標 題:GaitCD破解全過程(installshield) (3千字)
發信人:BurSH
時 間:2004-01-29 17:09:18
詳細資訊:
軟體名稱 : GaitCD
軟體介紹 :標題:[求助]誰會算serial??? 內容:"有盤CD,SERIAL丟了,現在公司也關了,誰會算SERIAL, 謝謝。。。 "
So,我只是幫忙,也不知道這個軟體是作什麼的?:P
網址:http://www.google.com
破解人:BurSH (於2004.1.29)
所屬組織:FCG-CCG-BCG-OCN-DFCG
破解工具:isDcc 2.10
⑴ 用isDcc 2.10 反編譯installshield 指令碼setup.ins
⑵查詢字元Serial,來到這裡:
label11: //Ref: 000F99 001040 001079
000FB0:00B5: function105();------------------->呼叫function105()
000FB8:0021: lNumber0 = LAST_RESULT;---------->lNumber0=返回值
000FC0:0128: lNumber1 = lNumber0 = 12;-------->lNumber0是否等於12?
000FD2:0022: if (lNumber1 = 0) then----------->不相等就跳到下面,提示出錯!!(0=False,1=True)
goto label12;
endif;
000FE0:002C: goto label10;-------------------->否則繼續安裝!!
label12: //Ref: 000FD2 ------------------------------>說明是從000FD2來的,就在上面.....
000FE9:0128: lNumber1 = lNumber0 = 0;
000FFB:0022: if (lNumber1 = 0) then
goto label13;
endif;
001009:002A: MessageBox("Serial number is incorrect. Check and retype.", -65534);
001040:002C: goto label11;
⑶來到function105()......
label11: //Ref: 000F99 001040 001079
000FB0:00B5: function105();
000FB8:0021: lNumber0 = LAST_RESULT;
000FC0:0128: lNumber1 = lNumber0 = 12;
000FD2:0022: if (lNumber1 = 0) then
goto label12;
endif;
000FE0:002C: goto label10;
// ------------- FUNCTION function105 --------------
function function105()
number lNumber0;
number lNumber1;
string lString0;
string lString1;
string lString2;
begin
001BCD:0013: string5 = "";
001BD5:0013: string6 = "";
001BDD:0013: lString0 = "";
001BE5:0013: lString1 = "";
001BED:0013: lString2 = "7907-8206-5207";--------------------------------->這串字元像什麼?!
001C03:00B5: function1(lString0, lString1, string5, string6, string7);---->經過分析function1是用來讀取姓名(string5),公司(string6),序列號(string7)的
001C1A:0021: lNumber0 = LAST_RESULT;-------------------------------------->lNumber0=返回值
001C22:0128: lNumber1 = lNumber0 = 12;------------------------------------>lNumber0是否等於12?
001C34:0022: if (lNumber1 = 0) then
goto label46;
endif;
001C42:0021: lNumber0 = 12;
001C4C:002C: goto label48;
label46: //Ref: 001C34
001C55:0128: lNumber1 = lNumber0 = 1;
001C67:0022: if (lNumber1 = 0) then
goto label48;
endif;
001C75:0023: StrCompare(lString2, string7);-------------------------------->字串比較!lString2就是上面001BED賦值的字串!而string7就是我們輸入的序列號!
001C7D:0021: lNumber1 = LAST_RESULT;--------------------------------------->lNumber1=返回值
001C85:0128: lNumber1 = lNumber1 = 0;
001C97:0022: if (lNumber1 = 0) then
goto label47;
endif;
001CA5:0021: lNumber0 = 1;001CAF:002C: goto label48;
label47: //Ref: 001C97
001CB8:0021: lNumber0 = 0;
label48: //Ref: 001C4C 001C67 001CAF
001CC6:012F: return(lNumber0);
001CCD:00B8: return;
end;
⑶所以得出結論,function105的作用是得到並比較我們輸入的序列號的合法性!正確的序列號是7907-8206-5207!