“美萍”來看看,視窗鎖王ver4.8徹底完蛋了。破解原來如此簡單。只改兩位元組.哈哈哈....... (4千字)
萍”來看看,視窗鎖王ver4.8徹底完蛋了。破解原來如此簡單。只改兩位元組.哈哈哈.......
用w32dasm開啟discal.vxd,找到如下程式碼:
:000001A0 83EC10
sub esp, 00000010
:000001A3 56
push esi
:000001A4 33F6
xor esi, esi
:000001A6 56
push esi
:000001A7 6A02
push 00000002
:000001A9 893500000000 mov dword ptr
[00000000], esi
:000001AF 893500000000 mov dword ptr
[00000000], esi
:000001B5 E862090000 call 00000B1C
:000001BA 85C0
test eax, eax
:000001BC 0F85F5000000 jne 000002B7
:000001C2 8D442404 lea
eax, dword ptr [esp+04]
:000001C6 50
push eax
:000001C7 6800000000 push 00000000
:000001CC 6802000080 push 80000002
:000001D1 E83E090000 call 00000B14
:000001D6 83C40C
add esp, 0000000C
:000001D9 85C0
test eax, eax
:000001DB 0F85D6000000 jne 000002B7
:000001E1 8B442404 mov
eax, dword ptr [esp+04]
:000001E5 8D4C2410 lea
ecx, dword ptr [esp+10]
:000001E9 8D542408 lea
edx, dword ptr [esp+08]
:000001ED 51
push ecx
:000001EE 52
push edx
:000001EF 56
push esi
:000001F0 56
push esi
:000001F1 6800000000 push 00000000
:000001F6 50
push eax
:000001F7 E810090000 call 00000B0C
:000001FC 83C418
add esp, 00000018
:000001FF 85C0
test eax, eax
:00000201 0F85A3000000 jne 000002AA
:00000207 8B442408 mov
eax, dword ptr [esp+08]
:0000020B 8D4C2410 lea
ecx, dword ptr [esp+10]
:0000020F 8D54240C lea
edx, dword ptr [esp+0C]
:00000213 3578EFCDAB xor eax,
ABCDEF78
:00000218 51
push ecx
:00000219 52
push edx
:0000021A 89442410 mov
dword ptr [esp+10], eax
:0000021E 8B44240C mov
eax, dword ptr [esp+0C]
:00000222 56
push esi
:00000223 56
push esi
:00000224 6800000000 push 00000000
:00000229 50
push eax
:0000022A E8DD080000 call 00000B0C
:0000022F 83C418
add esp, 00000018
:00000232 85C0
test eax, eax
:00000234 7574
jne 000002AA
:00000236 8B4C240C mov
ecx, dword ptr [esp+0C]
:0000023A 33D2
xor edx, edx
:0000023C 81F1780AE305 xor ecx, 05E30A78
:00000242 BEDF150000 mov esi,
000015DF
:00000247 8BC1
mov eax, ecx
:00000249 F7F6
div esi
:0000024B BE56000000 mov esi,
00000056
:00000250 81C278563412 add edx, 12345678
:00000256 23CA
and ecx, edx
:00000258 33D2
xor edx, edx
:0000025A 8BC1
mov eax, ecx
:0000025C F7F6
div esi
:0000025E 8BC1
mov eax, ecx
:00000260 8BF2
mov esi, edx
:00000262 33D2
xor edx, edx
:00000264 03F1
add esi, ecx
:00000266 B9BB230000 mov ecx,
000023BB
:0000026B F7F1
div ecx
:0000026D 8B442408 mov
eax, dword ptr [esp+08]
:00000271 81C2AF010000 add edx, 000001AF
:00000277 33F2
xor esi, edx
:00000279 81EE05270000 sub esi, 00002705
:0000027F 3BC6
cmp eax, esi
:00000281 8974240C mov
dword ptr [esp+0C], esi
:00000285 7523
jne 000002AA <--nop掉
:00000287 8B542404 mov
edx, dword ptr [esp+04]
:0000028B C7050000000001000000 mov dword ptr [00000000], 00000001
:00000295 52
push edx
:00000296 E869080000 call 00000B04
:0000029B 83C404
add esp, 00000004
:0000029E E89D000000 call 00000340
:000002A3 5E
pop esi
:000002A4 83C410
add esp, 00000010
:000002A7 C20800
ret 0008
只要把00000285行nop掉,全搞定了。既7523改為9090既可。
現在註冊碼可任意輸入了.不過,改該檔案前,重起windows,按F8鍵,單步裝載,不讓discal.vxd裝入.
說明:000001bc和000001d1兩處是查詢系統中是否裝有SICE和TRW.
第二:
在smith.vxd中還有防SICE和TRW的暗樁,如:
:00002761 55
push ebp
:00002762 8BEC
mov ebp, esp
:00002764 83EC24
sub esp, 00000024
:00002767 8B450C
mov eax, dword ptr [ebp+0C]
:0000276A 56
push esi
:0000276B 8BF1
mov esi, ecx
:0000276D C745F84F000000 mov [ebp-08], 0000004F
:00002774 83662000 and
dword ptr [esi+20], 00000000
:00002778 894624
mov dword ptr [esi+24], eax
:0000277B 8B4508
mov eax, dword ptr [ebp+08]
:0000277E C70600000000 mov dword ptr
[esi], 00000000
:00002784 89461C
mov dword ptr [esi+1C], eax
:00002787 8D45DC
lea eax, dword ptr [ebp-24]
:0000278A 50
push eax
:0000278B 6A41
push 00000041
:0000278D E84A100000 call 000037DC
:00002792 817DF886F30000 cmp dword ptr [ebp-08],
0000F386 <----此處防SICE
:00002799 750F
jne 000027AA
:0000279B 6A01
push 00000001
:0000279D E8F20F0000 call 00003794
:000027A2 50
push eax
:000027A3 6A00
push 00000000
:000027A5 E8B6100000 call 00003860
:000027AA 8BC6
mov eax, esi
:000027AC 5E
pop esi
:000027AD C9
leave
:000027AE C20800
ret 0008
但是這樣一改,仍然還有防SICE和TRW的程式碼,有興趣的朋友可繼續查詢。
當然,如你係統中未裝載SICE和TRW,則不需修改以上防SICE和TRW處的程式碼.
作者也真是的,如你購買了正確的註冊碼,系統中仍有SICE的話,仍不會註冊成功。用心險惡!!!
有興趣的朋友,可根據以上程式碼和locksmith.exe中的一段程式碼寫出它的序號產生器
相關文章
- 破解視窗鎖王ver4.8的一點提示 (1千字)2001-07-08
- 容器DevOps,原來如此簡單!2018-01-10dev
- 短影片配音原來如此簡單2024-04-07
- 原來 Java 遠端除錯如此簡單2020-09-30Java除錯
- 視窗鎖王ver5.10簡介2015-11-15
- 原來如此2024-07-29
- K8S原來如此簡單(七)儲存2022-03-26K8S
- xmake入門,構建專案原來可以如此簡單2019-03-01
- K8S原來如此簡單(三)Pod+Deployment2022-03-23K8S
- K8S原來如此簡單(六)Pod排程2022-03-25K8S
- K8S原來如此簡單(八)ServiceAccount+RBAC2022-03-27K8S
- 破解一個CCG的軟體,改半位元組! (6千字)2002-01-27
- 原來 React 專案多環境打包是如此的簡單2019-12-07React
- K8S原來如此簡單(四)Service+Ingress2022-03-24K8S
- K8S原來如此簡單(五)Metrics Server與HPA2022-03-24K8SServer
- 閒來無聊,寫下話費清單精簡版破解過程 (4千字)2001-05-05
- 【android】擺正姿勢,dagger2原來如此簡單2019-01-06Android
- 華為雲軟體開發雲:容器DevOps,原來如此簡單!2018-01-17dev
- 【基礎知識】Flex-彈性佈局原來如此簡單!!2018-04-02Flex
- 【技術乾貨】原來ARM+Linux音訊方案如此簡單!2022-07-13Linux音訊
- 原來實現專案多環境打包部署是如此的簡單2017-09-20
- 半位元組破解Vopt Millennium edition (9千字)2001-05-13
- 標誌位法破解----美萍反黃衛士2.26 (4千字)2001-07-27
- 菜鳥之作--Help & Manual V3.0.4.619破解--只修改2個位元組搞定
(3千字)2002-06-02
- 蘋果新品來襲,快來看看都有哪些改變吧2020-08-08蘋果
- 彩票快車破解手記(copyyour兄要的,來看看吧) (1千字)2001-03-25
- 很久沒來這了,上一篇美萍反黃專家2.0註冊碼破解 (8千字)2001-07-19
- 策略模式原來這麼簡單!2018-12-28模式
- 怎麼徹底理解悲觀鎖與樂觀鎖?來,圖文並茂輕鬆理解!2020-02-24
- iPhone 12 Pro測量人的身高原來如此簡單2020-10-29iPhone
- 一個徹底改變Redux的簡潔設計2019-03-31Redux
- 策略模式原來就這麼簡單!2018-12-24模式
- flashsoft得簡單破解 (6千字)2001-05-26
- 別再說SUM函式很簡單,進來看看吧!2018-10-31函式
- 美萍反黃專家 版本2.41 破解實錄 (9千字)2001-10-04
- 美萍反黃專家 版本3.2破解實錄 (6千字)2001-12-08
- Andorid 任意介面懸浮窗,實現懸浮窗如此簡單2017-12-24
- 淘寶放大鏡的簡單實現,原來道理很簡單2018-08-01