破解一个程序的加密锁验证,修改之后程序功能无反应!
大家好,我在修改一个程序对加密锁的验证,我找到了出错提示的地方直接JMP跳走,但是修改之后功能点击了无反应,请大神帮我看看,感谢!00515210/$64:A1 0000000>mov eax,dword ptr fs:
00515216|.6A FF push -0x1
00515218|.68 BA6D5E00 push DpfEdit_.005E6DBA
0051521D|.50 push eax ;SogouPY.0BF86710
0051521E|.A1 0C526400 mov eax,dword ptr ds:
00515223|.64:8925 00000>mov dword ptr fs:,esp
0051522A|.83EC 08 sub esp,0x8
0051522D|.85C0 test eax,eax ;SogouPY.0BF86710
0051522F|.57 push edi
00515230|.8BF9 mov edi,ecx
00515232|.75 3D jnz short DpfEdit_.00515271
00515234|.E8 0718EFFF call DpfEdit_.00406A40
00515239|.85C0 test eax,eax ;SogouPY.0BF86710
0051523B EB 1D jnz short DpfEdit_.0051525A \\我把这里修改成JMP,程序可以运行,点击这项功能无反应。
0051523D|.50 push eax ;SogouPY.0BF86710
0051523E|.6A 10 push 0x10
00515240|.68 B08E6200 push DpfEdit_.00628EB0 ;请将加密锁接好!
00515245|.E8 C8EA0B00 call <jmp.&MFC42.#1200>
0051524A|.5F pop edi
0051524B|.8B4C24 08 mov ecx,dword ptr ss:
0051524F|.64:890D 00000>mov dword ptr fs:,ecx
00515256|.83C4 14 add esp,0x14
00515259|.C3 retn
0051525A|>C705 0C526400>mov dword ptr ds:,0x1
00515264|.E8 571EEFFF call DpfEdit_.004070C0
00515269|.85C0 test eax,eax ;SogouPY.0BF86710
0051526B|.0F84 0B010000 je DpfEdit_.0051537C
00515271|>6A 09 push 0x9
00515273|.E8 68F9EEFF call DpfEdit_.00404BE0
00515278|.DB05 AC496400 fild dword ptr ds:
0051527E|.83C4 04 add esp,0x4
00515281|.DC04C5 B04964>fadd qword ptr ds:
00515288|.DC24C5 084A64>fsub qword ptr ds:
0051528F|.D9E1 fabs
00515291|.DC1D E0405F00 fcomp qword ptr ds:
00515297|.DFE0 fstsw ax
00515299|.F6C4 41 test ah,0x41
0051529C|.0F84 DA000000 je DpfEdit_.0051537C
005152A2|.68 004A6400 push DpfEdit_.00644A00 ;!
005152A7|.E8 14F9EEFF call DpfEdit_.00404BC0
005152AC|.83C4 04 add esp,0x4
005152AF|.E8 FC1DEFFF call DpfEdit_.004070B0
005152B4|.85C0 test eax,eax ;SogouPY.0BF86710
005152B6|.0F84 C0000000 je DpfEdit_.0051537C
005152BC|.83BF AC000000>cmp dword ptr ds:,0x1
005152C3|.0F84 B3000000 je DpfEdit_.0051537C
005152C9|.A1 D00E6400 mov eax,dword ptr ds:
005152CE|.C705 88526400>mov dword ptr ds:,0x0
005152D8|.85C0 test eax,eax ;SogouPY.0BF86710
005152DA|.7E 0E jle short DpfEdit_.005152EA
005152DC|.6A FF push -0x1
005152DE|.6A 00 push 0x0
005152E0|.B9 C80E6400 mov ecx,DpfEdit_.00640EC8 ;D>]
005152E5|.E8 064C0400 call DpfEdit_.00559EF0
005152EA|>A1 E8456400 mov eax,dword ptr ds:
005152EF|.85C0 test eax,eax ;SogouPY.0BF86710
005152F1|.7E 0E jle short DpfEdit_.00515301
005152F3|.6A FF push -0x1
005152F5|.6A 00 push 0x0
005152F7|.B9 E0456400 mov ecx,DpfEdit_.006445E0 ;D>]
005152FC|.E8 CF130400 call DpfEdit_.005566D0
00515301|>A1 D0526400 mov eax,dword ptr ds:
00515306|.85C0 test eax,eax ;SogouPY.0BF86710
00515308|.75 65 jnz short DpfEdit_.0051536F
0051530A|.68 F8000000 push 0xF8
0051530F|.E8 92E90B00 call <jmp.&MFC42.#823>
00515314|.83C4 04 add esp,0x4
00515317|.894424 08 mov dword ptr ss:,eax ;SogouPY.0BF86710
0051531B|.85C0 test eax,eax ;SogouPY.0BF86710
0051531D|.C74424 14 000>mov dword ptr ss:,0x0
00515325|.74 0A je short DpfEdit_.00515331
00515327|.57 push edi
00515328|.8BC8 mov ecx,eax ;SogouPY.0BF86710
0051532A|.E8 F195FDFF call DpfEdit_.004EE920
0051532F|.EB 02 jmp short DpfEdit_.00515333
00515331|>33C0 xor eax,eax ;SogouPY.0BF86710
00515333|>68 27020000 push 0x227
00515338|.C74424 18 FFF>mov dword ptr ss:,-0x1
00515340|.A3 D0526400 mov dword ptr ds:,eax ;SogouPY.0BF86710
00515345|.E8 861DEFFF call DpfEdit_.004070D0
0051534A|.8D4424 08 lea eax,dword ptr ss:
0051534E|.50 push eax ;SogouPY.0BF86710
0051534F|.E8 8C1DEFFF call DpfEdit_.004070E0
00515354|.8B4C24 0C mov ecx,dword ptr ss:
00515358|.83C4 08 add esp,0x8
0051535B|.81E1 FFFF0000 and ecx,0xFFFF
00515361|.6A 00 push 0x0
00515363|.51 push ecx
00515364|.8B0D D0526400 mov ecx,dword ptr ds:
0051536A|.E8 61F20B00 call <jmp.&MFC42.#2086>
0051536F|>8B0D D0526400 mov ecx,dword ptr ds:
00515375|.6A 05 push 0x5
00515377|.E8 30EF0B00 call <jmp.&MFC42.#6215>
0051537C|>8B4C24 0C mov ecx,dword ptr ss:
00515380|.5F pop edi
00515381|.64:890D 00000>mov dword ptr fs:,ecx
00515388|.83C4 14 add esp,0x14
0051538B\.C3 retn
说明其它地方应该还有验证 细水流长 发表于 2020-7-1 11:30
11行还有一个判断,改成jmp试下
你能破加密锁吗?
页:
[1]