···········破解版阳顶天0312 破解收费系统······_DNF地下城与勇士

zhang4816596

ZxID：1110290

等级: 上尉

举报只看楼主使用道具楼主发表于: 2009-03-12 0

由于HOOK.dll 这个文件
nSPack 2.1 - 2.5 -> North Star/Liu Xing Ping [Overlay]

是这个壳nSPack 2.1 希望高手在能破解···

附件:

破解版阳顶天0312.rar (183 K) 下载数:76

打赏收藏新鲜事

回复引用

鲜花[0]　

鸡蛋[0]

qq6235162

ZxID：1515263

等级: 中士

囧`` 找老婆难！找挂跟难！！

举报只看该作者沙发发表于: 2009-03-12 0

呵呵。。顶！！！！

C:\Documents and Settings\Administrator\桌面

回复引用

鲜花[0]　

鸡蛋[0]

zhang4816596

ZxID：1110290

等级: 上尉

举报只看该作者板凳发表于: 2009-03-12 0

00410BCA,按[F8]跳.
00410BC9 C3 RETN
00410BCA ^ EB AF JMP SHORT 样本.00410B7B ; (31) 回跳,跳到00410B7B,按[F8]跳.
.
.
.
00410B7B 61 POPAD ; (32) 跳到这里,按[F8]向下单步走.
00410B7C 9D POPFD
00410B7D EB 4E JMP SHORT 样本.00410BCD ; (33) 向下跳,按[F8]跳.
.
.
.
00410BCD - E9 EE16FFFF JMP 样本.004022C0 ; (34) 跳到这里后,按[F8]再跳,这里是光明的飞跃.
00410BD2 8BB5 48FDFFFF MOV ESI,DWORD PTR SS:[EBP-2B8]
00410BD8 0BF6 OR ESI,ESI
.
.
.
004022C0 . E8 970B0000 CALL 样本.00402E5C ; [InitCommonControls (这里就是程序脱完壳后的OEP了,在这里DUMP出来后,再修复一下程序的输入表就OK了).
004022C5 . E8 C60A0000 CALL 样本.00402D90 ; [GetCommandLineA
004022CA . 8BF0 MOV ESI,EAX
004022CC . 6A 00 PUSH 0 ; /Arg3 = 00000000
004022CE . 68 B3534000 PUSH 样本.004053B3 ; |Arg2 = 004053B3 ASCII "silent"
004022D3 . 56 PUSH ESI ; |Arg1
004022D4 . E8 570D0000 CALL 样本.00403030 ; \样本.00403030
004022D9 . A2 F7594000 MOV BYTE PTR DS:[4059F7],AL
004022DE . 6A 00 PUSH 0 ; /Arg3 = 00000000
004022E0 . 68 BA534000 PUSH 样本.004053BA ; |Arg2 = 004053BA ASCII "backup"
004022E5 . 56 PUSH ESI ; |Arg1
004022E6 . E8 450D0000 CALL 样本.00403030 ; \样本.00403030
004022EB . A2 F8594000 MOV BYTE PTR DS:[4059F8],AL
004022F0 . 6A 00 PUSH 0 ; /Arg3 = 00000000
004022F2 . 68 C1534000 PUSH 样本.004053C1 ; |Arg2 = 004053C1 ASCII "overwrite"
004022F7 . 56 PUSH ESI ; |Arg1
004022F8 . E8 330D0000 CALL 样本.00403030 ; \样本.00403030
004022FD . A2 F9594000 MOV BYTE PTR DS:[4059F9],AL
00402302 . 68 39554000 PUSH 样本.00405539 ; /Arg3 = 00405539
00402307 . 68 CB534000 PUSH 样本.004053CB ; |Arg2 = 004053CB ASCII "startupworkdir"
0040230C . 56 PUSH ESI ; |Arg1
0040230D . E8 1E0D0000 CALL 样本.00403030 ; \样本.00403030
00402312 . 3C 01 CMP AL,1
00402314 . 75 19 JNZ SHORT 样本.0040232F
00402316 . BE FA594000 MOV ESI,样本.004059FA
0040231B . 68 00020000 PUSH 200 ; /DestSizeMax = 200 (512.)
00402320 . 56 PUSH ESI ; |DestString => ""
00402321 . 68 39554000 PUSH 样本.00405539 ; |SrcString = ""
00402326 . E8 530A0000 CALL 样本.00402D7E ; \ExpandEnvironmentStringsA
0040232B . 8BC6 MOV EAX,ESI
0040232D . EB 02 JMP SHORT 样本.00402331
0040232F > 33C0 XOR EAX,EAX
00402331 > 50 PUSH EAX ; /Arg1
00402332 . E8 690D0000 CALL 样本.004030A0 ; \样本.004030A0
00402337 . 6A 00 PUSH 0 ; /pModule = NULL
00402339 . E8 640A0000 CALL 样本.00402DA2 ; \GetModuleHandleA
0040233E . A3 D0544000 MOV DWORD PTR DS:[4054D0],EAX
00402343 . 803D F7594000>CMP BYTE PTR DS:[4059F7],0
0040234A . 75 18 JNZ SHORT 样本.00402364
0040234C . 6A 00 PUSH 0 ; /lParam = NULL
0040234E . 68 D0194000 PUSH 样本.004019D0 ; |DlgProc = 样本.004019D0
00402353 . 6A 00 PUSH 0 ; |hOwner = NULL
00402355 . 6A 01 PUSH 1 ; |pTemplate = 1
00402357 . FF35 D0544000 PUSH DWORD PTR DS:[4054D0] ; |hInst = NULL
0040235D . E8 3E090000 CALL 样本.00402CA0 ; \DialogBoxParamA
00402362 . EB 05 JMP SHORT 样本.00402369
00402364 > E8 07000000 CALL 样本.00402370
00402369 > 6A 00 PUSH 0 ; /ExitCode = 0
0040236B . E8 080A0000 CALL 样本.00402D78 ; \ExitProcess