破解遇到的问题！从来没试过不知道怎么解决！

天颖 · 发表于 2008-2-17 03:16:35

软件名称:  QQ朗读器
http://shareware.skycn.com/soft/6288.htm

晚上无聊时下的  会自己说话挺有趣的

刚想破解它他好象能检测OD  OD一运行程序就自己删除掉！

这样的软件  我觉得学习一下蛮重要的  请大虾帮忙  告诉一下思路和方法！
小弟在此谢了~！

anson2416 · 发表于 2008-2-18 14:07:26

sf
我是菜鸟多多指教
我也想知道怎样破解这个软件

cnos · 发表于 2008-2-18 14:23:12

OD隐藏一下试试看呢

Luckly · 发表于 2008-2-18 15:56:01

00496F78 E8 CFE6F6FF    call qqtalk.0040564C                      ; 关键call
00496F7D 0F85 8F000000 jnz qqtalk.00497012                      ; 关键跳  不能跳
00496F83 8D55 DC       lea edx,dword ptr ss:[ebp-24]
00496F86 8B45 FC       mov eax,dword ptr ss:[ebp-4]
00496F89 8B80 80030000 mov eax,dword ptr ds:[eax+380]
00496F8F E8 E0C1FBFF    call qqtalk.00453174
00496F94 8B4D DC       mov ecx,dword ptr ss:[ebp-24]
00496F97 BA F0704900    mov edx,qqtalk.004970F0                   ; ASCII "qqtalk"
00496F9C B8 00714900    mov eax,qqtalk.00497100                   ; ASCII

"mengfeixiang"

天颖 · 发表于 2008-2-18 19:45:22

呵 Luckly
那你是怎么找到这个地方的？要下什么断点？
应该他自校验吧？

Luckly · 发表于 2008-2-19 20:09:15

隐藏OD
载入后运行  有一个$$a$$.bat吧好像是不记得了

把此文件内容清空  把那个bat文件的属性改成只读
就可以放心调试了

Bp MessageBoxA ...................  后面你的自己弄....什么自效验之类你弄不好就直接Loader

jmzhwf · 发表于 2008-2-19 23:47:57

原帖由 Luckly 于 2008-2-18 15:56 发表
00496F78 E8 CFE6F6FF    call qqtalk.0040564C                      ; 关键call
00496F7D 0F85 8F000000 jnz qqtalk.00497012                      ; 关键跳  不能跳
00496F83 8D55 DC       ...

想的太简单了吗

lixy8888 · 发表于 2008-2-20 09:44:05

迷惑?到底是怎么判度的?

shl19720610 · 发表于 2008-2-20 16:32:56

00496EB4 55             PUSH EBP
00496EB5 8BEC          MOV EBP,ESP
00496EB7 B9 04000000    MOV ECX,4
00496EBC 6A 00          PUSH 0
00496EBE 6A 00          PUSH 0
00496EC0 49             DEC ECX
00496EC1  ^75 F9          JNZ SHORT qqtalk.00496EBC
00496EC3 51             PUSH ECX
00496EC4 53             PUSH EBX
00496EC5 56             PUSH ESI
00496EC6 57             PUSH EDI
00496EC7 8945 FC       MOV DWORD PTR SS:[EBP-4],EAX
00496ECA 33C0          XOR EAX,EAX
00496ECC 55             PUSH EBP
00496ECD 68 9D704900    PUSH qqtalk.0049709D
00496ED2 64:FF30       PUSH DWORD PTR FS:[EAX]
00496ED5 64:8920       MOV DWORD PTR FS:[EAX],ESP
00496ED8 8D55 F4       LEA EDX,DWORD PTR SS:[EBP-C]
00496EDB 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496EDE 8B98 7C030000 MOV EBX,DWORD PTR DS:[EAX+37C]
00496EE4 8BC3          MOV EAX,EBX
00496EE6 E8 89C2FBFF    CALL qqtalk.00453174
00496EEB 8B45 F4       MOV EAX,DWORD PTR SS:[EBP-C]
00496EEE 8D55 F8       LEA EDX,DWORD PTR SS:[EBP-8]
00496EF1 E8 A229F7FF    CALL qqtalk.00409898
00496EF6 8B55 F8       MOV EDX,DWORD PTR SS:[EBP-8]
00496EF9 8BC3          MOV EAX,EBX
00496EFB E8 A4C2FBFF    CALL qqtalk.004531A4
00496F00 8D55 EC       LEA EDX,DWORD PTR SS:[EBP-14]
00496F03 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496F06 8B98 80030000 MOV EBX,DWORD PTR DS:[EAX+380]
00496F0C 8BC3          MOV EAX,EBX
00496F0E E8 61C2FBFF    CALL qqtalk.00453174
00496F13 8B45 EC       MOV EAX,DWORD PTR SS:[EBP-14]
00496F16 8D55 F0       LEA EDX,DWORD PTR SS:[EBP-10]
00496F19 E8 7A29F7FF    CALL qqtalk.00409898
00496F1E 8B55 F0       MOV EDX,DWORD PTR SS:[EBP-10]
00496F21 8BC3          MOV EAX,EBX
00496F23 E8 7CC2FBFF    CALL qqtalk.004531A4
00496F28 33C0          XOR EAX,EAX
00496F2A 55             PUSH EBP
00496F2B 68 36704900    PUSH qqtalk.00497036
00496F30 64:FF30       PUSH DWORD PTR FS:[EAX]
00496F33 64:8920       MOV DWORD PTR FS:[EAX],ESP
00496F36 6A 00          PUSH 0
00496F38 8D45 E8       LEA EAX,DWORD PTR SS:[EBP-18]
00496F3B 50             PUSH EAX
00496F3C 8D55 E4       LEA EDX,DWORD PTR SS:[EBP-1C]
00496F3F 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496F42 8B80 80030000 MOV EAX,DWORD PTR DS:[EAX+380]
00496F48 E8 27C2FBFF    CALL qqtalk.00453174
00496F4D 8B45 E4       MOV EAX,DWORD PTR SS:[EBP-1C]
00496F50 B9 B4704900    MOV ECX,qqtalk.004970B4                ; EF1B
00496F55 BA C4704900    MOV EDX,qqtalk.004970C4                ; 95669E30254FD9FC24F642D880006E75
00496F5A E8 E102FFFF    CALL qqtalk.00487240
00496F5F 8B45 E8       MOV EAX,DWORD PTR SS:[EBP-18]
00496F62 50             PUSH EAX
00496F63 8D55 E0       LEA EDX,DWORD PTR SS:[EBP-20]
00496F66 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496F69 8B80 7C030000 MOV EAX,DWORD PTR DS:[EAX+37C]
00496F6F E8 00C2FBFF    CALL qqtalk.00453174
00496F74 8B55 E0       MOV EDX,DWORD PTR SS:[EBP-20]
00496F77 58             POP EAX
00496F78 E8 CFE6F6FF    CALL qqtalk.0040564C
00496F7D 0F85 8F000000 JNZ qqtalk.00497012
00496F83 8D55 DC       LEA EDX,DWORD PTR SS:[EBP-24]
00496F86 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496F89 8B80 80030000 MOV EAX,DWORD PTR DS:[EAX+380]
00496F8F E8 E0C1FBFF    CALL qqtalk.00453174
00496F94 8B4D DC       MOV ECX,DWORD PTR SS:[EBP-24]
00496F97 BA F0704900    MOV EDX,qqtalk.004970F0                ; qqtalk
00496F9C B8 00714900    MOV EAX,qqtalk.00497100                ; mengfeixiang
00496FA1 E8 9A0DFFFF    CALL qqtalk.00487D40
00496FA6 A1 08504A00    MOV EAX,DWORD PTR DS:[4A5008]
00496FAB 8B00          MOV EAX,DWORD PTR DS:[EAX]
00496FAD C680 AC040000 01 MOV BYTE PTR DS:[EAX+4AC],1
00496FB4 A1 08504A00    MOV EAX,DWORD PTR DS:[4A5008]
00496FB9 8B00          MOV EAX,DWORD PTR DS:[EAX]
00496FBB 8B80 68040000 MOV EAX,DWORD PTR DS:[EAX+468]
00496FC1 33D2          XOR EDX,EDX
00496FC3 E8 846CFAFF    CALL qqtalk.0043DC4C
00496FC8 A1 08504A00    MOV EAX,DWORD PTR DS:[4A5008]
00496FCD 8B00          MOV EAX,DWORD PTR DS:[EAX]
00496FCF BA 18714900    MOV EDX,qqtalk.00497118                ; QQ朗读器
00496FD4 E8 CBC1FBFF    CALL qqtalk.004531A4
00496FD9 A1 08504A00    MOV EAX,DWORD PTR DS:[4A5008]
00496FDE 8B00          MOV EAX,DWORD PTR DS:[EAX]
00496FE0 8B80 D4030000 MOV EAX,DWORD PTR DS:[EAX+3D4]
00496FE6 8B10          MOV EDX,DWORD PTR DS:[EAX]
00496FE8 FF92 F0000000 CALL DWORD PTR DS:[EDX+F0]
00496FEE 6A 00          PUSH 0
00496FF0 68 24714900    PUSH qqtalk.00497124                   ; QQ朗读器
00496FF5 68 30714900    PUSH qqtalk.00497130                   ; 注册成功!
00496FFA 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00496FFD E8 3A41FCFF    CALL qqtalk.0045B13C
00497002 50             PUSH EAX
00497003 E8 700FF7FF    CALL <JMP.&user32.MessageBoxA>
00497008 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
0049700B E8 EC62FDFF    CALL qqtalk.0046D2FC
00497010 EB 1A          JMP SHORT qqtalk.0049702C
00497012 6A 30          PUSH 30
00497014 68 3C714900    PUSH qqtalk.0049713C                   ; 提示
00497019 68 44714900    PUSH qqtalk.00497144                   ; 对不起,注册码错误!(请点击"立即购买"按钮购买注册码).
0049701E 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
00497021 E8 1641FCFF    CALL qqtalk.0045B13C
00497026 50             PUSH EAX
00497027 E8 4C0FF7FF    CALL <JMP.&user32.MessageBoxA>
0049702C 33C0          XOR EAX,EAX
0049702E 5A             POP EDX
0049702F 59             POP ECX
00497030 59             POP ECX
00497031 64:8910       MOV DWORD PTR FS:[EAX],EDX
00497034 EB 24          JMP SHORT qqtalk.0049705A
00497036  ^E9 C9D7F6FF    JMP qqtalk.00404804
0049703B 6A 30          PUSH 30
0049703D 68 3C714900    PUSH qqtalk.0049713C                   ; 提示
00497042 68 44714900    PUSH qqtalk.00497144                   ; 对不起,注册码错误!(请点击"立即购买"按钮购买注册码).
00497047 8B45 FC       MOV EAX,DWORD PTR SS:[EBP-4]
0049704A E8 ED40FCFF    CALL qqtalk.0045B13C
0049704F 50             PUSH EAX
00497050 E8 230FF7FF    CALL <JMP.&user32.MessageBoxA>
00497055 E8 BADBF6FF    CALL qqtalk.00404C14

暗里着迷 · 发表于 2008-3-23 20:44:47

原帖由 Luckly 于 2008-2-19 20:09 发表
隐藏OD
载入后运行  有一个$$a$$.bat吧好像是不记得了

把此文件内容清空  把那个bat文件的属性改成只读
就可以放心调试了

Bp MessageBoxA ...................  后面你的自己弄....什么自效验之类 ...

好厉害啊.这样都能观察得到..

		自动登录	找回密码
密码			加入我们

[求助] 破解遇到的问题！从来没试过 不知道怎么解决！

[求助] 破解遇到的问题！从来没试过不知道怎么解决！