[10月12日]玄奥八字V5.6 BY lvcaolhx
【破文标题】玄奥八字V5.6 BY lvcaolhx
【破文作者】lvcaolhx
【作者邮箱】 [email]hafiwu@sohu.com[/email]
【作者主页】lvcaolhx.blog.51cto.com
【破解工具】OD/PEID
【破解平台】XPsp2
【软件名称】玄奥八字V5.6
【软件大小】
【原版下载】
【保护方式】
【软件简介】
【破解声明】菜鸟破解,无技术可言!
------------------------------------------------------------------------
【破解过程】
1.用OD载入,查找字串“已注册有问题联系我.”
超级字串参考,项目 1162
地址=00433879
反汇编=MOV EDX,1.005317B6
文本字串=已注册有问题联系我.
【破文标题】玄奥八字V5.6 BY lvcaolhx
【破文作者】lvcaolhx
【作者邮箱】 [email]hafiwu@sohu.com[/email]
【作者主页】lvcaolhx.blog.51cto.com
【破解工具】OD/PEID
【破解平台】XPsp2
【软件名称】玄奥八字V5.6
【软件大小】
【原版下载】
【保护方式】
【软件简介】
【破解声明】菜鸟破解,无技术可言!
------------------------------------------------------------------------
【破解过程】
1.用OD载入,查找字串“已注册有问题联系我.”
超级字串参考,项目 1162
地址=00433879
反汇编=MOV EDX,1.005317B6
文本字串=已注册有问题联系我.
双击返回OD
004337D4 55 PUSH EBP
004337D5 8BEC MOV EBP,ESP
004337D7 83C4 BC ADD ESP,-44
004337DA 8855 BF MOV BYTE PTR SS:[EBP-41],DL
004337DD 8945 C0 MOV DWORD PTR SS:[EBP-40],EAX
004337E0 B8 FC185300 MOV EAX,1.005318FC
004337E5 E8 8A060C00 CALL 1.004F3E74
004337EA 66:C745 D4 0800 MOV WORD PTR SS:[EBP-2C],8
004337F0 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
004337F3 E8 88E4FCFF CALL 1.00401C80
004337F8 50 PUSH EAX
004337F9 FF45 E0 INC DWORD PTR SS:[EBP-20]
004337FC BA A8175300 MOV EDX,1.005317A8 ; dat\bzpic.bmp
00433801 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00433804 E8 4FEC0C00 CALL 1.00502458
00433809 FF45 E0 INC DWORD PTR SS:[EBP-20]
0043380C 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
0043380F B8 88E55400 MOV EAX,1.0054E588
00433814 59 POP ECX
00433815 E8 66ED0C00 CALL 1.00502580
0043381A 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
0043381D 8B12 MOV EDX,DWORD PTR DS:[EDX]
0043381F 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
00433822 8B88 F8020000 MOV ECX,DWORD PTR DS:[EAX+2F8]
00433828 8B81 68010000 MOV EAX,DWORD PTR DS:[ECX+168]
0043382E E8 C5D30600 CALL 1.004A0BF8
00433833 FF4D E0 DEC DWORD PTR SS:[EBP-20]
00433836 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00433839 BA 02000000 MOV EDX,2
0043383E E8 E5EC0C00 CALL 1.00502528
00433843 FF4D E0 DEC DWORD PTR SS:[EBP-20]
00433846 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00433849 BA 02000000 MOV EDX,2
0043384E E8 D5EC0C00 CALL 1.00502528
00433853 807D BF 00 CMP BYTE PTR SS:[EBP-41],0//将0修改为1,实现注册
00433857 0F84 8E000000 JE 1.004338EB//关键跳
0043385D 8B4D C0 MOV ECX,DWORD PTR SS:[EBP-40]
00433860 8B81 10030000 MOV EAX,DWORD PTR DS:[ECX+310]
00433866 8B40 68 MOV EAX,DWORD PTR DS:[EAX+68]
00433869 BA 0C000000 MOV EDX,0C
0043386E E8 EDA00600 CALL 1.0049D960
00433873 66:C745 D4 1400 MOV WORD PTR SS:[EBP-2C],14
00433879 BA B6175300 MOV EDX,1.005317B6 ; 已注册有问题联系我.
//返回到这里,向上找地方下断
保存后运行,程序标题栏有“未注册”,关于栏内显示已注册
004337D5 8BEC MOV EBP,ESP
004337D7 83C4 BC ADD ESP,-44
004337DA 8855 BF MOV BYTE PTR SS:[EBP-41],DL
004337DD 8945 C0 MOV DWORD PTR SS:[EBP-40],EAX
004337E0 B8 FC185300 MOV EAX,1.005318FC
004337E5 E8 8A060C00 CALL 1.004F3E74
004337EA 66:C745 D4 0800 MOV WORD PTR SS:[EBP-2C],8
004337F0 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
004337F3 E8 88E4FCFF CALL 1.00401C80
004337F8 50 PUSH EAX
004337F9 FF45 E0 INC DWORD PTR SS:[EBP-20]
004337FC BA A8175300 MOV EDX,1.005317A8 ; dat\bzpic.bmp
00433801 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00433804 E8 4FEC0C00 CALL 1.00502458
00433809 FF45 E0 INC DWORD PTR SS:[EBP-20]
0043380C 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
0043380F B8 88E55400 MOV EAX,1.0054E588
00433814 59 POP ECX
00433815 E8 66ED0C00 CALL 1.00502580
0043381A 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
0043381D 8B12 MOV EDX,DWORD PTR DS:[EDX]
0043381F 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
00433822 8B88 F8020000 MOV ECX,DWORD PTR DS:[EAX+2F8]
00433828 8B81 68010000 MOV EAX,DWORD PTR DS:[ECX+168]
0043382E E8 C5D30600 CALL 1.004A0BF8
00433833 FF4D E0 DEC DWORD PTR SS:[EBP-20]
00433836 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00433839 BA 02000000 MOV EDX,2
0043383E E8 E5EC0C00 CALL 1.00502528
00433843 FF4D E0 DEC DWORD PTR SS:[EBP-20]
00433846 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00433849 BA 02000000 MOV EDX,2
0043384E E8 D5EC0C00 CALL 1.00502528
00433853 807D BF 00 CMP BYTE PTR SS:[EBP-41],0//将0修改为1,实现注册
00433857 0F84 8E000000 JE 1.004338EB//关键跳
0043385D 8B4D C0 MOV ECX,DWORD PTR SS:[EBP-40]
00433860 8B81 10030000 MOV EAX,DWORD PTR DS:[ECX+310]
00433866 8B40 68 MOV EAX,DWORD PTR DS:[EAX+68]
00433869 BA 0C000000 MOV EDX,0C
0043386E E8 EDA00600 CALL 1.0049D960
00433873 66:C745 D4 1400 MOV WORD PTR SS:[EBP-2C],14
00433879 BA B6175300 MOV EDX,1.005317B6 ; 已注册有问题联系我.
//返回到这里,向上找地方下断
保存后运行,程序标题栏有“未注册”,关于栏内显示已注册
2.去“未注册”字样
再用OD载入,查找字串“未注册”
超级字串参考,项目 20
地址=0040285B
反汇编=MOV EDX,1.00519321
文本字串=玄奥八字V5.6未注册
双击返回OD
004025F0 55 PUSH EBP
004025F1 8BEC MOV EBP,ESP
004025F3 83C4 A0 ADD ESP,-60
004025F6 8955 A8 MOV DWORD PTR SS:[EBP-58],EDX
004025F9 8945 AC MOV DWORD PTR SS:[EBP-54],EAX
004025FC B8 00A25100 MOV EAX,4.0051A200
00402601 E8 6E180F00 CALL 4.004F3E74
00402606 66:C745 C0 0800 MOV WORD PTR SS:[EBP-40],8
0040260C 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0040260F E8 6CF6FFFF CALL 4.00401C80
00402614 FF45 CC INC DWORD PTR SS:[EBP-34]
00402617 66:C745 C0 1400 MOV WORD PTR SS:[EBP-40],14
0040261D 66:C745 C0 2000 MOV WORD PTR SS:[EBP-40],20
00402623 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00402626 E8 55F6FFFF CALL 4.00401C80
0040262B 8BD0 MOV EDX,EAX
0040262D FF45 CC INC DWORD PTR SS:[EBP-34]
00402630 33C0 XOR EAX,EAX
00402632 E8 ADC00500 CALL 4.0045E6E4
00402637 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
0040263A FF32 PUSH DWORD PTR DS:[EDX]
0040263C 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
0040263F E8 3CF6FFFF CALL 4.00401C80
00402644 8BD0 MOV EDX,EAX
00402646 FF45 CC INC DWORD PTR SS:[EBP-34]
00402649 58 POP EAX
0040264A E8 65B10400 CALL 4.0044D7B4
0040264F 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
00402652 B8 88E55400 MOV EAX,4.0054E588
00402657 E8 FCFE0F00 CALL 4.00502558
0040265C FF4D CC DEC DWORD PTR SS:[EBP-34]
0040265F 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
00402662 BA 02000000 MOV EDX,2
00402667 E8 BCFE0F00 CALL 4.00502528
0040266C FF4D CC DEC DWORD PTR SS:[EBP-34]
0040266F 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00402672 BA 02000000 MOV EDX,2
00402677 E8 ACFE0F00 CALL 4.00502528
0040267C B8 88E55400 MOV EAX,4.0054E588
00402681 E8 1E020000 CALL 4.004028A4
00402686 8BD0 MOV EDX,EAX
00402688 B8 88E55400 MOV EAX,4.0054E588
0040268D E8 36020000 CALL 4.004028C8
00402692 0FBE10 MOVSX EDX,BYTE PTR DS:[EAX]
00402695 83FA 5C CMP EDX,5C
00402698 74 33 JE SHORT 4.004026CD
0040269A 66:C745 C0 2C00 MOV WORD PTR SS:[EBP-40],2C
004026A0 BA E3925100 MOV EDX,4.005192E3 ; \
004026A5 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004026A8 E8 ABFD0F00 CALL 4.00502458
004026AD FF45 CC INC DWORD PTR SS:[EBP-34]
004026B0 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
004026B3 B8 88E55400 MOV EAX,4.0054E588
004026B8 E8 AFFE0F00 CALL 4.0050256C
004026BD FF4D CC DEC DWORD PTR SS:[EBP-34]
004026C0 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004026C3 BA 02000000 MOV EDX,2
004026C8 E8 5BFE0F00 CALL 4.00502528
004026CD 6A 1C PUSH 1C
004026CF E8 FC040F00 CALL 4.004F2BD0
004026D4 59 POP ECX
004026D5 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
004026D8 85C0 TEST EAX,EAX
004026DA 74 40 JE SHORT 4.0040271C
004026DC 66:C745 C0 4400 MOV WORD PTR SS:[EBP-40],44
004026E2 BA F3925100 MOV EDX,4.005192F3 ; bzpm.txt
004026E7 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
004026EA E8 69FD0F00 CALL 4.00502458
004026EF FF45 CC INC DWORD PTR SS:[EBP-34]
004026F2 FF30 PUSH DWORD PTR DS:[EAX]
004026F4 BA E5925100 MOV EDX,4.005192E5 ; dat\bzpic.bmp
004026F9 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
004026FC E8 57FD0F00 CALL 4.00502458
00402701 FF45 CC INC DWORD PTR SS:[EBP-34]
00402704 FF30 PUSH DWORD PTR DS:[EAX]
00402706 FF75 E4 PUSH DWORD PTR SS:[EBP-1C]
00402709 E8 6A000300 CALL 4.00432778
0040270E 83C4 0C ADD ESP,0C
00402711 66:C745 C0 3800 MOV WORD PTR SS:[EBP-40],38
00402717 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0040271A EB 03 JMP SHORT 4.0040271F
0040271C 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0040271F 8915 8CE55400 MOV DWORD PTR DS:[54E58C],EDX
00402725 FF4D CC DEC DWORD PTR SS:[EBP-34]
00402728 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
0040272B BA 02000000 MOV EDX,2
00402730 E8 F3FD0F00 CALL 4.00502528
00402735 FF4D CC DEC DWORD PTR SS:[EBP-34]
00402738 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
0040273B BA 02000000 MOV EDX,2
00402740 E8 E3FD0F00 CALL 4.00502528
00402745 A1 8CE55400 MOV EAX,DWORD PTR DS:[54E58C]
0040274A 83C0 10 ADD EAX,10
0040274D E8 52010000 CALL 4.004028A4
00402752 85C0 TEST EAX,EAX
00402754 /75 75 JNZ SHORT 1.004027CB//修改此处跳转JNZ SHORT 4.004027BF,可去掉“未注册字样”
00402756 6A 40 PUSH 40
00402758 68 1B935100 PUSH 4.0051931B ; 提示
0040275D 68 FC925100 PUSH 4.005192FC ; 端口读取暂时出错,请重启软件!
00402762 8B45 AC MOV EAX,DWORD PTR SS:[EBP-54]
00402765 E8 06630C00 CALL 4.004C8A70
0040276A 50 PUSH EAX
0040276B E8 7E481100 CALL <JMP.&USER32.MessageBoxA>
00402770 8B15 8CE55400 MOV EDX,DWORD PTR DS:[54E58C]
00402776 8955 DC MOV DWORD PTR SS:[EBP-24],EDX
00402779 837D DC 00 CMP DWORD PTR SS:[EBP-24],0
0040277D 74 21 JE SHORT 4.004027A0
0040277F 8B4D DC MOV ECX,DWORD PTR SS:[EBP-24]
00402782 8B01 MOV EAX,DWORD PTR DS:[ECX]
00402784 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX
00402787 66:C745 C0 5C00 MOV WORD PTR SS:[EBP-40],5C
0040278D 6A 03 PUSH 3
0040278F 8B55 DC MOV EDX,DWORD PTR SS:[EBP-24]
00402792 52 PUSH EDX
00402793 8B0A MOV ECX,DWORD PTR DS:[EDX]
00402795 FF11 CALL DWORD PTR DS:[ECX]
00402797 83C4 08 ADD ESP,8
0040279A 66:C745 C0 5000 MOV WORD PTR SS:[EBP-40],50
004027A0 A1 ACDD5400 MOV EAX,DWORD PTR DS:[54DDAC]
004027A5 8B00 MOV EAX,DWORD PTR DS:[EAX]
004027A7 E8 98F00A00 CALL 4.004B1844
004027AC FF4D CC DEC DWORD PTR SS:[EBP-34]
004027AF 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004027B2 BA 02000000 MOV EDX,2
004027B7 E8 6CFD0F00 CALL 4.00502528
004027BC 8B4D B0 MOV ECX,DWORD PTR SS:[EBP-50]
004027BF 64:890D 0000000>MOV DWORD PTR FS:[0],ECX
004027C6 E9 D4000000 JMP 4.0040289F
004027CB FF35 8CE55400 PUSH DWORD PTR DS:[54E58C]
004027D1 E8 72070300 CALL 4.00432F48
004027D6 59 POP ECX
004027D7 84C0 TEST AL,AL
004027D9 74 7A JE SHORT 4.00402855
004027DB FF35 8CE55400 PUSH DWORD PTR DS:[54E58C]
004027E1 E8 B6080300 CALL 4.0043309C
004027E6 59 POP ECX
004027E7 84C0 TEST AL,AL
004027E9 74 6A JE SHORT 4.00402855
004027EB 8B45 AC MOV EAX,DWORD PTR SS:[EBP-54]
004027EE 8B90 FC030000 MOV EDX,DWORD PTR DS:[EAX+3FC]
004027F4 81C2 48020000 ADD EDX,248
004027FA 8955 A0 MOV DWORD PTR SS:[EBP-60],EDX
004027FD 66:C745 C0 6800 MOV WORD PTR SS:[EBP-40],68
00402803 BA 20935100 MOV EDX,4.00519320
00402808 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
0040280B E8 48FC0F00 CALL 4.00502458
00402810 FF45 CC INC DWORD PTR SS:[EBP-34]
00402813 8B10 MOV EDX,DWORD PTR DS:[EAX]
00402815 8B45 A0 MOV EAX,DWORD PTR SS:[EBP-60]
00402818 8B00 MOV EAX,DWORD PTR DS:[EAX]
0040281A 8B08 MOV ECX,DWORD PTR DS:[EAX]
0040281C FF51 2C CALL DWORD PTR DS:[ECX+2C]
0040281F FF4D CC DEC DWORD PTR SS:[EBP-34]
00402822 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
00402825 BA 02000000 MOV EDX,2
0040282A E8 F9FC0F00 CALL 4.00502528
0040282F 8B4D AC MOV ECX,DWORD PTR SS:[EBP-54]
00402832 C681 A50A0000 0>MOV BYTE PTR DS:[ECX+AA5],1
00402839 FF4D CC DEC DWORD PTR SS:[EBP-34]
0040283C 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0040283F BA 02000000 MOV EDX,2
00402844 E8 DFFC0F00 CALL 4.00502528
00402849 8B4D B0 MOV ECX,DWORD PTR SS:[EBP-50]
0040284C 64:890D 0000000>MOV DWORD PTR FS:[0],ECX
00402853 EB 4A JMP SHORT 4.0040289F
00402855 66:C745 C0 7400 MOV WORD PTR SS:[EBP-40],74
0040285B BA 21935100 MOV EDX,4.00519321 ; 玄奥八字V5.6未注册
再用OD载入,查找字串“未注册”
超级字串参考,项目 20
地址=0040285B
反汇编=MOV EDX,1.00519321
文本字串=玄奥八字V5.6未注册
双击返回OD
004025F0 55 PUSH EBP
004025F1 8BEC MOV EBP,ESP
004025F3 83C4 A0 ADD ESP,-60
004025F6 8955 A8 MOV DWORD PTR SS:[EBP-58],EDX
004025F9 8945 AC MOV DWORD PTR SS:[EBP-54],EAX
004025FC B8 00A25100 MOV EAX,4.0051A200
00402601 E8 6E180F00 CALL 4.004F3E74
00402606 66:C745 C0 0800 MOV WORD PTR SS:[EBP-40],8
0040260C 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0040260F E8 6CF6FFFF CALL 4.00401C80
00402614 FF45 CC INC DWORD PTR SS:[EBP-34]
00402617 66:C745 C0 1400 MOV WORD PTR SS:[EBP-40],14
0040261D 66:C745 C0 2000 MOV WORD PTR SS:[EBP-40],20
00402623 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00402626 E8 55F6FFFF CALL 4.00401C80
0040262B 8BD0 MOV EDX,EAX
0040262D FF45 CC INC DWORD PTR SS:[EBP-34]
00402630 33C0 XOR EAX,EAX
00402632 E8 ADC00500 CALL 4.0045E6E4
00402637 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
0040263A FF32 PUSH DWORD PTR DS:[EDX]
0040263C 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
0040263F E8 3CF6FFFF CALL 4.00401C80
00402644 8BD0 MOV EDX,EAX
00402646 FF45 CC INC DWORD PTR SS:[EBP-34]
00402649 58 POP EAX
0040264A E8 65B10400 CALL 4.0044D7B4
0040264F 8D55 F4 LEA EDX,DWORD PTR SS:[EBP-C]
00402652 B8 88E55400 MOV EAX,4.0054E588
00402657 E8 FCFE0F00 CALL 4.00502558
0040265C FF4D CC DEC DWORD PTR SS:[EBP-34]
0040265F 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
00402662 BA 02000000 MOV EDX,2
00402667 E8 BCFE0F00 CALL 4.00502528
0040266C FF4D CC DEC DWORD PTR SS:[EBP-34]
0040266F 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00402672 BA 02000000 MOV EDX,2
00402677 E8 ACFE0F00 CALL 4.00502528
0040267C B8 88E55400 MOV EAX,4.0054E588
00402681 E8 1E020000 CALL 4.004028A4
00402686 8BD0 MOV EDX,EAX
00402688 B8 88E55400 MOV EAX,4.0054E588
0040268D E8 36020000 CALL 4.004028C8
00402692 0FBE10 MOVSX EDX,BYTE PTR DS:[EAX]
00402695 83FA 5C CMP EDX,5C
00402698 74 33 JE SHORT 4.004026CD
0040269A 66:C745 C0 2C00 MOV WORD PTR SS:[EBP-40],2C
004026A0 BA E3925100 MOV EDX,4.005192E3 ; \
004026A5 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004026A8 E8 ABFD0F00 CALL 4.00502458
004026AD FF45 CC INC DWORD PTR SS:[EBP-34]
004026B0 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
004026B3 B8 88E55400 MOV EAX,4.0054E588
004026B8 E8 AFFE0F00 CALL 4.0050256C
004026BD FF4D CC DEC DWORD PTR SS:[EBP-34]
004026C0 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
004026C3 BA 02000000 MOV EDX,2
004026C8 E8 5BFE0F00 CALL 4.00502528
004026CD 6A 1C PUSH 1C
004026CF E8 FC040F00 CALL 4.004F2BD0
004026D4 59 POP ECX
004026D5 8945 E4 MOV DWORD PTR SS:[EBP-1C],EAX
004026D8 85C0 TEST EAX,EAX
004026DA 74 40 JE SHORT 4.0040271C
004026DC 66:C745 C0 4400 MOV WORD PTR SS:[EBP-40],44
004026E2 BA F3925100 MOV EDX,4.005192F3 ; bzpm.txt
004026E7 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
004026EA E8 69FD0F00 CALL 4.00502458
004026EF FF45 CC INC DWORD PTR SS:[EBP-34]
004026F2 FF30 PUSH DWORD PTR DS:[EAX]
004026F4 BA E5925100 MOV EDX,4.005192E5 ; dat\bzpic.bmp
004026F9 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
004026FC E8 57FD0F00 CALL 4.00502458
00402701 FF45 CC INC DWORD PTR SS:[EBP-34]
00402704 FF30 PUSH DWORD PTR DS:[EAX]
00402706 FF75 E4 PUSH DWORD PTR SS:[EBP-1C]
00402709 E8 6A000300 CALL 4.00432778
0040270E 83C4 0C ADD ESP,0C
00402711 66:C745 C0 3800 MOV WORD PTR SS:[EBP-40],38
00402717 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0040271A EB 03 JMP SHORT 4.0040271F
0040271C 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0040271F 8915 8CE55400 MOV DWORD PTR DS:[54E58C],EDX
00402725 FF4D CC DEC DWORD PTR SS:[EBP-34]
00402728 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
0040272B BA 02000000 MOV EDX,2
00402730 E8 F3FD0F00 CALL 4.00502528
00402735 FF4D CC DEC DWORD PTR SS:[EBP-34]
00402738 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
0040273B BA 02000000 MOV EDX,2
00402740 E8 E3FD0F00 CALL 4.00502528
00402745 A1 8CE55400 MOV EAX,DWORD PTR DS:[54E58C]
0040274A 83C0 10 ADD EAX,10
0040274D E8 52010000 CALL 4.004028A4
00402752 85C0 TEST EAX,EAX
00402754 /75 75 JNZ SHORT 1.004027CB//修改此处跳转JNZ SHORT 4.004027BF,可去掉“未注册字样”
00402756 6A 40 PUSH 40
00402758 68 1B935100 PUSH 4.0051931B ; 提示
0040275D 68 FC925100 PUSH 4.005192FC ; 端口读取暂时出错,请重启软件!
00402762 8B45 AC MOV EAX,DWORD PTR SS:[EBP-54]
00402765 E8 06630C00 CALL 4.004C8A70
0040276A 50 PUSH EAX
0040276B E8 7E481100 CALL <JMP.&USER32.MessageBoxA>
00402770 8B15 8CE55400 MOV EDX,DWORD PTR DS:[54E58C]
00402776 8955 DC MOV DWORD PTR SS:[EBP-24],EDX
00402779 837D DC 00 CMP DWORD PTR SS:[EBP-24],0
0040277D 74 21 JE SHORT 4.004027A0
0040277F 8B4D DC MOV ECX,DWORD PTR SS:[EBP-24]
00402782 8B01 MOV EAX,DWORD PTR DS:[ECX]
00402784 8945 E0 MOV DWORD PTR SS:[EBP-20],EAX
00402787 66:C745 C0 5C00 MOV WORD PTR SS:[EBP-40],5C
0040278D 6A 03 PUSH 3
0040278F 8B55 DC MOV EDX,DWORD PTR SS:[EBP-24]
00402792 52 PUSH EDX
00402793 8B0A MOV ECX,DWORD PTR DS:[EDX]
00402795 FF11 CALL DWORD PTR DS:[ECX]
00402797 83C4 08 ADD ESP,8
0040279A 66:C745 C0 5000 MOV WORD PTR SS:[EBP-40],50
004027A0 A1 ACDD5400 MOV EAX,DWORD PTR DS:[54DDAC]
004027A5 8B00 MOV EAX,DWORD PTR DS:[EAX]
004027A7 E8 98F00A00 CALL 4.004B1844
004027AC FF4D CC DEC DWORD PTR SS:[EBP-34]
004027AF 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
004027B2 BA 02000000 MOV EDX,2
004027B7 E8 6CFD0F00 CALL 4.00502528
004027BC 8B4D B0 MOV ECX,DWORD PTR SS:[EBP-50]
004027BF 64:890D 0000000>MOV DWORD PTR FS:[0],ECX
004027C6 E9 D4000000 JMP 4.0040289F
004027CB FF35 8CE55400 PUSH DWORD PTR DS:[54E58C]
004027D1 E8 72070300 CALL 4.00432F48
004027D6 59 POP ECX
004027D7 84C0 TEST AL,AL
004027D9 74 7A JE SHORT 4.00402855
004027DB FF35 8CE55400 PUSH DWORD PTR DS:[54E58C]
004027E1 E8 B6080300 CALL 4.0043309C
004027E6 59 POP ECX
004027E7 84C0 TEST AL,AL
004027E9 74 6A JE SHORT 4.00402855
004027EB 8B45 AC MOV EAX,DWORD PTR SS:[EBP-54]
004027EE 8B90 FC030000 MOV EDX,DWORD PTR DS:[EAX+3FC]
004027F4 81C2 48020000 ADD EDX,248
004027FA 8955 A0 MOV DWORD PTR SS:[EBP-60],EDX
004027FD 66:C745 C0 6800 MOV WORD PTR SS:[EBP-40],68
00402803 BA 20935100 MOV EDX,4.00519320
00402808 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
0040280B E8 48FC0F00 CALL 4.00502458
00402810 FF45 CC INC DWORD PTR SS:[EBP-34]
00402813 8B10 MOV EDX,DWORD PTR DS:[EAX]
00402815 8B45 A0 MOV EAX,DWORD PTR SS:[EBP-60]
00402818 8B00 MOV EAX,DWORD PTR DS:[EAX]
0040281A 8B08 MOV ECX,DWORD PTR DS:[EAX]
0040281C FF51 2C CALL DWORD PTR DS:[ECX+2C]
0040281F FF4D CC DEC DWORD PTR SS:[EBP-34]
00402822 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
00402825 BA 02000000 MOV EDX,2
0040282A E8 F9FC0F00 CALL 4.00502528
0040282F 8B4D AC MOV ECX,DWORD PTR SS:[EBP-54]
00402832 C681 A50A0000 0>MOV BYTE PTR DS:[ECX+AA5],1
00402839 FF4D CC DEC DWORD PTR SS:[EBP-34]
0040283C 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0040283F BA 02000000 MOV EDX,2
00402844 E8 DFFC0F00 CALL 4.00502528
00402849 8B4D B0 MOV ECX,DWORD PTR SS:[EBP-50]
0040284C 64:890D 0000000>MOV DWORD PTR FS:[0],ECX
00402853 EB 4A JMP SHORT 4.0040289F
00402855 66:C745 C0 7400 MOV WORD PTR SS:[EBP-40],74
0040285B BA 21935100 MOV EDX,4.00519321 ; 玄奥八字V5.6未注册
【版权声明】本破文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! 版权归PYG所有
本文转自 lvcaolhx 51CTO博客,原文链接:http://blog.51cto.com/lvcaolhx/46096
