CUTEVIDEO 1.0破解
Crack by fwnl
软件说明:一个的处理AVI和MEPG格式的程序
破解工具:w32dasm TRW2000
起动程序随便填入注册码,弹出Invalid Registration Key!
于是用w32dasm反编译,在字符串参考中找到Invalid Registration Key!
于是来到下面这里:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00413F31(C) 可知这里是00413F31跳来,于是找00413F31
|
:0041401F 6A00
push 00000000
:00414021 8D45B2
lea eax, dword ptr [ebp-4E]
:00414024 E82BDAFEFF call 00401A54
:00414029 B202
mov dl, 02
:0041402B E858DAFEFF call 00401A88
:00414030 668B08
mov cx, word ptr [eax]
:00414033 51
push ecx
:00414034 66C745CC5000 mov [ebp-34],
0050
* Possible StringData Ref from Data Obj ->"Invalid Registration Key!"
===================
用TRW2000载入程序后bpx 00413f31,F5返回填入注册码,点0k后程序中断在
00413f31.发现这个跳转语句的状态是(jump),于是就 r fl z 使它(no jump)
F5返回发现程序注册了,关了重来也是注册了,后来发现程序在注册表作了个记号
表示注册:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{AE12B0-CFDH31111-999000M-44DAW}\id]
"12CFF0321010"="1"
"12CFF0321011"=""
要得到注册码向上跟踪发现:00413EC6处 d eax得真的注册码
:00413E8F 8D55F4
lea edx, dword ptr [ebp-0C]
:00413E92 FF32
push dword ptr [edx]
:00413E94 8D45FC
lea eax, dword ptr [ebp-04]
:00413E97 E878D7FEFF call 00401614
:00413E9C 50
push eax
:00413E9D FF45D8
inc [ebp-28]
:00413EA0 E8D70B0000 call 00414A7C
:00413EA5 83C408
add esp, 00000008
:00413EA8 FF4DD8
dec [ebp-28]
:00413EAB 8D45F4
lea eax, dword ptr [ebp-0C]
:00413EAE BA02000000 mov edx,
00000002
:00413EB3 E884240700 call 0048633C
:00413EB8 66C745CC1400 mov [ebp-34],
0014
:00413EBE 8D45FC
lea eax, dword ptr [ebp-04]
:00413EC1 E86EDBFEFF call 00401A34
:00413EC6 50
push eax ===================d
eax 真码
:00413EC7 E8883B0600 call 00477A54
:00413ECC 59
pop ecx
:00413ECD 83F806
cmp eax, 00000006
:00413ED0 731F
jnb 00413EF1
:00413ED2 FF4DD8
dec [ebp-28]
:00413ED5 8D45FC
lea eax, dword ptr [ebp-04]
:00413ED8 BA02000000 mov edx,
00000002
:00413EDD E85A240700 call 0048633C
:00413EE2 8B4DBC
mov ecx, dword ptr [ebp-44]
:00413EE5 64890D00000000 mov dword ptr fs:[00000000],
ecx
:00413EEC E98D010000 jmp 0041407E
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00413ED0(C)
|
:00413EF1 66C745CC2C00 mov [ebp-34],
002C
:00413EF7 8D45F0
lea eax, dword ptr [ebp-10]
:00413EFA E815D7FEFF call 00401614
:00413EFF 8BD0
mov edx, eax
:00413F01 FF45D8
inc [ebp-28]
:00413F04 8B4DB8
mov ecx, dword ptr [ebp-48]
:00413F07 8B81E0020000 mov eax, dword
ptr [ecx+000002E0]
:00413F0D E8DAA00300 call 0044DFEC
:00413F12 8D45F0
lea eax, dword ptr [ebp-10]
:00413F15 8D55FC
lea edx, dword ptr [ebp-04]
:00413F18 E803250700 call 00486420
:00413F1D 50
push eax
:00413F1E FF4DD8
dec [ebp-28]
:00413F21 8D45F0
lea eax, dword ptr [ebp-10]
:00413F24 BA02000000 mov edx,
00000002
:00413F29 E80E240700 call 0048633C
:00413F2E 59
pop ecx
:00413F2F 84C9
test cl, cl
:00413F31 0F84E8000000 je 0041401F
//不跳就注册成功
:00413F37 68F0024A00 push 004A02F0
:00413F3C 8D8588FBFFFF lea eax, dword
ptr [ebp+FFFFFB88]
:00413F42 50
push eax
:00413F43 E8DC3A0600 call 00477A24
:00413F48 83C408
add esp, 00000008
fwnl
这个程序用bpx hmemcpy 中断不了
2002.2.28
name:fwnlfwnl sn: o7s:8m:s6s5o
长沙
******
***
***
**
******** **** ** *** ****** **
** *** * ** ** **
**
*** ******* *** **
***
** ** ** ** ***
****
***
- 标 题:CUTEVIDEO 1.0破解 (4千字)
- 作 者:fwnl
- 时 间:2002-2-28 10:53:37
- 链 接:http://bbs.pediy.com