用dede3.0破财智老板通2.0注册版
下载地址:http://www.imoney.com.cn/download/software/boss2r.exe 大小5311k
1、运行winspect.exe,发现财智老板通2.0注册窗口的form名字为TRegisterFm。
关闭软件。
2、运行dede3.0,选择文件,点process,编译结束后点form,找到 TRegisterFm,看events
object Panel2: TPanel
Left = 0
Top = 352
Width = 576
Height = 40
Align = alBottom
TabOrder = 1
object btnReg: TBitBtn
Left = 434
Top = 7
Width = 89
Height = 25
Caption = '完成注册'
TabOrder = 0
OnClick = btnRegClick
Kind = bkOK
end
...........................................
0053429C 55
push ebp
0053429D 8BEC
mov ebp, esp
0053429F 6A00
push $00
005342A1 53
push ebx
005342A2 8BD8
mov ebx, eax
005342A4 33C0
xor eax, eax
005342A6 55
push ebp
* Possible String Reference to: '閔鲮腽[Y]?
|
005342A7 6873435300 push
$00534373
***** TRY
|
005342AC 64FF30
push dword ptr fs:[eax]
005342AF 648920
mov fs:[eax], esp
* Reference to control btnCancel : TBitBtn
|
005342B2 8B83FC020000 mov
eax, [ebx+$02FC]
005342B8 80784700 cmp
byte ptr [eax+$47], $00
005342BC 750C
jnz 005342CA
005342BE 8BC3
mov eax, ebx
|
005342C0 E8C7C6F1FF call
0045098C
005342C5 E993000000 jmp
0053435D
005342CA 8D55FC
lea edx, [ebp-$04]
* Reference to control edRegCode : TEdit
|
005342CD 8B83F4020000 mov
eax, [ebx+$02F4]
* Reference to: controls.TControl.GetText(TControl):System.String;
|
005342D3 E82410F0FF call
004352FC
005342D8 8B45FC
mov eax, [ebp-$04]
* Reference to : TChildListfm._PROC_005339BC()
|
005342DB E8DCF6FFFF call
005339BC//关键call,跟进
005342E0 84C0
test al, al//
005342E2 744F
jz 00534333
005342E4 A194975F00 mov
eax, dword ptr [$5F9794]
005342E9 8B00
mov eax, [eax]
005342EB 8B55FC
mov edx, [ebp-$04]
|
005342EE E88947FEFF call
00518A7C
005342F3 6A00
push $00
005342F5 668B0D80435300 mov cx,
word ptr [$534380]
005342FC B202
mov dl, $02
* Possible String Reference to: ' 祝贺您,注册成功!请保存好您
|
的注册码,以便您以后需要重新安装软?
|
笔褂谩?
|
005342FE B88C435300 mov
eax, $0053438C
|
00534303 E8AC81F2FF call
0045C4B4
00534308 8D8330030000 lea
eax, [ebx+$0330]
0053430E 8B55FC
mov edx, [ebp-$04]
* Reference to: system.@LStrAsg;
|
00534311 E8A2FCECFF call
00403FB8
00534316 8BC3
mov eax, ebx
|
00534318 E8B3FAFFFF call
00533DD0
0053431D C783340300000F270000 mov dword ptr [ebx+$0334],
$0000270F
00534327 C7833402000001000000 mov dword ptr [ebx+$0234],
$00000001
00534331 EB2A
jmp 0053435D
00534333 6A00
push $00
00534335 668B0D80435300 mov cx,
word ptr [$534380]
0053433C B201
mov dl, $01
* Possible String Reference to: '对不起,注册失败,请校对注册码'
|
0053433E B8E8435300 mov
eax, $005343E8
|
00534343 E86C81F2FF call
0045C4B4
* Reference to control edRegCode : TEdit
|
00534348 8B93F4020000 mov
edx, [ebx+$02F4]
0053434E 8BC3
mov eax, ebx
* Reference to: forms.TCustomForm.SetActiveControl(TCustomForm;Controls.TWinControl);
|
00534350 E8D3ADF1FF call
0044F128
00534355 33C0
xor eax, eax
00534357 898334020000 mov
[ebx+$0234], eax
0053435D 33C0
xor eax, eax
0053435F 5A
pop edx
00534360 59
pop ecx
00534361 59
pop ecx
00534362 648910
mov fs:[eax], edx
****** FINALLY
|
* Possible String Reference to: '[Y]?
|
00534365 687A435300 push
$0053437A
0053436A 8D45FC
lea eax, [ebp-$04]
* Reference to: system.@LStrClr(String);
|
0053436D E8F2FBECFF call
00403F64
00534372 C3
ret
00534373 E968F6ECFF jmp
004039E0
00534378 EBF0
jmp 0053436A
****** END
|
0053437A 5B
pop ebx
0053437B 59
pop ecx
0053437C 5D
pop ebp
0053437D C3
ret
。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。
。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。
005339BC 55
push ebp
005339BD 8BEC
mov ebp, esp
005339BF 6A00
push $00
005339C1 6A00
push $00
005339C3 6A00
push $00
005339C5 53
push ebx
005339C6 8945FC
mov [ebp-$04], eax
005339C9 8B45FC
mov eax, [ebp-$04]
* Reference to: system.@LStrAddRef;
|
005339CC E8D709EDFF call
004043A8
005339D1 33C0
xor eax, eax
005339D3 55
push ebp
* Possible String Reference to: '楠?腚嬅[嬪]脨U嬱3繳he:S'
|
005339D4 68313A5300 push
$00533A31
***** TRY
|
005339D9 64FF30
push dword ptr fs:[eax]
005339DC 648920
mov fs:[eax], esp
005339DF 8D45F4
lea eax, [ebp-$0C]
|
005339E2 E831FFFFFF call
00533918
005339E7 8B45F4
mov eax, [ebp-$0C]
005339EA 8D55F8
lea edx, [ebp-$08]
|
005339ED E846FFFFFF call
00533938//d eax 可见到机器码8-446-4282
005339F2 8B45F8
mov eax, [ebp-$08]
|
005339F5 E8FAFCFFFF call
005336F4//d eax 可见到真注册码3-002-3861
005339FA 8BD8
mov ebx, eax
005339FC 8B45FC
mov eax, [ebp-$04]
|
005339FF E8F0FCFFFF call
005336F4
00533A04 85C0
test eax, eax
00533A06 7504
jnz 00533A0C
00533A08 33DB
xor ebx, ebx
00533A0A EB0A
jmp 00533A16
00533A0C 3BC3
cmp eax, ebx
00533A0E 7504
jnz 00533A14
00533A10 B301
mov bl, $01
00533A12 EB02
jmp 00533A16
00533A14 33DB
xor ebx, ebx
00533A16 33C0
xor eax, eax
00533A18 5A
pop edx
00533A19 59
pop ecx
00533A1A 59
pop ecx
00533A1B 648910
mov fs:[eax], edx
****** FINALLY
收工
- 标 题:学习篇2----用dede3.0破财智老板通2.0注册版 (7千字)
- 作 者:staray
- 时 间:2002-3-12 11:22:28
- 链 接:http://bbs.pediy.com