吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 7183|回复: 7
收起左侧

[其他转载] 【VB学习笔记②】自校验及防调试总结、

[复制链接]
淡然出尘 发表于 2012-5-26 10:31
1、软件修改时间校验:具体的修改时间大家可能会控制不好,所以在末尾我提供了一个更改修改时间的软件以便大家操作,具体代码如下:
Private Sub Form_Load()
If FileBig >< 20480 Then
'20480为文件的字节数
'可以先编译好,后查看大小,再修改代码编译
Unload Me
end if
End Sub
Private Function FileBig() As Long
'如果文件较大可以将Long改为Double
Dim FileLujin As String
filelujing = App.Path & "" & App.EXEName & ".exe"
FileBig = FileLen(filelujing)
End Function
3、锁定鼠标防调试:这种方法请多次试验后使用,具体代码如下:
Private Type RECT
left As Long
top As Long
right As Long
bottom As Long
End Type
Private Type POINT
x As Long
y As Long
End Type
Private Declare Sub ClipCursor Lib "user32" (lpRect As Any)
Private Declare Sub GetClientRect Lib "user32" (ByVal hWnd As Long, lpRect As RECT)
Private Declare Sub ClientToScreen Lib "user32" (ByVal hWnd As Long, lpPoint As POINT)
Private Declare Sub OffsetRect Lib "user32" (lpRect As RECT, ByVal x As Long, ByVal y As Long)
Private Sub Timer1_Timer()'每隔一小段时间锁定一次,防止其脱离
Dim client As RECT'锁定的范围
Dim upperleft As POINT
GetClientRect Me.hWnd, client
upperleft.x = client.left
upperleft.y = client.top
ClientToScreen Me.hWnd, upperleft
OffsetRect client, upperleft.x, upperleft.y
ClipCursor client
End Sub
Private Sub Command1_Click()
Unload Me
End Sub
'郑重声明:必须设置一个Command空间,作为退出命令!
'在调试中运行,退出后仍锁定的利用任务管理工具结束进程。
4、检测按键防调试:通过对调试软件的敏感按键的检测,做出反应防止调试,代码如下:
Option Explicit'调用API
Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer
Private Sub Timer1_Timer()'用计时器检测按键
AnJian
End Sub
Private Sub Anjian()
If GetAsyncKeyState(vbKeyF2) or GetAsyncKeyState(vbKeyF7) or GetAsyncKeyState(vbKeyF8) or GetAsyncKeyState(vbKeyF9) Then
Unload Me
end if
End Sub
5、窗口置顶防调试:这种方法有点不见人情,代码如下:
Private Declare Function SetWindowPos Lib "user32" (ByVal hwnd As Long, ByVal hWndInsertAfter As Long, ByVal X As Long, ByVal Y As Long, ByVal cx As Long, ByVal cy As Long, ByVal wFlags As Long) As Long
Private Const HWND_TOPMOST = -1
Private Const SWP_NOMOVE = &H2
Private Const SWP_NOSIZE = &H1
Private Const SWP_NOZORDER = &H8
Private Sub Command1_MouseMove(Button As Integer, Shift As Integer, X As Single, Y As Single)'当鼠标触及按钮的时候
Me.Left = 0
Me.Top = 0
Me.Width = Screen.Width
Me.Height = Screen.Height
SetWindowPos Form1.hwnd, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOZORDER + SWP_NOMOVE + SWP_NOSIZE
End Sub
'最好设置 Form1.BorderStyle = 3-fixed Dialog Form1.Moveable=false
6、遍历进程防调试:通过检测调试进程防止被调试,具体代码:
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * 1024
End Type
Const TH32CS_SNAPHEAPLIST = &H1
Const TH32CS_SNAPPROCESS = &H2
Const TH32CS_SNAPTHREAD = &H4
Const TH32CS_SNAPMODULE = &H8
Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Const TH32CS_INHERIT = &H80000000
Private Function Jincheng(namex As String) As Boolean
'编写个函数方便调用,namex是要检测的程序名,小写,返回TRUE表示发现
Dim my As PROCESSENTRY32
Dim l As Long
Dim l1 As Long
Dim mName As String
Dim i As Integer
l = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
If l Then
my.dwSize = 1060
If (Process32First(l, my)) Then '遍历第一个进程
Do
i = InStr(1, my.szExeFile, Chr(0))
mName = LCase(Left(my.szExeFile, i - 1))
If mName = namex Then
Jincheng = True
Exit Function
Else
Jincheng = False
End If
Loop Until (Process32Next(l, my) < 1) '遍历所有进程知道返回值为False
End If
l1 = CloseHandle(l)
End If
End Function
Private Sub Form_Load()
If Jincheng("吾爱破解.exe") = True Then
Unload Me
End If
End Sub

7、字符串加密防调试
字符串加密实际上是一种隐藏明码字符的方法,它可以利用ASCII码或者Base64等加密手段,将字符串隐藏起来,以使破解者难以查找。
举个例子来说,如果你想返回字符“注册成功”,即Msgbox"注册成功",你可以写成Base64的形式"MsgBox DecodeBase64String("16Ky4bPJuaY=")",当然程序中必须要有base64的解密模块。更变态的是将“注册”和“成功”分别用不同方法加密,最后再结合、

8、添加假注册防调试
实际上就是额外增加一个虚假的算法过程,让它尽管符合本虚假算法时,仍指向错误,以混乱破解者的分析方向。


附件下载
捕获.JPG
更正修改时间.rar (150.61 KB, 下载次数: 30)
VB自校验防调试.rar (3.56 KB, 下载次数: 31)








-----------------------------
后记:本文受教于看雪大牛SCG(爱琴海)的VB防破解初探一文、只是对其理论和代码做了一些适当的修改。他的其他方法我不懂、小菜啊,
         只是把自己会用的和大家分享啊!

对了,还有你懂得~嘿嘿

评分专用.JPG









本帖被以下淘专辑推荐:

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

头像被屏蔽
老鼠爱上潴 发表于 2012-5-26 10:39
提示: 作者被禁止或删除 内容自动屏蔽
哼柴 发表于 2012-5-26 17:28
不学VB的路过 先拿下 以后给朋友用。 转战C++中,
liuzhou0072 发表于 2012-5-27 07:16
qq523683017 发表于 2012-5-27 10:21
期待转成E
xxhaishixx 发表于 2012-10-5 18:13
还有就是尾部添加DEs算法加密,也就是一个效验值。那种文件一旦损坏就自删除或者锁死键盘、或者蓝屏什么的。还比较猥琐,有需要的我可以提供资料自己弄。
snzyj 发表于 2013-1-29 16:49
这个要看看
evilknight 发表于 2013-10-4 21:06
帮朋友下载一下,非常感谢!
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-11-15 10:33

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表