减小字体
增大字体 目标程序:Xceed ZIP Library
版本:4.1
破解工具:Wdasm和TRW2000
下载地址:
难度:中级?
==================================================================
关键在于注册表里有一个License键值,注册后,VB需要License键值,而Delphi需要XzCreateXceedZipA
函数中引用License参数!主要破解代码段如下:
Exported fn(): XzCreateXceedZipA - Ord:0008h
:67682841 55 push ebp
:67682842 8BEC mov ebp, esp
:67682844 51 push ecx
:67682845 51 push ecx
:67682846 8365FC00 and dword ptr [ebp-04], 00000000
:6768284A 8D45FC lea eax, dword ptr [ebp-04]
:6768284D 50 push eax
:6768284E E8AB020000 call 67682AFE
:67682853 85C0 test eax, eax
:67682855 7C73 jl 676828CA
:67682857 8B45FC mov eax, dword ptr [ebp-04]
:6768285A 85C0 test eax, eax
:6768285C 746C je 676828CA
:6768285E 8B08 mov ecx, dword ptr [eax]
:67682860 57 push edi
:67682861 50 push eax
:67682862 FF5104 call [ecx+04]
:67682865 8B45FC mov eax, dword ptr [ebp-04]
:67682868 6AFF push FFFFFFFF
:6768286A FF7508 push [ebp+08]
:6768286D 8980F4150000 mov dword ptr [eax+000015F4], eax
:67682873 C780F815000001000000 mov dword ptr [ebx+000015F8], 00000001
:6768287D 834DF8FF or dword ptr [ebp-08], FFFFFFFF
:67682881 E83B87FFFF call 6767AFC1
:67682886 59 pop ecx
:67682887 8BF8 mov edi, eax
:67682889 59 pop ecx
:6768288A 57 push edi
* Reference To: OLEAUT32.SysStringLen, Ord:0007h
|
:6768288B FF154CA26967 Call dword ptr [6769A24C]
:67682891 85C0 test eax, eax
:67682893 751C jne 676828B1
:6768A6AD 56 push esi
:6768A6AE 8B742410 mov esi, dword ptr [esp+10]
:6768A6B2 85F6 test esi, esi
:6768A6B4 7507 jne 6768A6BD
:6768A6B6 B803400080 mov eax, 80004003
:6768A6BB EB13 jmp 6768A6D0
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:6768A6B4(C)
|
:6768A6BD FF74240C push [esp+0C]
:6768A6C1 E879BC0000 call 6769633F
:6768A6C6 F6D8 neg al
:6768A6C8 1BC0 sbb eax, eax
:6768A6CA 59 pop ecx
:6768A6CB 668906 mov word ptr [esi], ax
:6768A6CE 33C0 xor eax, eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:6768A6BB(U)
|
:6768A6D0 5E pop esi
:6768A6D1 C20C00 ret 000C
* Referenced by a CALL at Address:
|:6768A6C1
|
:6769633F 56 push esi
:67696340 BE10306A67 mov esi, 676A3010
:67696345 8BCE mov ecx, esi
:67696347 E8D0030000 call 6769671C
:6769634C 84C0 test al, al
:6769634E 7526 jne 67696376
:67696350 8D442408 lea eax, dword ptr [esp+08]
:67696354 6A01 push 00000001
:67696356 50 push eax
:67696357 E8AD010000 call 67696509
:6769635C 59 pop ecx
:6769635D 84C0 test al, al
:6769635F 59 pop ecx
:67696360 7514 jne 67696376
:67696362 8D442408 lea eax, dword ptr [esp+08]
:67696366 6A01 push 00000001
:67696368 50 push eax
:67696369 E810020000 call 6769657E
:6769636E 59 pop ecx
:6769636F 84C0 test al, al
:67696371 59 pop ecx
:67696372 7502 jne 67696376
:67696374 5E pop esi
:67696375 C3 ret
* Referenced by a CALL at Addresses:
|:67682898 , :67682922 , :6768299F , :67682A16 , :6769562B
|:676956E5 , :67696369 , :676967B9 , :67696830
|
:6769657E 55 push ebp
:6769657F 8BEC mov ebp, esp
:67696581 51 push ecx
:67696582 51 push ecx
:67696583 8B4508 mov eax, dword ptr [ebp+08]
:67696586 53 push ebx
:67696587 33DB xor ebx, ebx
:67696589 56 push esi
* Reference To: OLEAUT32.SysFreeString, Ord:0006h
|
:6769658A 8B3558A26967 mov esi, dword ptr [6769A258]
:67696590 3BC3 cmp eax, ebx
:67696592 895DFC mov dword ptr [ebp-04], ebx
:67696595 7413 je 676965AA
:67696597 57 push edi
:67696598 8B38 mov edi, dword ptr [eax]
:6769659A 53 push ebx
:6769659B FFD6 call esi
:6769659D 57 push edi
* Reference To: OLEAUT32.SysAllocString, Ord:0002h
|
:6769659E FF1550A26967 Call dword ptr [6769A250]
:676965A4 8945FC mov dword ptr [ebp-04], eax
:676965A7 5F pop edi
:676965A8 EB0E jmp 676965B8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:67696595(C)
|
:676965AA 8D45FC lea eax, dword ptr [ebp-04]
:676965AD 50 push eax
:676965AE E8A8FEFFFF call 6769645B
:676965B3 84C0 test al, al
:676965B5 59 pop ecx
:676965B6 742D je 676965E5
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:676965A8(U)
|
:676965B8 8D45F8 lea eax, dword ptr [ebp-08]
:676965BB 50 push eax
:676965BC 8D450B lea eax, dword ptr [ebp+0B]
:676965BF 50 push eax
:676965C0 8D45FC lea eax, dword ptr [ebp-04]
:676965C3 50 push eax
:676965C4 E87C000000 call 67696645
:676965C9 83C40C add esp, 0000000C
:676965CC 84C0 test al, al
:676965CE 7415 je 676965E5
:676965D0 385D0C cmp byte ptr [ebp+0C], bl
:676965D3 740D je 676965E2
:676965D5 FF75F8 push [ebp-08]
:676965D8 B910306A67 mov ecx, 676A3010
:676965DD E89B010000 call 6769677D
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:676965D3(C)
|
:676965E2 8A5D0B mov bl, byte ptr [ebp+0B]
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:676965B6(C), :676965CE(C)
|
:676965E5 FF75FC push [ebp-04]
:676965E8 FFD6 call esi
:676965EA 8AC3 mov al, bl
:676965EC 5E pop esi
:676965ED 5B pop ebx
:676965EE C9 leave
:676965EF C3 ret
* Referenced by a CALL at Addresses:
|:6769654F , :676965C4
|
:67696645 55 push ebp
:67696646 8BEC mov ebp, esp
:67696648 83EC10 sub esp, 00000010
:6769664B 53 push ebx
:6769664C 56 push esi
:6769664D 8B7508 mov esi, dword ptr [ebp+08]
:67696650 33DB xor ebx, ebx
:67696652 57 push edi
:67696653 8B06 mov eax, dword ptr [esi]
:67696655 3BC3 cmp eax, ebx
:67696657 0F84A0000000 je 676966FD
:6769665D 50 push eax
* Reference To: OLEAUT32.SysStringLen, Ord:0007h
|
:6769665E FF154CA26967 Call dword ptr [6769A24C]
:67696664 83F820 cmp eax, 00000020 <---比对License串的长度是否为32字节
:67696667 0F8590000000 jne 676966FD
:6769666D 33C0 xor eax, eax
:6769666F 8D7DF4 lea edi, dword ptr [ebp-0C]
:67696672 895DF0 mov dword ptr [ebp-10], ebx
:67696675 AB stosd
:67696676 AB stosd
:67696677 AB stosd
:67696678 8B06 mov eax, dword ptr [esi]
:6769667A 3BC3 cmp eax, ebx
:6769667C 894508 mov dword ptr [ebp+08], eax
:6769667F 7504 jne 67696685
:67696681 33F6 xor esi, esi
:67696683 EB2C jmp 676966B1
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:6769667F(C)
|
:67696685 50 push eax
* Reference To: KERNEL32.lstrlenW, Ord:0309h
|
:67696686 FF15A8A16967 Call dword ptr [6769A1A8]
:6769668C 8D7C0002 lea edi, dword ptr [eax+eax+02]
:67696690 8BC7 mov eax, edi
:67696692 83C003 add eax, 00000003
:67696695 24FC and al, FC
:67696697 E8D42F0000 call 67699670
:6769669C 8BF4 mov esi, esp
:6769669E 53 push ebx
:6769669F 53 push ebx
:676966A0 57 push edi
:676966A1 56 push esi
:676966A2 6AFF push FFFFFFFF
:676966A4 FF7508 push [ebp+08]
:676966A7 881E mov byte ptr [esi], bl
:676966A9 53 push ebx
:676966AA 53 push ebx
* Reference To: KERNEL32.WideCharToMultiByte, Ord:02D2h
|
:676966AB FF15B4A16967 Call dword ptr [6769A1B4]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:67696683(U)
|
:676966B1 8D45F0 lea eax, dword ptr [ebp-10]
:676966B4 50 push eax
:676966B5 56 push esi
* Possible StringData Ref from Data Obj ->"Xceed Software Inc."
|
:676966B6 68002C6A67 push 676A2C00
:676966BB E830FFFFFF call 676965F0
:676966C0 0FB775F6 movzx esi, word ptr [ebp-0A]-----
:676966C4 8A4DFB mov cl, byte ptr [ebp-05] |
:676966C7 0375F0 add esi, dword ptr [ebp-10] |
:676966CA 0FB745F4 movzx eax, word ptr [ebp-0C] |
:676966CE 0FB6D1 movzx edx, cl |
:676966D1 03F2 add esi, edx |计算
:676966D3 33D2 xor edx, edx |
:676966D5 03C6 add eax, esi |
:676966D7 BEFF000000 mov esi, 000000FF |
:676966DC F7F6 div esi <---------------------|
:676966DE 83C40C add esp, 0000000C
:676966E1 3A55FF cmp dl, byte ptr [ebp-01] <----关键
:676966E4 7517 jne 676966FD
:676966E6 8B450C mov eax, dword ptr [ebp+0C]
:676966E9 F6C101 test cl, 01
:676966EC 7413 je 67696701
:676966EE 53 push ebx
:676966EF C60001 mov byte ptr [eax], 01
:676966F2 E88CFCFFFF call 67696383
:676966F7 3945F0 cmp dword ptr [ebp-10], eax
:676966FA 59 pop ecx
:676966FB 7408 je 67696705
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:67696657(C), :67696667(C), :676966E4(C)
|
:676966FD 32C0 xor al, al
:676966FF EB13 jmp 67696714
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:676966EC(C)
|
:67696701 8818 mov byte ptr [eax], bl
:67696703 EB03 jmp 67696708
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:676966FB(C)
|
:67696705 8A4DFB mov cl, byte ptr [ebp-05]
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:67696703(U)
|
:67696708 8B4510 mov eax, dword ptr [ebp+10]
:6769670B D0E9 shr cl, 1
:6769670D 80E101 and cl, 01
:67696710 8808 mov byte ptr [eax], cl
:67696712 B001 mov al, 01
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:676966FF(U)
|
:67696714 8D65E4 lea esp, dword ptr [ebp-1C]
:67696717 5F pop edi
:67696718 5E pop esi
:67696719 5B pop ebx
:6769671A C9 leave
:6769671B C3 ret
