CD Box Labeler Pro

标题：菜鸟破解实录(16)之 CD Box Labeler Pro (4千字)
作者：xiA Qin
时间：2000-8-3 16:28:27
链接：http://bbs.pediy.com

菜鸟破解实录(16)之 CD Box Labeler Pro

软件名称：CD Box Labeler Pro
版本：v1.4.1.806
简介：
相当简单的CD外盒标签的制作软件，内建一个制作精灵，可一步步轻而易举的完成制作，您只需选好图片，打入文字、调调文字的颜色及大小，立即完成一个漂亮的CD外盒标签，且可将它打印出来使用。

作者：xiA Qin
级别：很菜....很菜....
解密日前：2000年8月2日
解密工具：Trw2000 1.22
破解目的：学习注册码的破解。（简单）

说明：
本文是在我的软件破解记录上整理出来的。如若有纰漏，请各位大侠多指教！

首先运行CD Box Labeler Pro
输入注册信息
name: xiA Qin &任意输入
Serial Number: 9876543210 &任意输入

下指令bpx hmemcpy //下中断点

按F5回到程序，按确定，这时会被Trw2000拦截到。

下指令bd * //屏障中断点

下指令pmodule //直接跳到程序的领空

按F10来到下面指令

.................................

015F:00522E0D MOV EAX,[EBP-04]
015F:00522E10 CALL 00404128
015F:00522E15 XOR ESI,ESI
015F:00522E17 MOV EBX,EAX
015F:00522E19 TEST EBX,EBX
015F:00522E1B JLE 00522E3E
015F:00522E1D INC ESI
015F:00522E1E LEA EAX,[EBP-08]
015F:00522E21 PUSH EAX
015F:00522E22 MOV ECX,00000001
015F:00522E27 MOV EDX,ESI
015F:00522E29 MOV EAX,[EBP-04]
015F:00522E2C CALL 00404330
015F:00522E31 LEA EDX,[EBP-08]
015F:00522E34 MOV EAX,EDI
015F:00522E36 CALL 00522490
015F:00522E3B DEC EBX
015F:00522E3C JNZ 00522E1D
015F:00522E3E MOV EAX,[005C3F08]
015F:00522E43 IMUL EBX,[EAX],0000037D
015F:00522E49 MOV EAX,[005C3F08]
015F:00522E4E IMUL ESI,[EAX],000005B3
015F:00522E54 PUSH 00523084
015F:00522E59 LEA EDX,[EBP-24]
015F:00522E5C MOV EAX,EBX
015F:00522E5E CALL 00409170 //生成注册码的中间部分:260756
015F:00522E63 PUSH DWORD PTR [EBP-24]
015F:00522E66 PUSH 00523094
015F:00522E6B LEA EDX,[EBP-28]
015F:00522E6E MOV EAX,ESI
015F:00522E70 CALL 00409170 //生成注册码的后面部分:426028
015F:00522E75 PUSH DWORD PTR [EBP-28]
015F:00522E78 LEA EAX,[EBP-10]
015F:00522E7B MOV EDX,00000004
015F:00522E80 CALL 004041E8 <-注册码的组合。
015F:00522E85 MOV EAX,[EBP-0C] //输入的注册码 D EAX
015F:00522E88 MOV EDX,[EBP-10] //正确的注册码 D EDX
015F:00522E8B CALL 00404238 //比较注册码。
015F:00522E90 JNZ 00522F3E //跳到00522F3E,就死定了。
015F:00522E96 MOV DL,01
015F:00522E98 MOV EAX,[00474C00]
015F:00522E9D CALL 00474E1C
015F:00522EA2 MOV [EBP-14],EAX
015F:00522EA5 XOR EAX,EAX
015F:00522EA7 PUSH EBP
015F:00522EA8 PUSH 00522EF8
015F:00522EAD PUSH DWORD PTR FS:[EAX]
015F:00522EB0 MOV FS:[EAX],ESP
015F:00522EB3 MOV CL,01
015F:00522EB5 MOV EDX,005230A0
015F:00522EBA MOV EAX,[EBP-14]
015F:00522EBD CALL 0047503C
015F:00522EC2 MOV ECX,[EBP-04]
015F:00522EC5 MOV EDX,005230E8
015F:00522ECA MOV EAX,[EBP-14]
015F:00522ECD CALL 0047558C
015F:00522ED2 MOV ECX,[EBP-0C]
015F:00522ED5 MOV EDX,005230F4
015F:00522EDA MOV EAX,[EBP-14]
015F:00522EDD CALL 0047558C
015F:00522EE2 XOR EAX,EAX
015F:00522EE4 POP EDX
015F:00522EE5 POP ECX
015F:00522EE6 POP ECX
015F:00522EE7 MOV FS:[EAX],EDX
015F:00522EEA PUSH 00522EFF
015F:00522EEF MOV EAX,[EBP-14]
015F:00522EF2 CALL 00403180
015F:00522EF7 RET
015F:00522EF8 JMP 004038A0
015F:00522EFD JMP 00522EEF
015F:00522EFF MOV EAX,[005C4208]
015F:00522F04 MOV EDX,[EBP-04]
015F:00522F07 CALL 00403EFC
015F:00522F0C MOV EAX,[005C3FC4]
015F:00522F11 MOV BYTE PTR [EAX],01
015F:00522F14 PUSH 00
015F:00522F16 MOV EAX,[005C421C]
015F:00522F1B MOV EAX,[EAX]
015F:00522F1D MOV CX,[005230F8]
015F:00522F24 MOV DL,02
015F:00522F26 CALL 00459AF4
015F:00522F2B MOV EAX,[005C4108]
015F:00522F30 MOV EAX,[EAX]
015F:00522F32 MOV DWORD PTR [EAX+00000234],00000001
015F:00522F3C JMP 00522F5D
015F:00522F3E MOV EAX,[005C3FC4]
015F:00522F43 MOV BYTE PTR [EAX],00
015F:00522F46 PUSH 00
015F:00522F48 MOV EAX,[005C4004]
015F:00522F4D MOV EAX,[EAX]
015F:00522F4F MOV CX,[005230F8]
015F:00522F56 MOV DL,01
015F:00522F58 CALL 00459AF4 //失败对话框
..............................

整理一下,输入注册信息。

Name: xiA Qin

Serial Number: GPS-260756-426028

注册信息在注册表中
[HKEY_CURRENT_USER\Software\Green Point Software UK\CD Box Labeler Pro\Properties]
"RG"="xiA Qin"
"SN"="GPS-260756-426028"