如何利用黑名单检测?
看以下内容:00FAB999 | 55 | push ebp | 黑名单检测
00FAB99A | 8BEC | mov ebp,esp |
00FAB99C | 6A FF | push FFFFFFFF |
00FAB99E | 68 52402201 | push <p11.sub_1224052> |
00FAB9A3 | 64:A1 00000000 | mov eax,dword ptr fs: |
00FAB9A9 | 50 | push eax |
00FAB9AA | 64:8925 00000000 | mov dword ptr fs:,esp |
00FAB9B1 | 51 | push ecx |
00FAB9B2 | 81EC F4000000 | sub esp,F4 |
00FAB9B8 | 53 | push ebx |
00FAB9B9 | 56 | push esi |
00FAB9BA | 57 | push edi |
00FAB9BB | 8965 F0 | mov dword ptr ss:,esp |
00FAB9BE | 8365 FC 00 | and dword ptr ss:,0 |
00FAB9C2 | E8 23ABFAFF | call <p11.sub_F564EA> |
00FAB9C7 | 8945 E4 | mov dword ptr ss:,eax |
00FAB9CA | 6A 01 | push 1 |
00FAB9CC | 8B4D E4 | mov ecx,dword ptr ss: |
00FAB9CF | E8 2624FBFF | call <p11.sub_F5DDFA> |
00FAB9D4 | 8945 E0 | mov dword ptr ss:,eax |
00FAB9D7 | FF75 08 | push dword ptr ss: |
00FAB9DA | FF75 0C | push dword ptr ss: |
00FAB9DD | 8B4D E0 | mov ecx,dword ptr ss: |
00FAB9E0 | E8 EE310900 | call <p11.sub_103EBD3> |
00FAB9E5 | 8845 EF | mov byte ptr ss:,al |
00FAB9E8 | 0FB645 EF | movzx eax,byte ptr ss: |
00FAB9EC | 85C0 | test eax,eax |
00FAB9EE | 74 08 | je p11.FAB9F8 |
00FAB9F0 | 8A45 EF | mov al,byte ptr ss: |
00FAB9F3 | E9 6E020000 | jmp p11.FABC66 |
00FAB9F8 | EB 06 | jmp p11.FABA00 |
00FAB9FA | B8 06BAFA00 | mov eax,p11.FABA06 |
00FAB9FF | C3 | ret |
00FABA00 | 834D FC FF | or dword ptr ss:,FFFFFFFF |
00FABA04 | EB 04 | jmp p11.FABA0A |
00FABA06 | 834D FC FF | or dword ptr ss:,FFFFFFFF |
00FABA0A | C745 FC 02000000 | mov dword ptr ss:,2 |
00FABA11 | C785 00FFFFFF A4062C01 | mov dword ptr ss:,p11.12C06A4 | 12C06A4:L"aileen.trang@hotmail.com"
00FABA1B | C785 04FFFFFF D8062C01 | mov dword ptr ss:,p11.12C06D8 | 12C06D8:L"FL-IPCNHIEAEZXXYCVS"
00FABA25 | C785 08FFFFFF A4062C01 | mov dword ptr ss:,p11.12C06A4 | 12C06A4:L"aileen.trang@hotmail.com"
00FABA2F | C785 0CFFFFFF 00072C01 | mov dword ptr ss:,p11.12C0700 | 12C0700:L"FL-IPCNHIEAEZXXYCAA"
00FABA39 | C785 10FFFFFF 28072C01 | mov dword ptr ss:,p11.12C0728 | 12C0728:L"mikiesworld@gmail.com"
00FABA43 | C785 14FFFFFF 54072C01 | mov dword ptr ss:,p11.12C0754 | 12C0754:L"FL-INPIIIILAZZPUCCZ"
00FABA4D | C785 18FFFFFF 7C072C01 | mov dword ptr ss:,p11.12C077C | 12C077C:L"john.s.suarez@gmail.com"
00FABA57 | C785 1CFFFFFF AC072C01 | mov dword ptr ss:,p11.12C07AC | 12C07AC:L"FL-IPZZHVEEEYXKYEVV"
00FABA61 | C785 20FFFFFF D4072C01 | mov dword ptr ss:,p11.12C07D4 | 12C07D4:L"mahfuzahmed71@gmail.com"
00FABA6B | C785 24FFFFFF 04082C01 | mov dword ptr ss:,p11.12C0804 | 12C0804:L"FL-IPUICFALSPKPKNSZ"
00FABA75 | C785 28FFFFFF 2C082C01 | mov dword ptr ss:,p11.12C082C | 12C082C:L"jamesrobinson@gmail.com"
00FABA7F | C785 2CFFFFFF 5C082C01 | mov dword ptr ss:,p11.12C085C | 12C085C:L"FL-ILVIPIALVZKPXCSZ"
00FABA89 | C785 30FFFFFF 84082C01 | mov dword ptr ss:,p11.12C0884 | 12C0884:L"no_email@no_domain.no_com"
00FABA93 | C785 34FFFFFF B8082C01 | mov dword ptr ss:,p11.12C08B8 | 12C08B8:L"FL-HEIACFXNSPYCFNZF"
00FABA9D | C785 38FFFFFF E0082C01 | mov dword ptr ss:,p11.12C08E0 | 12C08E0:L"v2_42@home_user.no_com"
00FABAA7 | C785 3CFFFFFF 10092C01 | mov dword ptr ss:,p11.12C0910 | 12C0910:L"FL-AECNPUKPVSEIXKNH"
00FABAB1 | C785 40FFFFFF 38092C01 | mov dword ptr ss:,p11.12C0938 | 12C0938:L"gotd@home_user.no_com"
00FABABB | C785 44FFFFFF 68092C01 | mov dword ptr ss:,p11.12C0968 | 12C0968:L"VSKEYM7-QLSSAAFVBKKBVOOBURVRRKA"
00FABAC5 | C785 48FFFFFF 38092C01 | mov dword ptr ss:,p11.12C0938 | 12C0938:L"gotd@home_user.no_com"
00FABACF | C785 4CFFFFFF A8092C01 | mov dword ptr ss:,p11.12C09A8 | 12C09A8:L"AMNGVA-MNJNDPFGAFVBKKBVOPESRVRRSG"
00FABAD9 | C785 50FFFFFF 2C082C01 | mov dword ptr ss:,p11.12C082C | 12C082C:L"jamesrobinson@gmail.com"
00FABAE3 | C785 54FFFFFF 5C082C01 | mov dword ptr ss:,p11.12C085C | 12C085C:L"FL-ILVIPIALVZKPXCSZ"
00FABAED | C785 58FFFFFF EC092C01 | mov dword ptr ss:,p11.12C09EC | 12C09EC:L"kPhHFXc8baOxpH9I@p.ity.ns0.it"
00FABAF7 | C785 5CFFFFFF 280A2C01 | mov dword ptr ss:,p11.12C0A28 | 12C0A28:L"FL-IPKVKUKLESAPYKUZ"
00FABB01 | C785 60FFFFFF 500A2C01 | mov dword ptr ss:,p11.12C0A50 | 12C0A50:L"ruberap@yahoo.com"
00FABB0B | C785 64FFFFFF 740A2C01 | mov dword ptr ss:,p11.12C0A74 | 12C0A74:L"FL-ICFUIFAPAPKLUNSH"
00FABB15 | C785 68FFFFFF 9C0A2C01 | mov dword ptr ss:,p11.12C0A9C | 12C0A9C:L"k_h_m_d@yahoo.com"
00FABB1F | C785 6CFFFFFF C00A2C01 | mov dword ptr ss:,p11.12C0AC0 | 12C0AC0:L"FL-ICPIHIILEZZPYCCZ"
00FABB29 | C785 70FFFFFF E80A2C01 | mov dword ptr ss:,p11.12C0AE8 | 12C0AE8:L"djbobo@mail.com"
00FABB33 | C785 74FFFFFF EC212801 | mov dword ptr ss:,p11.12821EC |
00FABB3D | C785 78FFFFFF 080B2C01 | mov dword ptr ss:,p11.12C0B08 | 12C0B08:L"jenta@cwjamaica.com"
00FABB47 | C785 7CFFFFFF 300B2C01 | mov dword ptr ss:,p11.12C0B30 | 12C0B30:L"FL-INAIIFCLAPLPUNIZ"
00FABB51 | C745 80 580B2C01 | mov dword ptr ss:,p11.12C0B58 | 12C0B58:L"dominilr@yahoo.fr"
00FABB58 | C745 84 7C0B2C01 | mov dword ptr ss:,p11.12C0B7C | 12C0B7C:L"FL-INPVHFYXEPVAYNXY"
00FABB5F | C745 88 A40B2C01 | mov dword ptr ss:,p11.12C0BA4 | 12C0BA4:L"dengilenko@yandex.ru"
00FABB66 | C745 8C D00B2C01 | mov dword ptr ss:,p11.12C0BD0 | 12C0BD0:L"FL-IPCUPKKPVAALXUUH"
00FABB6D | C745 90 F80B2C01 | mov dword ptr ss:,p11.12C0BF8 | 12C0BF8:L"john@kgrand.com"
00FABB74 | C745 94 180C2C01 | mov dword ptr ss:,p11.12C0C18 | 12C0C18:L"FL-IHUYCEYESXVKKVXV"
00FABB7B | C745 98 400C2C01 | mov dword ptr ss:,p11.12C0C40 | 12C0C40:L"whatismonkey@gmail.com"
00FABB82 | C745 9C 700C2C01 | mov dword ptr ss:,p11.12C0C70 | 12C0C70:L"FL-ILPPCVKUSYAVKEUK"
00FABB89 | C745 A0 980C2C01 | mov dword ptr ss:,p11.12C0C98 | 12C0C98:L"peter.barysch@online.de"
00FABB90 | C745 A4 C80C2C01 | mov dword ptr ss:,p11.12C0CC8 | 12C0CC8:L"FL-INNIHILLEZEPYCZZ"
00FABB97 | C745 A8 F00C2C01 | mov dword ptr ss:,p11.12C0CF0 | 12C0CF0:L"a.sorokin@aladdin-rd.ru"
00FABB9E | C745 AC EC212801 | mov dword ptr ss:,p11.12821EC |
00FABBA5 | C745 B0 200D2C01 | mov dword ptr ss:,p11.12C0D20 | 12C0D20:L"mlf186k@yahoo.com"
00FABBAC | C745 B4 440D2C01 | mov dword ptr ss:,p11.12C0D44 | 12C0D44:L"FL-IILZCFPESPKKKNHV"
00FABBB3 | C745 B8 6C0D2C01 | mov dword ptr ss:,p11.12C0D6C | 12C0D6C:L"molly555@insightbb.com"
00FABBBA | C745 BC 9C0D2C01 | mov dword ptr ss:,p11.12C0D9C | 12C0D9C:L"FL-IHNYIIACAZFFUCSI"
00FABBC1 | C745 C0 C40D2C01 | mov dword ptr ss:,p11.12C0DC4 | 12C0DC4:L"isabellapapa@aol.com"
00FABBC8 | C745 C4 F00D2C01 | mov dword ptr ss:,p11.12C0DF0 | 12C0DF0:L"FL-IZSUCFEPSPLLKNVH"
00FABBCF | C745 C8 180E2C01 | mov dword ptr ss:,p11.12C0E18 | 12C0E18:L"marjoleinjoos@hotmail.nl"
00FABBD6 | C745 CC 4C0E2C01 | mov dword ptr ss:,p11.12C0E4C | 12C0E4C:L"FL-IHXIPIELVZLPXCVZ"
00FABBDD | C745 D0 740E2C01 | mov dword ptr ss:,p11.12C0E74 | 12C0E74:L"skipfk473@gmail.com"
00FABBE4 | C745 D4 9C0E2C01 | mov dword ptr ss:,p11.12C0E9C | 12C0E9C:L"FL-IIZIIKYLAAIPUUXZ"
00FABBEB | C745 D8 C40E2C01 | mov dword ptr ss:,p11.12C0EC4 | 12C0EC4:L"jp.schnyder@gmail.com"
00FABBF2 | C745 DC F00E2C01 | mov dword ptr ss:,p11.12C0EF0 | 12C0EF0:L"FL-IFXSIKKKAAPEUUUU"
00FABBF9 | C785 FCFEFFFF 1C000000 | mov dword ptr ss:,1C |
00FABC03 | 8365 E8 00 | and dword ptr ss:,0 | 删掉黑名单账号,互联网找到对应的账户和密码是不是可以自动激活了 zz100179 发表于 2023-8-11 09:09
删掉黑名单账号,互联网找到对应的账户和密码是不是可以自动激活了
@zz100179
https://www.vladonai.com/allmynotes-organizer-download-current-beta
要不要你玩下?
搜索update会发现3处
1处是启动时更新的线程
1处是点注册时的(就会来到上面咱们发现的这个黑名单处,我直接ret了)
另1处是点升级检测时的
感觉全干掉就能注册成功
俺只会最简单无限不过期的方法,要不要你来挑战下?
@zz100179
页:
[1]