飘云阁(PYG官方论坛)

 找回密码
 加入论坛

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 238|回复: 1

[原创] MassTube Plus 12.9.8.355&和谐补丁

[复制链接]
  • TA的每日心情
    奋斗
    11 小时前
  • 签到天数: 842 天

    [LV.10]以坛为家III

    发表于 2019-4-15 17:10:06 | 显示全部楼层 |阅读模式
    MassTube Plus是一款下载YouTube视频软件。

    原版: https://pan.baidu.com/s/1aHg1vH1l_JmGigBtcaxAgQ 提取码:mxs5

    补丁: https://pan.baidu.com/s/1UhdNPtJKKcmBJuU54TK4cA 提取码:xvd2(解压码:PYG_TEDuhySeRYZ68723_52PJ)


    和谐前后对比图:

    c0.jpg
    c1.jpg

    评分

    参与人数 1威望 +1 飘云币 +1 收起 理由
    wgz001 + 1 + 1 感谢发布原创作品,PYG有你更精彩!

    查看全部评分

  • TA的每日心情
    奋斗
    11 小时前
  • 签到天数: 842 天

    [LV.10]以坛为家III

     楼主| 发表于 2019-4-16 08:44:09 | 显示全部楼层
    本帖最后由 speedboy 于 2019-4-16 09:16 编辑

    【破解浅析】:

    一、破解工具:OD、IDR
    二、破解过程:
    1、利用IDR获取程序函数名称文件(*.map)并获取到主窗口创建函授TFrmMassTube.FormCreate的地址为0057C0D0;
    2、用OD打开程序并加载map文件,在反汇编代码区ctrl+G输入地址0057C0D0,在此地址处F2下断;
    3、得到一段代码如下:
    [Asm] 纯文本查看 复制代码
    0057C0D0 > .  55            push ebp                                                         ;  _Unit54.TFrmMassTube.FormCreate_0057C0D0
    
    0057C0D1   .  8BEC          mov ebp,esp
    0057C0D3   .  83C4 B4       add esp,-0x4C
    0057C0D6   .  53            push ebx
    0057C0D7   .  56            push esi
    0057C0D8   .  57            push edi
    0057C0D9   .  33C9          xor ecx,ecx
    0057C0DB   .  894D B4       mov dword ptr ss:[ebp-0x4C],ecx
    0057C0DE   .  894D B8       mov dword ptr ss:[ebp-0x48],ecx
    0057C0E1   .  894D BC       mov dword ptr ss:[ebp-0x44],ecx
    0057C0E4   .  894D C0       mov dword ptr ss:[ebp-0x40],ecx
    0057C0E7   .  894D C4       mov dword ptr ss:[ebp-0x3C],ecx
    0057C0EA   .  894D C8       mov dword ptr ss:[ebp-0x38],ecx
    0057C0ED   .  894D CC       mov dword ptr ss:[ebp-0x34],ecx
    0057C0F0   .  894D F4       mov dword ptr ss:[ebp-0xC],ecx
    0057C0F3   .  8955 D0       mov dword ptr ss:[ebp-0x30],edx                                  ;  MassTube.<ModuleEntryPoint>
    0057C0F6   .  8945 FC       mov dword ptr ss:[ebp-0x4],eax                                   ;  kernel32.BaseThreadInitThunk
    0057C0F9   .  33C0          xor eax,eax                                                      ;  kernel32.BaseThreadInitThunk
    0057C0FB   .  55            push ebp
    0057C0FC   .  68 09C85700   push MassTube.0057C809
    0057C101   .  64:FF30       push dword ptr fs:[eax]
    0057C104   .  64:8920       mov dword ptr fs:[eax],esp
    0057C107   .  A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                  ;  寸Y
    0057C10C   .  8B15 8C845900 mov edx,dword ptr ds:[0x59848C]                                  ;  MassTube.0059E7AC
    0057C112   .  8B12          mov edx,dword ptr ds:[edx]
    0057C114   .  E8 ABB1E8FF   call <MassTube.System.@UStrAsg_004072C4>
    0057C119   .  BA 24C85700   mov edx,MassTube.0057C824                                        ;  MassTube
    0057C11E   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C121   .  E8 2A05F0FF   call <MassTube._Unit22.TControl.SetText_0047C650>
    0057C126   .  8D55 CC       lea edx,dword ptr ss:[ebp-0x34]
    0057C129   .  A1 1CE85900   mov eax,dword ptr ds:[0x59E81C]
    0057C12E   .  E8 E504F0FF   call <MassTube._Unit22.TControl.GetText_0047C618>
    0057C133   .  8B55 CC       mov edx,dword ptr ss:[ebp-0x34]
    0057C136   .  A1 F8825900   mov eax,dword ptr ds:[0x5982F8]                                  ;  粹Y
    0057C13B   .  8B00          mov eax,dword ptr ds:[eax]
    0057C13D   .  E8 3EC1F7FF   call <MassTube._Unit33.TApplication.SetTitle_004F8280>
    0057C142   .  8D55 C8       lea edx,dword ptr ss:[ebp-0x38]
    0057C145   .  A1 1CE85900   mov eax,dword ptr ds:[0x59E81C]
    0057C14A   .  E8 C904F0FF   call <MassTube._Unit22.TControl.GetText_0047C618>
    0057C14F   .  8B55 C8       mov edx,dword ptr ss:[ebp-0x38]                                  ;  wow64.751FE0B8
    0057C152   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C155   .  8B80 B4030000 mov eax,dword ptr ds:[eax+0x3B4]
    0057C15B   .  E8 9494F9FF   call <MassTube.CoolTrayIcon.TCoolTrayIcon.SetHint_005155F4>
    0057C160   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C163   .  8B80 B0030000 mov eax,dword ptr ds:[eax+0x3B0]
    0057C169   .  BA 44C85700   mov edx,MassTube.0057C844                                        ;  About MassTube...
    0057C16E   .  E8 6D0AF2FF   call <MassTube._Unit24.TMenuItem.SetCaption_0049CBE0>
    0057C173   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C176   .  8B80 90040000 mov eax,dword ptr ds:[eax+0x490]                                 ;  wow64.75205E39
    0057C17C   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C17E   .  E8 B503F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C183   .  C605 30E85900>mov byte ptr ds:[0x59E830],0x1
    0057C18A   .  A1 F8825900   mov eax,dword ptr ds:[0x5982F8]                                  ;  粹Y
    0057C18F   .  8B00          mov eax,dword ptr ds:[eax]
    0057C191   .  8B55 FC       mov edx,dword ptr ss:[ebp-0x4]
    0057C194   .  8990 44010000 mov dword ptr ds:[eax+0x144],edx                                 ;  MassTube.<ModuleEntryPoint>
    0057C19A   .  C780 40010000>mov dword ptr ds:[eax+0x140],<MassTube._Unit54.sub_0057A474_0057>
    0057C1A4   .  A1 F8825900   mov eax,dword ptr ds:[0x5982F8]                                  ;  粹Y
    0057C1A9   .  8B00          mov eax,dword ptr ds:[eax]
    0057C1AB   .  8B55 FC       mov edx,dword ptr ss:[ebp-0x4]
    0057C1AE   .  8990 3C010000 mov dword ptr ds:[eax+0x13C],edx                                 ;  MassTube.<ModuleEntryPoint>
    0057C1B4   .  C780 38010000>mov dword ptr ds:[eax+0x138],<MassTube._Unit54.sub_0057A4E4_0057>
    0057C1BE   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C1C1   .  8B80 F4030000 mov eax,dword ptr ds:[eax+0x3F4]
    0057C1C7   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C1C9   .  E8 6A03F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C1CE   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C1D1   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C1D7   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C1D9   .  E8 5A03F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C1DE   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C1E1   .  8B80 40040000 mov eax,dword ptr ds:[eax+0x440]
    0057C1E7   .  B2 01         mov dl,0x1
    0057C1E9   .  E8 BA0AF2FF   call <MassTube._Unit24.TMenuItem.SetEnabled_0049CCA8>
    0057C1EE   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C1F1   .  8B80 3C040000 mov eax,dword ptr ds:[eax+0x43C]
    0057C1F7   .  B2 01         mov dl,0x1
    0057C1F9   .  E8 AA0AF2FF   call <MassTube._Unit24.TMenuItem.SetEnabled_0049CCA8>
    0057C1FE   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C201   .  E8 3EFDEFFF   call <MassTube._Unit22.TControl.GetClientHeight_0047BF44>
    0057C206   .  8BD0          mov edx,eax                                                      ;  kernel32.BaseThreadInitThunk
    0057C208   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C20B   .  8B80 F4030000 mov eax,dword ptr ds:[eax+0x3F4]
    0057C211   .  E8 0EFAEFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C216   .  C605 31E85900>mov byte ptr ds:[0x59E831],0x0
    0057C21D   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C220   .  8B80 E4030000 mov eax,dword ptr ds:[eax+0x3E4]
    0057C226   .  8B50 48       mov edx,dword ptr ds:[eax+0x48]
    0057C229   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C22C   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C232   .  E8 21FAEFFF   call <MassTube._Unit22.TControl.SetWidth_0047BC58>
    0057C237   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C23A   .  8B80 94030000 mov eax,dword ptr ds:[eax+0x394]
    0057C240   .  8B50 40       mov edx,dword ptr ds:[eax+0x40]
    0057C243   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C246   .  8B80 98030000 mov eax,dword ptr ds:[eax+0x398]
    0057C24C   .  0350 40       add edx,dword ptr ds:[eax+0x40]
    0057C24F   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C252   .  8B80 E4030000 mov eax,dword ptr ds:[eax+0x3E4]
    0057C258   .  0350 40       add edx,dword ptr ds:[eax+0x40]
    0057C25B   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C25E   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C264   .  E8 87F9EFFF   call <MassTube._Unit22.TControl.SetLeft_0047BBF0>
    0057C269   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C26C   .  8B80 98030000 mov eax,dword ptr ds:[eax+0x398]
    0057C272   .  8B50 44       mov edx,dword ptr ds:[eax+0x44]
    0057C275   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C278   .  8B80 E4030000 mov eax,dword ptr ds:[eax+0x3E4]
    0057C27E   .  0350 44       add edx,dword ptr ds:[eax+0x44]
    0057C281   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C284   .  8B80 E4030000 mov eax,dword ptr ds:[eax+0x3E4]
    0057C28A   .  0350 4C       add edx,dword ptr ds:[eax+0x4C]
    0057C28D   .  4A            dec edx                                                          ;  MassTube.<ModuleEntryPoint>
    0057C28E   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C291   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C297   .  E8 88F9EFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C29C   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C29F   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C2A5   .  8B50 48       mov edx,dword ptr ds:[eax+0x48]
    0057C2A8   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2AB   .  8B80 28040000 mov eax,dword ptr ds:[eax+0x428]
    0057C2B1   .  2B50 48       sub edx,dword ptr ds:[eax+0x48]
    0057C2B4   .  83EA 04       sub edx,0x4
    0057C2B7   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2BA   .  8B80 28040000 mov eax,dword ptr ds:[eax+0x428]
    0057C2C0   .  E8 2BF9EFFF   call <MassTube._Unit22.TControl.SetLeft_0047BBF0>
    0057C2C5   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2C8   .  8B80 50040000 mov eax,dword ptr ds:[eax+0x450]
    0057C2CE   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C2D0   .  E8 6302F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C2D5   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2D8   .  8B80 A0040000 mov eax,dword ptr ds:[eax+0x4A0]
    0057C2DE   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C2E0   .  E8 5302F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C2E5   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2E8   .  8B80 A4040000 mov eax,dword ptr ds:[eax+0x4A4]
    0057C2EE   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C2F0   .  E8 4302F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C2F5   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C2F8   .  8B80 84040000 mov eax,dword ptr ds:[eax+0x484]
    0057C2FE   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C300   .  E8 8BF6F3FF   call <MassTube.ExtCtrls.TCustomPanel.SetBevelInner_004BB990>
    0057C305   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C308   .  8B80 84040000 mov eax,dword ptr ds:[eax+0x484]
    0057C30E   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C310   .  E8 97F6F3FF   call <MassTube.ExtCtrls.TCustomPanel.SetBevelOuter_004BB9AC>
    0057C315   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C318   .  8B80 90040000 mov eax,dword ptr ds:[eax+0x490]                                 ;  wow64.75205E39
    0057C31E   .  B2 01         mov dl,0x1
    0057C320   .  E8 1302F0FF   call <MassTube._Unit22.TControl.SetVisible_0047C538>
    0057C325   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C328   .  E8 37E3FFFF   call <MassTube._Unit54.sub_0057A664_0057A664>
    0057C32D   .  A1 58805900   mov eax,dword ptr ds:[0x598058]                                  ;  lY
    0057C332   .  8338 05       cmp dword ptr ds:[eax],0x5
    0057C335   .  0F85 DD000000 jnz MassTube.0057C418
    0057C33B   .  A1 74835900   mov eax,dword ptr ds:[0x598374]                                  ;  pY
    0057C340   .  8338 01       cmp dword ptr ds:[eax],0x1
    0057C343   .  0F85 CF000000 jnz MassTube.0057C418
    0057C349   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C34C   .  8B80 EC030000 mov eax,dword ptr ds:[eax+0x3EC]
    0057C352   .  BA A1000000   mov edx,0xA1
    0057C357   .  E8 30F9EFFF   call <MassTube._Unit22.TControl.SetHeight_0047BC8C>
    0057C35C   .  A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                  ;  寸Y
    0057C361   .  8B00          mov eax,dword ptr ds:[eax]
    0057C363   .  8B15 5C825900 mov edx,dword ptr ds:[0x59825C]                                  ;  扮Y
    0057C369   .  8B12          mov edx,dword ptr ds:[edx]
    0057C36B   .  E8 A8BAE8FF   call <MassTube.System.@UStrEqual_00407E18>
    0057C370   .  75 28         jnz short MassTube.0057C39A
    0057C372   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C375   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C37B   .  BA A5000000   mov edx,0xA5
    0057C380   .  E8 07F9EFFF   call <MassTube._Unit22.TControl.SetHeight_0047BC8C>
    0057C385   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C388   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C38E   .  BA 0B000000   mov edx,0xB
    0057C393   .  E8 8CF8EFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C398   .  EB 26         jmp short MassTube.0057C3C0
    0057C39A   >  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C39D   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C3A3   .  BA AE000000   mov edx,0xAE
    0057C3A8   .  E8 DFF8EFFF   call <MassTube._Unit22.TControl.SetHeight_0047BC8C>
    0057C3AD   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C3B0   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C3B6   .  BA 08000000   mov edx,0x8
    0057C3BB   .  E8 64F8EFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C3C0   >  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C3C3   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C3C9   .  33D2          xor edx,edx                                                      ;  MassTube.<ModuleEntryPoint>
    0057C3CB   .  E8 0C05F5FF   call <MassTube._Unit30.TCustomListView.SetRowSelect_004CC8DC>
    0057C3D0   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C3D3   .  8B80 F0030000 mov eax,dword ptr ds:[eax+0x3F0]
    0057C3D9   .  8A90 E1020000 mov dl,byte ptr ds:[eax+0x2E1]
    0057C3DF   .  0A15 68C85700 or dl,byte ptr ds:[0x57C868]
    0057C3E5   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C3E8   .  8B80 F0030000 mov eax,dword ptr ds:[eax+0x3F0]
    0057C3EE   .  E8 8104F5FF   call <MassTube._Unit30.TCustomListView.SetHotTrackStyles_004CC87>
    0057C3F3   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C3F6   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C3FC   .  8A90 E1020000 mov dl,byte ptr ds:[eax+0x2E1]
    0057C402   .  0A15 68C85700 or dl,byte ptr ds:[0x57C868]
    0057C408   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C40B   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C411   .  E8 5E04F5FF   call <MassTube._Unit30.TCustomListView.SetHotTrackStyles_004CC87>
    0057C416   .  EB 64         jmp short MassTube.0057C47C
    0057C418   >  A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                  ;  寸Y
    0057C41D   .  8B00          mov eax,dword ptr ds:[eax]
    0057C41F   .  8B15 5C825900 mov edx,dword ptr ds:[0x59825C]                                  ;  扮Y
    0057C425   .  8B12          mov edx,dword ptr ds:[edx]
    0057C427   .  E8 ECB9E8FF   call <MassTube.System.@UStrEqual_00407E18         ;  》比较EAX与EDX中字符串是否相同
    0057C42C   .  75 28         jnz short MassTube.0057C456                                      ;  》相同则不跳转
    0057C42E   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C431   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C437   .  BA AA000000   mov edx,0xAA
    0057C43C   .  E8 4BF8EFFF   call <MassTube._Unit22.TControl.SetHeight_0047BC8C>
    0057C441   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C444   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C44A   .  BA 0A000000   mov edx,0xA
    0057C44F   .  E8 D0F7EFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C454   .  EB 26         jmp short MassTube.0057C47C
    0057C456   >  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C459   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C45F   .  BA A4000000   mov edx,0xA4
    0057C464   .  E8 23F8EFFF   call <MassTube._Unit22.TControl.SetHeight_0047BC8C>
    0057C469   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057C46C   .  8B80 94040000 mov eax,dword ptr ds:[eax+0x494]
    0057C472   .  BA 0C000000   mov edx,0xC
    0057C477   .  E8 A8F7EFFF   call <MassTube._Unit22.TControl.SetTop_0047BC24>
    0057C47C   >  B2 01         mov dl,0x1
    
    

    4、经过分析发现下面这几行代码的EAX、EDX中会存放“Free”或“”Plus“,并通过call <MassTube.System.@UStrEqual_00407E18>函数比较是否相同,如果不同,jnz short MassTube.0057C456 就会实现跳转;
    [Asm] 纯文本查看 复制代码
    0057C418   > \A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                  ;  寸Y
    0057C41D   .  8B00          mov eax,dword ptr ds:[eax]
    0057C41F   .  8B15 5C825900 mov edx,dword ptr ds:[0x59825C]                                  ;  扮Y
    0057C425   .  8B12          mov edx,dword ptr ds:[edx]
    0057C427   .  E8 ECB9E8FF   call <MassTube.System.@UStrEqual_00407E18         ;  》比较EAX与EDX中字符串是否相同
    0057C42C   .  75 28         jnz short MassTube.0057C456                                      ;  》相同则不跳转
    

    5、我们追踪EAX和EDX的来源,发现跳转来自
    [Asm] 纯文本查看 复制代码
    0057C328   .  E8 37E3FFFF   call <MassTube._Unit54.sub_0057A664_0057A664>
    0057C32D   .  A1 58805900   mov eax,dword ptr ds:[0x598058]                                  ;  lY
    0057C332   .  8338 05       cmp dword ptr ds:[eax],0x5
    0057C335   .  0F85 DD000000 jnz MassTube.0057C418

    那么,我们就进入来自跳转上面的call <MassTube._Unit54.sub_0057A664_0057A664>看看;
    6、F7进入后来到这里(代码片段),对这两处0057A6CE . A1 FC7F5900 mov eax,dword ptr ds:[0x597FFC] ; 寸Y和0057A6D3 . 8B15 5C825900 mov edx,dword ptr ds:[0x59825C] ; 扮Y是不是很熟悉,里面存放的字符串如果没授权,一个是free,一个是plus,如果已授权,两个都是plus,那么就让它上面的跳转0057A6BA 75 26 jnz short MassTube.0057A6E2不实现就行了
    [Asm] 纯文本查看 复制代码
    0057A664 > $  55            push ebp                                                                          ;  _Unit54.sub_0057A664_0057A664
    
    0057A665   .  8BEC          mov ebp,esp
    0057A667   .  B9 0B000000   mov ecx,0xB
    0057A66C   >  6A 00         push 0x0
    0057A66E   .  6A 00         push 0x0
    0057A670   .  49            dec ecx
    0057A671   .^ 75 F9         jnz short MassTube.0057A66C
    0057A673   .  53            push ebx
    0057A674   .  56            push esi
    0057A675   .  57            push edi
    0057A676   .  8945 FC       mov dword ptr ss:[ebp-0x4],eax                                                    ;  kernel32.BaseThreadInitThunk
    0057A679   .  33C0          xor eax,eax                                                                       ;  kernel32.BaseThreadInitThunk
    0057A67B   .  55            push ebp
    0057A67C   .  68 64AB5700   push MassTube.0057AB64
    0057A681   .  64:FF30       push dword ptr fs:[eax]
    0057A684   .  64:8920       mov dword ptr fs:[eax],esp
    0057A687   .  C645 E7 00    mov byte ptr ss:[ebp-0x19],0x0
    0057A68B   .  8D45 F0       lea eax,dword ptr ss:[ebp-0x10]
    0057A68E   .  E8 DD43FEFF   call <MassTube.HTTPGet.sub_0055EA70_0055EA70>
    0057A693      837D F0 00    cmp dword ptr ss:[ebp-0x10],0x0
    0057A697      74 0B         je short MassTube.0057A6A4
    0057A699      8B45 F0       mov eax,dword ptr ss:[ebp-0x10]
    0057A69C   .  E8 5F41FEFF   call <MassTube.HTTPGet.sub_0055E800_0055E800>
    0057A6A1   .  8845 E7       mov byte ptr ss:[ebp-0x19],al
    0057A6A4   >  A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                                   ;  寸Y
    0057A6A9   .  8B15 8C845900 mov edx,dword ptr ds:[0x59848C]                                                   ;  MassTube.0059E7AC
    0057A6AF   .  8B12          mov edx,dword ptr ds:[edx]
    0057A6B1   .  E8 0ECCE8FF   call <MassTube.System.@UStrAsg_004072C4>
    0057A6B6      807D E7 01    cmp byte ptr ss:[ebp-0x19],0x1
    [b]0057A6BA      75 26         jnz short MassTube.0057A6E2                                                       ;  》【破解处】[/b]
    0057A6BC   .  A1 1CE85900   mov eax,dword ptr ds:[0x59E81C]
    0057A6C1   .  8B80 70040000 mov eax,dword ptr ds:[eax+0x470]
    0057A6C7   .  33D2          xor edx,edx                                                                       ;  MassTube.<ModuleEntryPoint>
    0057A6C9   .  E8 F626F2FF   call <MassTube._Unit24.TMenuItem.SetVisible_0049CDC4>
    [b]0057A6CE   .  A1 FC7F5900   mov eax,dword ptr ds:[0x597FFC]                                                   ;  寸Y
    0057A6D3   .  8B15 5C825900 mov edx,dword ptr ds:[0x59825C]                                                   ;  扮Y[/b]
    0057A6D9   .  8B12          mov edx,dword ptr ds:[edx]
    0057A6DB   .  E8 E4CBE8FF   call <MassTube.System.@UStrAsg_004072C4>
    0057A6E0   .  EB 12         jmp short MassTube.0057A6F4
    0057A6E2   >  A1 1CE85900   mov eax,dword ptr ds:[0x59E81C]
    0057A6E7   .  8B80 70040000 mov eax,dword ptr ds:[eax+0x470]
    0057A6ED   .  B2 01         mov dl,0x1
    0057A6EF   .  E8 D026F2FF   call <MassTube._Unit24.TMenuItem.SetVisible_0049CDC4>
    0057A6F4   >  8D4D E0       lea ecx,dword ptr ss:[ebp-0x20]
    0057A6F7   .  BA 80AB5700   mov edx,MassTube.0057AB80                                                         ;  PosicionFormRecordar
    0057A6FC   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A6FF   .  E8 10FEFFFF   call <MassTube._Unit54.TFrmMassTube.LeerArchivoConfig_0057A514>
    0057A704   .  8B45 E0       mov eax,dword ptr ss:[ebp-0x20]
    0057A707   .  BA B8AB5700   mov edx,MassTube.0057ABB8                                                         ;  1
    0057A70C   .  E8 07D7E8FF   call <MassTube.System.@UStrEqual_00407E18>
    0057A711   .  0F85 C6010000 jnz MassTube.0057A8DD
    0057A717   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A71A   .  8B80 CC030000 mov eax,dword ptr ds:[eax+0x3CC]
    0057A720   .  B2 01         mov dl,0x1
    0057A722   .  E8 2D25F2FF   call <MassTube._Unit24.TMenuItem.SetChecked_0049CC54>
    0057A727   .  8D4D DC       lea ecx,dword ptr ss:[ebp-0x24]
    0057A72A   .  BA C8AB5700   mov edx,MassTube.0057ABC8                                                         ;  PosicionFormSuperior
    0057A72F   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A732   .  E8 DDFDFFFF   call <MassTube._Unit54.TFrmMassTube.LeerArchivoConfig_0057A514>
    0057A737   .  8B45 DC       mov eax,dword ptr ss:[ebp-0x24]
    0057A73A   .  8D55 F8       lea edx,dword ptr ss:[ebp-0x8]
    0057A73D   .  E8 122CEAFF   call <MassTube.SysUtils.Trim_0041D354>
    0057A742   .  8D4D D8       lea ecx,dword ptr ss:[ebp-0x28]
    0057A745   .  BA 00AC5700   mov edx,MassTube.0057AC00                                                         ;  PosicionFormIzquierda
    0057A74A   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A74D   .  E8 C2FDFFFF   call <MassTube._Unit54.TFrmMassTube.LeerArchivoConfig_0057A514>
    0057A752   .  8B45 D8       mov eax,dword ptr ss:[ebp-0x28]
    0057A755   .  8D55 F4       lea edx,dword ptr ss:[ebp-0xC]
    0057A758   .  E8 F72BEAFF   call <MassTube.SysUtils.Trim_0041D354>
    0057A75D   .  837D F8 00    cmp dword ptr ss:[ebp-0x8],0x0
    0057A761   .  0F84 F0000000 je MassTube.0057A857
    0057A767   .  837D F4 00    cmp dword ptr ss:[ebp-0xC],0x0
    0057A76B   .  0F84 E6000000 je MassTube.0057A857
    0057A771   .  33C0          xor eax,eax                                                                       ;  kernel32.BaseThreadInitThunk
    0057A773   .  55            push ebp
    0057A774   .  68 B8A75700   push MassTube.0057A7B8
    0057A779   .  64:FF30       push dword ptr fs:[eax]
    0057A77C   .  64:8920       mov dword ptr fs:[eax],esp
    0057A77F   .  8B45 F8       mov eax,dword ptr ss:[ebp-0x8]                                                    ;  kernel32.76D8344D
    0057A782   .  E8 4D33EAFF   call <MassTube.SysUtils.StrToInt_0041DAD4>
    0057A787   .  8945 EC       mov dword ptr ss:[ebp-0x14],eax                                                   ;  kernel32.BaseThreadInitThunk
    0057A78A   .  8B45 F4       mov eax,dword ptr ss:[ebp-0xC]
    0057A78D   .  E8 4233EAFF   call <MassTube.SysUtils.StrToInt_0041DAD4>
    0057A792   .  8945 E8       mov dword ptr ss:[ebp-0x18],eax                                                   ;  kernel32.BaseThreadInitThunk
    0057A795   .  8B55 E8       mov edx,dword ptr ss:[ebp-0x18]
    0057A798   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A79B   .  E8 C4A2F7FF   call <MassTube._Unit33.TCustomForm.SetLeft_004F4A64>
    0057A7A0   .  8B55 EC       mov edx,dword ptr ss:[ebp-0x14]
    0057A7A3   .  8B45 FC       mov eax,dword ptr ss:[ebp-0x4]
    0057A7A6   .  E8 F5A2F7FF   call <MassTube._Unit33.TCustomForm.SetTop_004F4AA0>
    0057A7AB   .  33C0          xor eax,eax                                                                       ;  kernel32.BaseThreadInitThunk
    0057A7AD   .  5A            pop edx                                                                           ;  kernel32.76D8344D
    0057A7AE   .  59            pop ecx                                                                           ;  kernel32.76D8344D
    0057A7AF   .  59            pop ecx                                                                           ;  kernel32.76D8344D
    0057A7B0   .  64:8910       mov dword ptr fs:[eax],edx                                                        ;  MassTube.<ModuleEntryPoint>
    0057A7B3   .  E9 91010000   jmp MassTube.0057A949
    0057A7B8   .^ E9 C3BBE8FF   jmp <MassTube.System.@HandleOnException_00406380>
    0057A7BD      01            db 01
    0057A7BE      00            db 00
    0057A7BF      00            db 00
    0057A7C0      00            db 00
    0057A7C1   .  9C724100      dd MassTube.0041729C                                                              ;  UNICODE "狴A"
    0057A7C5   .  C9A75700      dd MassTube.0057A7C9
    0057A7C9   .  A1 44855900   mov eax,dword ptr ds:[0x598544]
    0057A7CE   .  8B00          mov eax,dword ptr ds:[eax]
    0057A7D0   .  E8 4BAFF7FF   call <MassTube._Unit33.TScreen.GetHeight_004F5720>
    0057A7D5   .  8B55 FC       mov edx,dword ptr ss:[ebp-0x4]
    0057A7D8   .  2B42 4C       sub eax,dword ptr ds:[edx+0x4C]
    0057A7DB   .  D1F8          sar eax,1
    0057A7DD   .  79 03         jns short MassTube.0057A7E2
    0057A7DF   .  83D0 00       adc eax,0x0
    0057A7E2   >  8945 EC       mov dword ptr ss:[ebp-0x14],eax                                                   ;  kernel32.BaseThreadInitThunk

    简单分析了一下,不够详细,望各位见谅。
    回复 支持 反对

    使用道具 举报

    您需要登录后才可以回帖 登录 | 加入论坛

    本版积分规则

    关闭

    站长推荐上一条 /1 下一条

    快速回复 返回顶部 返回列表