看了1212兄写的破解提示,很有启发,也试用dede反汇编了一把,
想法和1212兄稍有不同。
procedure TMainForm.FileSaveActionExecute(Sender: TObject);{?}
begin
{
0049F7DC 53
push ebx
0049F7DD 56
push esi
0049F7DE 8BF2
mov esi, edx
0049F7E0 8BD8
mov ebx, eax
0049F7E2 8BC6
mov eax, esi
0049F7E4 8B1578874900 mov
edx, [$498778]
0049F7EA E85537F6FF call
00402F44
0049F7EF 84C0
test al, al
0049F7F1 740F
jz 0049F802
0049F7F3 8BC6
mov eax, esi
0049F7F5 8B1578874900 mov
edx, [$498778]
0049F7FB E85C37F6FF call
00402F5C
0049F800 EB12
jmp 0049F814
0049F802 8BC3
mov eax, ebx
0049F804 E8676AFAFF call
00446270
0049F809 8B1578874900 mov
edx, [$498778]
0049F80F E84837F6FF call
00402F5C
0049F814 80BBA407000000 cmp
byte ptr [ebx+$07A4], $00
0049F81B 7420
jz 0049F83D <----------- 此地不能去,要9090--------
0049F81D 80B87403000000 cmp
byte ptr [eax+$0374], $00
0049F824 740B
jz 0049F831
0049F826 33C9
xor ecx, ecx
0049F828 33D2
xor edx, edx
0049F82A E8D99AFFFF call
00499308
0049F82F EB15
jmp 0049F846
0049F831 8BD3
mov edx, ebx
0049F833 8BC3
mov eax, ebx
* Reference to : TMainForm.FileSaveAsActionExecute
|
0049F835 E812000000 call
0049F84C
0049F83A 5E
pop esi
0049F83B 5B
pop ebx
0049F83C C3
ret
0049F83D 33D2
xor edx, edx
0049F83F 8BC3
mov eax, ebx
* Reference to : TMainForm.HelpPurchaseItemClick
|
0049F841 E89A140000 call
004A0CE0
0049F846 5E
pop esi
0049F847 5B
pop ebx
0049F848 C3
ret
}
end ;
procedure TMainForm.FileSaveAsActionExecute(Sender: TObject);{?}
begin
{
0049F84C 55
push ebp
0049F84D 8BEC
mov ebp, esp
0049F84F 6A00
push $00
0049F851 6A00
push $00
0049F853 53
push ebx
0049F854 56
push esi
0049F855 8BD8
mov ebx, eax
0049F857 33C0
xor eax, eax
0049F859 55
push ebp
* Possible String Reference to: "開;?腓^[YY]脥@"
|
0049F85A 681CF94900 push
$0049F91C
***** TRY
|
0049F85F 64FF30
push dword ptr fs:[eax]
0049F862 648920
mov fs:[eax], esp
0049F865 80BBA407000000 cmp
byte ptr [ebx+$07A4], $00
0049F86C 0F8483000000 jz
0049F8F5 <------------改成0F85---------------
0049F872 8BC3
mov eax, ebx
0049F874 E8F769FAFF call
00446270
0049F879 8B1578874900 mov
edx, [$498778]
0049F87F E8D836F6FF call
00402F5C
0049F884 8BF0
mov esi, eax
0049F886 8D55FC
lea edx, [ebp-$04]
0049F889 8B8644030000 mov
eax, [esi+$0344]
0049F88F E8248EF6FF call
004086B8
0049F894 8B55FC
mov edx, [ebp-$04]
0049F897 8B83E0040000 mov
eax, [ebx+$04E0]
0049F89D 83C06C
add eax, +$6C
0049F8A0 E8F341F6FF call
00403A98
0049F8A5 8B83E0040000 mov
eax, [ebx+$04E0]
0049F8AB 8B10
mov edx, [eax]
0049F8AD FF523C
call dword ptr [edx+$3C]
0049F8B0 84C0
test al, al
0049F8B2 744A
jz 0049F8FE
0049F8B4 8D55F8
lea edx, [ebp-$08]
0049F8B7 8B83E0040000 mov
eax, [ebx+$04E0]
0049F8BD E84617FBFF call
00451008
0049F8C2 8B55F8
mov edx, [ebp-$08]
0049F8C5 33C9
xor ecx, ecx
0049F8C7 8BC6
mov eax, esi
0049F8C9 E83A9AFFFF call
00499308
0049F8CE 8D55F8
lea edx, [ebp-$08]
0049F8D1 8BB3E0040000 mov
esi, [ebx+$04E0]
0049F8D7 8BC6
mov eax, esi
0049F8D9 E82A17FBFF call
00451008
0049F8DE 8B45F8
mov eax, [ebp-$08]
0049F8E1 8D55FC
lea edx, [ebp-$04]
0049F8E4 E89B8DF6FF call
00408684
0049F8E9 8B55FC
mov edx, [ebp-$04]
0049F8EC 8BC6
mov eax, esi
0049F8EE E87D17FBFF call
00451070
0049F8F3 EB09
jmp 0049F8FE
0049F8F5 33D2
xor edx, edx
0049F8F7 8BC3
mov eax, ebx
* Reference to : TMainForm.HelpPurchaseItemClick
|
0049F8F9 E8E2130000 call
004A0CE0
0049F8FE 33C0
xor eax, eax
0049F900 5A
pop edx
0049F901 59
pop ecx
0049F902 59
pop ecx
0049F903 648910
mov fs:[eax], edx
****** FINALLY
|
* Possible String Reference to: "^[YY]脥@"
|
0049F906 6823F94900 push
$0049F923
0049F90B 8D45F8
lea eax, [ebp-$08]
0049F90E E83141F6FF call
00403A44
0049F913 8D45FC
lea eax, [ebp-$04]
0049F916 E82941F6FF call
00403A44
0049F91B C3
ret
0049F91C E95F3BF6FF jmp
00403480
0049F921 EBE8
jmp 0049F90B
****** END
|
0049F923 5E
pop esi
0049F924 5B
pop ebx
0049F925 59
pop ecx
0049F926 59
pop ecx
0049F927 5D
pop ebp
0049F928 C3
ret
}
end ;
如此一来,并没有影响注册的对话框,不过,相信输入正确的注册号以后,估计那个OF85还需要改成0F84。
BTW: 1212兄,假如在49F8B2处改动成9090,注册对话框似乎依旧会跳出,恐怕和下面一条49F8F3有关?