flashget破解过程源码分析
* Possible StringData Ref from Data Obj ->”General”
|
:00416973 688C334D00 push 004D338C
:00416978 51 push ecx
:00416979 8BCE mov ecx, esi
:0041697B C744243400000000 mov [esp+34], 00000000
:00416983 E8D2750800 call 0049DF5A
:00416988 8B54240C mov edx, dword ptr [esp+0C]
:0041698C BB01000000 mov ebx, 00000001
:00416991 885C2424 mov byte ptr [esp+24], bl
:00416995 8B42F8 mov eax, dword ptr [edx-08]
:00416998 85C0 test eax, eax
:0041699A 0F84CF000000 je 00416A6F
:004169A0 8B442408 mov eax, dword ptr [esp+08]
:004169A4 8B48F8 mov ecx, dword ptr [eax-08]
:004169A7 85C9 test ecx, ecx
:004169A9 0F84C0000000 je 00416A6F
:004169AF 57 push edi
:004169B0 53 push ebx
:004169B1 6A43 push 00000043
:004169B3 8D4C2420 lea ecx, dword ptr [esp+20]
:004169B7 E8CDD10600 call 00483B89
:004169BC 8D4C241C lea ecx, dword ptr [esp+1C]
:004169C0 53 push ebx
:004169C1 51 push ecx
:004169C2 8D4C2414 lea ecx, dword ptr [esp+14]
:004169C6 C644243002 mov [esp+30], 02
:004169CB E878D60600 call 00484048
:004169D0 8B542418 mov edx, dword ptr [esp+18]
:004169D4 8B00 mov eax, dword ptr [eax]
:004169D6 52 push edx
:004169D7 50 push eax
:004169D8 E8ABE60500 call 00475088
:004169DD 83C408 add esp, 00000008
:004169E0 8D4C241C lea ecx, dword ptr [esp+1C]
:004169E4 85C0 test eax, eax
:004169E6 0F94C0 sete al
:004169E9 25FF000000 and eax, 000000FF
:004169EE 8BF8 mov edi, eax
:004169F0 E81E1D0700 call 00488713
:004169F5 8D4C2418 lea ecx, dword ptr [esp+18]
:004169F9 885C2428 mov byte ptr [esp+28], bl
:004169FD E8111D0700 call 00488713
:00416A02 8B4C2410 mov ecx, dword ptr [esp+10]
:00416A06 57 push edi
:00416A07 8D542418 lea edx, dword ptr [esp+18]
:00416A0B 51 push ecx
:00416A0C 52 push edx
:00416A0D 8BCE mov ecx, esi
:00416A0F E89C000000 call 00416AB0
:00416A14 8B44240C mov eax, dword ptr [esp+0C]
:00416A18 8B4C2414 mov ecx, dword ptr [esp+14]
:00416A1C 50 push eax
:00416A1D 51 push ecx
======================================================================================
:00416A1E E865E60500 call 00475088————–这个CALL判断注册正确与否
:00416A23 83C408 add esp, 00000008 正确EAX=0否则为FFFFFFFF
:00416A26 885C2428 mov byte ptr [esp+28], bl
:00416A2A 85C0 test eax, eax
:00416A2C 5F pop edi
:00416A2D 8D4C2410 lea ecx, dword ptr [esp+10]
:00416A31 7537—>90 90 jne 00416A6A—————这里千万不能跳,要不广告条就出来了
=====================================================================================
:00416A33 E8DB1C0700 call 00488713
:00416A38 8D4C2408 lea ecx, dword ptr [esp+08]
:00416A3C C644242400 mov [esp+24], 00
:00416A41 E8CD1C0700 call 00488713
:00416A46 8D4C240C lea ecx, dword ptr [esp+0C]
:00416A4A C7442424FFFFFFFF mov [esp+24], FFFFFFFF
:00416A52 E8BC1C0700 call 00488713
:00416A57 8BC3 mov eax, ebx
:00416A59 5E pop esi
:00416A5A 5B pop ebx
:00416A5B 8B4C2414 mov ecx, dword ptr [esp+14]
:00416A5F 64890D00000000 mov dword ptr fs:[00000000], ecx
:00416A66 83C420 add esp, 00000020
:00416A69 C3 ret
好了用winhex 找上面的HEX 改75 37 为90 90就收工了
