⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 lesson1402.htm

📁 为所有对破解感兴趣的朋友准备的礼物。希望大家能够喜欢。
💻 HTM
📖 第 1 页 / 共 3 页
字号:
🔍
123 
<span class="p9">to find the button, use the window value, not the button value 
to bmsg on (the other just won't work)</span> 
<p><span class="p9">so for the example here, to find our button push we would</span></p>
<p><span class="p9">BMSG 0129 WM_COMMAND</span></p>
<p><b><font color="#3333CC"><span class="p9"><font face="宋体" color="#000000">五、用</font> 
  <font face="Times New Roman" color="#000000">BPR</font> <font face="宋体" color="#000000">设断</font> 
  <font color="#000000">(作者:josephCo) </font> </span></font></b></p>
<p> <span class="p9"><font face="宋体" color="#000000">通常为了准确设断可用</font> <font face="Times New Roman" color="#000000">(GetDlgItemtext(A),&nbsp;GetWindowText</font> 
  <font face="宋体" color="#000000">)</font> <font face="Times New Roman" color="#000000">&nbsp;</font> 
  <font face="宋体" color="#000000">等函数,在这里不用以上函数,用</font> <font face="Times New Roman" color="#000000">HMEMCPY</font> 
  <font face="宋体" color="#000000">函数,注:</font> <font face="Times New Roman" color="#000000">HMEMCPY</font> 
  <font face="宋体" color="#000000">(此函数作用:内存字节复制)。</font> </span></p>
<p> <span class="p9"><font face="宋体" color="#000000">当我们中断在</font> <font face="Times New Roman" color="#000000">HMEMCPY</font> 
  <font face="宋体" color="#000000">时,一般简单按</font> <font face="Times New Roman" color="#000000">F10</font> 
  <font face="宋体" color="#000000">大约</font> <font face="Times New Roman" color="#000000">17</font> 
  <font face="宋体" color="#000000">到</font> <font face="Times New Roman" color="#000000">25</font> 
  <font face="宋体" color="#000000">行,你一般应看到如下类似代码:</font> </span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;PUSH&nbsp;ECX</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;SHR&nbsp;ECX,2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;;&nbsp;</font> 
  <font face="宋体" color="#000000">复制的次数</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;REPZ&nbsp;MOVSD&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;;&nbsp;</font> 
  <font face="宋体" color="#000000">字由数据段</font> <font face="Times New Roman" color="#000000">DS:ESI&nbsp;(32-Bit)</font> 
  <font face="宋体" color="#000000">传到附加段</font> <font face="Times New Roman" color="#000000">ES:EDI&nbsp;(32-Bit)</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;POP&nbsp;ECX</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;AND&nbsp;ECX,3</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;REPZ&nbsp;MOVSB&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;;&nbsp;</font> 
  <font face="宋体" color="#000000">类似</font> <font face="Times New Roman" color="#000000">REPZ&nbsp;MOVSD,&nbsp;</font> 
  <font face="宋体" color="#000000">只是以字节为单位</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;XOR&nbsp;DX</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;XOR&nbsp;AX</font> 
  </span> <span class="p9"><font face="Times New Roman" color="#000000">&nbsp;&nbsp;&nbsp;&nbsp;</font> 
  </span></span></p>
<p> <span class="p9"><span class="p9"><font face="宋体" color="#000000">现在应该发现一点技巧了吧,你用这种方法</font></span></span><span class="p9"><font face="宋体" color="#000000">很容易中断在你的输入的序列号或姓名处。</font> 
  </span></p>
<p> <span class="p9"><font face="宋体" color="#000000">在</font> <font face="Times New Roman" color="#000000">SOFTICE</font> 
  <font face="宋体" color="#000000">下,在</font> <font face="Times New Roman" color="#000000">REPZ&nbsp;MOVSD</font> 
  <font face="宋体" color="#000000">一行,下命令:</font> <font face="Times New Roman" color="#000000">D&nbsp;DS:ESI&nbsp;(32&nbsp;bit)</font> 
  <font face="宋体" color="#000000">或</font> <font face="Times New Roman" color="#000000">D&nbsp;DS:SI&nbsp;(16&nbsp;bit).&nbsp;</font> 
  <font face="宋体" color="#000000">你应该看到你的姓名或序列号;或下</font> <font face="Times New Roman" color="#000000">&nbsp;D&nbsp;ES:EDI&nbsp;(32&nbsp;bit)&nbsp;or&nbsp;D&nbsp;ES:DI&nbsp;(16&nbsp;bit)</font> 
  <font face="宋体" color="#000000">,这命令看到的地方,是你的信息将要被复制的地方。例如:你看到的是:</font> <font face="Times New Roman" color="#000000">22BF:00000000.</font> 
  <font face="宋体" color="#000000">注意这较陌生的字段。如果你用</font> <font face="Times New Roman" color="#000000">BPR</font> 
  <font face="宋体" color="#000000">在这段内存范围设断,可能什么也拦不住。现在你按</font> <font face="Times New Roman" color="#000000">F10</font> 
  <font face="宋体" color="#000000">直到你的信息被复制结束(经过</font> <font face="Times New Roman" color="#000000">repz&nbsp;movsb</font> 
  <font face="宋体" color="#000000">这一行)。此时你应键入:</font> <font face="Times New Roman" color="#000000">&nbsp;PAGE&nbsp;22BF:00000000</font> 
  <font face="宋体" color="#000000">(或你所看到的</font> <font face="Times New Roman" color="#000000">SEG:OFFSET</font> 
  <font face="宋体" color="#000000">)。(</font> <font face="Times New Roman" color="#000000">page</font> 
  <font face="宋体" color="#000000">具体含义参考</font> <font face="Times New Roman" color="#000000">SOFTICE</font> 
  <font face="宋体" color="#000000">手册)一般会出现如下情况:</font> </span></p>
<table width="80%" align="center" bgcolor="#E6E6F4" cellspacing="0">
  <tr> 
    <td height="28" width="24%"> 
      <p align="center"><span class="p9"><font face="Times New Roman" color="#000000">Linear</font></span></p>
    </td>
    <td height="28" width="27%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">Physical&nbsp;&nbsp;&nbsp;</font></span></div>
    </td>
    <td height="28" width="26%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">Attributes</font></span></div>
    </td>
    <td height="28" width="23%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">Type</font></span></div>
    </td>
  </tr>
  <tr> 
    <td height="28" width="24%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">80284960</font></span></div>
    </td>
    <td height="28" width="27%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">01603960</font></span></div>
    </td>
    <td height="28" width="26%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">PD&nbsp;A&nbsp;AU&nbsp;RW</font></span></div>
    </td>
    <td height="28" width="23%"> 
      <div align="center"><span class="p9"><font face="Times New Roman" color="#000000">System</font></span></div>
    </td>
  </tr>
</table>
<p><span class="p9"><font face="宋体" color="#000000">现在我们可用</font> <font face="Times New Roman" color="#000000">BPR</font> 
  <font face="宋体" color="#000000">在</font> <font face="Times New Roman" color="#000000">&quot;Linear&quot;</font> 
  <font face="宋体" color="#000000">设断,在设断前,你应知道需监视多少字节。而段地址一般选择为</font> <font face="Times New Roman" color="#000000">&nbsp;30.</font> 
  </span></p>
<p> <span class="p9"><font face="宋体" color="#000000">如:</font> </span></p>
<p> </p>
<p> <span class="p9"><font face="Times New Roman" color="#000000">&nbsp;BPR&nbsp;30:80284960&nbsp;30:80284969&nbsp;RW</font> 
  </span></p>
<p> </p>
<p> <span class="p9"><font face="宋体" color="#000000">这行作用是在这</font> <font face="Times New Roman" color="#000000">9</font> 
  <font face="宋体" color="#000000">个字节范围内读写都会中断。</font> </span></p>
<p> <span class="p9"><font face="宋体" color="#000000">我们用段地址</font> <font face="Times New Roman" color="#000000">30</font> 
  <font face="宋体" color="#000000">,是因为它总是存在。</font> </span></p>
<p> <span class="p9"><font face="宋体" color="#000000">这时你将</font> <font face="Times New Roman" color="#000000">HMEMCPY</font> 
  <font face="宋体" color="#000000">中断先禁止,按</font> <font face="Times New Roman" color="#000000">F5,</font> 
  <font face="宋体" color="#000000">就有可能被拦在读写你的序列号或姓名出,再分析找出正确的序列号。这种方法对</font> 
  <font face="Times New Roman" color="#000000">16</font> <font face="宋体" color="#000000">位的程序特别有效。</font> 
  </span> <span class="p9"> </span></p>
<p> </p>
<p> <font color="#000000"><b><span class="p9"><font face="宋体">六、</font> <font face="Times New Roman">Visual&nbsp;Basic&nbsp;</font> 
  <font face="宋体">序列号</font> </span></b></font></p>
<p> <span class="p9"><font face="Times New Roman" color="#000000">VB</font> <font face="宋体" color="#000000">程序的具体特点可参考第十五课。</font> 
  </span></p>
<p> <span class="p9"><font face="宋体" color="#000000"><b>方法1、</b>首先一定要将</font> 
  <font face="Times New Roman" color="#000000">VB</font> <font face="宋体" color="#000000">运行库装载好,在输入序列号后,一般在</font> 
  <font face="Times New Roman" color="#000000">SOFTICE</font> <font face="宋体" color="#000000">设断:</font> 
  <font face="Times New Roman" color="#000000">BPX&nbsp; rtcMsgBox</font> <font face="宋体" color="#000000">都会被拦截,此时你用</font> 
  <font face="Times New Roman" color="#000000">W32DASM</font> <font face="宋体" color="#000000">反汇编你的程序,利用刚才找到的</font> 
  <font face="Times New Roman" color="#000000">rtcMsgBox</font> <font face="宋体" color="#000000">地址,你很容易发现这个函数被哪些地方调用,如可能就在序列号比较代码前设断。注意</font> 
  <font face="Times New Roman" color="#000000">VB</font> <font face="宋体" color="#000000">函数不同于</font> 
  <font face="Times New Roman" color="#000000">WIN32&nbsp;API</font> <font face="宋体" color="#000000">函数,</font> 
  <font face="Times New Roman" color="#000000">VB</font> <font face="宋体" color="#000000">必须把它的各种参数放入堆栈(</font> 
  <font face="Times New Roman" color="#000000">push</font> <font face="宋体" color="#000000">命令),因此在各比较函数前的</font> 
  <font face="Times New Roman" color="#000000">push</font> <font face="宋体" color="#000000">里你就可能发现正确的序列号。</font> 
  </span></p>
<p align="left"> <span class="p9"><font face="宋体" color="#000000">在破解</font> <font face="Times New Roman" color="#000000">VB</font> 
  <font face="宋体" color="#000000">下面几个函数值得引起我们注意:</font> <br>
  </span><span class="p9"><font face="Times New Roman" color="#000000">__vbaLenBstr&nbsp;(</font> 
  <font face="宋体" color="#000000">得到字符串的长度</font> <font face="Times New Roman" color="#000000">)</font> 
  <br>
  </span><span class="p9"><font face="Times New Roman" color="#000000">__vbaStrCopy</font> 
  <br>
  </span><span class="p9"><font face="Times New Roman" color="#000000">__vbaStrMove&nbsp;</font></span></p>
<p class="p9"><b>方法2</b>、这里将VB3、VB4、VB5的序列号比较代码整理如下: <br>
  (你需打开WINICE.DAT 文件把下面3行加进去,还要加上VB运行库,具体参考第5课SOFTICE安装)</p>
<table width="100%" align="center" cellspacing="0" bgcolor="#E6E6F4">
  <tr bgcolor="#E6E6F4"> 
    <td height="31" width="20%"> 
      <p align="center"><span class="p9"><font color="#3333CC"><b><span class="p9"><font face="Times New Roman">Visual&nbsp;Basic 
        3</font></span></b></font></span></p>
    </td>
    <td height="31" colspan="3"> 
      <div align="left"><span class="p9"><font face="Times New Roman" color="#3333CC"><b>AF3=&quot;^S&nbsp;0&nbsp;L&nbsp;FFFFFFFF&nbsp;8B,CA,F3,A6,74,01,9F,92,8D,5E,08;&quot;&nbsp;</b></font> 
        </span></div>
    </td>
  </tr>
  <tr bgcolor="#E6E6F4">
123

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -