软件名称:YATS32
版本: v8.1 build 6
下载地址:http://www.dillobits.com/bin/yats3281.exe
http://newhua.21f.net/down/yats3281.exe
保护类型:注册码
破解类型:patch
难度级别:easy
软件描述:时间同步工具
该软件用UPX压缩过,解压后反汇编,利用W32Dasm的reference功能,找到如下的地方。很明显DS:[00456970]中存放的是注册的标志,非零值表示已注册。
:0040123F 391D70694500 cmp dword ptr
[00456970], ebx
:00401245 747C
je 004012C3
:00401247 57
push edi
:00401248 8DBEBC010000 lea edi, dword
ptr [esi+000001BC]
* Possible StringData Ref from Data Obj ->"Registered to "
|
:0040124E 682CE14300 push 0043E12C
:00401253 8BCF
mov ecx, edi
:00401255 E82B5D0200 call 00426F85
查找串“00456970”,又找到另外两个地方,把相关的跳转指令全部改掉就OK。
第二处:
:00404AD1 391D70694500 cmp dword ptr
[00456970], ebx
* Reference To: USER32.PostMessageA, Ord:0000h
|
:00404AD7 8B3DB0144300 mov edi, dword
ptr [004314B0]
:00404ADD 750C
jne 00404AEB
第三处:
:00407BD9 833D7069450000 cmp dword ptr [00456970],
00000000
:00407BE0 56
push esi
:00407BE1 8BF1
mov esi, ecx
:00407BE3 7476
je 00407C5B
:00407BE5 A1CC1F4500 mov eax,
dword ptr [00451FCC]
:00407BEA 8945F0
mov dword ptr [ebp-10], eax
:00407BED 8365FC00 and
dword ptr [ebp-04], 00000000
:00407BF1 8945E8
mov dword ptr [ebp-18], eax
* Possible Reference to String Resource ID=00617: "YATS32"
|
:00407BF4 6869020000 push 00000269
:00407BF9 8D4DF0
lea ecx, dword ptr [ebp-10]
:00407BFC C645FC01 mov
[ebp-04], 01
:00407C00 E8F1F50100 call 004271F6
* Possible StringData Ref from Data Obj ->" - "
BTW:若你能写出注册机,你就是高手!
- 标 题:破解YATS32 v8.1 build 6 (2千字)
- 作 者:guest
- 时 间:2000-9-22 11:23:57
- 链 接:http://bbs.pediy.com