本帖最后由 tk86935367 于 2011-12-10 21:19 编辑
全部是视频(总共就两个),第一次做crack,各种悲剧。
刚开始学的都可以来瞅瞅。
先看了TC的视频。然后才开始做的,有一点很重要,看懂和会做是两码事。
压缩包有13.46MB,想看的可以自己看下。包内包含两个视频,和破解的crackme文件。
http://dl.dbank.com/c0gco12j3y
004025C6 /. 55 push ebp
004025C7 |. 8BEC mov ebp,esp
004025C9 |. 6A FF push -0x1
004025CB |. 68 AA754100 push Urlegal.004175AA ; SE 处理程序安装
004025D0 |. 64:A1 0000000>mov eax,dword ptr fs:[0]
004025D6 |. 50 push eax
004025D7 |. 64:8925 00000>mov dword ptr fs:[0],esp
004025DE |. 81EC 80000000 sub esp,0x80
004025E4 |. 898D 7CFFFFFF mov [local.33],ecx
004025EA |. 6A 00 push 0x0
004025EC |. 8D4D 8C lea ecx,[local.29]
004025EF |. E8 8C120000 call Urlegal.00403880
004025F4 |. C745 FC 00000>mov [local.1],0x0
004025FB |. 8D4D 8C lea ecx,[local.29]
004025FE |. E8 09430100 call <jmp.&MFC42.#2514> ; 调用注册窗口
00402603 |. 83F8 01 cmp eax,0x1
00402606 |. 0F85 D5000000 jnz Urlegal.004026E1
0040260C |. E8 7FEEFFFF call Urlegal.00401490
00402611 |. 8945 84 mov [local.31],eax
00402614 |. 51 push ecx
00402615 |. 8BCC mov ecx,esp
00402617 |. 8965 80 mov [local.32],esp
0040261A |. 8D45 F0 lea eax,[local.4]
0040261D |. 50 push eax
0040261E |. E8 71450100 call <jmp.&MFC42.#535>
00402623 |. 8985 78FFFFFF mov [local.34],eax
00402629 |. 8D4D 88 lea ecx,[local.30]
0040262C |. 51 push ecx
0040262D |. 8B4D 84 mov ecx,[local.31]
00402630 |. 81C1 D0000000 add ecx,0xD0
00402636 |. E8 AE310000 call Urlegal.004057E9
0040263B |. 8985 74FFFFFF mov [local.35],eax
00402641 |. C645 FC 01 mov byte ptr ss:[ebp-0x4],0x1
00402645 |. 8D4D 88 lea ecx,[local.30]
00402648 |. E8 C3050000 call Urlegal.00402C10
0040264D |. 85C0 test eax,eax
0040264F |. 75 76 jnz XUrlegal.004026C7
00402651 |. 8D55 EC lea edx,[local.5]
00402654 |. 52 push edx
00402655 |. 8D45 88 lea eax,[local.30]
00402658 |. 50 push eax
00402659 |. E8 02060000 call Urlegal.00402C60
0040265E |. 25 FF000000 and eax,0xFF
00402663 |. 85C0 test eax,eax
00402665 |. 74 60 je XUrlegal.004026C7 ; 跳到下面的错误提示去
00402667 |. 8D4D F0 lea ecx,[local.4]
0040266A |. E8 E1050000 call Urlegal.00402C50
0040266F |. 50 push eax
00402670 |. 68 04E24100 push Urlegal.0041E204 ; ASCII "Name"
00402675 |. 68 0CE24100 push Urlegal.0041E20C ; ASCII "User"
0040267A |. 8B4D 84 mov ecx,[local.31]
0040267D |. 81C1 C4000000 add ecx,0xC4
00402683 |. E8 AD450000 call Urlegal.00406C35
00402688 |. 8D4D EC lea ecx,[local.5]
0040268B |. E8 C0050000 call Urlegal.00402C50
00402690 |. 50 push eax
00402691 |. 68 14E24100 push Urlegal.0041E214 ; ASCII "Code"
00402696 |. 68 1CE24100 push Urlegal.0041E21C ; ASCII "User"
0040269B |. 8B4D 84 mov ecx,[local.31]
0040269E |. 81C1 C4000000 add ecx,0xC4
004026A4 |. E8 8C450000 call Urlegal.00406C35
004026A9 |. 8B4D 84 mov ecx,[local.31]
004026AC |. 81C1 D0000000 add ecx,0xD0
004026B2 |. E8 72170000 call Urlegal.00403E29
004026B7 |. 6A 00 push 0x0
004026B9 |. 6A 00 push 0x0
004026BB |. 68 24E24100 push Urlegal.0041E224 ; ASCII "Thank you for registering!"
004026C0 |. E8 B1440100 call <jmp.&MFC42.#1200>
004026C5 |. EB 0E jmp XUrlegal.004026D5 ; 无条件跳转,所以上面有跳转到这里的其中之一
004026C7 |> 6A 00 push 0x0 ; 注册码对比不是真码就跳到这里来了
004026C9 |. 6A 00 push 0x0
004026CB |. 68 40E24100 push Urlegal.0041E240 ; ASCII "Name / Code mis-match. Try again."
004026D0 |. E8 A1440100 call <jmp.&MFC42.#1200>
004026D5 |> C645 FC 00 mov byte ptr ss:[ebp-0x4],0x0
004026D9 |. 8D4D 88 lea ecx,[local.30]
004026DC |. E8 DF420100 call <jmp.&MFC42.#800>
004026E1 |> C745 FC FFFFF>mov [local.1],-0x1
004026E8 |. 8D4D 8C lea ecx,[local.29]
004026EB |. E8 C0040000 call Urlegal.00402BB0
004026F0 |. 8B4D F4 mov ecx,[local.3]
004026F3 |. 64:890D 00000>mov dword ptr fs:[0],ecx
004026FA |. 8BE5 mov esp,ebp
004026FC |. 5D pop ebp
004026FD \. C3 retn
| 
发表于 2011-12-10 17:39
|
发表于 2011-12-10 20:47
