Software:TextMagic Version 1.0 (1.67MB)
Tool: trw2000,w32dasm89 & hiew32
http://www.alwaysu.net/software/web/texiao/textmagic%20%20en.exe
求人指点有感:
近日在本论坛发帖求人指点TextMagic Version 1.0 存盘6个文字限制,没有得到响应.
有个别朋友极不耐烦,令我感慨万千:世界上真没有救世主,一切要靠我们自己.
procedures:
1.首先运行trw2000,在存盘前用bpx hmemcpy 设断点,找到TextMagic V1.0 存盘6个文字限制的提示框
的位址:
:0040AF26 CALL 0043C3D6------执行此call 则弹出存盘6个文字限制的提示框.
!!!!!注:这个软件在trw2000环境下和在w32dasm89环境下RVA相同.
2.运行W32dasm89反汇编TextMagic.exe ,点击find text,填入 "Warning: This is a trial
version of Textmagic",
来到这里.
!!!!(为什么不直接在W32dasm89的字符串参考里寻找上述内容呢?----因为找不到.)
* Possible Reference to String Resource ID=61478: "Warning: This is a trial
version of Textmagic. Trial version"
|
:0040AF1D 6826F00000 push 0000F026
:0040AF22 C645FC05 mov
[ebp-04], 05
:0040AF26 E8AB140300 call 0043C3D6
:0040AF2B 8D83BA020000 lea eax, dword
ptr [ebx+000002BA]
:0040AF31 50
push eax
:0040AF32 E879FD0000 call 0041ACB0
:0040AF37 83F806
cmp eax, 00000006
!!!!!!!!!!!!!!!!! ----这儿的00000006是什么意思?
难道说它就是 6个文字限制的标志?
:0040AF3A 59
pop ecx
:0040AF3B 7605
jbe 0040AF42
a33bh(内存地址) !!!!!!!!!!!!!!-----------试着把jbe
改为jmp
:0040AF3D 6A06
push 00000006
:0040AF3F 58
pop eax
a340h
:0040AF40 EB0D
jmp 0040AF4F
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040AF3B(C)
|
:0040AF42 8D83BA020000 lea eax, dword
ptr [ebx+000002BA]
:0040AF48 50
push eax
:0040AF49 E862FD0000 call 0041ACB0
:0040AF4E 59
pop ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040AF40(U)
|
:0040AF4F 50
push eax
:0040AF50 8B4DDC
mov ecx, dword ptr [ebp-24]
:0040AF53 8D83BA020000 lea eax, dword
ptr [ebx+000002BA]
:0040AF59 50
push eax
:0040AF5A 8D45B0
lea eax, dword ptr [ebp-50]
:0040AF5D FF75E8
push [ebp-18]
:0040AF60 50
push eax
:0040AF61 E89898FFFF call 004047FE
:0040AF66 8BCF
mov ecx, edi
:0040AF68 E8AEA6FFFF call 0040561B
:0040AF6D 668B4704 mov
ax, word ptr [edi+04]
:0040AF71 668B7F06 mov
di, word ptr [edi+06]
:0040AF75 663BC6
cmp ax, si
:0040AF78 7E05
jle 0040AF7F
:0040AF7A 0FBFC0
movsx eax, ax
:0040AF7D EB02
jmp 0040AF81
3.用hiew32把
:0040AF3B 7605
jbe 0040AF42
改为:
:0040AF3B 7605
jmp 0040AF42
4.运行TextMagic Trial Version 1.0 ,制作18个文字,然后存盘,结果大功告成.
困扰我多日的难题,终于告破.
- 标 题:还是自己来吧?---解除TextMagic V1.0 存盘6个文字限制 (3千字)
- 作 者:wlq joseph
- 时 间:2001-10-26 0:25:20
- 链 接:http://bbs.pediy.com