模板
教程
环境
性能
功能
管理
易网通行V1.1笔记
【下载页面】 http://www.skycn.com/soft/12461.html" 【软件限制】:30次 【文章作者】:辉仔Yock[DFCG][YCG] 【作者声明】:本人发表这篇文章只是为了学习和研究!!!请不用于商业用途或是将本文方法制作的注册机任意传播,读者看了文章后所做的事情与我无关,
【下载页面】
http://www.skycn.com/soft/12461.html"
【软件限制】:30次
【文章作者】:辉仔Yock[DFCG][YCG]
【作者声明】:本人发表这篇文章只是为了学习和研究!!!请不用于商业用途或是将本文方法制作的注册机任意传播,读者看了文章后所做的事情与我无关,我也不会负责,请读者看了文章后三思而后行!最后希望大家在经济基础好的时候,支持共享软件!
【破解工具】:Ollydbg W32Dasm
—————————————————————————————————
【过 程】:
主程序没有加壳(呵呵,我喜欢),用Microsoft Visual C++ 6.0写的!
用W32Dasm反之,根据参考字串很快找到关键!
用Ollydbg加载后按F9运行主程序,然后选择注册,填上注册码后,下断点00421EFD
然后按注册拦下:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00421F1E(C)
|
:00421EFD 8B0D54F94800 mov ecx, dword ptr [0048F954]
:00421F03 8B542408 mov edx, dword ptr [esp+08]
:00421F07 8B040E mov eax, dword ptr [esi+ecx]
:00421F0A 50 push eax
//真码"ADTUY-65II9-UIYT8"
//这个程序是固定的注册码的!
:00421F0B 52 push edx
//我输入的"987654321ABCDEF"
:00421F0C E8D4120100 call 004331E5
//很明显,真假注册码比较的过程
:00421F11 83C408 add esp, 00000008
:00421F14 85C0 test eax, eax
//这里是注册标志比较
:00421F16 744C je 00421F64
//这里就是跳向注册成功那里的!
:00421F18 83C604 add esi, 00000004
:00421F1B 83FE50 cmp esi, 00000050
:00421F1E 7CDD jl 00421EFD
:00421F20 8B54240C mov edx, dword ptr [esp+0C]
:00421F24 52 push edx
* Reference To: ADVAPI32.RegCloseKey, Ord:015Bh
|
:00421F25 FF1514004700 Call dword ptr [00470014]
:00421F2B 6A00 push 00000000
:00421F2D 6A00 push 00000000
* Possible StringData Ref from Data Obj ->"注册码不正确"
|
:00421F2F 6820CA4800 push 0048CA20
------------------------------------------------------------------
【总 结】:
注册信息和使用次数保存在:
HKEY_USERS\S-1-5-21-1771291178-2842139884-1659506921-500\Software\NetPass\NetPass\Settings\passkey
//这个是win2003操作系统的!
HKEY_CURRENT_USER\Software\NetPass\NetPass\Settings
//这个是winme操作系统的!
内存注册机:
中断地址:00421F0B
中断次数:1
字节长度:1
第一字节:52
注册码-->内存方式-->寄存器-->eax
------------------------------------------------------------------
但有一个地方不明白,这个程序注册时,不需要用户名和机器码,但我根据W32Dasm参考字串得到一些东西,我随便也帖出来:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00416548(C)
|
:004163CE 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"ADTUY-65II9-UIYT8"
|
:004163D4 6810C24800 push 0048C210
:004163D9 E85FD90200 call 00443D3D
:004163DE 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"XVUY7-TY965-PLOUY"
|
:004163E4 68FCC14800 push 0048C1FC
:004163E9 83C104 add ecx, 00000004
:004163EC E84CD90200 call 00443D3D
:004163F1 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"JIURT-935GH-ILKR2"
|
:004163F7 68E8C14800 push 0048C1E8
:004163FC 83C108 add ecx, 00000008
:004163FF E839D90200 call 00443D3D
:00416404 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"POI87-JHTYU-LKER8"
|
:0041640A 68D4C14800 push 0048C1D4
:0041640F 83C10C add ecx, 0000000C
:00416412 E826D90200 call 00443D3D
:00416417 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"ADER6-YIEPO-98JIU"
|
:0041641D 68C0C14800 push 0048C1C0
:00416422 83C110 add ecx, 00000010
:00416425 E813D90200 call 00443D3D
:0041642A 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"MKOIU-763ER-IOUTY"
|
:00416430 68ACC14800 push 0048C1AC
:00416435 83C114 add ecx, 00000014
:00416438 E800D90200 call 00443D3D
:0041643D 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"LJHTY-OI76W-OIUT9"
|
:00416443 6898C14800 push 0048C198
:00416448 83C118 add ecx, 00000018
:0041644B E8EDD80200 call 00443D3D
:00416450 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"LKUTY-JHTRI-921FH"
|
:00416456 6884C14800 push 0048C184
:0041645B 83C11C add ecx, 0000001C
:0041645E E8DAD80200 call 00443D3D
:00416463 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"PSXCF-TYIER-POIUT"
|
:00416469 6870C14800 push 0048C170
:0041646E 83C120 add ecx, 00000020
:00416471 E8C7D80200 call 00443D3D
:00416476 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"LKJUI-OIWER-9673T"
|
:0041647C 685CC14800 push 0048C15C
:00416481 83C124 add ecx, 00000024
:00416484 E8B4D80200 call 00443D3D
:00416489 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"ADOPY-65IKL-UIIUO"
|
:0041648F 6848C14800 push 0048C148
:00416494 83C128 add ecx, 00000028
:00416497 E8A1D80200 call 00443D3D
:0041649C 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"XGTE7-TY997-PIUYY"
|
:004164A2 6834C14800 push 0048C134
:004164A7 83C12C add ecx, 0000002C
:004164AA E88ED80200 call 00443D3D
:004164AF 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"JIKFG-9346H-IURG2"
|
:004164B5 6820C14800 push 0048C120
:004164BA 83C130 add ecx, 00000030
:004164BD E87BD80200 call 00443D3D
:004164C2 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"PQWW7-JHIBU-LKXSA"
|
:004164C8 680CC14800 push 0048C10C
:004164CD 83C134 add ecx, 00000034
:004164D0 E868D80200 call 00443D3D
:004164D5 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"ZXCDR-YIPLK-MJHIU"
|
:004164DB 68F8C04800 push 0048C0F8
:004164E0 83C138 add ecx, 00000038
:004164E3 E855D80200 call 00443D3D
:004164E8 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"MKERW-7YM5R-IO895"
|
:004164EE 68E4C04800 push 0048C0E4
:004164F3 83C13C add ecx, 0000003C
:004164F6 E842D80200 call 00443D3D
:004164FB 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"9WERT-LNMGW-LCDT9"
|
:00416501 68D0C04800 push 0048C0D0
:00416506 83C140 add ecx, 00000040
:00416509 E82FD80200 call 00443D3D
:0041650E 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"WQASY-62TRI-92PK8"
|
:00416514 68BCC04800 push 0048C0BC
:00416519 83C144 add ecx, 00000044
:0041651C E81CD80200 call 00443D3D
:00416521 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"PHGFE-TYYTC-PBN5V"
|
:00416527 68A8C04800 push 0048C0A8
:0041652C 83C148 add ecx, 00000048
:0041652F E809D80200 call 00443D3D
:00416534 8B8ECC040000 mov ecx, dword ptr [esi+000004CC]
* Possible StringData Ref from Data Obj ->"TR6UI-OI9LK-96PAS"
|
:0041653A 6894C04800 push 0048C094
:0041653F 83C14C add ecx, 0000004C
:00416542 E8F6D70200 call 00443D3D
:00416547 4F dec edi
:00416548 0F8580FEFFFF jne 004163CE
:0041654E 8B4C2418 mov ecx, dword ptr [esp+18]
:00416552 8BC6 mov eax, esi
:00416554 5F pop edi
:00416555 5E pop esi
:00416556 5D pop ebp
:00416557 5B pop ebx
:00416558 64890D00000000 mov dword ptr fs:[00000000], ecx
:0041655F 83C414 add esp, 00000014
:00416562 C3 ret
-------------------------------------------------------------------
超级简单,和我一样的菜鸟们可以练练!
最后在这里真心感谢你花了那么多时间看这篇文章!谢谢了...
