EmEditor v3.16破解過程 (9千字)
:0041B09F 668907
mov word ptr [edi], ax
:0041B0A2 46
inc esi
:0041B0A3 47
inc edi
:0041B0A4 47
inc edi
:0041B0A5 83FE04
cmp esi, 00000004
:0041B0A8 7CE3
jl 0041B08D
:0041B0AA 8D45F4
lea eax, dword ptr [ebp-0C]
:0041B0AD 50
push eax
:0041B0AE E8F5FEFFFF call 0041AFA8
------>跟進這個call
:0041B0B3 3BC3
cmp eax, ebx
:0041B0B5 5F
pop edi
:0041B0B6 742A
je 0041B0E2
:0041B0B8 33C9
xor ecx, ecx
:0041B0BA 83F802
cmp eax, 00000002
:0041B0BD 0F95C1
setne cl
:0041B0C0 49
dec ecx
:0041B0C1 6A30
push 00000030
:0041B0C3 83E103
and ecx, 00000003
:0041B0C6 81C154040000 add ecx, 00000454
:0041B0CC 51
push ecx
:0041B0CD E8DCA1FFFF call 004152AE
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B019(C)
|
:0041B0D2 6A02
push 00000002
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B149(U)
|
:0041B0D4 FF7508
push [ebp+08]
* Reference To: USER32.EndDialog, Ord:00BBh
|
:0041B0D7 FF15C0834300 Call dword ptr
[004383C0]
:0041B0DD E998000000 jmp 0041B17A
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B0B6(C)
|
:0041B0E2 C605742E440001 mov byte ptr [00442E74],
01
:0041B0E9 E82EFDFFFF call 0041AE1C
:0041B0EE 8BF0
mov esi, eax
:0041B0F0 3BF3
cmp esi, ebx
:0041B0F2 7509
jne 0041B0FD
:0041B0F4 6A30
push 00000030
:0041B0F6 6861040000 push 00000461
:0041B0FB EB45
jmp 0041B142
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041B0F2(C)
|
:0041B0FD 6A02
push 00000002
* Possible StringData Ref from Data Obj ->"EmEditor"
|
:0041B0FF 686CCE4300 push 0043CE6C
:0041B104 8D45D4
lea eax, dword ptr [ebp-2C]
* Possible StringData Ref from Data Obj ->"%s-%d"
|
:0041B107 6818D04300 push 0043D018
:0041B10C 50
push eax
----------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------
* Referenced by a CALL at Addresses:
|:0041B0AE , :0041B22E
|
:0041AFA8 56
push esi
:0041AFA9 8B742408 mov
esi, dword ptr [esp+08]
:0041AFAD 57
push edi
:0041AFAE 6A0A
push 0000000A
:0041AFB0 0FB706
movzx eax, word ptr [esi]
:0041AFB3 99
cdq
:0041AFB4 59
pop ecx
:0041AFB5 F7F9
idiv ecx
:0041AFB7 3DAB000000 cmp eax,
000000AB
------>檢查code1的前三位是否為171
:0041AFBC 7405
je 0041AFC3
------>不跳就死
:0041AFBE 6A01
push 00000001
:0041AFC0 58
pop eax
:0041AFC1 EB15
jmp 0041AFD8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AFBC(C)
|
:0041AFC3 668B7E06 mov
di, word ptr [esi+06]
:0041AFC7 56
push esi
:0041AFC8 E813FFFFFF call 0041AEE0
------>跟進這個call
:0041AFCD 85C0
test eax, eax
:0041AFCF 7507
jne 0041AFD8
------>一跳就完了
:0041AFD1 663B7E06 cmp
di, word ptr [esi+06] ------>esi+06為code4
:0041AFD5 0F95C0
setne al
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AFC1(U), :0041AFCF(C)
|
:0041AFD8 5F
pop edi
:0041AFD9 5E
pop esi
:0041AFDA C20400
ret 0004
----------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------
* Referenced by a CALL at Address:
|:0041AFC8
|
:0041AEE0 56
push esi
:0041AEE1 8B742408 mov
esi, dword ptr [esp+08]
:0041AEE5 668B4602 mov
ax, word ptr [esi+02]
:0041AEE9 6683660600 and word
ptr [esi+06], 0000
:0041AEEE 663D0F27 cmp
ax, 270F
------>檢查code2是否為9999
:0041AEF2 0F87A9000000 ja 0041AFA1
------>大於就跳
:0041AEF8 668B5604 mov
dx, word ptr [esi+04]
:0041AEFC 6681FA0F27 cmp dx,
270F
------>檢查code3是否為9999
:0041AF01 0F879A000000 ja 0041AFA1
------>大於就跳
:0041AF07 6685C0
test ax, ax
:0041AF0A 0F848D000000 je 0041AF9D
:0041AF10 663DAE08 cmp
ax, 08AE
------>檢查code2是否為2222
:0041AF14 0F8483000000 je 0041AF9D
------>等於就跳
:0041AF1A 663D2E16 cmp
ax, 162E
------>檢查code2是否為5678
:0041AF1E 747D
je 0041AF9D
------>等於就跳
:0041AF20 663D1625 cmp
ax, 2516
------>檢查code2是否為9494
:0041AF24 7477
je 0041AF9D
------>等於就跳
:0041AF26 668B0E
mov cx, word ptr [esi]
:0041AF29 6681F9AE06 cmp cx,
06AE
------>檢查code1是否為1710
:0041AF2E 746D
je 0041AF9D
------>等於就跳
:0041AF30 53
push ebx
:0041AF31 55
push ebp
:0041AF32 57
push edi
:0041AF33 6A64
push 00000064
:0041AF35 0FB7C0
movzx eax, ax
:0041AF38 0FB7FA
movzx edi, dx
:0041AF3B 89442418 mov
dword ptr [esp+18], eax
:0041AF3F 8BC7
mov eax, edi
:0041AF41 99
cdq
:0041AF42 5B
pop ebx
:0041AF43 F7FB
idiv ebx
:0041AF45 0FB7C9
movzx ecx, cx
:0041AF48 6A0A
push 0000000A
:0041AF4A 5D
pop ebp
:0041AF4B 6A64
push 00000064
:0041AF4D 8BD8
mov ebx, eax
:0041AF4F 8BC1
mov eax, ecx
:0041AF51 99
cdq
:0041AF52 F7FD
idiv ebp
:0041AF54 8B542418 mov
edx, dword ptr [esp+18]
:0041AF58 03D3
add edx, ebx
:0041AF5A 03C2
add eax, edx
:0041AF5C 03C7
add eax, edi
:0041AF5E 5F
pop edi
:0041AF5F 99
cdq
:0041AF60 F7FF
idiv edi
:0041AF62 8B442414 mov
eax, dword ptr [esp+14]
:0041AF66 6A64
push 00000064
:0041AF68 5B
pop ebx
:0041AF69 6A64
push 00000064
:0041AF6B 5D
pop ebp
:0041AF6C 55
push ebp
:0041AF6D 8B3C9588CE4300 mov edi, dword ptr
[4*edx+0043CE88]
:0041AF74 99
cdq
:0041AF75 6BFF64
imul edi, 00000064
:0041AF78 F7FB
idiv ebx
:0041AF7A 8BD8
mov ebx, eax
:0041AF7C 8BC1
mov eax, ecx
:0041AF7E 99
cdq
:0041AF7F F7FD
idiv ebp
:0041AF81 03CB
add ecx, ebx
:0041AF83 03C1
add eax, ecx
:0041AF85 59
pop ecx
:0041AF86 99
cdq
:0041AF87 F7F9
idiv ecx
:0041AF89 8B049588CE4300 mov eax, dword ptr
[4*edx+0043CE88]
:0041AF90 03F8
add edi, eax
:0041AF92 33C0
xor eax, eax
:0041AF94 66897E06 mov
word ptr [esi+06], di
:0041AF98 5F
pop edi
:0041AF99 5D
pop ebp
:0041AF9A 5B
pop ebx
:0041AF9B EB07
jmp 0041AFA4
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AF0A(C), :0041AF14(C), :0041AF1E(C), :0041AF24(C), :0041AF2E(C)
|
:0041AF9D 6A02
push 00000002
:0041AF9F EB02
jmp 0041AFA3
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041AEF2(C), :0041AF01(C)
|
:0041AFA1 6A01
push 00000001
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AF9F(U)
|
:0041AFA3 58
pop eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041AF9B(U)
|
:0041AFA4 5E
pop esi
:0041AFA5 C20400
ret 0004
conanxu[BCG]
conanxu@eastday.com
http://conanxu.51.net/
相關文章
- OICQ HACK 1.0 破解過程 (9千字)2001-04-23
- 嗨!這是EmEditor v3.00 b3破解過程 (5千字)2000-08-05
- 木馬克星5.33.60破解過程
(9千字)2002-03-28
- EMEDITOR V3.0破解過程~~~~~呵呵~~~~~我第一次寫過程~~~~累死我了~~~~呵呵
(14千字)2001-01-11
- 加密精靈V2.2破解過程 (9千字)2001-10-28加密
- 有聲有色 v3.16破解教程 (6千字)2000-10-03
- Nullz CrackMe 1.1破解過程 (13千字)2001-09-18Null
- WebTimeSync 5.2.0 破解過程 (14千字)2001-10-05Web
- 破解Ghost多媒體視訊點播系統全過程 (9千字)2002-07-29
- dfx V4.0破解過程 (10千字)2000-09-24
- 破解過程-----請多多指教 (2千字)2000-12-31
- 電腦字型秀破解過程 (1千字)2001-03-18
- webeasymail的簡單破解過程 (2千字)2001-08-04WebAI
- Kryptel 3.8 暴力破解過程 (18千字)2001-09-18
- PUZZLER1.20破解過程 (4千字)2002-01-26
- SuperCleaner2.30破解過程 (11千字)2002-02-04
- Password Keeper v6.3破解過程 (8千字)2002-04-12
- post NOW! 破解過程!有意思。 (1千字)2000-12-30
- 有聲有色3.33破解過程 (4千字)2001-02-09
- 專業掃雷 1.2破解過程 (4千字)2001-02-17
- fulldisk A32 破解過程!(簡單) (1千字)2001-03-20
- 具體的破解過程來也! (10千字)2001-04-21
- 密碼大師4.0破解過程 (3千字)2001-05-06密碼
- 對VCDCUT 4.03的分析破解過程 (18千字)2001-08-08
- GaitCD破解全過程(installshield) (3千字)2015-11-15AI
- 音樂賀卡廠4.10破解過程 (6千字)2001-08-11
- 蒙泰5.0加密狗破解過程 (6千字)2001-10-11加密
- 破解 OverNimble Localize Plus 1.04
全過程! (13千字)2015-11-15
- 我終於破解了魔裝網神了,破解過程!!,不過是用2.70破解的。 (1千字)2001-10-15
- 如何破解Bestofware SmartUI Activex 所有版本。(過程)
(5千字)2000-12-31UI
- PassWD2000破解過程~~~轉貼~~~~~~ (11千字)2001-10-10
- PowerArchiver破解過程。2015-11-15Hive
- 我的破解心得(9) (4千字)2001-03-13
- 我的破解心得(11) (9千字)2001-03-13
- 破解心得之eXeScope篇 (9千字)2001-07-01
- Soundnailsd的破解教程(一) (9千字)2001-10-17AI
- 破解<<破解堅盾磁碟加密系統 V4.0>>的全過程 (10千字)2001-10-23加密
- supercleaner 2.0 超酷的系統清潔工具破解過程!
(3千字)2001-03-23