好友
阅读权限40
听众
最后登录1970-1-1
|
本帖最后由 冥界3大法王 于 2023-4-8 22:46 编辑
打开软件后,我们发现一上来就来个15天试用
但是,有两种情况:
才能进入软件界面。。。不然嘿嘿,只有再见!
第1种情况,申请注册。。还是甭费时间不考虑了,所以我们点下面的输入注册码
这是注册码输入错误的界面
这是后面爆破成功后,才会出现的界面
就出来了这个,随便输入个注册码,就会出来
记录一下错误信息
再点就出来这,还是进不到界面
设法找到有联系的模块名【对应的文件是哪个?】是否出现了某信息?
方法用很多,譬如用TC,譬如用16进制编辑器等等。
[Asm] 纯文本查看 复制代码 00007FF9B0E18757 | FF50 30 | call qword ptr ds:[rax+30] |
00007FF9B0E1875A | 84C0 | test al,al |
00007FF9B0E1875C | 0F84 9E020000 | je tsclicensing.7FF9B0E18A00 | 1)nop 才能见到注册码
00007FF9B0E18762 | 45:33E4 | xor r12d,r12d |
00007FF9B0E18765 | 4C:8965 C0 | mov qword ptr ss:[rbp-40],r12 |
00007FF9B0E18769 | 4C:8965 D0 | mov qword ptr ss:[rbp-30],r12 |
00007FF9B0E1876D | 48:C745 D8 0F000000 | mov qword ptr ss:[rbp-28],F |
00007FF9B0E18775 | 44:8865 C0 | mov byte ptr ss:[rbp-40],r12b |
00007FF9B0E18779 | 49:8B4E 38 | mov rcx,qword ptr ds:[r14+38] | r14+38:"les()"
00007FF9B0E1877D | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E18780 | 48:8D55 C0 | lea rdx,qword ptr ss:[rbp-40] |
00007FF9B0E18784 | FF50 10 | call qword ptr ds:[rax+10] |
00007FF9B0E18787 | 0F57C0 | xorps xmm0,xmm0 |
00007FF9B0E1878A | F3:0F7F4424 58 | movdqu xmmword ptr ss:[rsp+58],xmm0 |
00007FF9B0E18790 | 49:8B4F 08 | mov rcx,qword ptr ds:[r15+8] |
00007FF9B0E18794 | 48:85C9 | test rcx,rcx |
00007FF9B0E18797 | 74 08 | je tsclicensing.7FF9B0E187A1 |
00007FF9B0E18799 | F0:FF41 08 | lock inc dword ptr ds:[rcx+8] |
00007FF9B0E1879D | 49:8B4F 08 | mov rcx,qword ptr ds:[r15+8] |
00007FF9B0E187A1 | 49:8B07 | mov rax,qword ptr ds:[r15] |
00007FF9B0E187A4 | 48:894424 58 | mov qword ptr ss:[rsp+58],rax |
00007FF9B0E187A9 | 48:894C24 60 | mov qword ptr ss:[rsp+60],rcx |
00007FF9B0E187AE | 4C:8D45 C0 | lea r8,qword ptr ss:[rbp-40] |
00007FF9B0E187B2 | 48:8D5424 58 | lea rdx,qword ptr ss:[rsp+58] |
00007FF9B0E187B7 | 49:8BCE | mov rcx,r14 | r14:&"HcA麳+乳4"
00007FF9B0E187BA | E8 C1050000 | call tsclicensing.7FF9B0E18D80 |
00007FF9B0E187BF | 84C0 | test al,al |
00007FF9B0E187C1 | 0F84 F8000000 | je tsclicensing.7FF9B0E188BF |
00007FF9B0E187C7 | 49:8B8E 08010000 | mov rcx,qword ptr ds:[r14+108] | r14+108:"filesystem::filesystem_error: "
00007FF9B0E187CE | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E187D1 | FF50 30 | call qword ptr ds:[rax+30] |
00007FF9B0E187D4 | 49:8B4E 18 | mov rcx,qword ptr ds:[r14+18] | r14+18:"nCommonHelper::DeleteLicensingFiles()"
00007FF9B0E187D8 | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E187DB | FF50 40 | call qword ptr ds:[rax+40] |
00007FF9B0E187DE | 0F57C0 | xorps xmm0,xmm0 |
00007FF9B0E187E1 | F3:0F7F4424 48 | movdqu xmmword ptr ss:[rsp+48],xmm0 |
00007FF9B0E187E7 | 49:8B4F 08 | mov rcx,qword ptr ds:[r15+8] |
00007FF9B0E187EB | 48:85C9 | test rcx,rcx |
00007FF9B0E187EE | 74 08 | je tsclicensing.7FF9B0E187F8 |
00007FF9B0E187F0 | F0:FF41 08 | lock inc dword ptr ds:[rcx+8] |
00007FF9B0E187F4 | 49:8B4F 08 | mov rcx,qword ptr ds:[r15+8] |
00007FF9B0E187F8 | 49:8B07 | mov rax,qword ptr ds:[r15] |
00007FF9B0E187FB | 48:894424 48 | mov qword ptr ss:[rsp+48],rax |
00007FF9B0E18800 | 48:894C24 50 | mov qword ptr ss:[rsp+50],rcx |
00007FF9B0E18805 | 4C:8D4424 48 | lea r8,qword ptr ss:[rsp+48] |
00007FF9B0E1880A | 49:8BD5 | mov rdx,r13 |
00007FF9B0E1880D | 49:8BCE | mov rcx,r14 | r14:&"HcA麳+乳4"
00007FF9B0E18810 | E8 9BF6FFFF | call tsclicensing.7FF9B0E17EB0 |
00007FF9B0E18815 | 90 | nop |
00007FF9B0E18816 | 48:8B55 D8 | mov rdx,qword ptr ss:[rbp-28] |
00007FF9B0E1881A | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E1881E | 72 34 | jb tsclicensing.7FF9B0E18854 |
00007FF9B0E18820 | 48:FFC2 | inc rdx |
00007FF9B0E18823 | 48:8B4D C0 | mov rcx,qword ptr ss:[rbp-40] |
00007FF9B0E18827 | 48:8BC1 | mov rax,rcx |
00007FF9B0E1882A | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E18831 | 72 1C | jb tsclicensing.7FF9B0E1884F |
00007FF9B0E18833 | 48:83C2 27 | add rdx,27 |
00007FF9B0E18837 | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E1883B | 48:2BC1 | sub rax,rcx |
00007FF9B0E1883E | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E18842 | 48:83F8 1F | cmp rax,1F |
00007FF9B0E18846 | 76 07 | jbe tsclicensing.7FF9B0E1884F |
00007FF9B0E18848 | FF15 F2B42500 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E1884E | CC | int3 |
00007FF9B0E1884F | E8 A8432400 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E18854 | 4C:8965 D0 | mov qword ptr ss:[rbp-30],r12 |
00007FF9B0E18858 | 48:C745 D8 0F000000 | mov qword ptr ss:[rbp-28],F |
00007FF9B0E18860 | C645 C0 00 | mov byte ptr ss:[rbp-40],0 |
00007FF9B0E18864 | 48:8B55 F8 | mov rdx,qword ptr ss:[rbp-8] |
00007FF9B0E18868 | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E1886C | 72 34 | jb tsclicensing.7FF9B0E188A2 |
00007FF9B0E1886E | 48:FFC2 | inc rdx |
00007FF9B0E18871 | 48:8B4D E0 | mov rcx,qword ptr ss:[rbp-20] |
00007FF9B0E18875 | 48:8BC1 | mov rax,rcx |
00007FF9B0E18878 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E1887F | 72 1C | jb tsclicensing.7FF9B0E1889D |
00007FF9B0E18881 | 48:83C2 27 | add rdx,27 |
00007FF9B0E18885 | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E18889 | 48:2BC1 | sub rax,rcx |
00007FF9B0E1888C | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E18890 | 48:83F8 1F | cmp rax,1F |
00007FF9B0E18894 | 76 07 | jbe tsclicensing.7FF9B0E1889D |
00007FF9B0E18896 | FF15 A4B42500 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E1889C | CC | int3 |
00007FF9B0E1889D | E8 5A432400 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E188A2 | 4C:8965 F0 | mov qword ptr ss:[rbp-10],r12 |
00007FF9B0E188A6 | 48:C745 F8 0F000000 | mov qword ptr ss:[rbp-8],F |
00007FF9B0E188AE | C645 E0 00 | mov byte ptr ss:[rbp-20],0 |
00007FF9B0E188B2 | 49:8BCF | mov rcx,r15 |
00007FF9B0E188B5 | E8 7683FEFF | call tsclicensing.7FF9B0E00C30 |
00007FF9B0E188BA | E9 30020000 | jmp tsclicensing.7FF9B0E18AEF |
00007FF9B0E188BF | 44:896424 40 | mov dword ptr ss:[rsp+40],r12d |
00007FF9B0E188C4 | 41:C686 18010000 01 | mov byte ptr ds:[r14+118],1 | r14+118:"system_error: "
00007FF9B0E188CC | 49:8B8E C8000000 | mov rcx,qword ptr ds:[r14+C8] | r14+C8:" a licensing file due to file system error.\r\n\tfile: "
00007FF9B0E188D3 | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E188D6 | FF50 08 | call qword ptr ds:[rax+8] |
00007FF9B0E188D9 | 84C0 | test al,al |
00007FF9B0E188DB | 74 27 | je tsclicensing.7FF9B0E18904 |
00007FF9B0E188DD | 49:8B4E 18 | mov rcx,qword ptr ds:[r14+18] | r14+18:"nCommonHelper::DeleteLicensingFiles()"
00007FF9B0E188E1 | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E188E4 | FF50 10 | call qword ptr ds:[rax+10] |
00007FF9B0E188E7 | 49:8B4E 18 | mov rcx,qword ptr ds:[r14+18] | r14+18:"nCommonHelper::DeleteLicensingFiles()"
00007FF9B0E188EB | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E188EE | FF50 30 | call qword ptr ds:[rax+30] |
00007FF9B0E188F1 | 84C0 | test al,al |
00007FF9B0E188F3 | 75 0F | jne tsclicensing.7FF9B0E18904 |
00007FF9B0E188F5 | C74424 40 FCFFFFFF | mov dword ptr ss:[rsp+40],FFFFFFFC |
00007FF9B0E188FD | 41:8886 18010000 | mov byte ptr ds:[r14+118],al | r14+118:"system_error: "
00007FF9B0E18904 | 49:8BB6 F8000000 | mov rsi,qword ptr ds:[r14+F8] | r14+F8:"le: "
00007FF9B0E1890B | 48:8B06 | mov rax,qword ptr ds:[rsi] |
00007FF9B0E1890E | 48:8B78 08 | mov rdi,qword ptr ds:[rax+8] |
00007FF9B0E18912 | 48:8D4424 78 | lea rax,qword ptr ss:[rsp+78] |
00007FF9B0E18917 | 48:894424 48 | mov qword ptr ss:[rsp+48],rax |
00007FF9B0E1891C | 4C:896424 78 | mov qword ptr ss:[rsp+78],r12 |
00007FF9B0E18921 | 4C:8965 88 | mov qword ptr ss:[rbp-78],r12 |
00007FF9B0E18925 | 48:C745 90 0F000000 | mov qword ptr ss:[rbp-70],F |
00007FF9B0E1892D | 49:8B0F | mov rcx,qword ptr ds:[r15] |
00007FF9B0E18930 | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E18933 | FF50 18 | call qword ptr ds:[rax+18] |
00007FF9B0E18936 | 8BD8 | mov ebx,eax |
00007FF9B0E18938 | 49:8B4E 38 | mov rcx,qword ptr ds:[r14+38] | r14+38:"les()"
00007FF9B0E1893C | 48:8B11 | mov rdx,qword ptr ds:[rcx] |
00007FF9B0E1893F | 4C:8B42 08 | mov r8,qword ptr ds:[rdx+8] |
00007FF9B0E18943 | B2 01 | mov dl,1 |
00007FF9B0E18945 | 41:FFD0 | call r8 |
00007FF9B0E18948 | 90 | nop |
00007FF9B0E18949 | 48:8D4C24 78 | lea rcx,qword ptr ss:[rsp+78] |
00007FF9B0E1894E | 48:894C24 30 | mov qword ptr ss:[rsp+30],rcx |
00007FF9B0E18953 | 44:896424 28 | mov dword ptr ss:[rsp+28],r12d |
00007FF9B0E18958 | 895C24 20 | mov dword ptr ss:[rsp+20],ebx |
00007FF9B0E1895C | 44:8B4C24 40 | mov r9d,dword ptr ss:[rsp+40] |
00007FF9B0E18961 | 44:8BC0 | mov r8d,eax |
00007FF9B0E18964 | 49:8BD5 | mov rdx,r13 |
00007FF9B0E18967 | 48:8BCE | mov rcx,rsi |
00007FF9B0E1896A | FFD7 | call rdi |
00007FF9B0E1896C | 90 | nop |
00007FF9B0E1896D | 48:8B55 D8 | mov rdx,qword ptr ss:[rbp-28] |
00007FF9B0E18971 | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E18975 | 72 34 | jb tsclicensing.7FF9B0E189AB |
00007FF9B0E18977 | 48:FFC2 | inc rdx |
00007FF9B0E1897A | 48:8B4D C0 | mov rcx,qword ptr ss:[rbp-40] |
00007FF9B0E1897E | 48:8BC1 | mov rax,rcx |
00007FF9B0E18981 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E18988 | 72 1C | jb tsclicensing.7FF9B0E189A6 |
00007FF9B0E1898A | 48:83C2 27 | add rdx,27 |
00007FF9B0E1898E | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E18992 | 48:2BC1 | sub rax,rcx |
00007FF9B0E18995 | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E18999 | 48:83F8 1F | cmp rax,1F |
00007FF9B0E1899D | 76 07 | jbe tsclicensing.7FF9B0E189A6 |
00007FF9B0E1899F | FF15 9BB32500 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E189A5 | CC | int3 |
00007FF9B0E189A6 | E8 51422400 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E189AB | 4C:8965 D0 | mov qword ptr ss:[rbp-30],r12 |
00007FF9B0E189AF | 48:C745 D8 0F000000 | mov qword ptr ss:[rbp-28],F |
00007FF9B0E189B7 | C645 C0 00 | mov byte ptr ss:[rbp-40],0 |
00007FF9B0E189BB | 48:8B55 F8 | mov rdx,qword ptr ss:[rbp-8] |
00007FF9B0E189BF | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E189C3 | 0F82 D9FEFFFF | jb tsclicensing.7FF9B0E188A2 |
00007FF9B0E189C9 | 48:FFC2 | inc rdx |
00007FF9B0E189CC | 48:8B4D E0 | mov rcx,qword ptr ss:[rbp-20] |
00007FF9B0E189D0 | 48:8BC1 | mov rax,rcx |
00007FF9B0E189D3 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E189DA | 0F82 BDFEFFFF | jb tsclicensing.7FF9B0E1889D |
00007FF9B0E189E0 | 48:83C2 27 | add rdx,27 |
00007FF9B0E189E4 | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E189E8 | 48:2BC1 | sub rax,rcx |
00007FF9B0E189EB | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E189EF | 48:83F8 1F | cmp rax,1F |
00007FF9B0E189F3 | 0F86 A4FEFFFF | jbe tsclicensing.7FF9B0E1889D |
00007FF9B0E189F9 | FF15 41B32500 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E189FF | 90 | nop |
00007FF9B0E18A00 | 49:8B4E 18 | mov rcx,qword ptr ds:[r14+18] | r14+18:"nCommonHelper::DeleteLicensingFiles()"
继续向下走,就会发现NOP之后,我们键入的注册码再次出现。
截图
代码比较长,我们抓关键的看下吧。
[Asm] 纯文本查看 复制代码 00007FF9B0E73819 | E8 A2931E00 | call tsclicensing.7FF9B105CBC0 |
00007FF9B0E7381E | 48:C745 30 30000000 | mov qword ptr ss:[rbp+30],30 | 30:'0'
00007FF9B0E73826 | 48:C745 38 3F000000 | mov qword ptr ss:[rbp+38],3F | 3F:'?'
00007FF9B0E7382E | 0F1005 0BB52000 | movups xmm0,xmmword ptr ds:[7FF9B107ED40] | 00007FF9B107ED40:"NalpeironActivation::CheckLicenseStatus() called"
00007FF9B0E73835 | 0F1100 | movups xmmword ptr ds:[rax],xmm0 |
00007FF9B0E73838 | 0F100D 11B52000 | movups xmm1,xmmword ptr ds:[7FF9B107ED50] | 00007FF9B107ED50:"ion::CheckLicenseStatus() called"
00007FF9B0E7383F | 0F1148 10 | movups xmmword ptr ds:[rax+10],xmm1 |
00007FF9B0E73843 | 0F1005 16B52000 | movups xmm0,xmmword ptr ds:[7FF9B107ED60] | 00007FF9B107ED60:"eStatus() called"
00007FF9B0E7384A | 0F1140 20 | movups xmmword ptr ds:[rax+20],xmm0 |
00007FF9B0E7384E | 44:8878 30 | mov byte ptr ds:[rax+30],r15b |
00007FF9B0E73852 | 48:8945 20 | mov qword ptr ss:[rbp+20],rax |
00007FF9B0E73856 | 48:8D55 20 | lea rdx,qword ptr ss:[rbp+20] |
00007FF9B0E7385A | 48:8BCF | mov rcx,rdi |
00007FF9B0E7385D | FFD3 | call rbx |
00007FF9B0E7385F | 90 | nop |
00007FF9B0E73860 | 48:8B55 38 | mov rdx,qword ptr ss:[rbp+38] |
00007FF9B0E73864 | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E73868 | 72 34 | jb tsclicensing.7FF9B0E7389E |
00007FF9B0E7386A | 48:FFC2 | inc rdx |
00007FF9B0E7386D | 48:8B4D 20 | mov rcx,qword ptr ss:[rbp+20] |
00007FF9B0E73871 | 48:8BC1 | mov rax,rcx |
00007FF9B0E73874 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E7387B | 72 1C | jb tsclicensing.7FF9B0E73899 |
00007FF9B0E7387D | 48:83C2 27 | add rdx,27 |
00007FF9B0E73881 | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E73885 | 48:2BC1 | sub rax,rcx |
00007FF9B0E73888 | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E7388C | 48:83F8 1F | cmp rax,1F |
00007FF9B0E73890 | 76 07 | jbe tsclicensing.7FF9B0E73899 |
00007FF9B0E73892 | FF15 A8042000 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E73898 | CC | int3 |
00007FF9B0E73899 | E8 5E931E00 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E7389E | 49:8B4E 58 | mov rcx,qword ptr ds:[r14+58] | r14+58:"ing file: "
00007FF9B0E738A2 | 48:8B01 | mov rax,qword ptr ds:[rcx] |
00007FF9B0E738A5 | 4C:8B05 54A53100 | mov r8,qword ptr ds:[7FF9B118DE00] |
00007FF9B0E738AC | 48:8BD6 | mov rdx,rsi |
00007FF9B0E738AF | FF90 C0000000 | call qword ptr ds:[rax+C0] |
00007FF9B0E738B5 | 8BD8 | mov ebx,eax |
00007FF9B0E738B7 | 2B1D 4BA53100 | sub ebx,dword ptr ds:[7FF9B118DE08] |
00007FF9B0E738BD | 48:8D05 FC3F2000 | lea rax,qword ptr ds:[7FF9B10778C0] |
00007FF9B0E738C4 | 48:894424 30 | mov qword ptr ss:[rsp+30],rax |
00007FF9B0E738C9 | 48:8D4D B8 | lea rcx,qword ptr ss:[rbp-48] | [rbp-48]:&"HcA麳+乳4"
00007FF9B0E738CD | FF15 DDFA1F00 | call qword ptr ds:[<&??0?$basic_ios@DU?$c |
00007FF9B0E738D3 | 90 | nop |
00007FF9B0E738D4 | C74424 20 01000000 | mov dword ptr ss:[rsp+20],1 |
00007FF9B0E738DC | 45:33C9 | xor r9d,r9d |
00007FF9B0E738DF | 45:33C0 | xor r8d,r8d |
00007FF9B0E738E2 | 48:8D5424 38 | lea rdx,qword ptr ss:[rsp+38] |
00007FF9B0E738E7 | 48:8D4C24 30 | lea rcx,qword ptr ss:[rsp+30] |
00007FF9B0E738EC | FF15 5EFC1F00 | call qword ptr ds:[<&??0?$basic_ostream@D |
00007FF9B0E738F2 | 90 | nop |
00007FF9B0E738F3 | 48:8B4424 30 | mov rax,qword ptr ss:[rsp+30] |
00007FF9B0E738F8 | 48:6348 04 | movsxd rcx,dword ptr ds:[rax+4] |
00007FF9B0E738FC | 4C:8D35 B53F2000 | lea r14,qword ptr ds:[7FF9B10778B8] | r14:&"HcA麳+乳4", 00007FF9B10778B8:&"HcA麳+乳4"
00007FF9B0E73903 | 4C:89740C 30 | mov qword ptr ss:[rsp+rcx+30],r14 |
00007FF9B0E73908 | 48:8B4424 30 | mov rax,qword ptr ss:[rsp+30] |
00007FF9B0E7390D | 48:6348 04 | movsxd rcx,dword ptr ds:[rax+4] |
00007FF9B0E73911 | 8D91 78FFFFFF | lea edx,qword ptr ds:[rcx-88] |
00007FF9B0E73917 | 89540C 2C | mov dword ptr ss:[rsp+rcx+2C],edx |
00007FF9B0E7391B | 48:8D4C24 38 | lea rcx,qword ptr ss:[rsp+38] |
00007FF9B0E73920 | FF15 42FA1F00 | call qword ptr ds:[<&??0?$basic_streambuf |
00007FF9B0E73926 | 48:8D05 0B3F2000 | lea rax,qword ptr ds:[7FF9B1077838] |
00007FF9B0E7392D | 48:894424 38 | mov qword ptr ss:[rsp+38],rax |
00007FF9B0E73932 | 4C:897D A0 | mov qword ptr ss:[rbp-60],r15 |
00007FF9B0E73936 | C745 A8 04000000 | mov dword ptr ss:[rbp-58],4 |
00007FF9B0E7393D | 48:8D15 4CB42000 | lea rdx,qword ptr ds:[7FF9B107ED90] | 00007FF9B107ED90:"NSLGetLicenseStatus returned "
00007FF9B0E73944 | 48:8D4C24 30 | lea rcx,qword ptr ss:[rsp+30] |
00007FF9B0E73949 | E8 72E0F9FF | call tsclicensing.7FF9B0E119C0 |
00007FF9B0E7394E | 8BD3 | mov edx,ebx |
00007FF9B0E73950 | 48:8BC8 | mov rcx,rax |
00007FF9B0E73953 | FF15 17FC1F00 | call qword ptr ds:[<&??6?$basic_ostream@D |
00007FF9B0E73959 | 48:8BC8 | mov rcx,rax |
00007FF9B0E7395C | 48:8D15 15B42000 | lea rdx,qword ptr ds:[7FF9B107ED78] | 00007FF9B107ED78:" and License Status is "
00007FF9B0E73963 | E8 58E0F9FF | call tsclicensing.7FF9B0E119C0 |
00007FF9B0E73968 | 8B16 | mov edx,dword ptr ds:[rsi] |
00007FF9B0E7396A | 48:8BC8 | mov rcx,rax |
00007FF9B0E7396D | FF15 FDFB1F00 | call qword ptr ds:[<&??6?$basic_ostream@D |
00007FF9B0E73973 | 85DB | test ebx,ebx |
00007FF9B0E73975 | 0F88 F8000000 | js tsclicensing.7FF9B0E73A73 |
00007FF9B0E7397B | 833E 00 | cmp dword ptr ds:[rsi],0 |
00007FF9B0E7397E | 0F8C EF000000 | jl tsclicensing.7FF9B0E73A73 |
00007FF9B0E73984 | E8 67D6F8FF | call tsclicensing.7FF9B0E00FF0 |
00007FF9B0E73989 | 48:8BD8 | mov rbx,rax |
00007FF9B0E7398C | 48:8B08 | mov rcx,qword ptr ds:[rax] |
00007FF9B0E7398F | 48:8B79 20 | mov rdi,qword ptr ds:[rcx+20] |
00007FF9B0E73993 | 4C:897D 40 | mov qword ptr ss:[rbp+40],r15 |
00007FF9B0E73997 | 4C:897D 50 | mov qword ptr ss:[rbp+50],r15 |
00007FF9B0E7399B | 48:C745 58 0F000000 | mov qword ptr ss:[rbp+58],F |
00007FF9B0E739A3 | C645 40 00 | mov byte ptr ss:[rbp+40],0 |
00007FF9B0E739A7 | C74424 20 11000000 | mov dword ptr ss:[rsp+20],11 |
00007FF9B0E739AF | 0F57C0 | xorps xmm0,xmm0 |
00007FF9B0E739B2 | 0F1145 20 | movups xmmword ptr ss:[rbp+20],xmm0 |
00007FF9B0E739B6 | 8B4D A8 | mov ecx,dword ptr ss:[rbp-58] |
00007FF9B0E739B9 | 8BC1 | mov eax,ecx |
00007FF9B0E739BB | 24 22 | and al,22 |
00007FF9B0E739BD | 3C 02 | cmp al,2 |
00007FF9B0E739BF | 74 23 | je tsclicensing.7FF9B0E739E4 |
00007FF9B0E739C1 | 48:8B4424 78 | mov rax,qword ptr ss:[rsp+78] |
00007FF9B0E739C6 | 4C:8B00 | mov r8,qword ptr ds:[rax] |
00007FF9B0E739C9 | 4D:85C0 | test r8,r8 |
00007FF9B0E739CC | 74 16 | je tsclicensing.7FF9B0E739E4 |
00007FF9B0E739CE | 48:8B4424 58 | mov rax,qword ptr ss:[rsp+58] |
00007FF9B0E739D3 | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E739D6 | 4C:3B45 A0 | cmp r8,qword ptr ss:[rbp-60] |
00007FF9B0E739DA | 4C:0F4245 A0 | cmovb r8,qword ptr ss:[rbp-60] |
00007FF9B0E739DF | 4C:2BC2 | sub r8,rdx |
00007FF9B0E739E2 | EB 31 | jmp tsclicensing.7FF9B0E73A15 |
00007FF9B0E739E4 | F6C1 04 | test cl,4 |
00007FF9B0E739E7 | 75 24 | jne tsclicensing.7FF9B0E73A0D |
00007FF9B0E739E9 | 48:8B4424 70 | mov rax,qword ptr ss:[rsp+70] |
00007FF9B0E739EE | 48:8B08 | mov rcx,qword ptr ds:[rax] |
00007FF9B0E739F1 | 48:85C9 | test rcx,rcx |
00007FF9B0E739F4 | 74 17 | je tsclicensing.7FF9B0E73A0D |
00007FF9B0E739F6 | 48:8B4424 50 | mov rax,qword ptr ss:[rsp+50] |
00007FF9B0E739FB | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E739FE | 48:8B45 88 | mov rax,qword ptr ss:[rbp-78] |
00007FF9B0E73A02 | 4C:6300 | movsxd r8,dword ptr ds:[rax] |
00007FF9B0E73A05 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E73A08 | 4C:03C1 | add r8,rcx |
00007FF9B0E73A0B | EB 08 | jmp tsclicensing.7FF9B0E73A15 |
00007FF9B0E73A0D | 4C:8B45 28 | mov r8,qword ptr ss:[rbp+28] |
00007FF9B0E73A11 | 48:8B55 20 | mov rdx,qword ptr ss:[rbp+20] |
00007FF9B0E73A15 | 48:85D2 | test rdx,rdx |
00007FF9B0E73A18 | 74 0A | je tsclicensing.7FF9B0E73A24 |
00007FF9B0E73A1A | 48:8D4D 40 | lea rcx,qword ptr ss:[rbp+40] |
00007FF9B0E73A1E | E8 DDAEF8FF | call tsclicensing.7FF9B0DFE900 |
00007FF9B0E73A23 | 90 | nop |
00007FF9B0E73A24 | 48:8D55 40 | lea rdx,qword ptr ss:[rbp+40] |
00007FF9B0E73A28 | 48:8BCB | mov rcx,rbx |
00007FF9B0E73A2B | FFD7 | call rdi |
00007FF9B0E73A2D | 90 | nop |
00007FF9B0E73A2E | 48:8B55 58 | mov rdx,qword ptr ss:[rbp+58] |
00007FF9B0E73A32 | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E73A36 | 72 34 | jb tsclicensing.7FF9B0E73A6C |
00007FF9B0E73A38 | 48:FFC2 | inc rdx |
00007FF9B0E73A3B | 48:8B4D 40 | mov rcx,qword ptr ss:[rbp+40] |
00007FF9B0E73A3F | 48:8BC1 | mov rax,rcx |
00007FF9B0E73A42 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E73A49 | 72 1C | jb tsclicensing.7FF9B0E73A67 |
00007FF9B0E73A4B | 48:83C2 27 | add rdx,27 |
00007FF9B0E73A4F | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E73A53 | 48:2BC1 | sub rax,rcx |
00007FF9B0E73A56 | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E73A5A | 48:83F8 1F | cmp rax,1F |
00007FF9B0E73A5E | 76 07 | jbe tsclicensing.7FF9B0E73A67 |
00007FF9B0E73A60 | FF15 DA022000 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E73A66 | CC | int3 |
00007FF9B0E73A67 | E8 90911E00 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E73A6C | B3 01 | mov bl,1 |
00007FF9B0E73A6E | E9 1C010000 | jmp tsclicensing.7FF9B0E73B8F |
00007FF9B0E73A73 | 48:8B1D B6A33100 | mov rbx,qword ptr ds:[7FF9B118DE30] |
00007FF9B0E73A7A | 48:85DB | test rbx,rbx |
00007FF9B0E73A7D | 75 2C | jne tsclicensing.7FF9B0E73AAB |
00007FF9B0E73A7F | 8D4B 18 | lea ecx,qword ptr ds:[rbx+18] |
00007FF9B0E73A82 | E8 39911E00 | call tsclicensing.7FF9B105CBC0 |
00007FF9B0E73A87 | 48:8BD8 | mov rbx,rax |
00007FF9B0E73A8A | 48:894424 20 | mov qword ptr ss:[rsp+20],rax |
00007FF9B0E73A8F | 48:85C0 | test rax,rax |
00007FF9B0E73A92 | 74 0D | je tsclicensing.7FF9B0E73AA1 |
00007FF9B0E73A94 | 4C:8920 | mov qword ptr ds:[rax],r12 |
00007FF9B0E73A97 | 4C:8978 08 | mov qword ptr ds:[rax+8],r15 |
00007FF9B0E73A9B | 4C:8978 10 | mov qword ptr ds:[rax+10],r15 |
00007FF9B0E73A9F | EB 03 | jmp tsclicensing.7FF9B0E73AA4 |
00007FF9B0E73AA1 | 49:8BDF | mov rbx,r15 |
00007FF9B0E73AA4 | 48:891D 85A33100 | mov qword ptr ds:[7FF9B118DE30],rbx |
00007FF9B0E73AAB | 48:8B03 | mov rax,qword ptr ds:[rbx] |
00007FF9B0E73AAE | 48:8B78 30 | mov rdi,qword ptr ds:[rax+30] |
00007FF9B0E73AB2 | 4C:897D 40 | mov qword ptr ss:[rbp+40],r15 |
00007FF9B0E73AB6 | 4C:897D 50 | mov qword ptr ss:[rbp+50],r15 |
00007FF9B0E73ABA | 48:C745 58 0F000000 | mov qword ptr ss:[rbp+58],F |
00007FF9B0E73AC2 | C645 40 00 | mov byte ptr ss:[rbp+40],0 |
00007FF9B0E73AC6 | C74424 20 05000000 | mov dword ptr ss:[rsp+20],5 |
00007FF9B0E73ACE | 0F57C0 | xorps xmm0,xmm0 |
00007FF9B0E73AD1 | 0F1145 20 | movups xmmword ptr ss:[rbp+20],xmm0 |
00007FF9B0E73AD5 | 8B4D A8 | mov ecx,dword ptr ss:[rbp-58] |
00007FF9B0E73AD8 | F6C1 02 | test cl,2 | 断下!
00007FF9B0E73ADB | 74 05 | je tsclicensing.7FF9B0E73AE2 | ========>JMP
00007FF9B0E73ADD | F6C1 20 | test cl,20 |
00007FF9B0E73AE0 | 74 23 | je tsclicensing.7FF9B0E73B05 | =========》JMP
00007FF9B0E73AE2 | 48:8B4424 78 | mov rax,qword ptr ss:[rsp+78] |
00007FF9B0E73AE7 | 4C:8B00 | mov r8,qword ptr ds:[rax] |
00007FF9B0E73AEA | 4D:85C0 | test r8,r8 |
00007FF9B0E73AED | 74 16 | je tsclicensing.7FF9B0E73B05 |
00007FF9B0E73AEF | 48:8B4424 58 | mov rax,qword ptr ss:[rsp+58] |
00007FF9B0E73AF4 | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E73AF7 | 4C:3B45 A0 | cmp r8,qword ptr ss:[rbp-60] |
00007FF9B0E73AFB | 4C:0F4245 A0 | cmovb r8,qword ptr ss:[rbp-60] |
00007FF9B0E73B00 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E73B03 | EB 31 | jmp tsclicensing.7FF9B0E73B36 |
00007FF9B0E73B05 | F6C1 04 | test cl,4 |
00007FF9B0E73B08 | 75 24 | jne tsclicensing.7FF9B0E73B2E | =========》JMP
00007FF9B0E73B0A | 48:8B4424 70 | mov rax,qword ptr ss:[rsp+70] |
00007FF9B0E73B0F | 48:8B08 | mov rcx,qword ptr ds:[rax] |
00007FF9B0E73B12 | 48:85C9 | test rcx,rcx |
00007FF9B0E73B15 | 74 17 | je tsclicensing.7FF9B0E73B2E |
00007FF9B0E73B17 | 48:8B4424 50 | mov rax,qword ptr ss:[rsp+50] |
00007FF9B0E73B1C | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E73B1F | 48:8B45 88 | mov rax,qword ptr ss:[rbp-78] |
00007FF9B0E73B23 | 4C:6300 | movsxd r8,dword ptr ds:[rax] |
00007FF9B0E73B26 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E73B29 | 4C:03C1 | add r8,rcx |
00007FF9B0E73B2C | EB 08 | jmp tsclicensing.7FF9B0E73B36 |
00007FF9B0E73B2E | 4C:8B45 28 | mov r8,qword ptr ss:[rbp+28] |
检测完授权状态后,我们就凭感觉改着走着瞧吧
[Asm] 纯文本查看 复制代码 00007FF9B0E765EE | 74 3D | je tsclicensing.7FF9B0E7662D |
00007FF9B0E765F0 | 48:8B85 98000000 | mov rax,qword ptr ss:[rbp+98] |
00007FF9B0E765F7 | 4C:8B00 | mov r8,qword ptr ds:[rax] |
00007FF9B0E765FA | 4D:85C0 | test r8,r8 |
00007FF9B0E765FD | 74 2E | je tsclicensing.7FF9B0E7662D | =====>jmp
00007FF9B0E765FF | 48:8B45 78 | mov rax,qword ptr ss:[rbp+78] |
00007FF9B0E76603 | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E76606 | 48:8995 40010000 | mov qword ptr ss:[rbp+140],rdx |
00007FF9B0E7660D | 4C:894424 58 | mov qword ptr ss:[rsp+58],r8 |
00007FF9B0E76612 | 4C:3B85 C0000000 | cmp r8,qword ptr ss:[rbp+C0] |
00007FF9B0E76619 | 4C:0F4285 C0000000 | cmovb r8,qword ptr ss:[rbp+C0] |
00007FF9B0E76621 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E76624 | 4C:8985 48010000 | mov qword ptr ss:[rbp+148],r8 |
00007FF9B0E7662B | EB 49 | jmp tsclicensing.7FF9B0E76676 |
00007FF9B0E7662D | F6C1 04 | test cl,4 |
00007FF9B0E76630 | 75 36 | jne tsclicensing.7FF9B0E76668 |
00007FF9B0E76632 | 48:8B85 90000000 | mov rax,qword ptr ss:[rbp+90] |
00007FF9B0E76639 | 48:8B08 | mov rcx,qword ptr ds:[rax] |
00007FF9B0E7663C | 48:85C9 | test rcx,rcx |
00007FF9B0E7663F | 74 27 | je tsclicensing.7FF9B0E76668 |
00007FF9B0E76641 | 48:8B45 70 | mov rax,qword ptr ss:[rbp+70] |
00007FF9B0E76645 | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E76648 | 48:8995 40010000 | mov qword ptr ss:[rbp+140],rdx |
00007FF9B0E7664F | 48:8B85 A8000000 | mov rax,qword ptr ss:[rbp+A8] |
00007FF9B0E76656 | 4C:6300 | movsxd r8,dword ptr ds:[rax] |
00007FF9B0E76659 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E7665C | 4C:03C1 | add r8,rcx |
00007FF9B0E7665F | 4C:8985 48010000 | mov qword ptr ss:[rbp+148],r8 |
00007FF9B0E76666 | EB 0E | jmp tsclicensing.7FF9B0E76676 |
00007FF9B0E76668 | 4C:8B85 48010000 | mov r8,qword ptr ss:[rbp+148] |
00007FF9B0E7666F | 48:8B95 40010000 | mov rdx,qword ptr ss:[rbp+140] |
00007FF9B0E76676 | 48:85D2 | test rdx,rdx |
00007FF9B0E76679 | 74 0D | je tsclicensing.7FF9B0E76688 |
00007FF9B0E7667B | 48:8D8D 60010000 | lea rcx,qword ptr ss:[rbp+160] |
00007FF9B0E76682 | E8 7982F8FF | call tsclicensing.7FF9B0DFE900 |
00007FF9B0E76687 | 90 | nop |
00007FF9B0E76688 | 48:8D95 60010000 | lea rdx,qword ptr ss:[rbp+160] |
00007FF9B0E7668F | 48:8BCB | mov rcx,rbx |
00007FF9B0E76692 | 41:FFD7 | call r15 |
00007FF9B0E76695 | 90 | nop |
00007FF9B0E76696 | 48:8B95 78010000 | mov rdx,qword ptr ss:[rbp+178] |
00007FF9B0E7669D | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E766A1 | 72 37 | jb tsclicensing.7FF9B0E766DA |
00007FF9B0E766A3 | 48:FFC2 | inc rdx |
00007FF9B0E766A6 | 48:8B8D 60010000 | mov rcx,qword ptr ss:[rbp+160] |
00007FF9B0E766AD | 48:8BC1 | mov rax,rcx |
00007FF9B0E766B0 | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E766B7 | 72 1C | jb tsclicensing.7FF9B0E766D5 |
00007FF9B0E766B9 | 48:83C2 27 | add rdx,27 |
00007FF9B0E766BD | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E766C1 | 48:2BC1 | sub rax,rcx |
00007FF9B0E766C4 | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E766C8 | 48:83F8 1F | cmp rax,1F |
00007FF9B0E766CC | 76 07 | jbe tsclicensing.7FF9B0E766D5 |
00007FF9B0E766CE | FF15 6CD61F00 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E766D4 | CC | int3 |
00007FF9B0E766D5 | E8 22651E00 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E766DA | 48:8B07 | mov rax,qword ptr ds:[rdi] |
00007FF9B0E766DD | 48:8BCF | mov rcx,rdi |
00007FF9B0E766E0 | FF50 38 | call qword ptr ds:[rax+38] |
00007FF9B0E766E3 | 84C0 | test al,al |
00007FF9B0E766E5 | 0F85 38040000 | jne tsclicensing.7FF9B0E76B23 | ======>转到离线授权
00007FF9B0E766EB | 48:8D05 CE112000 | lea rax,qword ptr ds:[7FF9B10778C0] |
00007FF9B0E766F2 | 48:894424 60 | mov qword ptr ss:[rsp+60],rax |
00007FF9B0E766F7 | 48:8D4D E8 | lea rcx,qword ptr ss:[rbp-18] |
00007FF9B0E766FB | FF15 AFCC1F00 | call qword ptr ds:[<&??0?$basic_ios@DU?$c |
00007FF9B0E76701 | 90 | nop |
00007FF9B0E76702 | C74424 30 0B000000 | mov dword ptr ss:[rsp+30],B | B:'\v'
00007FF9B0E7670A | 45:33C9 | xor r9d,r9d |
00007FF9B0E7670D | 45:33C0 | xor r8d,r8d |
00007FF9B0E76710 | 48:8D5424 68 | lea rdx,qword ptr ss:[rsp+68] |
00007FF9B0E76715 | 48:8D4C24 60 | lea rcx,qword ptr ss:[rsp+60] |
00007FF9B0E7671A | FF15 30CE1F00 | call qword ptr ds:[<&??0?$basic_ostream@D |
00007FF9B0E76720 | 90 | nop |
00007FF9B0E76721 | 48:8B4424 60 | mov rax,qword ptr ss:[rsp+60] |
00007FF9B0E76726 | 48:6348 04 | movsxd rcx,dword ptr ds:[rax+4] |
00007FF9B0E7672A | 4C:8D3D 87112000 | lea r15,qword ptr ds:[7FF9B10778B8] | 00007FF9B10778B8:&"HcA麳+乳4"
00007FF9B0E76731 | 4C:897C0C 60 | mov qword ptr ss:[rsp+rcx+60],r15 |
00007FF9B0E76736 | 48:8B4424 60 | mov rax,qword ptr ss:[rsp+60] |
00007FF9B0E7673B | 48:6348 04 | movsxd rcx,dword ptr ds:[rax+4] |
00007FF9B0E7673F | 8D91 78FFFFFF | lea edx,qword ptr ds:[rcx-88] |
00007FF9B0E76745 | 89540C 5C | mov dword ptr ss:[rsp+rcx+5C],edx |
00007FF9B0E76749 | 48:8D4C24 68 | lea rcx,qword ptr ss:[rsp+68] |
00007FF9B0E7674E | FF15 14CC1F00 | call qword ptr ds:[<&??0?$basic_streambuf |
00007FF9B0E76754 | 48:8D05 DD102000 | lea rax,qword ptr ds:[7FF9B1077838] |
00007FF9B0E7675B | 48:894424 68 | mov qword ptr ss:[rsp+68],rax |
00007FF9B0E76760 | 48:8975 D0 | mov qword ptr ss:[rbp-30],rsi |
00007FF9B0E76764 | C745 D8 04000000 | mov dword ptr ss:[rbp-28],4 |
00007FF9B0E7676B | 48:8D15 5E892000 | lea rdx,qword ptr ds:[7FF9B107F0D0] | 00007FF9B107F0D0:"NalpeironActivation::UnlockWithLicenseCode() cannot reach nalpeiron server. Attempting to use cached license."
00007FF9B0E76772 | 48:8D4C24 60 | lea rcx,qword ptr ss:[rsp+60] |
00007FF9B0E76777 | E8 44B2F9FF | call tsclicensing.7FF9B0E119C0 |
00007FF9B0E7677C | 48:8B1D AD763100 | mov rbx,qword ptr ds:[7FF9B118DE30] |
00007FF9B0E76783 | 48:85DB | test rbx,rbx |
00007FF9B0E76786 | 75 33 | jne tsclicensing.7FF9B0E767BB | ???1
00007FF9B0E76788 | 8D4B 18 | lea ecx,qword ptr ds:[rbx+18] |
00007FF9B0E7678B | E8 30641E00 | call tsclicensing.7FF9B105CBC0 |
00007FF9B0E76790 | 48:8BD8 | mov rbx,rax |
00007FF9B0E76793 | 48:894424 58 | mov qword ptr ss:[rsp+58],rax |
00007FF9B0E76798 | 48:85C0 | test rax,rax |
00007FF9B0E7679B | 74 14 | je tsclicensing.7FF9B0E767B1 |
00007FF9B0E7679D | 48:8D05 54E81F00 | lea rax,qword ptr ds:[7FF9B1074FF8] |
00007FF9B0E767A4 | 48:8903 | mov qword ptr ds:[rbx],rax |
00007FF9B0E767A7 | 48:8973 08 | mov qword ptr ds:[rbx+8],rsi |
00007FF9B0E767AB | 48:8973 10 | mov qword ptr ds:[rbx+10],rsi |
00007FF9B0E767AF | EB 03 | jmp tsclicensing.7FF9B0E767B4 |
00007FF9B0E767B1 | 48:8BDE | mov rbx,rsi |
00007FF9B0E767B4 | 48:891D 75763100 | mov qword ptr ds:[7FF9B118DE30],rbx |
00007FF9B0E767BB | 48:8B03 | mov rax,qword ptr ds:[rbx] |
00007FF9B0E767BE | 4C:8B70 30 | mov r14,qword ptr ds:[rax+30] | r14:&"HcA麳+乳4"
00007FF9B0E767C2 | 48:89B5 60010000 | mov qword ptr ss:[rbp+160],rsi |
00007FF9B0E767C9 | 48:89B5 70010000 | mov qword ptr ss:[rbp+170],rsi |
00007FF9B0E767D0 | 48:C785 78010000 0F000 | mov qword ptr ss:[rbp+178],F |
00007FF9B0E767DB | C685 60010000 00 | mov byte ptr ss:[rbp+160],0 |
00007FF9B0E767E2 | C74424 30 2B000000 | mov dword ptr ss:[rsp+30],2B | 2B:'+'
00007FF9B0E767EA | 0F57C0 | xorps xmm0,xmm0 |
00007FF9B0E767ED | 33C0 | xor eax,eax |
00007FF9B0E767EF | 0F1185 40010000 | movups xmmword ptr ss:[rbp+140],xmm0 |
00007FF9B0E767F6 | 48:8985 50010000 | mov qword ptr ss:[rbp+150],rax |
00007FF9B0E767FD | 8B4D D8 | mov ecx,dword ptr ss:[rbp-28] |
00007FF9B0E76800 | F6C1 02 | test cl,2 |
00007FF9B0E76803 | 74 05 | je tsclicensing.7FF9B0E7680A | ==>因为下面是服务器,所以JMP
00007FF9B0E76805 | F6C1 20 | test cl,20 |
00007FF9B0E76808 | 74 21 | je tsclicensing.7FF9B0E7682B |
00007FF9B0E7680A | 48:8B45 A8 | mov rax,qword ptr ss:[rbp-58] |
00007FF9B0E7680E | 4C:8B00 | mov r8,qword ptr ds:[rax] |
00007FF9B0E76811 | 4D:85C0 | test r8,r8 |
00007FF9B0E76814 | 74 15 | je tsclicensing.7FF9B0E7682B |
00007FF9B0E76816 | 48:8B45 88 | mov rax,qword ptr ss:[rbp-78] |
00007FF9B0E7681A | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E7681D | 4C:3B45 D0 | cmp r8,qword ptr ss:[rbp-30] |
00007FF9B0E76821 | 4C:0F4245 D0 | cmovb r8,qword ptr ss:[rbp-30] |
00007FF9B0E76826 | 4C:2BC2 | sub r8,rdx |
00007FF9B0E76829 | EB 35 | jmp tsclicensing.7FF9B0E76860 |
00007FF9B0E7682B | F6C1 04 | test cl,4 |
00007FF9B0E7682E | 75 22 | jne tsclicensing.7FF9B0E76852 |
00007FF9B0E76830 | 48:8B45 A0 | mov rax,qword ptr ss:[rbp-60] |
00007FF9B0E76834 | 48:8B08 | mov rcx,qword ptr ds:[rax] |
00007FF9B0E76837 | 48:85C9 | test rcx,rcx |
00007FF9B0E7683A | 74 16 | je tsclicensing.7FF9B0E76852 |
00007FF9B0E7683C | 48:8B45 80 | mov rax,qword ptr ss:[rbp-80] |
00007FF9B0E76840 | 48:8B10 | mov rdx,qword ptr ds:[rax] |
00007FF9B0E76843 | 48:8B45 B8 | mov rax,qword ptr ss:[rbp-48] | [rbp-48]:&"HcA麳+乳4"
00007FF9B0E76847 | 4C:6300 | movsxd r8,dword ptr ds:[rax] |
00007FF9B0E7684A | 4C:2BC2 | sub r8,rdx |
00007FF9B0E7684D | 4C:03C1 | add r8,rcx |
00007FF9B0E76850 | EB 0E | jmp tsclicensing.7FF9B0E76860 |
00007FF9B0E76852 | 4C:8B85 48010000 | mov r8,qword ptr ss:[rbp+148] |
00007FF9B0E76859 | 48:8B95 40010000 | mov rdx,qword ptr ss:[rbp+140] |
00007FF9B0E76860 | 48:85D2 | test rdx,rdx |
00007FF9B0E76863 | 74 0D | je tsclicensing.7FF9B0E76872 |
00007FF9B0E76865 | 48:8D8D 60010000 | lea rcx,qword ptr ss:[rbp+160] |
00007FF9B0E7686C | E8 8F80F8FF | call tsclicensing.7FF9B0DFE900 |
00007FF9B0E76871 | 90 | nop |
00007FF9B0E76872 | 48:8D95 60010000 | lea rdx,qword ptr ss:[rbp+160] |
00007FF9B0E76879 | 48:8BCB | mov rcx,rbx |
00007FF9B0E7687C | 41:FFD6 | call r14 |
00007FF9B0E7687F | 90 | nop |
00007FF9B0E76880 | 48:8B95 78010000 | mov rdx,qword ptr ss:[rbp+178] |
00007FF9B0E76887 | 48:83FA 10 | cmp rdx,10 |
00007FF9B0E7688B | 72 37 | jb tsclicensing.7FF9B0E768C4 |
00007FF9B0E7688D | 48:FFC2 | inc rdx |
00007FF9B0E76890 | 48:8B8D 60010000 | mov rcx,qword ptr ss:[rbp+160] |
00007FF9B0E76897 | 48:8BC1 | mov rax,rcx |
00007FF9B0E7689A | 48:81FA 00100000 | cmp rdx,1000 |
00007FF9B0E768A1 | 72 1C | jb tsclicensing.7FF9B0E768BF |
00007FF9B0E768A3 | 48:83C2 27 | add rdx,27 |
00007FF9B0E768A7 | 48:8B49 F8 | mov rcx,qword ptr ds:[rcx-8] |
00007FF9B0E768AB | 48:2BC1 | sub rax,rcx |
00007FF9B0E768AE | 48:83C0 F8 | add rax,FFFFFFFFFFFFFFF8 |
00007FF9B0E768B2 | 48:83F8 1F | cmp rax,1F |
00007FF9B0E768B6 | 76 07 | jbe tsclicensing.7FF9B0E768BF |
00007FF9B0E768B8 | FF15 82D41F00 | call qword ptr ds:[<&_invalid_parameter_n |
00007FF9B0E768BE | CC | int3 |
00007FF9B0E768BF | E8 38631E00 | call tsclicensing.7FF9B105CBFC |
00007FF9B0E768C4 | 48:8B07 | mov rax,qword ptr ds:[rdi] |
00007FF9B0E768C7 | 48:8BCF | mov rcx,rdi |
00007FF9B0E768CA | FF50 30 | call qword ptr ds:[rax+30] |
00007FF9B0E768CD | 84C0 | test al,al |
00007FF9B0E768CF | 0F84 00010000 | je tsclicensing.7FF9B0E769D5 | ========>NOP了才能显示注册成功
00007FF9B0E768D5 | E8 16A7F8FF | call tsclicensing.7FF9B0E00FF0 |
00007FF9B0E768DA | 48:8BF8 | mov rdi,rax |
00007FF9B0E768DD | 48:8B00 | mov rax,qword ptr ds:[rax] |
00007FF9B0E768E0 | 48:8B58 20 | mov rbx,qword ptr ds:[rax+20] |
00007FF9B0E768E4 | 48:89B5 40010000 | mov qword ptr ss:[rbp+140],rsi |
00007FF9B0E768EB | 48:89B5 50010000 | mov qword ptr ss:[rbp+150],rsi |
00007FF9B0E768F2 | 48:C785 58010000 0F000 | mov qword ptr ss:[rbp+158],F |
00007FF9B0E768FD | C685 40010000 00 | mov byte ptr ss:[rbp+140],0 |
00007FF9B0E76904 | B9 60000000 | mov ecx,60 | 60:'`'
00007FF9B0E76909 | E8 B2621E00 | call tsclicensing.7FF9B105CBC0 |
00007FF9B0E7690E | 48:8BC8 | mov rcx,rax |
00007FF9B0E76911 | 48:C785 50010000 55000 | mov qword ptr ss:[rbp+150],55 | 55:'U'
00007FF9B0E7691C | 48:C785 58010000 5F000 | mov qword ptr ss:[rbp+158],5F | 5F:'_'
00007FF9B0E76927 | 0F2805 12882000 | movaps xmm0,xmmword ptr ds:[7FF9B107F140] | 00007FF9B107F140:"NalpeironActivation::UnlockWithLicenseCode() succeeded. Valid license found in cache."
00007FF9B0E7692E | 0F1100 | movups xmmword ptr ds:[rax],xmm0 |
00007FF9B0E76931 | 0F280D 18882000 | movaps xmm1,xmmword ptr ds:[7FF9B107F150] | 00007FF9B107F150:"ion::UnlockWithLicenseCode() succeeded. Valid license found in cache."
00007FF9B0E76938 | 0F1148 10 | movups xmmword ptr ds:[rax+10],xmm1 |
00007FF9B0E7693C | 0F2805 1D882000 | movaps xmm0,xmmword ptr ds:[7FF9B107F160] | 00007FF9B107F160:"icenseCode() succeeded. Valid license found in cache."
00007FF9B0E76943 | 0F1140 20 | movups xmmword ptr ds:[rax+20],xmm0 |
00007FF9B0E76947 | 0F280D 22882000 | movaps xmm1,xmmword ptr ds:[7FF9B107F170] | 00007FF9B107F170:"ceeded. Valid license found in cache."
00007FF9B0E7694E | 0F1148 30 | movups xmmword ptr ds:[rax+30],xmm1 |
00007FF9B0E76952 | 0F2805 27882000 | movaps xmm0,xmmword ptr ds:[7FF9B107F180] | 00007FF9B107F180:"cense found in cache."
00007FF9B0E76959 | 0F1140 40 | movups xmmword ptr ds:[rax+40],xmm0 | rax+40:"$ActivationsAllowed"
00007FF9B0E7695D | 8B05 2D882000 | mov eax,dword ptr ds:[7FF9B107F190] | 00007FF9B107F190:"ache."
00007FF9B0E76963 | 8941 50 | mov dword ptr ds:[rcx+50],eax |
00007FF9B0E76966 | 0FB605 27882000 | movzx eax,byte ptr ds:[7FF9B107F194] |
00007FF9B0E7696D | 8841 54 | mov byte ptr ds:[rcx+54],al |
00007FF9B0E76970 | C641 55 00 | mov byte ptr ds:[rcx+55],0 |
00007FF9B0E76974 | 48:898D 40010000 | mov qword ptr ss:[rbp+140],rcx |
00007FF9B0E7697B | 48:8D95 40010000 | lea rdx,qword ptr ss:[rbp+140] |
00007FF9B0E76982 | 48:8BCF | mov rcx,rdi |
截图
如果前面爆破的都通过了。。
就会出来这
显然:
所以,我们继续修改我们的程序流程,让它死活都得走离线激活分支
最后继续修改,最终我们见到如下界面:
翻译一下就是决不要忘记你的注册码
登录保存你的注册码
打开进界面
选择一个配置和使用人群就真的进界面了。
最终进到界面就是这个样子的。 |
免费评分
-
查看全部评分
|
发表于 2023-4-8 22:07
|
发表于 2023-4-8 23:06
