一个VB程序爆破过程--写出来让我们菜鸟们共同研究
前几天在论坛上下载了个一我爱背单词软件,发现这款软件不错,然后就到他的首页上看看,发现一个我爱学音标软件,直接在论坛上找找,找不到这方面的破解文件,只能自己动手了!1、看了很多教程第一步就是查有没有加壳。
但是是P-code的,记得以前在看雪那里看过fly大大有一篇也是说这个VB程序用VBExplorer和WKT VBDebugger以下简称WKT来追码的。
但是我水平不够,我只能说说爆破,,这里先提一句高手可以给点意见,菜菜们可以自己动手,说的不对的地方还希望各位大大们能批评指正!
2、在网上找了好几个工具vb decompiler这个感觉不错,我们用他先来分析一下
先看看对对象树里面的forms
发现这两个可一个是本地注册form一个是开启软件就弹出的注册窗口
我们双击 lgRegisterForm旁边窗口弹出
VERSION 5.00
Begin VB.Form lgRegisterForm 'Offset: 0005F7A6
Caption = "ЗлКдИлЧ??бВл"
BackColor = &HE0E0E0&
ScaleMode = 1
AutoRedraw = False
FontTransparent = True
Picture = "lgRegisterForm.frx":0
BorderStyle = 0 'None
Icon = "lgRegisterForm.frx":3005
LinkTopic = "Form1"
MaxButton = 0 'False
ClientLeft = 0
ClientTop = 105
ClientWidth = 8115
ClientHeight = 5850
StartUpPosition = 3 'Windows Default
Begin Timer timerInit 'Offset: 00062B0A
Enabled = 0 'False
Interval = 1000
Left = 7050
Top = 3570
End
Begin Timer timerFreeRegister 'Offset: 00062B2F
Enabled = 0 'False
Interval = 1500
Left = 1170
Top = 3060
End
Begin TextBox teRegCode 'Offset: 00062B5C
BackColor = &HF5F5F5&
Left = 2760
Top = 4320
Width = 2985
Height = 285
TabIndex = 0
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin PictureBox Picture1 'Offset: 00062B91
BackColor = &HFFFFFF&
ForeColor = &H0&
Left = 150
Top = 435
Width = 7830
Height = 1095
TabIndex = 1
ScaleMode = 1
AutoRedraw = False
FontTransparent = True
BorderStyle = 0 'None
Begin Label lbWarn 'Offset: 00062BC1
Caption = " 您用来注册本软件的注册码是非法的,或您在试用期过后仍然使用过本软件。请购买合法注册码,并进行联网注册"
ForeColor = &HFF&
Left = 360
Top = 480
Width = 6585
Height = 435
Visible = 0 'False
TabIndex = 4
BackStyle = 0 'Transparent
End
Begin Label Label1 'Offset: 00062C53
Caption = "本软件尚未注册"
Left = 330
Top = 180
Width = 1845
Height = 225
TabIndex = 3
BackStyle = 0 'Transparent
BeginProperty Font
Name = "宋体"
Size = 9
Charset = 134
Weight = 700
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Image Image1 'Offset: 00062C94
Picture = "lgRegisterForm.frx":330F
Left = 7050
Top = 330
Width = 480
Height = 480
End
Begin Label lbLimitation 'Offset: 00062FB9
Caption = " 本软件不是免费软件,请您自觉尊重软件的知识产权,购买注册码后再使用。"
ForeColor = &HFF&
Left = 420
Top = 480
Width = 6585
Height = 435
TabIndex = 2
BackStyle = 0 'Transparent
End
End
Begin Timer timerRegister 'Offset: 00063030
Enabled = 0 'False
Interval = 1500
Left = 450
Top = 3165
End
Begin ProgressBar prWait 'Offset: 00063059
Left = 2490
Top = 4755
Width = 4365
Height = 315
Visible = 0 'False
TabIndex = 5
End
Begin Image btFunction 'Offset: 000630EB
Index = 4
Picture = "lgRegisterForm.frx":3619
Left = 6675
Top = 5340
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btFreeRegister"
End
Begin Label lbLink 'Offset: 0006450A
Caption = "请点击此处上角斗士英语网站“销售中心”立即免费取得注册码"
Index = 0
ForeColor = &H8000&
Left = 1440
Top = 2625
Width = 6180
Height = 225
Visible = 0 'False
TabIndex = 16
Alignment = 2 'Center
Tag = "web-http://www.flyenglish.com"
BackStyle = 0 'Transparent
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 134
Weight = 400
Underline = 0 'False
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Label lbWait 'Offset: 000645C0
Caption = "正在进行注册码验证:"
BackColor = &HE0E0E0&
Left = 660
Top = 4815
Width = 1845
Height = 645
Visible = 0 'False
TabIndex = 15
BackStyle = 0 'Transparent
End
Begin Label lbTitle 'Offset: 000645FD
Caption = "角斗士英语"
Index = 104
ForeColor = &HFFFFFF&
Left = 600
Top = 120
Width = 1065
Height = 195
TabIndex = 14
BackStyle = 0 'Transparent
End
Begin Line Line1 'Offset: 00064635
Index = 1
BorderColor = &HFFFFFF&
X1 = 150
Y1 = 1560
X2 = 7980
Y2 = 1560
End
Begin Line Line2 'Offset: 00064663
Index = 1
BorderColor = &H808080&
X1 = 120
Y1 = 1545
X2 = 7980
Y2 = 1545
End
Begin Image btFunction 'Offset: 00064691
Index = 2
Picture = "lgRegisterForm.frx":49F3
Left = 5385
Top = 5340
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btHowToBuy"
End
Begin Image btFunction 'Offset: 00065AA8
Index = 1
Picture = "lgRegisterForm.frx":5DCD
Left = 4095
Top = 5340
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btNoRegister"
End
Begin Image btFunction 'Offset: 00066EC3
Index = 0
Picture = "lgRegisterForm.frx":71A7
Left = 240
Top = 5400
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btRegister"
End
Begin Image Image3 'Offset: 000682DA
Picture = "lgRegisterForm.frx":8581
Left = 1260
Top = 2565
Width = 480
Height = 480
End
Begin Image Image2 'Offset: 000685FF
Picture = "lgRegisterForm.frx":888B
Left = 1290
Top = 3495
Width = 480
Height = 480
End
Begin Line Line2 'Offset: 00068924
Index = 0
BorderColor = &H808080&
X1 = 300
Y1 = 2205
X2 = 7770
Y2 = 2205
End
Begin Line Line1 'Offset: 00068952
Index = 0
BorderColor = &HFFFFFF&
X1 = 300
Y1 = 2220
X2 = 7770
Y2 = 2220
End
Begin Label lbRegisterCode 'Offset: 00068980
Caption = "lgRegisterForm.frx":8B95
BackColor = &HE0E0E0&
Left = 2070
Top = 2505
Width = 4605
Height = 795
TabIndex = 13
BackStyle = 0 'Transparent
End
Begin Label lbAttention 'Offset: 00068A75
Caption = " 为了维护您自身的合法权益,请切记本软件注册码只能您自己使用,绝对不可告诉别人。如果注册码扩散,将可能导致您自己无法使用本软件。"
BackColor = &HE0E0E0&
Left = 2100
Top = 3495
Width = 4545
Height = 735
TabIndex = 12
BackStyle = 0 'Transparent
End
Begin Label Label4 'Offset: 00068B24
Caption = "请在此输入注册码:"
Left = 1020
Top = 4335
Width = 1725
Height = 195
TabIndex = 11
BackStyle = 0 'Transparent
End
Begin Image btFunction 'Offset: 00068B59
Index = 3
Picture = "lgRegisterForm.frx":8C5B
Left = 1515
Top = 5340
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btNetRegister"
End
Begin Image btFunction 'Offset: 00069F76
Index = 5
Picture = "lgRegisterForm.frx":A035
Left = 2760
Top = 5340
Width = 1125
Height = 330
Visible = 0 'False
Tag = "btLocalRegister"
End
Begin Label lbLink 'Offset: 0006B397
Caption = "本地注册"
Index = 1
ForeColor = &HFF0000&
Left = 600
Top = 4080
Width = 1140
Height = 225
Visible = 0 'False
MousePointer = 99 'Custom
TabIndex = 10
Alignment = 2 'Center
Tag = "sub-btLocalRegister"
BackStyle = 0 'Transparent
MouseIcon = "lgRegisterForm.frx":B40F
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 0
Weight = 400
Underline = -1 'True
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Label lbLink 'Offset: 0006B716
Caption = "如何获取免费注册码"
Index = 4
ForeColor = &HFF0000&
Left = 4860
Top = 1800
Width = 2160
Height = 225
MousePointer = 99 'Custom
TabIndex = 9
Alignment = 2 'Center
Tag = "sub-btFreeRegister"
BackStyle = 0 'Transparent
MouseIcon = "lgRegisterForm.frx":B719
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 0
Weight = 400
Underline = -1 'True
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Label lbLink 'Offset: 0006BA9B
Caption = "如何购买"
Index = 3
ForeColor = &HFF0000&
Left = 3420
Top = 1800
Width = 1140
Height = 225
MousePointer = 99 'Custom
TabIndex = 8
Alignment = 2 'Center
Tag = "sub-btHowToBuy"
BackStyle = 0 'Transparent
MouseIcon = "lgRegisterForm.frx":BA23
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 0
Weight = 400
Underline = -1 'True
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Label lbLink 'Offset: 0006BE0E
Caption = "暂不注册,继续使用"
Index = 2
ForeColor = &HFF0000&
Left = 900
Top = 1800
Width = 2250
Height = 225
MousePointer = 99 'Custom
TabIndex = 7
Alignment = 2 'Center
Tag = "sub-btNoRegister"
BackStyle = 0 'Transparent
MouseIcon = "lgRegisterForm.frx":BD2D
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 0
Weight = 400
Underline = -1 'True
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
Begin Label lbLink 'Offset: 0006C18F
Caption = "注册"
Index = 9
ForeColor = &HFF0000&
Left = 5880
Top = 4350
Width = 780
Height = 225
MousePointer = 99 'Custom
TabIndex = 6
Alignment = 2 'Center
Tag = "sub-btNetRegister"
BackStyle = 0 'Transparent
MouseIcon = "lgRegisterForm.frx":C037
BeginProperty Font
Name = "宋体"
Size = 10.5
Charset = 0
Weight = 400
Underline = -1 'True
Italic = 0 'False
Strikethrough = 0 'False
EndProperty
End
End
Attribute VB_Name = "lgRegisterForm"
可以了关键就是这个窗口了,好了我们现在重新看对像树下面的Code -> lgRegisterForm
Code -> lgRegisterForm -> timerRegister_Timer_A009D8
Private Sub timerRegister_Timer() 'A009D8
'Data Table: 408F2C
Dim var_88 As Variant
Dim MemVar_A045E8 As Global
Dim var_9C As Variant
Dim var_130 As Long
Dim var_114 As Long
Dim var_118 As String
Dim var_11C As String
Dim var_120 As String
Dim var_124 As String
Dim var_128 As String
Dim var_AC As Variant
Dim MemVar_A020F8 As Long
Dim var_13C As Double
Dim var_140 As String
Dim MemVar_A020D4 As Long
Dim MemVar_A02104 As Long
loc_9FFC5F: global_80 = (global_80 + 1)
loc_9FFC6E: If (global_80 >= &H3A) Then
loc_9FFC7D: Me.timerRegister.Enabled = False
loc_9FFC82: var_88 = vbNull 'Ignore this
loc_9FFC8D: NewIfNullPr'Ignore this
loc_9FFC90: var_88 = MemVar_A045E8.Screen
loc_9FFC98: Screen.MousePointer = 0
loc_9FFC9D: var_88 = vbNull 'Ignore this
loc_9FFCB5: If (Proc_18_1_9DB11C(global_88) = CLng(0)) Then (这里如果不跳就弹出下面无效的注册码)----
loc_9FFCBE: global_56 = CLng(0)
loc_9FFCDA: MsgBox "您输入的是无效的注册码,注册失败,请按Ctrl+Alt+Del键后在“任务管理器”中结束本软件,然后再重新启动。", 0, var_CC, var_EC, var_10C
loc_9FFCDF: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_9FFCEA: Exit Sub
loc_9FFCEB: End If
loc_9FFCF1: var_12C = MemVar_A02074
loc_9FFD21: SetLastSystemError 'Ignore this
loc_9FFD33: global_96 = var_11C
loc_9FFD4F: var_110 = var_128
loc_9FFD5D: var_114 = vcTrimPronTail(global_96, global_88, var_110, var_12C)
loc_9FFD60: var_118 = "": var_11C = "": var_120 = "": var_124 = "": var_128 = "" = "" 'Ignore this
loc_9FFD82: If ((var_114 = -1) Or (var_114 = -4)) Then (这里一般的断网就不跳弹出下面网络问题)----
loc_9FFD8F: If (global_100 = CLng(0)) Then
loc_9FFDA0: var_9C = "由于网络问题,无法连接到服务器进行联网注册。您可以在确认连好网后再次注册,也可以进行本地注册。软件使用时是不需要联网的。"
loc_9FFDAB: MsgBox var_9C, 0, var_CC, var_EC, var_10C
loc_9FFDB0: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_9FFDBB: Call btLocalRegister_click()
loc_9FFDC3: Else
loc_9FFDDC: MsgBox "由于网络问题,无法连接到服务器进行联网注册。您可以在确认连好网后再次注册。", 0, var_CC, var_EC, var_10C
loc_9FFDE1: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_9FFDEC: End If
loc_9FFDEC: Exit Sub
loc_9FFDF0: Else
loc_9FFDF9: If (var_114 = -2) Then (这里我用WKT跟踪发现都是有跳的)----
loc_9FFE1F: var_120 = "一个注册码最多只能在两台电脑上使用。您的注册码已经在多台电脑上注册了,因此无法在本机上使用" & vbCrLf & vbCrLf & "如果您是更换了电脑,或想使本注册码在更多电脑上能够使用,请访问下面的网页以解决问题:"
loc_9FFE2D: var_128 = var_120 & vbCrLf & vbCrLf
loc_9FFE37: MsgBox CVar(var_128 & "http://www.aidanci.com/igrammar_service.htm"), 0, var_CC, var_EC, var_10C
loc_9FFE3C: var_118 = "": var_11C = "": var_120 = "": var_124 = "" = "" 'Ignore this
loc_9FFE49: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_9FFE54: Exit Sub
loc_9FFE58: Else
loc_9FFE61: If (var_114 = -3) Then (这里我用WKT跟踪发现都是有跳的但是为了保证都)----
loc_9FFE72: var_9C = "您输入的注册码不是合法的注册码,请点击“暂不注册继续使用”链接进入本软件后,然后再退出,然后再重新启动本软件,再重新输入注册码"
loc_9FFE7D: MsgBox var_9C, 0, var_CC, var_EC, var_10C
loc_9FFE82: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_9FFE8D: Exit Sub
loc_9FFE8E: End If
loc_9FFE8E: End If
loc_9FFE8E: End If
loc_9FFE8E: vcEnterUserInfo(var_114, StrConv(MemVar_A02074, vbUnicode), var_12C, StrConv(var_128, vbUnicode), var_120 & vbCrLf)
loc_9FFE93: SetLastSystemError 'Ignore this
loc_9FFE9D: MemVar_A02164 = global_96
loc_9FFEAC: MemVar_A020F8 = CLng(Val(global_88))
loc_9FFEB5: MemVar_A02168 = var_110
loc_9FFEF2: SetLastSystemError 'Ignore this
loc_9FFF0C: global_96 = var_120
loc_9FFF29: var_118 = "": var_11C = "": var_120 = "": var_124 = "" = "" 'Ignore this
loc_9FFF36: If (vcSplitUserRecords(MemVar_A02090, Val(global_88), global_96, var_128, Val(global_88), MemVar_A020F8) <> -1) Then (这里不跳直接会在下面出现系统错误及注册文件写入错误,注册失败但是又会弹出窗口注册成功这个不用od我也看不懂程序^_^)----
loc_9FFF46: var_13C = Val(CStr(MemVar_A02038))
loc_9FFF68: var_EC = Format(CVar(var_13C), "0000000000")
loc_9FFFA4: var_130 = vcSetWordRecordToNull(global_96, global_88, var_128, CStr(var_EC), 1, 1, var_13C, StrConv(var_128, vbUnicode))
loc_9FFFA7: SetLastSystemError 'Ignore this
loc_9FFFB9: global_96 = var_120
loc_9FFFD5: var_110 = var_12C
loc_9FFFDD: var_118 = "": var_11C = "": var_120 = "": var_124 = "": var_128 = "": var_12C = "": var_140 = "" = "" 'Ignore this
loc_9FFFF0: var_AC = "": var_CC = "" = "" 'Ignore this
loc_9FFFF9: If CBool(var_130) Then
loc_A0000E: var_130 = vcPrepareWordPronFormat(MemVar_A02094, CLng(0), StrConv(var_12C, vbUnicode), var_128, StrConv(global_88, vbUnicode), global_88, StrConv(var_120, vbUnicode), global_96)
loc_A00011: SetLastSystemError 'Ignore this
loc_A0001F: var_118 = "" 'Ignore this
loc_A00022: If CBool(var_130) Then
loc_A00032: vcPrepareWordPronFormat(MemVar_A02098, CLng(&HFF), StrConv(MemVar_A02094, vbUnicode), MemVar_A02098, var_130, var_130)
loc_A00037: SetLastSystemError 'Ignore this
loc_A00040: var_118 = "" 'Ignore this
loc_A00043: End If
loc_A00055: var_130 = vcMakePronOk(MemVar_A0209C, CLng(0), StrConv(MemVar_A02098, vbUnicode), MemVar_A0209C, global_88)
loc_A00058: SetLastSystemError 'Ignore this
loc_A00066: var_118 = "" 'Ignore this
loc_A00069: If CBool(var_130) Then
loc_A00079: vcMakePronOk(MemVar_A020A0, CLng(&HFF), StrConv(MemVar_A0209C, vbUnicode), MemVar_A020A0, var_130)
loc_A0007E: SetLastSystemError 'Ignore this
loc_A00087: var_118 = "" 'Ignore this
loc_A0008A: End If
loc_A0009C: var_130 = vcSetPronFormatEx(MemVar_A02078, CLng(0), StrConv(MemVar_A020A0, vbUnicode), MemVar_A02078, StrConv(var_120, vbUnicode))
loc_A0009F: SetLastSystemError 'Ignore this
loc_A000AD: var_118 = "" 'Ignore this
loc_A000B0: If CBool(var_130) Then
loc_A000C0: vcSetPronFormatEx(MemVar_A0207C, CLng(&HFF), StrConv(MemVar_A02078, vbUnicode), MemVar_A0207C, var_130)
loc_A000C5: SetLastSystemError 'Ignore this
loc_A000CE: var_118 = "" 'Ignore this
loc_A000D1: End If
loc_A000E3: var_130 = vcGetArticleStatus(MemVar_A02084, CLng(0), StrConv(MemVar_A0207C, vbUnicode), MemVar_A02084)
loc_A000E6: SetLastSystemError 'Ignore this
loc_A000F4: var_118 = "" 'Ignore this
loc_A000F7: If CBool(var_130) Then
loc_A00107: vcGetArticleStatus(MemVar_A02088, CLng(&HFF), StrConv(MemVar_A02084, vbUnicode), MemVar_A02088, var_130)
loc_A0010C: SetLastSystemError 'Ignore this
loc_A00115: var_118 = "" 'Ignore this
loc_A00118: End If
loc_A0012A: var_130 = vcPrepareWordSnd(MemVar_A0208C, CLng(0), StrConv(MemVar_A02088, vbUnicode), MemVar_A0208C)
loc_A0012D: SetLastSystemError 'Ignore this
loc_A0013B: var_118 = "" 'Ignore this
loc_A0013E: If CBool(var_130) Then
loc_A0014E: vcPrepareWordSnd(MemVar_A02090, CLng(&HFF), StrConv(MemVar_A0208C, vbUnicode), MemVar_A02090, var_130)
loc_A00153: SetLastSystemError 'Ignore this
loc_A0015C: var_118 = "" 'Ignore this
loc_A0015F: End If
loc_A00171: var_130 = vcSetMeanFormat(MemVar_A02094, CLng(0), StrConv(MemVar_A02090, vbUnicode), MemVar_A02094)
loc_A00174: SetLastSystemError 'Ignore this
loc_A00182: var_118 = "" 'Ignore this
loc_A00185: If CBool(var_130) Then
loc_A00195: vcSetMeanFormat(MemVar_A02098, CLng(&HFF), StrConv(MemVar_A02094, vbUnicode), MemVar_A02098, var_130)
loc_A0019A: SetLastSystemError 'Ignore this
loc_A001A3: var_118 = "" 'Ignore this
loc_A001A6: End If
loc_A001B8: var_130 = vcGetBookLibSize(MemVar_A0209C, CLng(0), StrConv(MemVar_A02098, vbUnicode), MemVar_A0209C)
loc_A001BB: SetLastSystemError 'Ignore this
loc_A001C9: var_118 = "" 'Ignore this
loc_A001CC: If CBool(var_130) Then
loc_A001DC: vcGetBookLibSize(MemVar_A020A0, CLng(&HFF), StrConv(MemVar_A0209C, vbUnicode), MemVar_A020A0, var_130)
loc_A001E1: SetLastSystemError 'Ignore this
loc_A001EA: var_118 = "" 'Ignore this
loc_A001ED: End If
loc_A001FF: var_130 = vcGetBookLibType(MemVar_A02078, CLng(0), StrConv(MemVar_A020A0, vbUnicode), MemVar_A02078)
loc_A00202: SetLastSystemError 'Ignore this
loc_A00210: var_118 = "" 'Ignore this
loc_A00213: If CBool(var_130) Then
loc_A00223: vcGetBookLibType(MemVar_A0207C, CLng(&HFF), StrConv(MemVar_A02078, vbUnicode), MemVar_A0207C, var_130)
loc_A00228: SetLastSystemError 'Ignore this
loc_A00231: var_118 = "" 'Ignore this
loc_A00234: End If
loc_A00246: var_130 = vcGetDictPronLength(MemVar_A02080, CLng(0), StrConv(MemVar_A0207C, vbUnicode), MemVar_A02080)
loc_A00249: SetLastSystemError 'Ignore this
loc_A00257: var_118 = "" 'Ignore this
loc_A0025A: If CBool(var_130) Then
loc_A0026A: vcGetDictPronLength(MemVar_A02084, CLng(&HFF), StrConv(MemVar_A02080, vbUnicode), MemVar_A02084, var_130)
loc_A0026F: SetLastSystemError 'Ignore this
loc_A00278: var_118 = "" 'Ignore this
loc_A0027B: End If
loc_A0028D: var_130 = vcGetDiskStatus(MemVar_A02088, CLng(0), StrConv(MemVar_A02084, vbUnicode), MemVar_A02088)
loc_A00290: SetLastSystemError 'Ignore this
loc_A0029E: var_118 = "" 'Ignore this
loc_A002A1: If CBool(var_130) Then
loc_A002B1: vcGetDiskStatus(MemVar_A0208C, CLng(&HFF), StrConv(MemVar_A02088, vbUnicode), MemVar_A0208C, var_130)
loc_A002B6: SetLastSystemError 'Ignore this
loc_A002BF: var_118 = "" 'Ignore this
loc_A002C2: End If
loc_A002D4: var_130 = vcGetSndFileInfoEx(MemVar_A02090, CLng(0), StrConv(MemVar_A0208C, vbUnicode), MemVar_A02090)
loc_A002D7: SetLastSystemError 'Ignore this
loc_A002E5: var_118 = "" 'Ignore this
loc_A002E8: If CBool(var_130) Then
loc_A002F8: vcGetSndFileInfoEx(MemVar_A02094, CLng(&HFF), StrConv(MemVar_A02090, vbUnicode), MemVar_A02094, var_130)
loc_A002FD: SetLastSystemError 'Ignore this
loc_A00306: var_118 = "" 'Ignore this
loc_A00309: End If
loc_A0031B: var_130 = vcGetSndFileLibAdr(MemVar_A02098, CLng(0), StrConv(MemVar_A02094, vbUnicode), MemVar_A02098)
loc_A0031E: SetLastSystemError 'Ignore this
loc_A0032C: var_118 = "" 'Ignore this
loc_A0032F: If CBool(var_130) Then
loc_A0033F: vcGetSndFileLibAdr(MemVar_A0209C, CLng(&HFF), StrConv(MemVar_A02098, vbUnicode), MemVar_A0209C, var_130)
loc_A00344: SetLastSystemError 'Ignore this
loc_A0034D: var_118 = "" 'Ignore this
loc_A00350: End If
loc_A00362: var_130 = vcGetTotalLibs(MemVar_A020A0, CLng(0), StrConv(MemVar_A0209C, vbUnicode), MemVar_A020A0)
loc_A00365: SetLastSystemError 'Ignore this
loc_A00373: var_118 = "" 'Ignore this
loc_A00376: If CBool(var_130) Then
loc_A00386: vcGetTotalLibs(MemVar_A02078, CLng(&HFF), StrConv(MemVar_A020A0, vbUnicode), MemVar_A02078, var_130)
loc_A0038B: SetLastSystemError 'Ignore this
loc_A00394: var_118 = "" 'Ignore this
loc_A00397: End If
loc_A003A9: var_130 = vcOpenExtLib(MemVar_A02080, CLng(0), StrConv(MemVar_A02078, vbUnicode), MemVar_A02080)
loc_A003AC: SetLastSystemError 'Ignore this
loc_A003BA: var_118 = "" 'Ignore this
loc_A003BD: If CBool(var_130) Then
loc_A003CD: vcOpenExtLib(MemVar_A02084, CLng(&HFF), StrConv(MemVar_A02080, vbUnicode), MemVar_A02084, var_130)
loc_A003D2: SetLastSystemError 'Ignore this
loc_A003DB: var_118 = "" 'Ignore this
loc_A003DE: End If
loc_A003F0: var_130 = vcCloseExtLib(MemVar_A02088, CLng(0), StrConv(MemVar_A02084, vbUnicode), MemVar_A02088)
loc_A003F3: SetLastSystemError 'Ignore this
loc_A00401: var_118 = "" 'Ignore this
loc_A00404: If CBool(var_130) Then
loc_A00414: vcCloseExtLib(MemVar_A0208C, CLng(&HFF), StrConv(MemVar_A02088, vbUnicode), MemVar_A0208C, var_130)
loc_A00419: SetLastSystemError 'Ignore this
loc_A00422: var_118 = "" 'Ignore this
loc_A00425: End If
loc_A00437: var_130 = vcOpenExtNovel(MemVar_A02090, CLng(0), StrConv(MemVar_A0208C, vbUnicode), MemVar_A02090)
loc_A0043A: SetLastSystemError 'Ignore this
loc_A00448: var_118 = "" 'Ignore this
loc_A0044B: If CBool(var_130) Then
loc_A0045B: vcOpenExtNovel(MemVar_A02094, CLng(&HFF), StrConv(MemVar_A02090, vbUnicode), MemVar_A02094, var_130)
loc_A00460: SetLastSystemError 'Ignore this
loc_A00469: var_118 = "" 'Ignore this
loc_A0046C: End If
loc_A0047E: var_130 = vcCloseExtNovel(MemVar_A02098, CLng(0), StrConv(MemVar_A02094, vbUnicode), MemVar_A02098)
loc_A00481: SetLastSystemError 'Ignore this
loc_A0048F: var_118 = "" 'Ignore this
loc_A00492: If CBool(var_130) Then
loc_A004A2: vcCloseExtNovel(MemVar_A0209C, CLng(&HFF), StrConv(MemVar_A02098, vbUnicode), MemVar_A0209C, var_130)
loc_A004A7: SetLastSystemError 'Ignore this
loc_A004B0: var_118 = "" 'Ignore this
loc_A004B3: End If
loc_A004C5: var_130 = vcSetMyFont(MemVar_A020A0, CLng(0), StrConv(MemVar_A0209C, vbUnicode), MemVar_A020A0)
loc_A004C8: SetLastSystemError 'Ignore this
loc_A004D6: var_118 = "" 'Ignore this
loc_A004D9: If CBool(var_130) Then
loc_A004E9: vcSetMyFont(MemVar_A02078, CLng(&HFF), StrConv(MemVar_A020A0, vbUnicode), MemVar_A02078, var_130)
loc_A004EE: SetLastSystemError 'Ignore this
loc_A004F7: var_118 = "" 'Ignore this
loc_A004FA: End If
loc_A0050C: var_130 = vcResetMyFont(MemVar_A02078, CLng(0), StrConv(MemVar_A02078, vbUnicode), MemVar_A02078)
loc_A0050F: SetLastSystemError 'Ignore this
loc_A0051D: var_118 = "" 'Ignore this
loc_A00520: If CBool(var_130) Then
loc_A00530: vcResetMyFont(MemVar_A02078, CLng(&HFF), StrConv(MemVar_A02078, vbUnicode), MemVar_A02078, var_130)
loc_A00535: SetLastSystemError 'Ignore this
loc_A0053E: var_118 = "" 'Ignore this
loc_A00541: End If
loc_A00553: var_130 = vcExtractIcon(MemVar_A0207C, CLng(0), StrConv(MemVar_A02078, vbUnicode), MemVar_A0207C)
loc_A00556: SetLastSystemError 'Ignore this
loc_A00564: var_118 = "" 'Ignore this
loc_A00567: If CBool(var_130) Then
loc_A00577: vcExtractIcon(MemVar_A02080, CLng(&HFF), StrConv(MemVar_A0207C, vbUnicode), MemVar_A02080, var_130)
loc_A0057C: SetLastSystemError 'Ignore this
loc_A00585: var_118 = "" 'Ignore this
loc_A00588: End If
loc_A0059A: var_130 = vcExtractpron(MemVar_A02084, CLng(0), StrConv(MemVar_A02080, vbUnicode), MemVar_A02084)
loc_A0059D: SetLastSystemError 'Ignore this
loc_A005AB: var_118 = "" 'Ignore this
loc_A005AE: If CBool(var_130) Then
loc_A005BE: vcExtractpron(MemVar_A02088, CLng(&HFF), StrConv(MemVar_A02084, vbUnicode), MemVar_A02088, var_130)
loc_A005C3: SetLastSystemError 'Ignore this
loc_A005CC: var_118 = "" 'Ignore this
loc_A005CF: End If
loc_A005D2: Else
loc_A005EB: MsgBox "注册文件写入错误,注册失败", 0, "0000000000", var_EC, var_10C
loc_A005F0: var_AC = "": var_CC = "": var_EC = "" = "" 'Ignore this
loc_A005FB: End If
loc_A005FB: vcLeaveUserInfo(StrConv(MemVar_A02088, vbUnicode), var_118, global_96)
loc_A00600: SetLastSystemError 'Ignore this
loc_A00606: MemVar_A020D4 = &H34ED22
loc_A00615: If (global_92 <> &H34ED22) Then
loc_A00620: global_92 = &H34ED22
loc_A00628: MemVar_A02104 = &H4D2
loc_A00638: vcSetRunTimes(MemVar_A02078, MemVar_A02104, MemVar_A02104, global_92)
loc_A0063D: SetLastSystemError 'Ignore this
loc_A00646: var_118 = "" 'Ignore this
loc_A00656: vcSetRunTimesInRegistry(MemVar_A02078, MemVar_A02104, StrConv(MemVar_A02078, vbUnicode), MemVar_A02078)
loc_A0065B: SetLastSystemError 'Ignore this
loc_A00664: var_118 = "" 'Ignore this
loc_A00667: End If
loc_A00683: var_130 = vcOpenFileForVb(var_248, "info.txt", "wb", StrConv(MemVar_A02078, vbUnicode), "info.txt")
loc_A00686: SetLastSystemError 'Ignore this
loc_A00690: var_118 = "" = "" 'Ignore this
loc_A00697: If (var_130 <> -1) Then
loc_A006C3: vcWriteFileForVb(var_248, "本文件存放于您安装着本软件的文件夹 " & MemVar_A02208 & " 下,文件名是info.txt" & vbCrLf & vbCrLf, var_130, MemVar_A020D4)
loc_A006C8: SetLastSystemError 'Ignore this
loc_A006C9: var_118 = "": var_11C = "": var_120 = "": var_124 = "" = "" 'Ignore this
loc_A006FF: vcWriteFileForVb(var_248, "您的《" & MemVar_A02058 & "》软件信息:" & vbCrLf & vbCrLf, StrConv(MemVar_A02090, vbUnicode))
loc_A00704: SetLastSystemError 'Ignore this
loc_A00705: var_118 = "": var_11C = "": var_120 = "": var_124 = "" = "" 'Ignore this
loc_A0071B: var_118 = global_96
loc_A00732: global_96 = var_118
loc_A00754: vcWriteFileForVb(var_248, var_118 & Proc_3_1_9DE7EC(var_118, "机器码:") & vbCrLf & vbCrLf)
loc_A00759: SetLastSystemError 'Ignore this
loc_A0075A: var_118 = "": var_11C = "": var_120 = "": var_124 = "": var_128 = "" = "" 'Ignore this
loc_A00796: vcWriteFileForVb(var_248)
loc_A0079B: SetLastSystemError 'Ignore this
loc_A0079C: var_118 = "": var_11C = "": var_120 = "": var_124 = "" = "" 'Ignore this
loc_A007AF: var_118 = var_110
loc_A007C3: var_110 = var_118
loc_A007D1: var_124 = var_130 & Proc_3_1_9DE7EC(global_88, "注册码:") & vbCrLf & vbCrLf & Proc_3_1_9DE7EC(var_118, "验证码:") & vbCrLf
loc_A007DE: var_12C = var_124 & vbCrLf
loc_A007E5: vcWriteFileForVb(var_248)
loc_A007EA: SetLastSystemError 'Ignore this
loc_A007EB: var_118 = "": var_11C = "": var_120 = "": var_124 = "": var_128 = "" = "" 'Ignore this
loc_A00815: vcWriteFileForVb(var_248, "请保管好以上信息,售后服务时有用" & vbCrLf & vbCrLf)
loc_A0081A: SetLastSystemError 'Ignore this
loc_A0081B: var_118 = "": var_11C = "" = "" 'Ignore this
loc_A0083F: vcWriteFileForVb(var_248, "关闭本文档后可以继续使用本软件" & vbCrLf & vbCrLf)
loc_A00844: SetLastSystemError 'Ignore this
loc_A00845: var_118 = "": var_11C = "" = "" 'Ignore this
loc_A00854: var_11C = "rb"
loc_A0086D: SetLastSystemError 'Ignore this
loc_A00877: var_118 = "" = "" 'Ignore this
loc_A0087E: If (vcOpenFileForVb(var_34C, "readme.txt") <> -1) Then
loc_A00881: ' Referenced from: A008F1
loc_A0089E: var_130 = vcReadFileForVb(var_34C, var_350, &H3DE, CLng(0))
loc_A008A1: SetLastSystemError 'Ignore this
loc_A008BC: var_118 = "" = "" 'Ignore this
loc_A008C3: If (var_130 <> -1) Then
loc_A008D3: vcWriteFileForVb(var_248, var_11C, StrConv(var_11C, vbUnicode), var_11C, var_130)
loc_A008D8: SetLastSystemError 'Ignore this
loc_A008E7: var_350 = var_11C
loc_A008EA: var_118 = "" = "" 'Ignore this
loc_A008F1: GoTo loc_A00881
loc_A008F4: End If
loc_A008F4: End If
loc_A008F7: vcCloseFileForVb(var_34C, StrConv(var_11C, vbUnicode), var_118, CLng(0))
loc_A008FC: SetLastSystemError 'Ignore this
loc_A00900: vcCloseFileForVb(var_248, var_130)
loc_A00905: SetLastSystemError 'Ignore this
loc_A0091B: var_13C = Shell("notepad info.txt", 1)
loc_A0091E: var_AC = "" 'Ignore this
loc_A00921: End If
loc_A00931: If (global_100 = CLng(&HFF)) Then
loc_A00949: var_354 = "注册完成。注意,绝对不能把注册码告诉别人,否则您自己可能无法使用本软件。" & vbCrLf & vbCrLf & "请重新启动本软件再用"
loc_A0094C: var_118 = "" = "" 'Ignore this
loc_A00969: MsgBox var_354, 0, var_AC, "0000000000", var_EC
loc_A0096E: var_AC = "": var_CC = "" = "" 'Ignore this
loc_A00977: End
loc_A00979: End If
loc_A00987: Proc_11_14_9DF8A8("注册成功", var_354, 1)
loc_A0098C: End If
loc_A00992: global_56 = CLng(&HFF)
loc_A0099F: NewIfNullPr'Ignore this
loc_A009A2: MemVar_A045E8.Unload Me
loc_A009A7: var_88 = vbNull 'Ignore this
loc_A009AD: Else
loc_A009C4: PopAdLdVar 'Ignore this
loc_A009CF: Me.prWait.Value = CVar(CDbl(((global_80 * &H64) / &H3C)))
loc_A009D4: var_88 = vbNull 'Ignore this
loc_A009D7: End If
loc_A009D7: Exit Sub
End Sub
这里就是我们点击注册后,程序时钟里面就会在这里进程注册码的换算了上面几个就是爆破的地方然后我们再看
Code -> lgRegisterForm -> ToRegister_9F529C
这里就是单你输入注册码是中文字及英文时而且不是10位就是出窗的地方
Public Sub ToRegister() '9F529C
'Data Table: 408F2C
Dim var_8C As Variant
Dim var_A0 As Variant
Dim var_88 As String
Dim var_B8 As Long
Dim var_90 As String
Dim MemVar_A045E8 As Global
loc_9F4F07: var_B0 = Trim(CVar(Me.teRegCode.Text))
loc_9F4F17: var_8C = vbNull 'Ignore this
loc_9F4F1A: var_A0 = "" = "" 'Ignore this
loc_9F4F2B: StrongRtrim(CStr(var_B0))
loc_9F4F30: SetLastSystemError 'Ignore this
loc_9F4F42: var_90 = "" = "" 'Ignore this
loc_9F4F4C: var_90 = var_B4
loc_9F4F60: var_88 = var_90
loc_9F4F69: global_88 = Proc_3_1_9DE7EC(var_90, StrConv(var_B4, vbUnicode))
loc_9F4F6D: var_90 = "" = "" 'Ignore this
loc_9F4F7F: If (global_88 = vbNullString) Then (如果没有输入注册码就不跳出现没有输入注册码的窗口)
loc_9F4F9B: MsgBox "您还没有输入注册码", 0, var_B0, var_F8, var_118
loc_9F4FA0: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F4FAB: Exit Sub
loc_9F4FAC: End If
loc_9F4FC1: var_B8 = InStr(1, global_88, "xiaomei", 0)
loc_9F4FCD: If (var_B8 > 0) Then
loc_9F4FFA: global_88 = CStr(Left(global_88, (Len(global_88) - 7)))
loc_9F4FFE: var_90 = "" 'Ignore this
loc_9F5001: var_A0 = "" 'Ignore this
loc_9F5014: Me.teRegCode.Text = global_88
loc_9F5019: var_8C = vbNull 'Ignore this
loc_9F502B: Me.timerRegister.Interval = &HA
loc_9F5030: var_8C = vbNull 'Ignore this
loc_9F5033: End If
loc_9F5048: SetLastSystemError 'Ignore this
loc_9F5059: var_90 = "" 'Ignore this
loc_9F505C: If CBool(vcIsChinese(global_88, var_B8)) Then (如果输入中文注册码就不跳出现输入中文注册码的窗口)
loc_9F5078: MsgBox "请不要在输入中文的状态下输入注册码。", 0, var_B0, var_F8, var_118
loc_9F507D: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F5092: Me.teRegCode.SetFocus
loc_9F5097: var_8C = vbNull 'Ignore this
loc_9F509D: Else
loc_9F50AA: If (Len(global_88) <> &HA) Then (如果输入中文注册码不=10位就不跳出现输入注册码位数不对的窗口)
loc_9F50BC: Me.teRegCode.SelStart = 0
loc_9F50C1: var_8C = vbNull 'Ignore this
loc_9F50E4: Me.teRegCode.SelLength = Len(Me.teRegCode.Text)
loc_9F50E9: var_90 = "" 'Ignore this
loc_9F50EC: var_8C = "" = "" 'Ignore this
loc_9F510C: MsgBox "注意, 注册码有10位。您输的不对。", 0, var_B0, var_F8, var_118
loc_9F5111: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F5126: Me.teRegCode.SetFocus
loc_9F512B: var_8C = vbNull 'Ignore this
loc_9F5131: Else
loc_9F5146: SetLastSystemError 'Ignore this
loc_9F5159: var_90 = "" 'Ignore this
loc_9F515C: If (vcIsAllDigit(global_88, StrConv(global_88, vbUnicode), global_88) = CLng(0)) Then (如果输入注册码有英文就出现注册码不能是字母的窗口)
loc_9F516E: Me.teRegCode.SelStart = 0
loc_9F5173: var_8C = vbNull 'Ignore this
loc_9F5196: Me.teRegCode.SelLength = Len(Me.teRegCode.Text)
loc_9F519B: var_90 = "" 'Ignore this
loc_9F519E: var_8C = "" = "" 'Ignore this
loc_9F51BE: MsgBox "注意,注册码应全是数字。别把字母 O 和 0, 字母 l 和 1 混了。", 0, var_B0, var_F8, var_118
loc_9F51C3: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F51D8: Me.teRegCode.SetFocus
loc_9F51DD: var_8C = vbNull 'Ignore this
loc_9F51E3: Else
loc_9F51EC: global_76 = global_88
loc_9F51F8: global_80 = 0
loc_9F5203: NewIfNullPr'Ignore this
loc_9F5206: var_8C = MemVar_A045E8.Screen
loc_9F520E: Screen.MousePointer = &HB
loc_9F5213: var_8C = vbNull 'Ignore this
loc_9F5222: Me.lbWait.Visible = True
loc_9F5227: var_8C = vbNull 'Ignore this
loc_9F522D: PopAdLdVar 'Ignore this
loc_9F5238: Me.prWait.Visible = True
loc_9F523D: var_8C = vbNull 'Ignore this
loc_9F5248: If CBool(global_84) Then
loc_9F5254: NewIfNullPr CLinkGroup 'Ignore this
loc_9F5257: Call global_52.HideLabel("sub-btNetRegister")
loc_9F525F: Else
loc_9F5268: NewIfNullPr CLinkGroup 'Ignore this
loc_9F526B: Call global_52.HideLabel("sub-btRegister")
loc_9F527C: NewIfNullPr CInterface 'Ignore this
loc_9F527F: Call global_60.EnableButton("btRegister", CLng(0))
loc_9F5284: End If
loc_9F5290: Me.timerRegister.Enabled = True
loc_9F5295: var_8C = vbNull 'Ignore this
loc_9F5298: End If
loc_9F5298: End If
loc_9F5298: End If
loc_9F5298: Exit Sub
End Sub
好了总结一下9FFCB5这里二进制1C改成1E9FFD82二进制1C改成1E9FFDF9二进制1C改成1E9FFE61二进制1C改成1E9FFF36二进制1C改成1E(关键注册的地方)
9F4F7F这里二进制1C改成1E9F505C二进制1C改成1E9F50AA二进制1C改成1E9F515C二进制1C改成1E(这里改了就不管你输入什么注册码都能注册成功)
如何改大家可以用winhex来改都可以,好了,第一次写这样子的文章,有不足之处还请批评指正!谢谢!
registerForm或是activityForm,看到这种字样的VB程序我就很乐呵,查找关键位置轻松多了{:301_1010:}
只有你自己才明白怎破解 , 跟踪的方法不寫出來, 叫誰知怎跟, 如果每個人都知道這些代碼是什麼, 那麼要你說嗎.{:1_925:} 沙发~~~~ 看的更不明白了{:301_981:} 其实这个软件用od我是走来走去就是走不出去只能这些分析用winhex来改代码 能写注册机么? 火钳刘明 mark日后看 写的太高深了 适应不了 能跟你学习吗? 看不明白 {:301_999:} 看糊涂了