📄 crack37.htm

📁 为所有对破解感兴趣的朋友准备的礼物。希望大家能够喜欢。
💻 HTM
字号:
<html>

<head>

<title>看雪学苑</title>

<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<style type="text/css">

<!--

.p8 {  font-size: 8pt}

.p9 {  font-size: 9pt}

a:hover {  color: #00FF00}

a {  text-decoration: none}

.p12 {  font-size: 12pt; font-weight: bold; color: #FF3333}

-->

</style>

</head>



<body bgcolor="#FFFFFF">

<p><a href="index.htm" tppabs="http://toye.dihou.org/index.htm"><span class="p9">首页</span></a><span class="p9">＞＞<a href="crack.htm" tppabs="http://toye.dihou.org/crack.htm">破解心得</a></span> 

  <span class="p9"> </span></p>

<blockquote><span class="p9"> “光驱”修理手记 <br>

  <br>

  &nbsp; &nbsp; 前奏...... <br>

  <br>

  &nbsp; “没搞错吧！这不是硬件DIY，这是看雪学苑，众多CRACKER交流心得的乐园，去！” <br>

  &nbsp; &nbsp; “哎，别。我这修理的是虚拟光驱，评估版解除21天的限制，......” <br>

  &nbsp; &nbsp; “呀，失敬，失敬，欢迎，热烈欢迎” <br>

  <br>

  &nbsp; &nbsp; 对，今天就拿虚拟光驱2000开刀。从网上下载了一个最新版本，安装时提醒这是评估版，只允许使用21天。重启后运行mgr.exe，弹出版本信息对话框，确认后弹出虚拟光驱画面，稍候片刻，进入虚拟光驱总管窗口。 

  <br>

  &nbsp; &nbsp; 关闭mgr.exe，修改系统日期到一个月之后，运行mgr.exe，弹出过期对话框，确认后弹出订购对话框，确认后程序退出。呼出Softice，下断 

  <br>

  &nbsp; &nbsp; bpx messageboxa <br>

  运行mgr.exe被断，按几次F12回程序代码区 <br>

  <br>

  :00409ED4 8D1439&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; lea edx, dword 

  ptr [ecx+edi] <br>

  :00409ED7 3BC2&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cmp eax, 

  edx <br>

  :00409ED9 0F8696000000&nbsp; &nbsp; &nbsp; &nbsp; jbe 00409f75 <br>

  :00409EDA 8B3DE4304200&nbsp; &nbsp; &nbsp; &nbsp; mov edi,[Kernel32!WriteProfileStringA] 

  <br>

  :00409EE5 68F4334300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 004333F4&nbsp; ->"1" 

  <br>

  :00409EEA 6888354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433588 ->"iDvdis 

  <br>

  :00409EEF 6880354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433580 ->"intl" 

  <br>

  :00409EF4 FFD7&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call edi 

  <br>

  :00409EF6 687C354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 0043357C ->"0" <br>

  :00409EFB 6870354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433570 ->"iMediaxDev" 

  <br>

  :00409F00 6880354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433580 ->"intl" 

  <br>

  :00409F05 FFD7&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call edi 

  <br>

  :00409F07 6AFF&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push FFFFFFFF 

  <br>

  :00409F09 6A10&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00000010 

  <br>

  :00409F0B 686D1B0000&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00001B6D <br>

  :00409F10 E839500100&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call 0041EF4E&nbsp; &lt;-弹出过期对话框 

  <br>

  :00409F15 E856E8FFFF&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call 00408770&nbsp; &lt;-返回此处，弹出订购对话框 

  <br>

  &nbsp; &nbsp; 分析这段代码，若在:00409ED9处不跳，则往win.ini里intl小节iDvdis项和iMediaxDev项分别写入1和0，弹出过期对话框和订购对话框，退出运行。因此，在:00409ED9处必须要跳。eax, 

  edx的值一时也弄不清是怎么算得的， <br>

  向上看，还有十几个短跳，头都大了~！休息，休息一会儿。仔细观察，前面还有两个ret，对应 <br>

  :00409C05 jz 00409C6E <br>

  和 <br>

  :00409E72 jz 00409ED4 <br>

  一定要跳，另外除了:00409E57 jz 00409FFFF，其它跳转似乎都不影响程序执行到:00409ED9处。而试着从:00409E57处跳到:00409FFFF处执行，好象也没什么问题。不管那么多了，把jz 

  00409C6E、jz 00409ED4和jbe 00409f75都改为无条件跳转即可解除日期限制”。 <br>

  <br>

  下一步要去掉讨厌的版本信息和虚拟光驱画面了，向下看 <br>

  :0040A084 3BC6&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cmp eax, 

  esi <br>

  :0040A086 743A&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; je 0040A0C2&nbsp; 

  &lt;-跳过版本信息对话框 <br>

  :0040A088 8B3DE0304200&nbsp; &nbsp; &nbsp; &nbsp; mov edi, dword ptr [004230E0]&nbsp; 

  &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 

  &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 

  &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ^KERNEL32.GetProfileIntA <br>

  :0040A08E 6A00&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00000000 

  <br>

  :0040A090 6888354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433588 ->"iDvdis" 

  <br>

  :0040A095 6880354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433580 ->"intl" 

  <br>

  :0040A09A FFD7&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call edi 

  <br>

  :0040A09C 6A00&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00000000 

  <br>

  :0040A09E 6870354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433570 ->"iMediaxDev" 

  <br>

  :0040A0A3 6880354300&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 00433580 ->"intl" 

  <br>

  :0040A0A8 8BF0&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; mov esi, 

  eax <br>

  :0040A0AA FFD7&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call edi 

  <br>

  :0040A0AC 85F6&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; test esi, 

  esi <br>

  :0040A0AE 7547&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; jne 0040A0F7&nbsp; 

  &lt;-iDvdis不等于0则跳，过期 <br>

  :0040A0B0 83F801&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cmp eax, 00000001 

  <br>

  :0040A0B3 7542&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; jne 0040A0F7&nbsp; 

  &lt;iMediaxDev不等于1则跳，过期 <br>

  :0040A0B5 6AFF&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push FFFFFFFF 

  <br>

  :0040A0B7 56&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 

  esi <br>

  :0040A0B8 68C8010000&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; push 000001C8 <br>

  :0040A0BD E88C4E0100&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; call 0041EF4E&nbsp; &lt;-版本信息对话框 

  <br>

  :0040A0C2 3975E4&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; cmp dword ptr 

  [ebp-1C], esi <br>

  :0040A0C5 7471&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; je 0040A138&nbsp; 

  &lt;-跳过虚拟光驱画面 <br>

  &nbsp; &nbsp; 由上可知，将je 0040A0C2和je 0040A138改为无条件跳转即可，或者直接把 <br>

  je 0040A0C2改为jmp 0040A138。 <br>

  &nbsp; &nbsp; 以上修改可用hiew.exe或winhex.exe等工具，不再叙述。 <br>

  &nbsp; &nbsp; 更进一步，还可以打造自己的品牌，利用exescope等资源修改工具，可以隐藏“订购”菜单项，修改“关于”对话框内容为正版字样，... 

  <br>

  &nbsp; &nbsp; 需要注意的是，光驱2000过期后将拒绝重装，这是只需把win.ini里的iDvdis改为0就行了。 <br>

  &nbsp; &nbsp; <br>

  <br>

  --### 严正声名 ###-- <br>

  &nbsp; &nbsp; 以上内容只能用于经验交流领域，严禁商业用途，维护正版利益！ <br>

  &nbsp; &nbsp; 版权所有，请保障文章的完整性！ <br>

  <br>

  woLONGwxd&nbsp; 2001-1-17 <br>

  E-mail:wxdny@263.net </span> </blockquote>

<p> </p>

<p> </p>

<p> </p>

<a href="index.htm" tppabs="http://toye.dihou.org/index.htm"><span class="p9">首页</span></a><span class="p9">＞＞<a href="crack.htm" tppabs="http://toye.dihou.org/crack.htm">破解心得</a></span> 

</body>

</html>
💿 文件大小 1161 K
👤 上传用户 linux_open_lab
📂 所属分类其他书籍
🏷️ 相关标签

#破解 #家
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -