📄 checkmain.~pas
字号:
unit CheckMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, TrialTimeUnit, Base64Unit, DESUnit, Registry, MD5Unit,
DymCrc32, DiskSerialUnit, TlHelp32, WinSvc, IniFiles, ComCtrls;
type
TMainFrm = class(TForm)
Label1: TLabel;
Button1: TButton;
Button2: TButton;
StatusBar1: TStatusBar;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure FormShow(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
MainFrm: TMainFrm;
implementation
uses RegUnit, TrialOut;
{$R *.dfm}
//*************************************************
//反调试
//*************************************************
function AntiSoftICE():Boolean;
var
SVStatus:TServiceStatus;
OpenSVM,ICESV:SC_HANDLE;
begin
//打开服务控制管理器
OpenSVM:=OpenSCManager(nil,SERVICES_ACTIVE_DATABASE,SC_MANAGER_ALL_ACCESS);
if OpenSVM=0 then
Result:=False;
//打开NIICE服务
ICESV:=OpenService(OpenSVM,'NTice',SERVICE_ALL_ACCESS);
if QueryServiceStatus(ICESV,SVStatus) then
begin
CloseServiceHandle(ICESV);
Result:=False;
end;
//判断当前NTICE服务是否在运行
if SVStatus.dwCurrentState=SERVICE_RUNNING then
begin
CloseServiceHandle(ICESV);
Result:=True;
end;
end;
//*************************************************
//反加载
//*************************************************
function AntiLoader():Boolean;
var
isDebuggerPresent: function:Boolean;
Addr: THandle;
begin
Addr := LoadLibrary('kernel32.dll');
isDebuggerPresent := GetProcAddress(Addr, 'IsDebuggerPresent');
if isDebuggerPresent then
Result:=True
else
Result:=False;
end;
//*************************************************
//反监视
//*************************************************
function AntiMonitor():Boolean;
var
hSnap:THandle;
Process32:PROCESSENTRY32;
LoopFlag:BOOL;
szFileName:String;
begin
////得到所有进程的列表快照
hSnap:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if hSnap=INVALID_HANDLE_VALUE then
begin
Result:=False;
Exit;
end;
Process32.dwSize:=sizeof(PROCESSENTRY32);
//查找进程
LoopFlag:=Process32First(hSnap,Process32);
if LoopFlag=False then
begin
CloseHandle(hSnap);
Result:=False;
Exit;
end;
while Integer(LoopFlag)<>0 do
begin
//取进程名
szFileName:=ExtractFileName(Process32.szExeFile);
if UpperCase(szFileName)='FILEMON.EXE' then
begin
Result:=True;
break;
end
else
Result:=False;
LoopFlag:=Process32Next(hSnap,Process32);
end;
CloseHandle(hSnap);
end;
//*************************************************
//Anti-DeDe
//*************************************************
procedure AntiDeDe();
var
hSnap:THandle;
Process32:PROCESSENTRY32;
LoopFlag:BOOL;
szFileName:String;
ProcessID:integer;
begin
////得到所有进程的列表快照
hSnap:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if hSnap=INVALID_HANDLE_VALUE then
Exit;
Process32.dwSize:=sizeof(PROCESSENTRY32);
//查找进程
LoopFlag:=Process32First(hSnap,Process32);
if LoopFlag=False then
begin
CloseHandle(hSnap);
Exit;
end;
while Integer(LoopFlag)<>0 do
begin
//取进程名
szFileName:=ExtractFileName(Process32.szExeFile);
if UpperCase(szFileName)='DEDE.EXE' then
begin
ProcessID:=Process32.th32ProcessID;
//发现DeDe以后关闭它
TerminateProcess(OpenProcess(PROCESS_TERMINATE,False,ProcessID),1);
break;
end;
LoopFlag:=Process32Next(hSnap,Process32);
end;
CloseHandle(hSnap);
end;
procedure TMainFrm.FormShow(Sender: TObject);
var
IniFileName,OldCrc,CurrentCrc,Sn1,Sn2:String;
MyIniFile:TIniFile;
Reg:TRegistry;
TempInt:Integer;
begin
TempInt:=0;Sn1:='';Sn2:='';
//*********************************************
//反跟踪技术
AntiDeDe;
// if AntiSoftICE or AntiLoader or AntiMonitor then
// Close;
//*********************************************
//*********************************************
//完整性校验
IniFileName:=ExtractFilePath(Application.ExeName)+'MyIni.ini';
MyIniFile:=TIniFile.Create(IniFileName);//创建TIniFile对象
OldCrc:=Base64Decryption(MyIniFile.ReadString('MYSET','Ver',''));
CurrentCrc:=GetCRC32File(Application.ExeName);
// if UpperCase(OldCrc)<>UpperCase(CurrentCrc) then
// Close;
MyIniFile.Destroy;
//*********************************************
//*********************************************
//注册码验证及试用期
Reg:=TRegistry.Create;
Reg.RootKey:=HKEY_CURRENT_USER;
if Reg.OpenKey('\Software\Pefine',False) then
begin
Sn1:=Base64Decryption(Reg.ReadString('ComSn1'));
Sn2:=Base64Decryption(Reg.ReadString('ComSn2'));
end;
Reg.CloseKey;
Reg.Destroy;
TempInt:=TrialTime(15);//设置为可试用15次
if (Sn1<>'') and (Sn2<>'') then
begin
//如果注册码正确显示授权给的用户名
if DESDecrypt(Sn2,GetStrMD5('ABCDE'))=Sn1+GetHddSerial then
MainFrm.Caption:=MainFrm.Caption+' 授权给:'+Sn1
else
begin//如果注册码不正确那么提示已试用次数
case TempInt of
-1:
MessageBox(Handle,'软件启动错误请与作者联系!','提示',MB_OK);
0:
TrialOutFrm.ShowModal;
else
MainFrm.Caption:=MainFrm.Caption+' - 已试用了'+IntToStr(TempInt)+'次';
end;
end;
end
else
begin//如果注册信息为空那么提示已试用次数
case TempInt of
-1:
MessageBox(Handle,'软件启动错误请与作者联系!','提示',MB_OK);
0:
TrialOutFrm.ShowModal;
else
MainFrm.Caption:=MainFrm.Caption+' - 已试用了'+IntToStr(TempInt)+'次';
end;
end;
//*********************************************
end;
procedure TMainFrm.Button1Click(Sender: TObject);
begin
RegFrm.ShowModal;
end;
procedure TMainFrm.Button2Click(Sender: TObject);
begin
Close;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -