VB程序爆破过程-新手可以研究一下
本文转载于吾爱破解论坛,原文地址:
http://www.52pojie.cn/thread-284232-1-1.html
1、看了很多教程第一步就是查有没有加壳。
P-code,记得以前在看雪那里看过fly大大有一篇也是说这个VB程序用VBExplorer和WKT VBDebugger以下简称WKT来追码的。
但是我水平不够,我只能说说爆破,,这里先提一句高手可以给点意见,菜菜们可以自己动手,说的不对的地方还希望各位大大们能批评指正!
2、在网上找了好几个工具vb decompiler这个感觉不错,我们用他先来分析一下
先看看对对象树里面的forms
发现这两个可一个是本地注册form一个是开启软件就弹出的注册窗口
我们双击 lgRegisterForm 旁边窗口弹出
VERSION 5.00 Begin VB.Form lgRegisterForm 'Offset: 0005F7A6 Caption = "ЗлКдИлЧ??бВл" BackColor = &HE0E0E0& ScaleMode = 1 AutoRedraw = False FontTransparent = True Picture = "lgRegisterForm.frx":0 BorderStyle = 0 'None Icon = "lgRegisterForm.frx":3005 LinkTopic = "Form1" MaxButton = 0 'False ClientLeft = 0 ClientTop = 105 ClientWidth = 8115 ClientHeight = 5850 StartUpPosition = 3 'Windows Default Begin Timer timerInit 'Offset: 00062B0A
由于源代码过大,请下载TXT文本阅览:
VB程序爆破过程-新手可以研究一下.rar
这里就是我们点击注册后,程序时钟里面就会在这里进程注册码的换算了上面几个就是爆破的地方然后我们再看
Code -> lgRegisterForm -> ToRegister_9F529C
这里就是单你输入注册码是中文字及英文时而且不是10位就是出窗的地方
Public Sub ToRegister() '9F529C
'Data Table: 408F2C
Dim var_8C As Variant
Dim var_A0 As Variant
Dim var_88 As String
Dim var_B8 As Long
Dim var_90 As String
Dim MemVar_A045E8 As Global
loc_9F4F07: var_B0 = Trim(CVar(Me.teRegCode.Text))
loc_9F4F17: var_8C = vbNull 'Ignore this
loc_9F4F1A: var_A0 = "" = "" 'Ignore this
loc_9F4F2B: StrongRtrim(CStr(var_B0))
loc_9F4F30: SetLastSystemError 'Ignore this
loc_9F4F42: var_90 = "" = "" 'Ignore this
loc_9F4F4C: var_90 = var_B4
loc_9F4F60: var_88 = var_90
loc_9F4F69: global_88 = Proc_3_1_9DE7EC(var_90, StrConv(var_B4, vbUnicode))
loc_9F4F6D: var_90 = "" = "" 'Ignore this
loc_9F4F7F: If (global_88 = vbNullString) Then
(如果没有输入注册码就不跳出现没有输入注册码的窗口)
loc_9F4F9B: MsgBox "您还没有输入注册码", 0, var_B0, var_F8, var_118
loc_9F4FA0: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F4FAB: Exit Sub
loc_9F4FAC: End If
loc_9F4FC1: var_B8 = InStr(1, global_88, "xiaomei", 0)
loc_9F4FCD: If (var_B8 > 0) Then
loc_9F4FFA: global_88 = CStr(Left(global_88, (Len(global_88) - 7)))
loc_9F4FFE: var_90 = "" 'Ignore this
loc_9F5001: var_A0 = "" 'Ignore this
loc_9F5014: Me.teRegCode.Text = global_88
loc_9F5019: var_8C = vbNull 'Ignore this
loc_9F502B: Me.timerRegister.Interval = &HA
loc_9F5030: var_8C = vbNull 'Ignore this
loc_9F5033: End If
loc_9F5048: SetLastSystemError 'Ignore this
loc_9F5059: var_90 = "" 'Ignore this
loc_9F505C: If CBool(vcIsChinese(global_88, var_B8)) Then
(如果输入中文注册码就不跳出现
输入中文注册码的窗口)
loc_9F5078: MsgBox "请不要在输入中文的状态下输入注册码。", 0, var_B0, var_F8, var_118
loc_9F507D: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F5092: Me.teRegCode.SetFocus
loc_9F5097: var_8C = vbNull 'Ignore this
loc_9F509D: Else
loc_9F50AA: If (Len(global_88) <> &HA) Then
(如果输入中文注册码不=10位就不跳出现
输入注册码位数不对的窗口)
loc_9F50BC: Me.teRegCode.SelStart = 0
loc_9F50C1: var_8C = vbNull 'Ignore this
loc_9F50E4: Me.teRegCode.SelLength = Len(Me.teRegCode.Text)
loc_9F50E9: var_90 = "" 'Ignore this
loc_9F50EC: var_8C = "" = "" 'Ignore this
loc_9F510C: MsgBox "注意, 注册码有10位。您输的不对。", 0, var_B0, var_F8, var_118
loc_9F5111: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F5126: Me.teRegCode.SetFocus
loc_9F512B: var_8C = vbNull 'Ignore this
loc_9F5131: Else
loc_9F5146: SetLastSystemError 'Ignore this
loc_9F5159: var_90 = "" 'Ignore this
loc_9F515C: If (vcIsAllDigit(global_88, StrConv(global_88, vbUnicode), global_88) = CLng(0)) Then
(如果输入注册码有英文就出现注册码不能是字母
的窗口)
loc_9F516E: Me.teRegCode.SelStart = 0
loc_9F5173: var_8C = vbNull 'Ignore this
loc_9F5196: Me.teRegCode.SelLength = Len(Me.teRegCode.Text)
loc_9F519B: var_90 = "" 'Ignore this
loc_9F519E: var_8C = "" = "" 'Ignore this
loc_9F51BE: MsgBox "注意,注册码应全是数字。别把字母 O 和 0, 字母 l 和 1 混了。", 0, var_B0, var_F8, var_118
loc_9F51C3: var_A0 = "": var_B0 = "": var_F8 = "" = "" 'Ignore this
loc_9F51D8: Me.teRegCode.SetFocus
loc_9F51DD: var_8C = vbNull 'Ignore this
loc_9F51E3: Else
loc_9F51EC: global_76 = global_88
loc_9F51F8: global_80 = 0
loc_9F5203: NewIfNullPr 'Ignore this
loc_9F5206: var_8C = MemVar_A045E8.Screen
loc_9F520E: Screen.MousePointer = &HB
loc_9F5213: var_8C = vbNull 'Ignore this
loc_9F5222: Me.lbWait.Visible = True
loc_9F5227: var_8C = vbNull 'Ignore this
loc_9F522D: PopAdLdVar 'Ignore this
loc_9F5238: Me.prWait.Visible = True
loc_9F523D: var_8C = vbNull 'Ignore this
loc_9F5248: If CBool(global_84) Then
loc_9F5254: NewIfNullPr CLinkGroup 'Ignore this
loc_9F5257: Call global_52.HideLabel("sub-btNetRegister")
loc_9F525F: Else
loc_9F5268: NewIfNullPr CLinkGroup 'Ignore this
loc_9F526B: Call global_52.HideLabel("sub-btRegister")
loc_9F527C: NewIfNullPr CInterface 'Ignore this
loc_9F527F: Call global_60.EnableButton("btRegister", CLng(0))
loc_9F5284: End If
loc_9F5290: Me.timerRegister.Enabled = True
loc_9F5295: var_8C = vbNull 'Ignore this
loc_9F5298: End If
loc_9F5298: End If
loc_9F5298: End If
loc_9F5298: Exit Sub
End Sub
好了总结一下9FFCB5这里二进制1C改成1E 9FFD82二进制1C改成1E 9FFDF9二进制1C改成1E 9FFE61二进制1C改成1E 9FFF36二进制1C改成1E(关键注册的地方)
9F4F7F这里二进制1C改成1E 9F505C二进制1C改成1E 9F50AA二进制1C改成1E 9F515C二进制1C改成1E (这里改了就不管你输入什么注册码都能注册成功)
如何改大家可以用winhex来改都可以,好了,第一次写这样子的文章,有不足之处还请批评指正
