SDL控件组也是不错的,可以做化学分子结构图;信号FFT分析;画科学工程图等等。
和ABAKUS一样,其源码难以得到,极其困难!!!
有谁有的话请发送到testdog@sina.com谢谢。
这次是SDL Suite 5.5。
表现症状:编译生成的程序也要在Delphi正在运行的情况下才会运行,不然的话会弹出对话框,
按OK后有两种表现,一种是直接退出;一种是运行程序但在它的控件上显示一串文字。
但是不管delphi是不是运行,程序运行时鼠标放在它的控件上都会有hint,
无论你在编程的时候有没有关掉showhint属性,它都要显示!
从CJ那儿下载回来的有一个crack,但是并没有破掉hint。
工具:Dede250,UltraEdit。
作者:renamed to jkl
这次所有的DCU文件都要用Dede250的DCU Dumper去Dumpe一下,不像Abakus201只在一个文件中。
步骤是一样的,以rchart.dcu为例。
1。把dumpe得到的文本文件用Ultraedit打开,凭感觉先查run,delphi,running啥的,哈哈,果然!
function DelphiIsRunning: System.Boolean;
var
Result: System.Boolean;
H0: WinProcs.HWND;
H1: WinProcs.HWND;
H2: WinProcs.HWND;
H3: WinProcs.HWND;
H4: WinProcs.HWND;
H5: WinProcs.HWND;
H6: WinProcs.HWND;
H7: WinProcs.HWND;
H8: WinProcs.HWND;
H9: WinProcs.HWND;
const
A1:array[$0..$C] of System.Char = raw[$0..$C]at $1AF0
0: TApplication.[54 41 70 70 6C 69 63 61 74 69 6F 6E 00|K5 A1{0x1F6};
A2:array[$0..$D] of System.Char = raw[$0..$D]at $1AFD
0: TAlignPalette.[54 41 6C 69 67 6E 50 61 6C 65 74 74 65 00|K5
A2{0x1F7};
A3:array[$0..$12] of System.Char = raw[$0..$12]at $1B0B
00: TPropertyInspect[54 50 72 6F 70 65 72 74 79 49 6E 73 70
65 63 74|K5 A3{0x1F8}
10: or. |6F 72 00|;
A4:array[$0..$B] of System.Char = raw[$0..$B]at $1B1E
0: TAppBuilder.[54 41 70 70 42 75 69 6C 64 65 72 00|K5 A4{0x1F9};
T0:array[$0..$A] of System.Char = raw[$0..$A]at $1B2A
0: Delphi 2.0.[44 65 6C 70 68 69 20 32 2E 30 00|K5 T0{0x1FA};
T1:array[$0..$6] of System.Char = raw[$0..$6]at $1B35
0: Delphi.[44 65 6C 70 68 69 00|K5 T1{0x1FB};
T2:array[$0..$8] of System.Char = raw[$0..$8]at $1B3C
0: Delphi 3.[44 65 6C 70 68 69 20 33 00|K5 T2{0x1FC};
T3:array[$0..$A] of System.Char = raw[$0..$A]at $1B45
0: C++Builder.[43 2B 2B 42 75 69 6C 64 65 72 00|K5 T3{0x1FD};
T4:array[$0..$8] of System.Char = raw[$0..$8]at $1B50
0: Delphi 4.[44 65 6C 70 68 69 20 34 00|K5 T4{0x1FE};
T5:array[$0..$C] of System.Char = raw[$0..$C]at $1B59
0: C++Builder 4.[43 2B 2B 42 75 69 6C 64 65 72 20 34 00|K5 T5{0x1FF};
T6:array[$0..$8] of System.Char = raw[$0..$8]at $1B66
0: Delphi 5.[44 65 6C 70 68 69 20 35 00|K5 T6{0x200};
begin
00000000 : 53
PUSH EBX
00000001 : 56
PUSH ESI
00000002 : 57
PUSH EDI
00000003 : 55
PUSH EBP
00000004 : 83 C4 EC
ADD ESP,-20
00000007 : 68(00 00 00 00
PUSH T0{0x1FA}
0000000C : 68(00 00 00 00
PUSH A1{0x1F6}
00000011 : E8(00 00 00 00
CALL FindWindow{0xA9}
00000016 : 8B D8
MOV EBX,EAX
00000018 : 68(00 00 00 00
PUSH T1{0x1FB}
0000001D : 68(00 00 00 00
PUSH A1{0x1F6}
00000022 : E8(00 00 00 00
CALL FindWindow{0xA9}
00000027 : 8B F0
MOV ESI,EAX
00000029 : 68(00 00 00 00
PUSH T2{0x1FC}
0000002E : 68(00 00 00 00
PUSH A1{0x1F6}
00000033 : E8(00 00 00 00
CALL FindWindow{0xA9}
00000038 : 89 44 24 04
MOV DWORD PTR [ESP+4],EAX
0000003C : 68(00 00 00 00
PUSH T3{0x1FD}
00000041 : 68(00 00 00 00
PUSH A1{0x1F6}
00000046 : E8(00 00 00 00
CALL FindWindow{0xA9}
0000004B : 89 04 24
MOV DWORD PTR [ESP],EAX
0000004E : 68(00 00 00 00
PUSH T4{0x1FE}
00000053 : 68(00 00 00 00
PUSH A1{0x1F6}
00000058 : E8(00 00 00 00
CALL FindWindow{0xA9}
0000005D : 89 44 24 08
MOV DWORD PTR [ESP+8],EAX
00000061 : 68(00 00 00 00
PUSH T5{0x1FF}
00000066 : 68(00 00 00 00
PUSH A1{0x1F6}
0000006B : E8(00 00 00 00
CALL FindWindow{0xA9}
00000070 : 89 44 24 0C
MOV DWORD PTR [ESP+12],EAX
00000074 : 68(00 00 00 00
PUSH T6{0x200}
00000079 : 68(00 00 00 00
PUSH A1{0x1F6}
0000007E : E8(00 00 00 00
CALL FindWindow{0xA9}
00000083 : 89 44 24 10
MOV DWORD PTR [ESP+16],EAX
00000087 : 6A 00
PUSH $00
00000089 : 68(00 00 00 00
PUSH A2{0x1F7}
0000008E : E8(00 00 00 00
CALL FindWindow{0xA9}
00000093 : 8B F8
MOV EDI,EAX
00000095 : 6A 00
PUSH $00
00000097 : 68(00 00 00 00
PUSH A3{0x1F8}
0000009C : E8(00 00 00 00
CALL FindWindow{0xA9}
000000A1 : 8B E8
MOV EBP,EAX
000000A3 : 6A 00
PUSH $00
000000A5 : 68(00 00 00 00
PUSH A4{0x1F9}
000000AA : E8(00 00 00 00
CALL FindWindow{0xA9}
000000AF : 85 DB
TEST EBX,EBX
000000B1 : 75 26
JNE +38; (0xD9)
000000B3 : 85 F6
TEST ESI,ESI
000000B5 : 75 22
JNE +34; (0xD9)
000000B7 : 83 3C 24 00
CMP DWORD PTR [ESP],0
000000BB : 75 1C
JNE +28; (0xD9)
000000BD : 83 7C 24 04 00
CMP DWORD PTR [ESP+4],0
000000C2 : 75 15
JNE +21; (0xD9)
000000C4 : 83 7C 24 08 00
CMP DWORD PTR [ESP+8],0
000000C9 : 75 0E
JNE +14; (0xD9)
000000CB : 83 7C 24 0C 00
CMP DWORD PTR [ESP+12],0
000000D0 : 75 07
JNE +7; (0xD9)
000000D2 : 83 7C 24 10 00
CMP DWORD PTR [ESP+16],0
000000D7 : 74 0C
JE +12; (0xE5)
000000D9 : 85 FF
TEST EDI,EDI
000000DB : 74 08
JE +8; (0xE5)
000000DD : 85 ED
TEST EBP,EBP
000000DF : 74 04
JE +4; (0xE5)
000000E1 : 85 C0
TEST EAX,EAX
000000E3 : 75 04
JNE +4; (0xE9)
000000E5 : 33 C0
XOR EAX,EAX
000000E7 : EB 02
JMP +2; (0xEB)
000000E9 : B0 01
MOV AL,$01
000000EB : 83 C4 14
ADD ESP,20
000000EE : 5D
POP EBP
000000EF : 5F
POP EDI
000000F0 : 5E
POP ESI
000000F1 : 5B
POP EBX
000000F2 : C3
RET NEAR
end;
上面调用findwindow在找delphi或bcb的不同版本呢。要是找到一个的话就 MOV AL,$01
这样继续查找DelphiIsRunning,看它在那里调用:
00004377 : 8B 4D 10
MOV ECX,DWORD PTR [EBP+16]
0000437A : 8B 55 E8
MOV EDX,DWORD PTR [EBP-24]
0000437D : 8B 45 EC
MOV EAX,DWORD PTR [EBP-20]
00004380 : E8(00 00 00 00
CALL TCanvas.LineTo{0x6F}
00004385 : E8(00 00 00 00
CALL DelphiIsRunning{0x201}
0000438A : 84 C0
TEST AL,AL
0000438C : 0F 85 B1 00 00 00
JNE +177; (0x4443)
00004392 : 8B 45 EC
MOV EAX,DWORD PTR [EBP-20]
00004395 : 8B 40 0C
MOV EAX,DWORD PTR [EAX+12]
00004398 : BA FF FF FF 00
MOV EDX,$00FFFFFF
调用 00004385 : E8(00 00 00 00
CALL DelphiIsRunning{0x201}
后有 test al,al
如果 al=1 的话,就表明delphi正在运行,那么我们就把这一句用 mov al,1代替好了(机器码B001)。
在DCU文件中这个call DelphiIsRunning是要由编译器来动态连接其地址的,所以没法nop掉这个调用。
在所有的dcu文件中用同样的方法查找并替换就可以了,当然 test al,al后的下一条语句有的DCU文件和这里的不同,
没关系,只改 test al,al。
2。还有一个问题,它的hint总是要出现,告诉人们您正在用的是SDL公司的未注册版本,整个世界都要为之改变呢。
改掉它!查找shareware,copyright,unregister之类的东西,查到与copyright有关的:
function getCopyRightStr: System.AnsiString;
var
result Result: System.AnsiString;
AuxStr: System.AnsiString;
i: System.Integer;
begin
00000000 : 55
PUSH EBP
00000001 : 8B EC
MOV EBP,ESP
00000003 : 6A 00
PUSH $00
00000005 : 6A 00
PUSH $00
00000007 : 53
PUSH EBX
00000008 : 56
PUSH ESI
00000009 : 57
PUSH EDI
0000000A : 8B F8
MOV EDI,EAX
0000000C : 33 C0
XOR EAX,EAX
0000000E : 55
PUSH EBP
0000000F : 68(72 00 00 00
PUSH getCopyRightStr{0x1F2}+$00000072
00000014 : 64 FF 30
PUSH DWORD PTR FS:[EAX]
00000017 : 64 89 20
MOV DWORD PTR FS:[EAX],ESP
0000001A : 8D 45 FC
LEA EAX,DWORD PTR [EBP-4]
0000001D : E8(00 00 00 00
CALL @LStrClr{0xE2}
00000022 : BE 87 FF FF FF
MOV ESI,$FFFFFF87
00000027 : BB(78 00 00 00
MOV EBX,ShareW{0x1F1}+$00000078
0000002C : 8D 45 F8
LEA EAX,DWORD PTR [EBP-8]
0000002F : 33 D2
XOR EDX,EDX
00000031 : 8A 13
MOV DL,BYTE PTR [EBX]
00000033 : 8A 92(00 00 00 00
MOV DL,BYTE PTR [EDXCTDecode{0x1EF}]
00000039 : E8(00 00 00 00
CALL @LStrFromChar{0xE3}
0000003E : 8B 55 F8
MOV EDX,DWORD PTR [EBP-8]
00000041 : 8D 45 FC
LEA EAX,DWORD PTR [EBP-4]
00000044 : E8(00 00 00 00
CALL @LStrCat{0xE4}----------这是在拼凑那个hint呢
00000049 : 4B
DEC EBX
0000004A : 46
INC ESI
0000004B : 75 DF
JNE -33; (0x2C)--------------在这里改!跳到call @LStrAsg{0xE5}后面的那句
0000004D : 8B C7
MOV EAX,EDI
0000004F : 8B 55 FC
MOV EDX,DWORD PTR [EBP-4]
00000052 : E8(00 00 00 00
CALL @LStrAsg{0xE5}---------拼完了就显示,那么跳过它!
00000057 : 33 C0
XOR EAX,EAX
00000059 : 5A
POP EDX
0000005A : 59
POP ECX
0000005B : 59
POP ECX
0000005C : 64 89 10
MOV DWORD PTR FS:[EAX],EDX
0000005F : 68(79 00 00 00
PUSH getCopyRightStr{0x1F2}+$00000079
00000064 : 8D 45 F8
LEA EAX,DWORD PTR [EBP-8]
00000067 : BA 02 00 00 00
MOV EDX,$00000002
0000006C : E8(00 00 00 00
CALL @LStrArrayClr{0xE6}
00000071 : C3
RET NEAR
00000072 : E9(00 00 00 00
JMP @HandleFinally{0xE7}
00000077 : EB EB
JMP -21; (0x64)
00000079 : 5F
POP EDI
0000007A : 5E
POP ESI
0000007B : 5B
POP EBX
0000007C : 59
POP ECX
0000007D : 59
POP ECX
0000007E : 5D
POP EBP
0000007F : C3
RET NEAR
end;
数一数后知道 75 DF 改成 EB 0A
这样就没有hint了,如果您想要自己的hint,请用别的办法吧,可以做得到的。
- 标 题:SDL suite 5.5 (11千字)
- 作 者:1212
- 时 间:2001-4-2 16:11:21
- 链 接:http://bbs.pediy.com