• installshield script
  • 标 题:翻译一篇很简单的暴力破解installshield! (6千字)
  • 作 者:peterchen
  • 时 间:2001-3-15 1:42:47
  • 链 接:http://bbs.pediy.com

破解installshield script的教程
翻译者:Petetchen
        [      ]的翻译是我的好朋友windos2k协助!在些多谢他!
       
Author : SiraX / [NaTzGUL/SiraX Production 98]
Email  : sirax@dongle.net

目录:
    1.介绍
    2.工具教程
    3.反译破解教程
    4.总结
    5.联系

1.介绍
  这个教程是试范Windows Installshield Decompiler v1.00的用法。
通过这个教程你将看到如何破解install的密码保护,一般多数软件都是用它打包。
希望通过这个教程,你将学会灵活工具和最重要正确使用这些方法来对付script.

2.工具教程
  相信只有它才能反序破解installshield的保护了。
  它具有CRC校正自动修改和保存的功能,这样它就有别的工具没有的功能。
  这个教程里的破解对象是Adobe PhotoShop V4.0的图象编辑工具。它是用
  Installshield 3.0制成的密码保护。

3.反译破解教程
  在这一节,我就以破解Adobe PhotoShop V4.0逐步逐步分析。每个步都指出
  对图形窗的运用。

  1.装载Installshield Decompiler
  2.运行setup.exe,直到注册窗出来如:
    name:
    company:
    serial number:
  任意输入密码之类, 点击Next当看到
  "The serial number xxxxxxxxxx is not a valid Adobe PhotoShop serial number,
  Please re-enter your serial number."为止。
  3.现在写下错误提示如:"invalid".我们要在反译后在"text later on"上找这样的提示。
  4.退出setup,开始备份setup.ins
  5.点打开菜单上的"file"(热键ctrl-O ),在打开窗口中选取Adobe PhotoShop的setup.ins文件。
  6.紧着按F2或者打菜单上"decompile"->"star"不久你就看见反译进程。如果你想终止,可以点
    工具栏上的"cancel"按扭。
  7.当反译后,我开始找"invalid"的提示。这样的提示在工具栏"text box"上找得到,然后点击。
    就来到:
    <LABEL_002> REF:00000F97 00001016 00001388
  |
00000DB9: 0128    IF (SdRegisterUserEx_[LABEL_0214]=000000C) THEN
00000DD9: 002C        Goto (LABEL_0001)
00000DDA: 0000  ENDIF
00000DE6: 0125  StrVar[002F] = SUPPORTDIR ^ "PSSupprt.DLL"
00000E12: 0128  IF (UseDLL (StrVar[002F]) != 00000000) THEN
00000E32: 0013        StrVar[001A] = "An Error occurred during the setup process! Please contact Adobe Systems Technical Support."
00000E95: 0104        SprintfBox (FFFF0003,"Adobe Photoshop Setup",StrVar[001A])
00000EBA: 002B        Exit ()
00000EBB: 0000  ENDIF
00000ED4: 0128  IF (PSSupprt.PSFunc1 (StrVar[0024]) = 00000000) THEN  //function return value is compared to 0.  0 is bad.
00000EF4: 00B3        UnUseDLL ("PSSupprt")                              [函数返回值是与0比较,相等是不好的]
00000F01: 0013        StrVar[001A] = "The serial number %s is not a valid Adobe Photoshop serial number. Please re-enter your serial number."
00000F6F: 0104        SprintfBox (FFFF0002,"Adobe Photoshop Setup",StrVar[001A],StrVar[0024])  ////Displays the error message
                                                                                                  [显示错误信息]

00000F97: 002C        Goto (LABEL_0002)  //Loops back and let user to re-enter info
00000F98: 0000  ENDIF                    [后退并且容许使用者重输入信息]
00000FA4: 0125  StrVar[002F] = SUPPORTDIR ^ "PSSupprt.DLL"
00000FBB: 00B3  UnUseDLL (StrVar[002F])
00000FF6: 0128  IF (SdConfirmRegistration_[LABEL_0260] = 00000000) THEN
00001016: 002C        Goto (LABEL_0002)
00001017: 0000  ENDIF
00001023: 0013  StrVar[0023] = "File Components"
0000103A: 00B5  Call Function_0055_[LABEL_00F4]  (StrVar[0023])
...............
  8.在上面反译的内容,你能清楚看到要改的地方。
    At 0000E12:0128, we have a comparison with the return value of a function and the value 0.
    If the return value is zero, then we're in trouble.  The error message will be displayed
    at line 00000F6F:0104.  Then at line 00000F97:002C, we go back to Label_002 so that this
    process is repeated and user can re-enter the info.
    (在0000E12:0128我们可参考[函数返回值是与0比较,相等是不好的]如果返回声明是0,这样你就麻烦了!
    在00000F6F:0104[显示错误信息]。然后00000F97:002C跳回Label_002[后退并且容许使用者重输入信息])
  9.Since we have identified the spot to be changed, now it's time to crack it.  To make a
    change so that it will accept our wrong serial, we can change the "=" operator at line
    00000ED4:0128 to "!=".  Clear enough!
    (当我们确认修改的地方,那么就把00000ED4:0128的"="变成"!=".)

10.To make the change, it's very simple.  First, double click on the "=" operator.  Then
    right-click your mouse to bring up the popup menu.  Choose "Change To" and pick the "!="
    operator.  After this, you should see that the operator is now "!=".
    (修改方法很简单。首先正确双击"=",之后显示一个浮动菜单。从中选取"Change To"和点选"!=",然后
    你会看见"="变成了"!="。)
   
11.Once the above is done, we need to save the changes we made.  You can either goto "Misc"
    menu to pick "CRC Correction" or you can quit the IS decompiler and you will automatically
    be asked whether you want to save changes or not.  Click on "yes" when you're asked.  And
    then just sit back and relax.  In a few minutes, you will see it in action.
    (当你保存修改的地方后,就去点菜单上的"Misc"->"CRC Correction"或者快速的退出 is decompiler
    它会自动的提示你是否保存结果选"yes")
12.After it's done, simply run the Adobe PhotoShop setup again, and enter any info and serials
    at that screen.  Then click on "Next".  Whoaaaa.  Beauti!  A confirm box popped up this time,
    asking us whether this information is correct or not.  We DID NOT see the error message box.
    Now, just click on "yes" to confirm this info is right and follow the instructions to
    install the rest.
    (当你做完以上工作,再一次安装Adobe PhotoShop时出现注册窗你只要按下一步就连密码也不要校正。)
     
13.Hey, wasn't that easy!  I did it in about 10 min.  The decompile process took a while.  But
    would you rather spent a few hours tracing through the code or POINT and CLICK to defeat it?
  (多么的容易!我只用了10秒钟。如果你想追出密码就要分一些时间了?)
4.总结:
    From the above walk through, we can see how easy it is to defeat such Installshield
protection with this decompiler.  I hope I have made the steps clear enough for you to walk
through and get some general feel for this tool.  If you have any questions, suggestions, or
even bug reports regarding this tool, we would love to hear from you.  You can email us, or find
us on EFNET.  After all,  this is still in beta.
         
5.联系:
Groups:
    DONGLE, GPF, REVOLT, GLoW, ENTITY, CONCEPT, PNC, etc
PERSONAL:
    NaTzGUL, Vizion, BLeetz, Krazy_N, Niabi, Deviant, Norway, FaNt0m, Knoweffex, JoG, Pitty, Info[e], [Mad], [Sketch]
    Hazzy, Perish, JJJ, 45mBit, CoPhiber, Spanky, Doc-Man, SuperChic, Wildwendy, Tane, TeRaPhY, Razzia, +ORC, Fravia+
    LordCaligo, Dap24, Op-Ivy, Ghi, etc.....


(c) 1998 SiraX / [NaTzGUL/SiraX Production] All rights reversed