- UID
- 181
注册时间2005-2-15
阅读权限10
最后登录1970-1-1
周游历练
TA的每日心情 | 开心
2017-4-4 09:40 |
|---|
签到天数: 1 天 [LV.1]初来乍到
|
日期:2005年4月14日 破解人:yijun[PYG]
———————————————————————————————————————————
【软件名称】:MBOX
【软件版本】:3.5
【软件大小】:1.72M
【下载地址】:INTERNET
【破解声明】:初学Crack,只是感兴趣,没有其它目的。失误之处敬请诸位大侠赐教!
【破解工具】:OD
———————————————————————————————————————————
【破解过程】:
今天搞这个东西搞得冒火,不得已才用了一次野蛮手段,说来都惭愧哟~~~~~~如果有哪位高人写篇算法的让我等菜鸟学习就好了:)~~~~~~~
004A38C6 55 push ebp
004A38C7 68 B0394A00 push mbox.004A39B0
004A38CC 64:FF30 push dword ptr fs:[eax]
004A38CF 64:8920 mov dword ptr fs:[eax],esp
004A38D2 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A38D5 8B40 14 mov eax,dword ptr ds:[eax+14]
004A38D8 8B40 08 mov eax,dword ptr ds:[eax+8]
004A38DB 48 dec eax
004A38DC 85C0 test eax,eax
004A38DE 7C 3C jl short mbox.004A391C
004A38E0 40 inc eax
004A38E1 8945 E8 mov dword ptr ss:[ebp-18],eax
004A38E4 C745 F0 0000000>mov dword ptr ss:[ebp-10],0
004A38EB 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A38EE 8B40 14 mov eax,dword ptr ds:[eax+14]
004A38F1 8B55 F0 mov edx,dword ptr ss:[ebp-10]
004A38F4 E8 176AF7FF call mbox.0041A310
004A38F9 8945 F4 mov dword ptr ss:[ebp-C],eax
004A38FC 8D55 E4 lea edx,dword ptr ss:[ebp-1C]
004A38FF 8B45 F4 mov eax,dword ptr ss:[ebp-C]
004A3902 8B08 mov ecx,dword ptr ds:[eax]
004A3904 FF51 60 call dword ptr ds:[ecx+60]
004A3907 8B45 E4 mov eax,dword ptr ss:[ebp-1C]
004A390A 8B55 F8 mov edx,dword ptr ss:[ebp-8]
004A390D E8 9614F6FF call mbox.00404DA8
004A3912 74 76 je short mbox.004A398A
004A3914 FF45 F0 inc dword ptr ss:[ebp-10]
004A3917 FF4D E8 dec dword ptr ss:[ebp-18]
004A391A ^ 75 CF jnz short mbox.004A38EB
004A391C 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A391F 8078 34 00 cmp byte ptr ds:[eax+34],0
004A3923 75 0C jnz short mbox.004A3931
004A3925 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A3928 8B40 14 mov eax,dword ptr ds:[eax+14]
004A392B 8378 08 50 cmp dword ptr ds:[eax+8],50
004A392F 7D 59 jge short mbox.004A398A
004A3931 8D55 EC lea edx,dword ptr ss:[ebp-14]
004A3934 8B45 F8 mov eax,dword ptr ss:[ebp-8]
004A3937 E8 F062F6FF call mbox.00409C2C
004A393C A1 90925400 mov eax,dword ptr ds:[549290]
004A3941 8B00 mov eax,dword ptr ds:[eax]
004A3943 8B55 EC mov edx,dword ptr ss:[ebp-14]
004A3946 E8 ED030A00 call mbox.00543D38
004A394B 8945 F4 mov dword ptr ss:[ebp-C],eax
004A394E 837D F4 00 cmp dword ptr ss:[ebp-C],0
004A3952 74 36 je short mbox.004A398A
004A3954 8B55 F8 mov edx,dword ptr ss:[ebp-8]
004A3957 8B45 F4 mov eax,dword ptr ss:[ebp-C]
004A395A 8B08 mov ecx,dword ptr ds:[eax]
004A395C FF51 68 call dword ptr ds:[ecx+68]
004A395F 8B45 F4 mov eax,dword ptr ss:[ebp-C]
004A3962 8B10 mov edx,dword ptr ds:[eax]
004A3964 FF92 80000000 call dword ptr ds:[edx+80]
004A396A 84C0 test al,al
004A396C 74 1C je short mbox.004A398A
004A396E 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A3971 8B40 14 mov eax,dword ptr ds:[eax+14]
004A3974 8B55 F4 mov edx,dword ptr ss:[ebp-C]
004A3977 E8 3868F7FF call mbox.0041A1B4
004A397C 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A397F 8B40 04 mov eax,dword ptr ds:[eax+4]
004A3982 8B55 F4 mov edx,dword ptr ss:[ebp-C]
004A3985 E8 BA110A00 call mbox.00544B44
004A398A 33C0 xor eax,eax
004A398C 5A pop edx
004A398D 59 pop ecx
004A398E 59 pop ecx
004A398F 64:8910 mov dword ptr fs:[eax],edx
004A3992 68 B7394A00 push mbox.004A39B7
004A3997 8D45 E4 lea eax,dword ptr ss:[ebp-1C]
004A399A E8 FD0FF6FF call mbox.0040499C
004A399F 8D45 EC lea eax,dword ptr ss:[ebp-14]
004A39A2 E8 F50FF6FF call mbox.0040499C
004A39A7 8D45 F8 lea eax,dword ptr ss:[ebp-8]
004A39AA E8 ED0FF6FF call mbox.0040499C
004A39AF C3 retn
004A39B0 ^ E9 6709F6FF jmp mbox.0040431C
004A39B5 ^ EB E0 jmp short mbox.004A3997
004A39B7 8BE5 mov esp,ebp
004A39B9 5D pop ebp
004A39BA C3 retn
004A39BB 90 nop
004A39BC 55 push ebp
004A39BD 8BEC mov ebp,esp
004A39BF 83C4 CC add esp,-34
004A39C2 33D2 xor edx,edx
004A39C4 8955 D0 mov dword ptr ss:[ebp-30],edx
004A39C7 8955 CC mov dword ptr ss:[ebp-34],edx
004A39CA 8955 D8 mov dword ptr ss:[ebp-28],edx
004A39CD 8955 D4 mov dword ptr ss:[ebp-2C],edx
004A39D0 8955 F8 mov dword ptr ss:[ebp-8],edx
004A39D3 8955 F4 mov dword ptr ss:[ebp-C],edx
004A39D6 8945 FC mov dword ptr ss:[ebp-4],eax
004A39D9 8D45 EC lea eax,dword ptr ss:[ebp-14]
004A39DC 8B15 60024A00 mov edx,dword ptr ds:[4A0260] ; mbox.004A0264
004A39E2 E8 7519F6FF call mbox.0040535C
004A39E7 8D45 E4 lea eax,dword ptr ss:[ebp-1C]
004A39EA 8B15 60024A00 mov edx,dword ptr ds:[4A0260] ; mbox.004A0264
004A39F0 E8 6719F6FF call mbox.0040535C
004A39F5 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A39F8 8B15 60024A00 mov edx,dword ptr ds:[4A0260] ; mbox.004A0264
004A39FE E8 5919F6FF call mbox.0040535C
004A3A03 33C0 xor eax,eax
004A3A05 55 push ebp
004A3A06 68 293B4A00 push mbox.004A3B29
004A3A0B 64:FF30 push dword ptr fs:[eax]
004A3A0E 64:8920 mov dword ptr fs:[eax],esp
004A3A11 8D55 D8 lea edx,dword ptr ss:[ebp-28]
004A3A14 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A3A17 8B40 2C mov eax,dword ptr ds:[eax+2C] ; 假码送EAX
004A3A1A E8 B956F6FF call mbox.004090D8
004A3A1F 837D D8 00 cmp dword ptr ss:[ebp-28],0 ; 是否输入注册码
004A3A23 0F84 C5000000 je mbox.004A3AEE
004A3A29 8D55 D4 lea edx,dword ptr ss:[ebp-2C]
004A3A2C 8B45 FC mov eax,dword ptr ss:[ebp-4] ; t8j->eax
004A3A2F 8B40 30 mov eax,dword ptr ds:[eax+30] ; 用户名->eax
004A3A32 E8 A156F6FF call mbox.004090D8
004A3A37 837D D4 00 cmp dword ptr ss:[ebp-2C],0 ; 用户名是否为0
004A3A3B 0F84 AD000000 je mbox.004A3AEE
004A3A41 8D45 F8 lea eax,dword ptr ss:[ebp-8]
004A3A44 8B55 FC mov edx,dword ptr ss:[ebp-4]
004A3A47 8B52 2C mov edx,dword ptr ds:[edx+2C] ; 假码送EDX
004A3A4A E8 E50FF6FF call mbox.00404A34
004A3A4F 8D55 F4 lea edx,dword ptr ss:[ebp-C]
004A3A52 8B45 F8 mov eax,dword ptr ss:[ebp-8] ; 假码送EAX
004A3A55 E8 3AD0FFFF call mbox.004A0A94
004A3A5A 8D45 F8 lea eax,dword ptr ss:[ebp-8]
004A3A5D E8 3A0FF6FF call mbox.0040499C
004A3A62 8D55 EC lea edx,dword ptr ss:[ebp-14]
004A3A65 B8 3C3B4A00 mov eax,mbox.004A3B3C ; 169117579277096005088196955519送EAX
004A3A6A E8 75D4FFFF call mbox.004A0EE4
004A3A6F 8D55 E4 lea edx,dword ptr ss:[ebp-1C]
004A3A72 B8 643B4A00 mov eax,mbox.004A3B64 ; 440283886415676092887295950723送EAX
004A3A77 E8 68D4FFFF call mbox.004A0EE4
004A3A7C 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A3A7F 50 push eax
004A3A80 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A3A83 50 push eax
004A3A84 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A3A87 50 push eax
004A3A88 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A3A8B 50 push eax
004A3A8C 8D45 F8 lea eax,dword ptr ss:[ebp-8]
004A3A8F 50 push eax
004A3A90 8D4D E4 lea ecx,dword ptr ss:[ebp-1C]
004A3A93 8D55 EC lea edx,dword ptr ss:[ebp-14]
004A3A96 8B45 F4 mov eax,dword ptr ss:[ebp-C]
004A3A99 E8 DEC7FFFF call mbox.004A027C
004A3A9E 8D45 EC lea eax,dword ptr ss:[ebp-14]
004A3AA1 E8 D6D6FFFF call mbox.004A117C
004A3AA6 8D45 E4 lea eax,dword ptr ss:[ebp-1C]
004A3AA9 E8 CED6FFFF call mbox.004A117C
004A3AAE 8D45 DC lea eax,dword ptr ss:[ebp-24]
004A3AB1 E8 C6D6FFFF call mbox.004A117C
004A3AB6 8D55 D0 lea edx,dword ptr ss:[ebp-30]
004A3AB9 8B45 F8 mov eax,dword ptr ss:[ebp-8]
004A3ABC E8 1756F6FF call mbox.004090D8
004A3AC1 8B45 D0 mov eax,dword ptr ss:[ebp-30]
004A3AC4 50 push eax
004A3AC5 8D55 CC lea edx,dword ptr ss:[ebp-34]
004A3AC8 8B45 FC mov eax,dword ptr ss:[ebp-4]
004A3ACB 8B40 30 mov eax,dword ptr ds:[eax+30] ; 用户名到EAX
004A3ACE E8 0556F6FF call mbox.004090D8
004A3AD3 8B55 CC mov edx,dword ptr ss:[ebp-34] ; 用户名到EDX
004A3AD6 58 pop eax
004A3AD7 E8 CC12F6FF call mbox.00404DA8
004A3ADC 90 nop //这是我已经NOP掉了的~~~~~~
004A3ADD 90 nop
———————————————————————————————————————————
【Crack_总结】:
没什么技术可言,虽然我最不喜欢爆破,但是我却又用了~~~~~~~~ |
|
IP卡
发表于 2005-4-14 18:02:01
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2005-4-14 22:45:19
发表于 2005-5-22 19:24:55
发表于 2005-5-28 00:43:09
