access2007爆破
刚刚下了accese2007 准备安装的时候发现要验证码。。。我勒个去还要20块直接OD,一看入口就知道是用VB写的
OD搜索unicode "验证通过,正在初始化,请稍侯 ..."(F12暂停单步分析得来)
向上找到JE直接NOP掉
成功爆破
没技术含量老鸟小鸟飞过.........
http://www.biso.cn/%B9%B2%CF%EDv5-6/access2007.exe软件下载地址(违规吗?)
.............
注册码貌似还有时间限制........
爆破点
.................
0041F07E .8D8D ACFEFFFF lea ecx,dword ptr ss:
0041F084 .51 push ecx
0041F085 .FF15 2C114000 call dword ptr ds:[<&MSVBVM60.__vbaVarCa>;MSVBVM60.__vbaVarCat
0041F08B .50 push eax
0041F08C .8B55 08 mov edx,dword ptr ss:
0041F08F .8B02 mov eax,dword ptr ds:
0041F091 .8B4D 08 mov ecx,dword ptr ss:
0041F094 .51 push ecx
0041F095 .FF90 84070000 call dword ptr ds: ;进行网络验证
0041F09B .8985 20FEFFFF mov dword ptr ss:,eax
0041F0A1 .83BD 20FEFFFF>cmp dword ptr ss:,0x0
0041F0A8 .7D 23 jge Xaccess20.0041F0CD
0041F0AA .68 84070000 push 0x784
0041F0AF .68 E8464100 push access20.004146E8
0041F0B4 .8B55 08 mov edx,dword ptr ss:
0041F0B7 .52 push edx
0041F0B8 .8B85 20FEFFFF mov eax,dword ptr ss:
0041F0BE .50 push eax
0041F0BF .FF15 4C104000 call dword ptr ds:[<&MSVBVM60.__vbaHresu>;
MSVBVM60.__vbaHresultCheckObj
0041F0C5 .8985 E8FDFFFF mov dword ptr ss:,eax
0041F0CB .EB 0A jmp Xaccess20.0041F0D7
0041F0CD >C785 E8FDFFFF>mov dword ptr ss:,0x0
0041F0D7 >8D95 9CFEFFFF lea edx,dword ptr ss:
0041F0DD .8B4D 08 mov ecx,dword ptr ss:
0041F0E0 .81C1 98000000 add ecx,0x98
0041F0E6 .FF15 0C104000 call dword ptr ds:[<&MSVBVM60.__vbaVarMo>;
MSVBVM60.__vbaVarMove
0041F0EC .8D8D 9CFEFFFF lea ecx,dword ptr ss:
0041F0F2 .51 push ecx
0041F0F3 .8D95 ACFEFFFF lea edx,dword ptr ss:
0041F0F9 .52 push edx
0041F0FA .8D85 BCFEFFFF lea eax,dword ptr ss:
0041F100 .50 push eax
0041F101 .8D8D CCFEFFFF lea ecx,dword ptr ss:
0041F107 .51 push ecx
0041F108 .8D95 DCFEFFFF lea edx,dword ptr ss:
0041F10E .52 push edx
0041F10F .8D85 ECFEFFFF lea eax,dword ptr ss:
0041F115 .50 push eax
0041F116 .8D8D FCFEFFFF lea ecx,dword ptr ss:
0041F11C .51 push ecx
0041F11D .8D95 0CFFFFFF lea edx,dword ptr ss:
0041F123 .52 push edx
0041F124 .8D85 1CFFFFFF lea eax,dword ptr ss:
0041F12A .50 push eax
0041F12B .8D8D 2CFFFFFF lea ecx,dword ptr ss:
0041F131 .51 push ecx
0041F132 .8D95 3CFFFFFF lea edx,dword ptr ss:
0041F138 .52 push edx
0041F139 .8D85 4CFFFFFF lea eax,dword ptr ss:
0041F13F .50 push eax
0041F140 .6A 0C push 0xC
0041F142 .FF15 2C104000 call dword ptr ds:[<&MSVBVM60.__vbaFreeV>;
MSVBVM60.__vbaFreeVarList
0041F148 .83C4 34 add esp,0x34
0041F14B .C745 FC 1D000>mov dword ptr ss:,0x1D
0041F152 .C785 94FEFFFF>mov dword ptr ss:,access20.00>;pass
0041F15C .C785 8CFEFFFF>mov dword ptr ss:,0x8008
0041F166 .8B4D 08 mov ecx,dword ptr ss:
0041F169 .81C1 98000000 add ecx,0x98
0041F16F .51 push ecx ; /var18
0041F170 .8D95 8CFEFFFF lea edx,dword ptr ss: ; |
0041F176 .52 push edx ; |var28
0041F177 .FF15 B8104000 call dword ptr ds:[<&MSVBVM60.__vbaVarTs>; \__vbaVarTstEq
0041F17D .0FBFC0 movsx eax,ax
0041F180 .85C0 test eax,eax
0041F182 .0F84 92060000 je access20.0041F81A //跳转到无效
0041F188 .C745 FC 1E000>mov dword ptr ss:,0x1E
0041F18F .8B4D 08 mov ecx,dword ptr ss:
0041F192 .8B11 mov edx,dword ptr ds:
0041F194 .8B45 08 mov eax,dword ptr ss:
0041F197 .50 push eax
0041F198 .FF92 08030000 call dword ptr ds:
0041F19E .50 push eax
0041F19F .8D8D 5CFFFFFF lea ecx,dword ptr ss:
0041F1A5 .51 push ecx
0041F1A6 .FF15 70104000 call dword ptr ds:[<&MSVBVM60.__vbaObjSe>;MSVBVM60.__vbaObjSet
0041F1AC .8985 20FEFFFF mov dword ptr ss:,eax
0041F1B2 .68 B85E4100 push access20.00415EB8 ;验证通过,正在初始化
,请稍侯 ...
0041F1B7 .8B95 20FEFFFF mov edx,dword ptr ss:
0041F1BD .8B02 mov eax,dword ptr ds:
0041F1BF .8B8D 20FEFFFF mov ecx,dword ptr ss:
0041F1C5 .51 push ecx
0041F1C6 .FF50 54 call dword ptr ds:
0041F1C9 .DBE2 fclex
0041F1CB .8985 1CFEFFFF mov dword ptr ss:,eax
.....................
淡然出尘 发表于 2012-3-24 23:20 static/image/common/back.gif
感觉这个没有用,使用ACCESS还要自己破解吗?
我下的这个安装包要验证码的.......... 感觉这个没有用,使用ACCESS还要自己破解吗? 居然是VB- - 下载个文件要半小时{:1_917:} 非常感谢,正好需要 照着你的法子 给爆了~ 新手拿来练一下不错
页:
[1]