申请ID:7ktest
申请邮箱:gyluci2@163.com
看到这篇帖子,顺手破解了:http://www.52pojie.cn/thread-369616-1-1.html
打开软件的样子可以在上面帖子的2楼看到,需要用户输入注册码。
我们使用ApkIDE(apk改之理)打开下载好的apk,搜索 字符串“\u5e8f\u5217\u53f7\u9519\u8bef”(也就是“序列号错误”)。
得到:
该方法是按钮点击后的处理方法。
反编译后的java代码是: String str = this.this$0.editText.getText().toString();
Log.i("ddd", this.this$0.seriaNumber); //这里日志输出了序列号
if (str.equals(this.this$0.seriaNumber)) //和用户的输入进行对比
{
SharedPreferences.Editor localEditor = this.this$0.sharedReg.edit(); //然后保存到文件,下次就不用重新注册了
localEditor.putString("ISREG", "1");
localEditor.commit();
Intent localIntent = new Intent();
localIntent.setClass(this.this$0, MainActivity.class);
this.this$0.startActivity(localIntent);
this.this$0.finish();
return;
}
Toast.makeText(this.this$0, "序列号错误,请检查后重新输入!", 1).show(); //对比错误就提示
那么接下来就简单了,直接去掉对比就行了:
iget-object v1, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v1, v1, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->seriaNumber:Ljava/lang/String;
invoke-virtual {v0, v1}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v0
if-eqz v0, :cond_0 //判断比较结果,这个删除了就不管比较结果怎么样,点击按钮直接进入。
如果想要看正确的注册码是什么,那么只要在判断那里(删除了)跳转到后面提示框,并把提示框的内容修改为序列号,弹框完成后跳转回判断语句所在地方,保存注册码进入主界面。
修改后的:.method public onClick(Landroid/view/View;)V
.locals 3
.prologue
.line 62
:try_start_0
iget-object v0, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v0, v0, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->editText:Landroid/widget/EditText;
invoke-virtual {v0}, Landroid/widget/EditText;->getText()Landroid/text/Editable;
move-result-object v0
invoke-virtual {v0}, Ljava/lang/Object;->toString()Ljava/lang/String;
move-result-object v0
.line 63
const-string v1, "ddd"
iget-object v2, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v2, v2, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->seriaNumber:Ljava/lang/String;
invoke-static {v1, v2}, Landroid/util/Log;->i(Ljava/lang/String;Ljava/lang/String;)I
.line 64
iget-object v1, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v1, v1, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->seriaNumber:Ljava/lang/String;
invoke-virtual {v0, v1}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v0
goto :cond_0
:okbroken
.line 65
iget-object v0, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v0, v0, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->sharedReg:Landroid/content/SharedPreferences;
invoke-interface {v0}, Landroid/content/SharedPreferences;->edit()Landroid/content/SharedPreferences$Editor;
move-result-object v0
.line 66
const-string v1, "ISREG"
const-string v2, "1"
invoke-interface {v0, v1, v2}, Landroid/content/SharedPreferences$Editor;->putString(Ljava/lang/String;Ljava/lang/String;)Landroid/content/SharedPreferences$Editor;
.line 67
invoke-interface {v0}, Landroid/content/SharedPreferences$Editor;->commit()Z
.line 68
new-instance v0, Landroid/content/Intent;
invoke-direct {v0}, Landroid/content/Intent;-><init>()V
.line 69
iget-object v1, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
const-class v2, Lcom/drivetest/lukaoyi/MainActivity;
invoke-virtual {v0, v1, v2}, Landroid/content/Intent;->setClass(Landroid/content/Context;Ljava/lang/Class;)Landroid/content/Intent;
.line 70
iget-object v1, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
invoke-virtual {v1, v0}, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->startActivity(Landroid/content/Intent;)V
.line 71
iget-object v0, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
invoke-virtual {v0}, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->finish()V
.line 79
:goto_0
return-void
.line 73
:cond_0
iget-object v0, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v1, p0, Lcom/drivetest/lukaoyi/SeriaNumberActivity$1;->this$0:Lcom/drivetest/lukaoyi/SeriaNumberActivity;
iget-object v1, v1, Lcom/drivetest/lukaoyi/SeriaNumberActivity;->seriaNumber:Ljava/lang/String;
# const-string v1, "\u5e8f\u5217\u53f7\u9519\u8bef\uff0c\u8bf7\u68c0\u67e5\u540e\u91cd\u65b0\u8f93\u5165\uff01"
const/4 v2, 0x1
invoke-static {v0, v1, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v0
invoke-virtual {v0}, Landroid/widget/Toast;->show()V
:try_end_0
.catch Ljava/lang/Exception; {:try_start_0 .. :try_end_0} :catch_0
goto :okbroken
goto :goto_0
.line 75
:catch_0
move-exception v0
.line 77
invoke-virtual {v0}, Ljava/lang/Exception;->printStackTrace()V
goto :goto_0
.end method
另外,我们来看这个序列号是怎么样生成的:
在SeriaNumberActivity里面我们可以看到:
this.seriaNumber = localEncryptionAlgorithm.MD5("yIDA1234");
而EncryptionAlgorithm.md5是这样的:public String MD5(String paramString)
{
try
{
MessageDigest localMessageDigest = MessageDigest.getInstance("MD5");
localMessageDigest.update(paramString.getBytes());
byte[] arrayOfByte = localMessageDigest.digest();
StringBuffer localStringBuffer = new StringBuffer("");
for (int i = 0; i < arrayOfByte.length; i++)
{
int j = arrayOfByte[i];
if (j < 0)
j += 256;
if (j < 16)
localStringBuffer.append("0");
localStringBuffer.append(Integer.toHexString(j));
}
String str = localStringBuffer.toString().substring(8, 24);
return str;
}
catch (NoSuchAlgorithmException localNoSuchAlgorithmException)
{
localNoSuchAlgorithmException.printStackTrace();
}
return "";
}
这个网盘里面的apk都可以拿这种方法试一试:http://pan.baidu.com/share/home?uk=3389337036&view=share#category/type=0
破解完成的apk上传中。
|
吾爱游客
发表于 2015-6-2 17:50
发表于 2015-6-5 12:06
