改一個位元組使天網防火牆2.4.6永不過期. (6千字)
改一個位元組使天網防火牆2.4.6永不過期.
破解者:tieji
破解時間:2001-11-23
註冊碼可以免費得到,不用破解,現破解的是一個月後彈出過期提示框.
找到004033D3 call dword ptr [edx+000000D8] 是彈出過期提示框的地方,具體怎樣找到的,
參見《看雪論壇精華Ⅲ》,這裡就不再說了.
* Referenced by a CALL at Addresses:
|:00405593 , :004056C9 , :0040E4E7 , :0042022F , :0042044E
|:004205F4 , :00420720
|
<============原來有這麼多地方來到這裡,究竟是
哪一個呢,經測試是00405593,而其他幾個是幹什麼
的,請各位大俠幫助研究一下.下面轉到00405593:
:00403340 55
push ebp
:00403341 8BEC
mov ebp, esp
:00403343 83C4C0
add esp, FFFFFFC0
:00403346 53
push ebx
:00403347 56
push esi
:00403348 57
push edi
:00403349 894DC4
mov dword ptr [ebp-3C], ecx
:0040334C 8955FC
mov dword ptr [ebp-04], edx
:0040334F 8945C8
mov dword ptr [ebp-38], eax
:00403352 B8789F5100 mov eax,
00519F78
:00403357 E8406A0F00 call 004F9D9C
:0040335C C745E801000000 mov [ebp-18], 00000001
:00403363 8D55FC
lea edx, dword ptr [ebp-04]
:00403366 8D45FC
lea eax, dword ptr [ebp-04]
:00403369 E87A421100 call 005175E8
:0040336E FF45E8
inc [ebp-18]
:00403371 66C745DC0800 mov [ebp-24],
0008
:00403377 8B4DC4
mov ecx, dword ptr [ebp-3C]
:0040337A B201
mov dl, 01
* Possible StringData Ref from Data Obj ->"?L"
|
:0040337C A154205200 mov eax,
dword ptr [00522054]
:00403381 E8069A0100 call 0041CD8C
:00403386 8945C0
mov dword ptr [ebp-40], eax
:00403389 66C745DC1400 mov [ebp-24],
0014
:0040338F 66C745DC2000 mov [ebp-24],
0020
:00403395 8D55FC
lea edx, dword ptr [ebp-04]
:00403398 8D45F8
lea eax, dword ptr [ebp-08]
:0040339B E848421100 call 005175E8
:004033A0 FF45E8
inc [ebp-18]
:004033A3 8B10
mov edx, dword ptr [eax]
:004033A5 8B4DC0
mov ecx, dword ptr [ebp-40]
:004033A8 8B81DC020000 mov eax, dword
ptr [ecx+000002DC]
:004033AE E8A16B0B00 call 004B9F54
:004033B3 FF4DE8
dec [ebp-18]
:004033B6 8D45F8
lea eax, dword ptr [ebp-08]
:004033B9 BA02000000 mov edx,
00000002
:004033BE E84D431100 call 00517710
:004033C3 8B55C0
mov edx, dword ptr [ebp-40]
:004033C6 8B45C8
mov eax, dword ptr [ebp-38]
:004033C9 E81E230000 call 004056EC
:004033CE 8B45C0
mov eax, dword ptr [ebp-40]
:004033D1 8B10
mov edx, dword ptr [eax]
:004033D3 FF92D8000000 call dword ptr
[edx+000000D8] <========彈出過期提示框
往上看是哪裡跳過來的
:004033D9 66C745DC0800 mov [ebp-24],
0008
:004033DF 8B4DC0
mov ecx, dword ptr [ebp-40]
:004033E2 894DF0
mov dword ptr [ebp-10], ecx
:004033E5 837DF000 cmp
dword ptr [ebp-10], 00000000
:004033E9 7421
je 0040340C
:004033EB 8B45F0
mov eax, dword ptr [ebp-10]
:004033EE 8B10
mov edx, dword ptr [eax]
:004033F0 8955F4
mov dword ptr [ebp-0C], edx
:004033F3 66C745DC3800 mov [ebp-24],
0038
===========================================================================================
:00405546 8D45C8
lea eax, dword ptr [ebp-38]
:00405549 5A
pop edx
:0040554A E869000000 call 004055B8
<=============跟進看看
:0040554F 84C0
test al, al <============測試al是否為零
:00405551 7445
je 00405598 <============al為零,表示沒過期,跳過過期提示框
什麼時候給al賦值,跟進上面的call看看
:00405553 66C745E42000 mov [ebp-1C],
0020
:00405559 8D45F8
lea eax, dword ptr [ebp-08]
:0040555C E8FFC7FFFF call 00401D60
:00405561 8BD0
mov edx, eax
:00405563 FF45F0
inc [ebp-10]
* Possible Reference to String Resource ID=30104: " ?Q?www.sky.net.cn)
}"
|
:00405566 B898750000 mov eax,
00007598
:0040556B E8906A0E00 call 004EC000
:00405570 8D55F8
lea edx, dword ptr [ebp-08]
:00405573 8D45FC
lea eax, dword ptr [ebp-04]
:00405576 E8C5211100 call 00517740
:0040557B FF4DF0
dec [ebp-10]
:0040557E 8D45F8
lea eax, dword ptr [ebp-08]
:00405581 BA02000000 mov edx,
00000002
:00405586 E885211100 call 00517710
:0040558B 33C9
xor ecx, ecx
:0040558D 8B55FC
mov edx, dword ptr [ebp-04]
:00405590 8B45D0
mov eax, dword ptr [ebp-30]
:00405593 E8A8DDFFFF call 00403340
<=================這裡呼叫
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00405551(C)
|
:00405598 FF4DF0
dec [ebp-10]
=====================================================================================
* Referenced by a CALL at Address:
|:0040554A
|
:004055B8 55
push ebp
:004055B9 8BEC
mov ebp, esp
:004055BB 83C4F8
add esp, FFFFFFF8
:004055BE 8955F8
mov dword ptr [ebp-08], edx
:004055C1 8945FC
mov dword ptr [ebp-04], eax
:004055C4 8B45FC
mov eax, dword ptr [ebp-04]
:004055C7 DD00
fld qword ptr [eax]
:004055C9 8B55F8
mov edx, dword ptr [ebp-08]
:004055CC DC1A
fcomp qword ptr [edx]
:004055CE DFE0
fstsw ax
:004055D0 9E
sahf
:004055D1 0F97C0
seta al
:004055D4 83E001
and eax, 00000001 <==========這裡eax和00000001與一下,
要al為零,將程式碼改為: and eax, 00000000
就可使程式永不過期.即將83E001改為83E000
:004055D7 59
pop ecx
:004055D8 59
pop ecx
:004055D9 5D
pop ebp
:004055DA C3
ret
這樣將1改為0,只改一個位元組使天網防火牆2.4.6永不過期.
相關文章
- Centos6防火牆基本配置2019-01-25CentOS防火牆
- Oracle 密碼永不過期設定2019-09-26Oracle密碼
- oracle如何修改單個使用者密碼永不過期2021-09-09Oracle密碼
- Nmap繞過防火牆掃描2020-10-10防火牆
- 防火牆 | 網路協議2020-11-09防火牆協議
- Redis 中如何讓訊息永不過期2024-07-04Redis
- WAb防火牆與傳統防火牆2022-12-30防火牆
- 防火牆2024-11-01防火牆
- 網路安全——防火牆詳解2023-03-07防火牆
- 伺服器防火牆設定一網打盡2019-02-25伺服器防火牆
- Linux系統中,修改密碼永不過期2024-06-29Linux密碼
- centos6和7的防火牆開關2018-08-22CentOS防火牆
- 一個位元組的網路漫遊故事獨白2019-03-02
- Nginx + Lua 搭建網站WAF防火牆2019-08-05Nginx網站防火牆
- 內網滲透-防火牆資訊2020-12-06內網防火牆
- 防火牆入侵於檢測——————3、思科 PIX 防火牆和 ASA 防火牆產品線2018-06-20防火牆
- 防火牆iptables2024-12-05防火牆
- 防火牆配置2024-07-19防火牆
- 防火牆(firewall)2023-03-07防火牆
- iptables防火牆2024-05-22防火牆
- 天翼雲Web應用防火牆(邊緣雲版)通過首批可信認證2022-06-27Web防火牆
- 1、iptables-基礎-包過濾防火牆-四層防火牆(只支援4層協議)2024-05-25防火牆協議
- win10 防火牆設定方法_win10怎麼設定網路防火牆2020-06-30Win10防火牆
- WAF與網路防火牆的區別2023-02-20防火牆
- 淺談下一代防火牆與Web應用防火牆的區別2024-02-29防火牆Web
- 6k Star!B站、滴滴、小紅書都在用的網站防火牆2023-11-22網站防火牆
- Linux配置防火牆2024-07-13Linux防火牆
- 防火牆部署案例2024-06-29防火牆
- Linux防火牆命令2024-03-10Linux防火牆
- 防火牆介紹2023-03-07防火牆
- LINUX 防火牆 firewalld2022-12-28Linux防火牆
- CentOS 防火牆操作2019-12-26CentOS防火牆
- CentOS 7.0防火牆2018-03-20CentOS防火牆
- win10如何關閉域防火牆_win10域網路防火牆關閉方法2020-09-06Win10防火牆
- 【網路安全】什麼Web應用防火牆?它與雲防火牆有什麼差異?2022-02-17Web防火牆
- 防火牆入侵於檢測————6、Access Control Lists and Content Filtering2018-06-20防火牆Filter
- 防火牆(360天堤)雙因素身份認證解決方案2020-09-25防火牆
- ubuntu 關閉防火牆命令 ubuntu怎樣關閉防火牆2022-02-16Ubuntu防火牆
- windows10網路防火牆在哪裡設定 windows10自帶網路防火牆怎麼設定2020-10-16Windows防火牆