My Flash player 1.3 完全破解 (5千字)
My Flash player 1.3 完全破解
=================================================
轉載請保持完整,歡迎交流
peiyou henan china
透過用dede3.0檢視系用delphi6.0語言寫成,用dede和exe2dpr反編均不成功,用w32dasm檢視成功,找到如下資訊:
加密特徵:安裝後只能用20次,超過20次自動關閉
加密分析:本程式未在登錄檔中做加密,幫如果儲存壓縮版本,每次過期後刪除原來目錄解壓後仍可用20次,它是在安裝目錄下的config目錄的config.ini檔案裡做了加密,具體是utflash項,後面是加密的字串。
:00466D56 2D96000000 sub eax,
00000096
:00466D5B B905000000 mov ecx,
00000005
:00466D60 99
cdq
:00466D61 F7F9
idiv ecx
:00466D63 8BC8
mov ecx, eax
:00466D65 85C9
test ecx, ecx
:00466D67 7E08
jle 00466D71=====>關鍵CAll: offset 66167H
如果次數用完則掉
:00466D69 81F9C8000000 cmp ecx, 000000C8
:00466D6F 7E19
jle 00466D8A=====>關鍵CAll: offset 6616FH
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00466D67(C)
|
* Possible StringData Ref from Code Obj ->"你的使用次數已到!
請註冊"
|
:00466D71 B8BC6F4600 mov eax,
00466FBC
:00466D76 E881EFFCFF call 00435CFC
:00466D7B A154214700 mov eax,
dword ptr [00472154]
:00466D80 8B00
mov eax, dword ptr [eax]
:00466D82 8B10
mov edx, dword ptr [eax]
:00466D84 FF92E8000000 call dword ptr
[edx+000000E8]
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00466D52(C), :00466D6F(C)
|
:00466D8A 83FFFF
cmp edi, FFFFFFFF
:00466D8D 0F85A5000000 jne 00466E38
:00466D93 8BC3
mov eax, ebx
:00466D95 2D96000000 sub eax,
00000096 減96H(150)
:00466D9A B905000000 mov ecx,
00000005
:00466D9F 99
cdq
:00466DA0 F7F9
idiv ecx 除以5
:00466DA2 85C0
test eax, eax
:00466DA4 0F8E8E000000 jle 00466E38
:00466DAA 8BC3
mov eax, ebx
:00466DAC 2D96000000 sub eax,
00000096
:00466DB1 B905000000 mov ecx,
00000005
:00466DB6 99
cdq
:00466DB7 F7F9
idiv ecx
:00466DB9 3DC8000000 cmp eax,
000000C8 是否等於C8H(200)
:00466DBE 7F78
jg 00466E38
:00466DC0 6A00
push 00000000
* Possible StringData Ref from Code Obj ->"你還能使用"
|
:00466DC2 68E06F4600 push 00466FE0
:00466DC7 8BC3
mov eax, ebx
:00466DC9 2D96000000 sub eax,
00000096
:00466DCE B905000000 mov ecx,
00000005
:00466DD3 99
cdq
:00466DD4 F7F9
idiv ecx
:00466DD6 8D55E0
lea edx, dword ptr [ebp-20]
:00466DD9 E87220FAFF call 00408E50
:00466DDE FF75E0
push [ebp-20]
:00466DE1 68F46F4600 push 00466FF4
:00466DE6 6800704600 push 00467000
* Possible StringData Ref from Code Obj ->"只需五分鐘就可完成註冊!"
|
:00466DEB 680C704600 push 0046700C
:00466DF0 6800704600 push 00467000
* Possible StringData Ref from Code Obj ->" 現在註冊嗎?"
|
:00466DF5 6830704600 push 00467030
:00466DFA 8D45E4
lea eax, dword ptr [ebp-1C]
:00466DFD BA07000000 mov edx,
00000007
:00466E02 E8BDDCF9FF call 00404AC4
:00466E07 8B45E4
mov eax, dword ptr [ebp-1C]
:00466E0A 668B0D40704600 mov cx, word ptr
[00467040]
:00466E11 B203
mov dl, 03
:00466E13 E8ECEDFCFF call 00435C04
:00466E18 83F806
cmp eax, 00000006
:00466E1B 7518
jne 00466E35
:00466E1D A154214700 mov eax,
dword ptr [00472154]
:00466E22 8B00
mov eax, dword ptr [eax]
:00466E24 E8EF1BFFFF call 00458A18
:00466E29 A154214700 mov eax,
dword ptr [00472154]
:00466E2E 8B00
mov eax, dword ptr [eax]
:00466E30 E803FDFFFF call 00466B38
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00466E1B(C)
|
:00466E35 83EB05
sub ebx, 00000005
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:00466D8D(C), :00466DA4(C), :00466DBE(C)
|
:00466E38 83FFFF
cmp edi, FFFFFFFF
把以上兩處關鍵CALL改掉就可以了!
應這樣改:7E 08 改 90 90 另 7E 19 改 90 19
暴破完成,執行一下,完全成功.
暴破總覺得不爽,隨決定跟出註冊演算法或註冊碼,從表面上看有要機器碼,想著註冊碼是用機器碼算的,一跟蹤笑了,原來是因定註冊碼:
:004669F2 0578030000 add eax,
00000378
:004669F7 3BC6
cmp eax, esi
:004669F9 7446
je 00466A41
:004669FB 81FEBD56B800 cmp esi, 00B856BD===>在這裡下
? b856bd
得到註冊碼 '12080829'
:00466A01 7532
jne 00466A35
* Possible StringData Ref from Code Obj ->"感謝註冊!"
|
:00466A03 B8D86A4600 mov eax,
00466AD8
:00466A08 E8EFF2FCFF call 00435CFC
:00466A0D 56
push esi
試著在註冊頁面填入12080829,註冊成功.
好爽!!!!!!
http://peiyou.myetang.com
peiyou henan china
相關文章
- 繼 My Flash player 1.3 破解 (2千字)2002-04-09
- 金山毒霸試用版完全破解 (5千字)2001-07-16
- 破解All to Wma Coverter 1.3 (2千字)2001-10-22
- winimage完全破解 (8千字)2001-07-04
- 有誰能名將它完全破解了 (5千字)2000-08-26
- my flash website2007-09-01Web
- 流光 4.5 完全破解 (15千字)2002-08-24
- Restools系列完全破解~~~~~~~~~~~~~~~~~~~~~~~ (12千字)2002-03-03REST
- Regediter 1.3 破解(得到註冊碼) (9千字)2002-01-23
- PolyView 破解 (5千字)2000-12-31View
- 破解MyMahj (5千字)2001-06-20
- 【張亞飛】 Adobe Flash Player和Flash Player 檢測工具包2008-06-04
- install flash player for linux2006-07-09Linux
- 破解TurboLaunch 4.04 (5千字)2001-06-06
- oicq build 0425 的不完全破解 (3千字)2000-05-28UI
- flash player win10如何安裝_在win10下怎樣安裝flash player2020-07-22Win10
- 破解入門5 (3千字)2000-09-23
- duelist crackme 1 破解 (5千字)2000-10-16
- IPTools 1.10 破解 (5千字)2001-02-11
- see This 破解實戰! (5千字)2000-06-26
- 如何破解CuteFTP 4.0 (5千字)2000-07-20FTP
- H******** 4.01.11的不完全破解 (4千字)2001-04-14
- AT2000的不完全破解! (2千字)2001-06-19
- 流光2001完全暴力破解 (3千字)2001-08-14
- Offline Explorer 1.3 230破解實戰 (3千字)2000-07-08
- PolyView再破解---請指教 (5千字)2001-01-02View
- 我的破解心得(5) (16千字)2001-03-13
- 破解XFtpSvr =====> 請進 (5千字)2001-07-01FTPVR
- 破解MailScan V3.5.1.2 (5千字)2001-08-31AI
- 破解flash32(抓圖軟體)實站錄 (2千字)2000-05-28
- picturetoexe v3.60 beta #2不完全破解 (2千字)2001-04-30
- 破解Offline Explorer1.3實戰錄(簡單) (1千字)2000-09-04
- WinPowerDown完全破解2003-08-31
- Linux-chromium(谷歌) install flash player2017-12-21Linux谷歌
- adobe flash player 安裝失敗2012-08-02
- Fedora22如何安裝Adobe Flash Player?Fedora22安裝Adobe Flash Player的方法2020-06-21
- jdpack的脫殼及破解 (5千字)2002-06-25
- 談談VB程式的破解 (5千字)2002-10-28