Re: 一群吃饱了撑的还在讨论永动机,解决点实际问题
你这样处理后运行程序还会有问题的!看样子是没有解决完!咱们在来看看!
第二部分
===================================================================================================
第一部分的程序(===关键(1)====)跳转后就到了这里le's go
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00426675(C)
|
:00426777 E8CBFBFFFF call 00426347
:0042677C 8D45FC lea eax, dword ptr [ebp-04]
:0042677F B903000000 mov ecx, 00000003
:00426784 8908 mov dword ptr [eax], ecx
:00426786 8D4DF0 lea ecx, dword ptr [ebp-10]
:00426789 8D55F4 lea edx, dword ptr [ebp-0C]
:0042678C 8D5DF8 lea ebx, dword ptr [ebp-08]
:0042678F 51 push ecx
:00426790 52 push edx
:00426791 53 push ebx
:00426792 50 push eax
:00426793 68FE3F0000 push 00003FFE
:00426798 687B1D0000 push 00001D7B
:0042679D 6800000000 push 00000000
:004267A2 6800000000 push 00000000
:004267A7 6803000000 push 00000003
:004267AC E8B2F9FFFF call 00426163 ====>这里又有一处读狗!
:004267B1 83C424 add esp, 00000024
:004267B4 8B45F4 mov eax, dword ptr [ebp-0C] ====>返回值(1)应该是0
:004267B7 B900000000 mov ecx, 00000000
:004267BC 39C8 cmp eax, ecx ===>比较
:004267BE 0F85DE010000 jne 004269A2 不跳
:004267C4 8B45F8 mov eax, dword ptr [ebp-08]
:004267C7 0FB7C0 movzx eax, ax
:004267CA 8D0DA7694200 lea ecx, dword ptr [004269A7] 注意这里ecx的值是从这里的地址里来的
:004267D0 FFE1 jmp ecx =======>跳到下一个部分!go ====关键2===
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0042660A(C), :00426615(C)
|
:004267D2 8D0545924700 lea eax, dword ptr [00479245]
:004267D8 6801000000 push 00000001
:004267DD 50 push eax
:004267DE 6800000000 push 00000000
* Reference To: cvirt.LoadPanel, Ord:0133h
|
:004267E3 E83AB2FDFF Call 00401A22
:004267E8 8D4DDC lea ecx, dword ptr [ebp-24]
:004267EB 8901 mov dword ptr [ecx], eax
:004267ED 8B45DC mov eax, dword ptr [ebp-24]
:004267F0 B900000000 mov ecx, 00000000
:004267F5 39C8 cmp eax, ecx
:004267F7 0F8D20000000 jnl 0042681D
* Reference To: cvirt.CVI_Beep, Ord:0259h
|
:004267FD E8EEB6FDFF Call 00401EF0
:00426802 8D05BE924700 lea eax, dword ptr [004792BE]
:00426808 8D0D96924700 lea ecx, dword ptr [00479296]
:0042680E 50 push eax
:0042680F 51 push ecx
* Reference To: cvirt.MessagePopup, Ord:014Dh ====>出错信息!
|
:00426810 E875B6FDFF Call 00401E8A
:00426815 8D05A9684200 lea eax, dword ptr [004268A9]
:0042681B FFE0 jmp eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004267F7(C)
|
:0042681D 6800000000 push 00000000
:00426822 6812020000 push 00000212
:00426827 6803000000 push 00000003
:0042682C 8B45DC mov eax, dword ptr [ebp-24]
:0042682F 50 push eax
* Reference To: cvirt.SetCtrlAttribute, Ord:00AEh
|
:00426830 E8BFACFDFF Call 004014F4
:00426835 83C410 add esp, 00000010
:00426838 6800000000 push 00000000
:0042683D 6812020000 push 00000212
:00426842 6804000000 push 00000004
====================================================
===================================================
经过上部分!咱们看看下面部分如何! 经过对====关键2===的跟踪发现!到了下面的程序!
:0042AFCE 8908 mov dword ptr [eax], ecx
:0042AFD0 E8B1B5FFFF call 00426586
:0042AFD5 8D8DE8FEFFFF lea ecx, dword ptr [ebp+FFFFFEE8]
:0042AFDB 668901 mov word ptr [ecx], ax
:0042AFDE 668B85E8FEFFFF mov ax, word ptr [ebp+FFFFFEE8]
:0042AFE5 0FB7C0 movzx eax, ax
:0042AFE8 B901000000 mov ecx, 00000001
:0042AFED 39C8 cmp eax, ecx ======注意这个比较
:0042AFEF 0F8432000000 je 0042B027 =====>不跳就over
* Possible Reference to String Resource ID=65535: "Das32"
|
:0042AFF5 B9FFFF0000 mov ecx, 0000FFFF
:0042AFFA 39C8 cmp eax, ecx
:0042AFFC 0F8425000000 je 0042B027
* Reference To: cvirt.CVI_Beep, Ord:0259h
|
:0042B002 E8E96EFDFF Call 00401EF0
:0042B007 8D0504B04700 lea eax, dword ptr [0047B004]
:0042B00D 8D0DAFB34700 lea ecx, dword ptr [0047B3AF]
:0042B013 50 push eax
:0042B014 51 push ecx
* Reference To: cvirt.MessagePopup, Ord:014Dh =====出错信息!
|
:0042B015 E8706EFDFF Call 00401E8A
:0042B01A 6800000000 push 00000000
:0042B01F E82F75FDFF call 00402553
:0042B024 83C404 add esp, 00000004
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0042AFEF(C), :0042AFFC(C)
|
:0042B027 8D45FC lea eax, dword ptr [ebp-04] ====正确的流程!
:0042B02A 50 push eax
:0042B02B 6801000000 push 00000001
======================================================================================================
经过了这部分后狗部分就解掉了!
总结!
上面的部分只是解狗里面的一种而已!想这个软件还有好几种解法!这种解法比较容易理解!呵呵~我就献丑了!希望大家不要笑我!
希望大家经常来我的论坛来看看交流一下!现在有些人对我有意见!哪是不可避免的!也是很正常的!!谢谢大家看完此文! 如果你觉得写的还行请回个贴子!支持一下!谢谢!
如果要转载请保留完整
第二部分
===================================================================================================
第一部分的程序(===关键(1)====)跳转后就到了这里le's go
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00426675(C)
|
:00426777 E8CBFBFFFF call 00426347
:0042677C 8D45FC lea eax, dword ptr [ebp-04]
:0042677F B903000000 mov ecx, 00000003
:00426784 8908 mov dword ptr [eax], ecx
:00426786 8D4DF0 lea ecx, dword ptr [ebp-10]
:00426789 8D55F4 lea edx, dword ptr [ebp-0C]
:0042678C 8D5DF8 lea ebx, dword ptr [ebp-08]
:0042678F 51 push ecx
:00426790 52 push edx
:00426791 53 push ebx
:00426792 50 push eax
:00426793 68FE3F0000 push 00003FFE
:00426798 687B1D0000 push 00001D7B
:0042679D 6800000000 push 00000000
:004267A2 6800000000 push 00000000
:004267A7 6803000000 push 00000003
:004267AC E8B2F9FFFF call 00426163 ====>这里又有一处读狗!
:004267B1 83C424 add esp, 00000024
:004267B4 8B45F4 mov eax, dword ptr [ebp-0C] ====>返回值(1)应该是0
:004267B7 B900000000 mov ecx, 00000000
:004267BC 39C8 cmp eax, ecx ===>比较
:004267BE 0F85DE010000 jne 004269A2 不跳
:004267C4 8B45F8 mov eax, dword ptr [ebp-08]
:004267C7 0FB7C0 movzx eax, ax
:004267CA 8D0DA7694200 lea ecx, dword ptr [004269A7] 注意这里ecx的值是从这里的地址里来的
:004267D0 FFE1 jmp ecx =======>跳到下一个部分!go ====关键2===
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0042660A(C), :00426615(C)
|
:004267D2 8D0545924700 lea eax, dword ptr [00479245]
:004267D8 6801000000 push 00000001
:004267DD 50 push eax
:004267DE 6800000000 push 00000000
* Reference To: cvirt.LoadPanel, Ord:0133h
|
:004267E3 E83AB2FDFF Call 00401A22
:004267E8 8D4DDC lea ecx, dword ptr [ebp-24]
:004267EB 8901 mov dword ptr [ecx], eax
:004267ED 8B45DC mov eax, dword ptr [ebp-24]
:004267F0 B900000000 mov ecx, 00000000
:004267F5 39C8 cmp eax, ecx
:004267F7 0F8D20000000 jnl 0042681D
* Reference To: cvirt.CVI_Beep, Ord:0259h
|
:004267FD E8EEB6FDFF Call 00401EF0
:00426802 8D05BE924700 lea eax, dword ptr [004792BE]
:00426808 8D0D96924700 lea ecx, dword ptr [00479296]
:0042680E 50 push eax
:0042680F 51 push ecx
* Reference To: cvirt.MessagePopup, Ord:014Dh ====>出错信息!
|
:00426810 E875B6FDFF Call 00401E8A
:00426815 8D05A9684200 lea eax, dword ptr [004268A9]
:0042681B FFE0 jmp eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004267F7(C)
|
:0042681D 6800000000 push 00000000
:00426822 6812020000 push 00000212
:00426827 6803000000 push 00000003
:0042682C 8B45DC mov eax, dword ptr [ebp-24]
:0042682F 50 push eax
* Reference To: cvirt.SetCtrlAttribute, Ord:00AEh
|
:00426830 E8BFACFDFF Call 004014F4
:00426835 83C410 add esp, 00000010
:00426838 6800000000 push 00000000
:0042683D 6812020000 push 00000212
:00426842 6804000000 push 00000004
====================================================
===================================================
经过上部分!咱们看看下面部分如何! 经过对====关键2===的跟踪发现!到了下面的程序!
:0042AFCE 8908 mov dword ptr [eax], ecx
:0042AFD0 E8B1B5FFFF call 00426586
:0042AFD5 8D8DE8FEFFFF lea ecx, dword ptr [ebp+FFFFFEE8]
:0042AFDB 668901 mov word ptr [ecx], ax
:0042AFDE 668B85E8FEFFFF mov ax, word ptr [ebp+FFFFFEE8]
:0042AFE5 0FB7C0 movzx eax, ax
:0042AFE8 B901000000 mov ecx, 00000001
:0042AFED 39C8 cmp eax, ecx ======注意这个比较
:0042AFEF 0F8432000000 je 0042B027 =====>不跳就over
* Possible Reference to String Resource ID=65535: "Das32"
|
:0042AFF5 B9FFFF0000 mov ecx, 0000FFFF
:0042AFFA 39C8 cmp eax, ecx
:0042AFFC 0F8425000000 je 0042B027
* Reference To: cvirt.CVI_Beep, Ord:0259h
|
:0042B002 E8E96EFDFF Call 00401EF0
:0042B007 8D0504B04700 lea eax, dword ptr [0047B004]
:0042B00D 8D0DAFB34700 lea ecx, dword ptr [0047B3AF]
:0042B013 50 push eax
:0042B014 51 push ecx
* Reference To: cvirt.MessagePopup, Ord:014Dh =====出错信息!
|
:0042B015 E8706EFDFF Call 00401E8A
:0042B01A 6800000000 push 00000000
:0042B01F E82F75FDFF call 00402553
:0042B024 83C404 add esp, 00000004
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0042AFEF(C), :0042AFFC(C)
|
:0042B027 8D45FC lea eax, dword ptr [ebp-04] ====正确的流程!
:0042B02A 50 push eax
:0042B02B 6801000000 push 00000001
======================================================================================================
经过了这部分后狗部分就解掉了!
总结!
上面的部分只是解狗里面的一种而已!想这个软件还有好几种解法!这种解法比较容易理解!呵呵~我就献丑了!希望大家不要笑我!
希望大家经常来我的论坛来看看交流一下!现在有些人对我有意见!哪是不可避免的!也是很正常的!!谢谢大家看完此文! 如果你觉得写的还行请回个贴子!支持一下!谢谢!
如果要转载请保留完整
标签:
添加标签
- 标题
- 作者
- 时间
- 长度
- 点击
- 评价
-
- 一群吃饱了撑的还在讨论永动机,解决点实际问题
- 钝钝钝钝
- 2005-03-01 17:33
- 301
- 442
- 0/0
-
Re: 一群吃饱了撑的还在讨论永动机,解决点实际问题
- 风,大风
- 2005-03-02 09:25
- 5960
- 445
- 0/0
-
Re: 到看雪去问
- 风,大风
- 2005-03-02 09:24
- 5850
- 371
- 0/0
-
没爱心啊
- 墨韵
- 2005-03-01 23:50
- 17
- 292
- 0/0
-
学习新版不比跟踪破解来的更快吗
- 装懂
- 2005-03-01 17:43
- 0
- 267
- 0/0