
:004C89C6 8D4DBC
lea ecx, dword ptr [ebp-44]
:004C89C9 BA08000000 mov edx,
00000008
:004C89CE 8B45F4
mov eax, dword ptr [ebp-0C]
:004C89D1 E85AE6F3FF call 00407030
:004C89D6 8B55BC
mov edx, dword ptr [ebp-44]
:004C89D9 8B45E4
mov eax, dword ptr [ebp-1C]後8位的真假註冊碼
:004C89DC E80FB3F3FF call 00403CF0《―比較後八位註冊碼
:004C89E1 0F853F010000 jne 004C8B26
:004C89E7 B8CC584E00 mov eax,
004E58CC
:004C89EC 8B15DC584E00 mov edx, dword
ptr [004E58DC]
:004C89F2 E8C1AFF3FF call 004039B8
:004C89F7 B8D0584E00 mov eax,
004E58D0
:004C89FC 8B4DE4
mov ecx, dword ptr [ebp-1C]
:004C89FF 8B55E8
mov edx, dword ptr [ebp-18]
:004C8A02 E825B2F3FF call 00403C2C
:004C8A07 B201
mov dl, 01
我的註冊碼是dalao/9B2B793D1EE5C68E
第二步去掉時間限制!
這個軟體很奇怪!當你輸入正確的註冊碼後將在PE EXPLORER的目錄中生成一pexdata.rdat檔案但是還是有時間限制!我猜這個軟體的註冊有兩方面一個是註冊碼一個是網上註冊然後把註冊標誌寫到某個地方!才能完全註冊去掉時間限制!不過不要緊下面中只要改半個位元組即可去掉時間限制!嘿嘿!
* Possible StringData Ref from Code Obj ->"trial version"
|
:004C9235 8B15E4584E00 mov edx, dword
ptr [004E58E4]
:004C923B E878A7F3FF call 004039B8
:004C9240 B8D0584E00 mov eax,
004E58D0
* Possible StringData Ref from Code Obj ->"12345678FEDCBA98"
|
:004C9245 8B15E8584E00 mov edx, dword
ptr [004E58E8]
:004C924B E868A7F3FF call 004039B8
:004C9250 E8D7A1F3FF call 0040342C
:004C9255 EB20
jmp 004C9277
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C9156(C)
|
:004C9257 B8CC584E00 mov eax,
004E58CC
* Possible StringData Ref from Code Obj ->"trial version"
|
:004C925C 8B15E4584E00 mov edx, dword
ptr [004E58E4]
:004C9262 E851A7F3FF call 004039B8
:004C9267 B8D0584E00 mov eax,
004E58D0
* Possible StringData Ref from Code Obj ->"12345678FEDCBA98"
|
:004C926C 8B15E8584E00 mov edx, dword
ptr [004E58E8]
:004C9272 E841A7F3FF call 004039B8
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:004C9146(C), :004C9217(U), :004C9255(U)
|
:004C9277 8B45F0
mov eax, dword ptr [ebp-10]
:004C927A 80782401 cmp
byte ptr [eax+24], 01
:004C927E 7508
jne 004C9288
:004C9280 8B45F0
mov eax, dword ptr [ebp-10]
:004C9283 E854F6FFFF call 004C88DC
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004C927E(C)
|
:004C9288 E8ABDDFFFF call 004C7038
:004C928D 8B45F0
mov eax, dword ptr [ebp-10]
:004C9290 80B85402000000 cmp byte ptr [eax+00000254],
00 《――關鍵
:004C9297 0F85B2070000 jne 004C9A4F
《――改掉它85改成84即可
:004C929D 8B45F0
mov eax, dword ptr [ebp-10]
:004C92A0 8B9834020000 mov ebx, dword
ptr [eax+00000234]
:004C92A6 83C305
add ebx, 00000005
:004C92A9 8D95CCFCFFFF lea edx, dword
ptr [ebp+FFFFFCCC]
收工有啥錯誤的地方請大家多提批評!
大老
http://dalao2001.yeah.net
2001.6.13