無名小兵V1.45 VB5 PCODE的破文一篇 (16千字)
破解物件:無名小兵V1.45 VB5 PCODE
使用工具 ONLY SOFTICE 4.05
可以用exdec 輔助分析
加密形式:註冊後校驗,在WINDOWS目錄下形成一個FILE!
我下的斷點是:bpx 799b4390
其實在好多地方都可以在VB裡看到假的註冊碼,
799ad9a7 可以到到假註冊碼
799b5a2e 可以到到假註冊碼
.
.
.
.
.
.
.
下面是exdec的輔助分析的資料
4292FB: 6b FLdI2
local_00CE
4292FE:
Lead2/3d Close
429300: 04 FLdRfVar
local_00C8
429303: 33 LdFixedStr
此處對應VB,可以看到你輸入的註冊碼
429306: 23 FStStrNoPop
local_015C
429309: 21 FLdPrThis
42930A: 0f VCallAd
text
42930D: 19 FStAdFunc
local_00D4
429310: 08 FLdPr
local_00D4
429313:
0d VCallHresult put__ipropTEXTEDIT
429318: 6c ILdRf
local_015C
42931B: 04 FLdRfVar
local_00C8
42931E: 47 StFixedStr
429321: 2f FFree1Str
local_015C
429324: 1a FFree1Ad
local_00D4
429327: f5 LitI4:
0xff 255 (....)
42932C: 04 FLdRfVar
local_00F8
42932F: 0a ImpAdCallFPR4:
_rtcSpaceVar
429334: 04 FLdRfVar
local_00F8
429337: 60 CStrVarTmp
429338: 31 FStStr
local_008C
42933B: 35 FFree1Var
local_00F8
42933E: f5 LitI4:
0xff 255 (....)
429343: 04 FLdRfVar
local_00F8
429346: 0a ImpAdCallFPR4: _rtcSpaceVar
42934B: 04 FLdRfVar
local_00F8
42934E: 60 CStrVarTmp
42934F: 31 FStStr
local_0090
429352: 35 FFree1Var
local_00F8
429355: 6c ILdRf
local_0090
429358: 4a FnLenStr
429359: 6c ILdRf
local_0090
42935C: 04 FLdRfVar
local_0170
42935F: 34 CStr2Ansi
429360: 6c ILdRf
local_0170
429363: f5 LitI4:
0x0 0 (....)
429368: 59 PopTmpLdAdStr local_016C
42936B: f5 LitI4:
0x0 0 (....)
429370: 59 PopTmpLdAdStr local_0168
429373: 04 FLdRfVar
local_00A0
429376: Lead1/22
CI4Var
429378: 59 PopTmpLdAdStr
local_0164
42937B: 6c ILdRf
local_008C
42937E: 4a FnLenStr
42937F: 6c ILdRf
local_008C
429382: 04 FLdRfVar
local_0160
429385: 34 CStr2Ansi
429386: 6c ILdRf
local_0160
429389: 1b LitStr:
c:\
42938C: 04 FLdRfVar
local_015C
42938F: 34 CStr2Ansi
429390: 6c ILdRf
local_015C
429393: 0a ImpAdCallFPR4:
SetWindowPos
429398: 3c SetLastSystemError
429399: 6c ILdRf
local_0160
42939C: 04 FLdRfVar
local_008C
42939F: Lead1/58 CStr2Uni
4293A1: 6c ILdRf
local_0164
4293A4: Lead2/69 CVarI4
local_00E8
4293A8: Lead2/00 FStVarCopy
4293AC: 6c
ILdRf local_0170
4293AF: 04 FLdRfVar
local_0090
4293B2: Lead1/58 CStr2Uni
4293B4:
32 FFreeStr
4293BD: 04 FLdRfVar
local_00A0
4293C0: Lead2/fe CStrVarVal
local_015C
4293C4: 21 FLdPrThis
4293C5: 0f VCallAd
text
4293C8: 19 FStAdFunc
local_00D4
4293CB: 08 FLdPr
local_00D4
4293CE: 0d VCallHresult
put__ipropTEXTEDIT
4293D3: 2f FFree1Str
local_015C
4293D6: 1a FFree1Ad
local_00D4
4293D9: 04 FLdRfVar
local_015C
4293DC: 21 FLdPrThis
4293DD: 0f VCallAd
text
4293E0: 19 FStAdFunc
local_00D4
4293E3: 08 FLdPr
local_00D4
4293E6:
0d VCallHresult get__ipropTEXTEDIT
4293EB: 3e FLdZeroAd local_015C
4293EE: 46 CVarStr
local_00F8 註冊碼1?
4293F1: 04 FLdRfVar
local_0118
4293F4: 0a ImpAdCallFPR4:
_rtcTrimVar
4293F9: 04 FLdRfVar
local_0118
4293FC: Lead1/f6 FStVar
429400: 1a FFree1Ad
local_00D4
429403: 35 FFree1Var
local_00F8
429406: f5 LitI4:
0x2 2 (....)
42940B:
04 FLdRfVar local_00A0
42940E: 04 FLdRfVar
local_00F8
429411: 0a ImpAdCallFPR4: _rtcLeftCharVar
429416: 04 FLdRfVar
local_00F8
429419: Lead1/45 FnCIntVar
42941B:
f4 LitI2_Byte: 0x63 99 (c)
42941D: b1 MulI2
42941E: Lead0/fc CStrI2
429420: 23
FStStrNoPop local_015C 註冊碼2?
429423: 04 FLdRfVar local_00A0
429426: Lead1/4b FnCStrVar
429428: 23 FStStrNoPop
local_0160 註冊碼1?
42942B: 2a ConcatStr
42942C: 46 CVarStr
local_0118 註冊碼2+註冊碼1
42942F:
Lead1/f6 FStVar
429433: 32 FFreeStr
42943A: 36 FFreeVar
429441: 04 FLdRfVar
local_00A0
429444: 04 FLdRfVar
local_015C
429447: 21 FLdPrThis
429448: 0f VCallAd
text
42944B: 19 FStAdFunc
local_00D4
42944E: 08 FLdPr
local_00D4
429451: 0d VCallHresult
get__ipropTEXTEDIT
429456: 3e FLdZeroAd
local_015C
429459: 46 CVarStr
local_00F8 你輸入的註冊碼
42945C: 04 FLdRfVar local_0118
42945F: 0a ImpAdCallFPR4: _rtcTrimVar
429464: 04 FLdRfVar local_0118
429467: Lead1/4b FnCStrVar
429469: 46 CVarStr
local_0138 你輸入的註冊碼
42946C: 5d HardType
42946D:
Lead0/33 EqVarBool
42946F: 1a FFree1Ad
local_00D4
429472: 36 FFreeVar
42947D: 1c BranchF:
4294BC 如果真碼和假碼不同就跳走
429480: f4 LitI2_Byte:
0x0 0 (.)
429482: 21 FLdPrThis
429483: 0f VCallAd
(object 3 )
429486: 19 FStAdFunc
local_00D4
429489: 08 FLdPr
local_00D4
42948C:
0d VCallHresult 禚d
429491: 1a FFree1Ad
local_00D4
429494: f4 LitI2_Byte:
0x0 0 (.)
429496: 21 FLdPrThis
429497: 0f VCallAd
menu
42949A: 19 FStAdFunc
local_00D4
42949D: 08 FLdPr
local_00D4
4294A0:
0d VCallHresult put__ipropENABLEDMENU
4294A5: 1a FFree1Ad
local_00D4
4294A8: f4 LitI2_Byte:
0x0 0 (.)
4294AA: 21 FLdPrThis
4294AB: 0f VCallAd
menu
4294AE: 19 FStAdFunc
local_00D4
4294B1: 08 FLdPr
local_00D4
4294B4: 0d VCallHresult
put__ipropENABLEDMENU
4294B9: 1a FFree1Ad
local_00D4
4294BC: 04 FLdRfVar
local_015C
4294BF: 04 FLdRfVar
local_00D4
4294C2: 05 ImpAdLdRf:
42c63c
4294C5: 24 NewIfNullPr
41e8f0
4294C8: 0d VCallHresult
CVBApplication::get_App
4294CD: 08 FLdPr
local_00D4
4294D0:
0d VCallHresult CVBApplication::geD4$?(id
4294D5: 6c ILdRf
local_015C
4294D8: 4a FnLenStr
4294D9: f5 LitI4:
0x3 3 (....)
4294DE: db GtI4
4294DF: 2f FFree1Str
local_015C
4294E2: 1a FFree1Ad
local_00D4
4294E5: 1c BranchF:
429599
4294E8: 04 FLdRfVar
local_0180
4294EB: Lead1/22
CI4Var
4294ED: 59 PopTmpLdAdStr
local_0164
4294F0: 1b LitStr:
Software\Microsoft\Windows\CurrentVersion\Run
4294F3: 04 FLdRfVar
local_015C
4294F6: 34 CStr2Ansi
4294F7: 6c ILdRf
local_015C
4294FA: f5 LitI4:
0x80000002 -2147483646
(....)
4294FF: 0a ImpAdCallFPR4: RegSetValueExA
429504: 3c SetLastSystemError
429505: 6c ILdRf
local_0164
429508: Lead2/69
CVarI4 local_00E8
42950C: Lead2/00
FStVarCopy
429510: 2f FFree1Str
local_015C
429513: 04 FLdRfVar
local_015C
429516: 04 FLdRfVar
local_00D4
429519: 05 ImpAdLdRf:
42c63c
42951C: 24 NewIfNullPr
41e8f0
42951F: 0d VCallHresult
CVBApplication::get_App
429524: 08 FLdPr
local_00D4
429527:
0d VCallHresult CVBApplication::geD4$?(id
42952C: 04 FLdRfVar
local_0160
42952F: 04 FLdRfVar
local_0184
429532: 05 ImpAdLdRf:
42c63c
429535: 24 NewIfNullPr
41e8f0
429538: 0d VCallHresult
CVBApplication::get_App
42953D: 08 FLdPr
local_0184
429540: 0d VCallHresult
CVBApplication::g184$?(id
429545: 6c ILdRf
local_0160
429548:
1b LitStr: \
42954B:
2a ConcatStr
42954C: 23 FStStrNoPop
local_0170
42954F: 4a FnLenStr
429550: 6c ILdRf
local_015C
429553: 1b LitStr:
\
429556: 2a ConcatStr
429557: 23 FStStrNoPop
local_018C
42955A: 04 FLdRfVar
local_0190
42955D: 34 CStr2Ansi
42955E: 6c ILdRf
local_0190
429561: f5 LitI4:
0x1 1 (....)
429566: f5 LitI4:
0x0 0 (....)
42956B: 1b LitStr:
42956E: 04 FLdRfVar
local_0188
429571: 34 CStr2Ansi
429572: 6c ILdRf
local_0188
429575: 04 FLdRfVar
local_0180
429578: Lead1/22 CI4Var
42957A: 0a ImpAdCallFPR4:
Shell_NotifyIconA
42957F: 3c SetLastSystemError
429580: 32 FFreeStr
42958F: 29 FFreeAd:
429596: 1e Branch:
429673
429599: 04 FLdRfVar
local_015C
42959C: 04 FLdRfVar
local_00D4
42959F: 05 ImpAdLdRf:
42c63c
4295A2: 24 NewIfNullPr
41e8f0
4295A5: 0d VCallHresult
CVBApplication::get_App
4295AA: 08 FLdPr
local_00D4
4295AD:
0d VCallHresult CVBApplication::geD4$?(id
4295B2: 6c ILdRf
local_015C
4295B5: 4a FnLenStr
4295B6: f5 LitI4:
0x3 3 (....)
4295BB: c7 EqI4
4295BC: 2f FFree1Str
local_015C
4295BF: 1a FFree1Ad
local_00D4
4295C2: 1c BranchF:
429673
4295C5: 04 FLdRfVar
local_0180
4295C8: Lead1/22
CI4Var
4295CA: 59 PopTmpLdAdStr
local_0164
4295CD: 1b LitStr:
Software\Microsoft\Windows\CurrentVersion\Run
4295D0: 04 FLdRfVar
local_015C
4295D3: 34 CStr2Ansi
4295D4: 6c ILdRf
local_015C
4295D7: f5 LitI4:
0x80000002 -2147483646
(....)
4295DC: 0a ImpAdCallFPR4: RegSetValueExA
4295E1: 3c SetLastSystemError
4295E2: 6c ILdRf
local_0164
4295E5: Lead2/69
CVarI4 local_00E8
4295E9: Lead2/00
FStVarCopy
4295ED: 2f FFree1Str
local_015C
4295F0: 04 FLdRfVar
local_015C
4295F3: 04 FLdRfVar
local_00D4
4295F6: 05 ImpAdLdRf:
42c63c
4295F9: 24 NewIfNullPr
41e8f0
4295FC: 0d VCallHresult
CVBApplication::get_App
429601: 08 FLdPr
local_00D4
429604:
0d VCallHresult CVBApplication::geD4$?(id
429609: 04 FLdRfVar
local_0160
42960C: 04 FLdRfVar
local_0184
42960F: 05 ImpAdLdRf:
42c63c
429612: 24 NewIfNullPr
41e8f0
429615: 0d VCallHresult
CVBApplication::get_App
42961A: 08 FLdPr
local_0184
42961D: 0d VCallHresult
CVBApplication::g184$?(id
429622: 6c ILdRf
local_0160
429625:
1b LitStr:
429628: 2a ConcatStr
429629:
23 FStStrNoPop local_0170
42962C:
4a FnLenStr
42962D: 6c ILdRf
local_015C
429630:
1b LitStr:
429633: 2a ConcatStr
429634:
23 FStStrNoPop local_018C
429637:
04 FLdRfVar local_0190
42963A: 34 CStr2Ansi
42963B: 6c ILdRf
local_0190
42963E: f5 LitI4:
0x1 1 (....)
429643: f5 LitI4:
0x0 0 (....)
429648:
1b LitStr:
42964B: 04 FLdRfVar local_0188
42964E: 34 CStr2Ansi
42964F: 6c ILdRf
local_0188
429652: 04 FLdRfVar
local_0180
429655: Lead1/22 CI4Var
429657: 0a ImpAdCallFPR4: Shell_NotifyIconA
42965C: 3c SetLastSystemError
42965D: 32 FFreeStr
42966C: 29 FFreeAd:
429673: 27 LitVar_Missing
429676: 25 PopAdLdVar
429677:
27 LitVar_Missing
42967A: 25 PopAdLdVar
42967B: 08 FLdPr
local_param_0008
42967E: 0d VCallHresult
禚d
429683: f5 LitI4:
0x0 0 (....)
429688:
04 FLdRfVar local_0088
42968B: f5 LitI4:
0xc350 50000 (...P)
429690: Lead3/64 ForI4:
(when done) 4296A3
429696: 0a ImpAdCallFPR4:
_rtcDoEvents
42969B: 04 FLdRfVar
local_0088
42969E: 66 NextI4:
(continue loop) 429696
4296A3:
08 FLdPr local_param_0008
4296A6: 0d VCallHresult 禚d
4296AB: f4 LitI2_Byte: 0x0 0
(.)
4296AD: 08 FLdPr
local_param_0008
4296B0: 8e MemStI2
local_param_0034
4296B3: f4 LitI2_Byte:
0x0 0 (.)
4296B5: 08 FLdPr
local_param_0008
4296B8: 8e MemStI2 local_param_0036
4296BB: 08 FLdPr
local_param_0008
4296BE: 06 MemLdRfVar
local_param_0038
4296C1: 71 FStR4
local_019C
4296C4: f5 LitI4:
0x58 88 (...X)
4296C9: 99 FMemStI4
4296CE:
04 FLdRfVar local_0164
4296D1: 08 FLdPr
local_param_0008
4296D4: 0d VCallHresult
禚d
4296D9: 6c ILdRf
local_0164
4296DC: 99 FMemStI4
4296E1: f5 LitI4:
0x0 0 (....)
4296E6: 99 FMemStI4
4296EB: f5 LitI4:
0x7 7 (....)
4296F0:
99 FMemStI4
4296F5: f5 LitI4:
0x200 512
(....)
4296FA: 99 FMemStI4
4296FF: 04 FLdRfVar
local_00D4
429702: 08 FLdPr
local_param_0008
429705: 0d VCallHresult
禚d
42970A: 08 FLdPr
local_00D4
42970D: 61 LateIdLdVar
429714: Lead1/22 CI4Var
429716: 99 FMemStI4
42971B: 1a FFree1Ad
local_00D4
42971E: 35 FFree1Var
local_00F8
429721: 3a LitVarStr:
( local_00E8 )
429726: f5 LitI4:
0x0 0 (....)
42972B: 04 FLdRfVar
local_00F8
42972E: 0a ImpAdCallFPR4:
_rtcVarBstrFromAnsi
429733: 04 FLdRfVar
local_00F8
429736: Lead0/ef
ConcatVar
42973A: 60 CStrVarTmp
42973B: 23 FStStrNoPop
local_015C
42973E: 07 FMemLdRf
429743: 47 StFixedStr
429746: 2f FFree1Str local_015C
429749: 36 FFreeVar
429750: f5 LitI4:
0x0 0 (....)
429755: 71 FStR4
local_019C
429758:
08 FLdPr local_param_0008
42975B: 06 MemLdRfVar local_param_0038
42975E: 04 FLdRfVar
local_01F4
429761: 1f CRec2Ansi
429764: 04 FLdRfVar
local_01F4
429767: f5 LitI4:
0x0 0 (....)
42976C: 0a ImpAdCallFPR4:
RegDeleteKeyA
429771: 3c SetLastSystemError
429772: 04 FLdRfVar
local_01F4
429775: 08 FLdPr
local_param_0008
429778: 06 MemLdRfVar
local_param_0038
42977B: 20 CRec2Uni
42977E: 13 ExitProcHresult
其實如果爆破的話就只要改一個位元組就行了,我就是這麼做的
42947D: 1c
BranchF: 4294BC 1c
改 1D
關?
相關文章
- 破文一篇:易經八卦占卜程式7.0的破解(高手莫入) (8千字)2001-08-31
- 我的第一篇破文easyoffice 2001 高手莫入!! (1千字)2001-11-04
- 網路螞蟻 [netant]1.25去廣告的兩種方法 破文一篇 (1千字)2002-06-22
- 我的第一篇破文,獻給看學學院! 高手免進! (2千字)2002-06-29
- 我的第一篇破文,獻給看學學院的!^_^高手免進! (10千字)2015-11-15
- Guitar Pro v3.0 的破文 (11千字)2001-09-08GUI
- Anfy Java applet v1.45 (7千字)2001-02-19JavaAPP
- 我的第2篇破文 高手莫入!! (3千字)2001-11-11
- 再貼一篇譯文 (1千字)2000-09-10
- 用smartcheck破《財神電話薄》(用pcode編的) (965字)2002-01-30
- 破文三,高手莫入,非常簡單 (2千字)2001-08-01
- 我和pcode的第一次――:) (5千字)2002-09-23
- VB Pcode破解方法及例項 (5千字)2001-06-16
- 用ollydbg破《財神電話薄》(用pcode編的) (923字)2002-02-08
- 菜弟破文之二(速存QuickSave) (3千字)2001-09-21UI
- 用DeDe破解------Ativa Pro v3.18 的破文 (8千字)2001-08-29
- 再貼一篇cd-chcek破解譯文 (4千字)2000-08-27
- Guitar Pro v3.0 的破文-----這一回真的破了 (12千字)2001-09-14GUI
- blowfish大蝦,請問能否解決掉此pcode的NAG? (5千字)2001-04-26
- 《奧數2000》註冊碼的計算(VB5程式)
(6千字)2015-11-15
- 一個遊戲的破解,SolSuite 2002。破文處女篇 (3千字)2002-03-26遊戲UI
- 申請加入BCG破文第一篇:滑鼠增強工具MouseStar 2.1破解過程。請老大多多指教。 (7千字)2001-07-27
- 找尋3DMark2001se的註冊碼,第一篇破文!2003-06-293D
- The Works 全攻略-破文第二篇(初學者適用) (3千字)2015-11-15
- 放上Ken的一篇smc教程!也可以參考看雪放過Heibow的一篇破aspack2000的文章!
(4千字)2000-08-18
- 我的第3篇破文 cr--CJSFormater 高手請指導、指導!! (4千字)2001-11-24JSORM
- 四個簡單的VB6 PCODE的crackme的2 Nag, 2 Code的破解。 (5千字)2001-10-14
- 2016綜藝IP前瞻:貧富差距拉大 大哥吃肉小兵喝湯2016-02-03
- 貼一篇不完整的――從SemCAD1.4的暴破談FlexLM 7.2保護的破解
(10千字)2002-06-06Flex
- 轉貼一篇:FlashFXP v1.4.1 build 823 的脫殼與破解 (16千字)2001-12-30UI
- 《AceReader V4.5》破文+序號產生器原始碼 (12千字)2015-11-15原始碼
- 兩種破解 花貓時間精靈 v1.0 功能限制的方法,本人獻給破解初學者的第一篇破文!高手請匆入內~~
(24千字)2001-10-26
- 申請加入CNCG破文-小李登錄檔大師D註冊碼法 (2千字)2001-11-07
- 如何破“平安全息萬年曆”這個VB5的軟體。內有下載地址。 (119字)2000-06-26
- 一篇破解入門 (7千字)2000-09-04
- 我的破解心得(5) (16千字)2001-03-13
- 小小助手V2.01的破解過程-----算是我留給初學者的一偏破文
(7千字)2015-11-15
- 一篇SMC補丁方法的教程
(7千字)2015-11-15