拆解一个简单的KeyFile保护
2024-08-28 00:45:44
系统 : Windows xp
程序 : abexcrackme3
程序下载地址 :http://pan.baidu.com/s/1mh3TiqO
要求 : 伪造Keyfile
使用工具 :IDA
可在看雪论坛中查找关于此程序的破文:http://bbs.pediy.com/showthread.php?t=30192
IDA载入程序,找出提示破解成功的字串“Yep, keyfile found!”并定位关键代码:
CODE: ; =============== S U B R O U T I N E =======================================
CODE:
CODE: ; Attributes: noreturn
CODE:
CODE: public start
CODE: start proc near
CODE: push ; uType
CODE: push offset Caption ; "abex' 3rd crackme"
CODE: push offset Text ; "Click OK to check for the keyfile."
CODE:0040100C push ; hWnd
CODE:0040100E call MessageBoxA
CODE: push ; hTemplateFile
CODE: push 80h ; dwFlagsAndAttributes
CODE:0040101A push ; dwCreationDisposition
CODE:0040101C push ; lpSecurityAttributes
CODE:0040101E push ; dwShareMode
CODE: push 80000000h ; dwDesiredAccess
CODE: push offset FileName ; "abex.l2c"
CODE:0040102A call CreateFileA
CODE:0040102F mov ds:hFile, eax
CODE: cmp eax, 0FFFFFFFFh
CODE: jz short loc_401075
CODE: push ; lpFileSizeHigh
CODE:0040103B push ds:hFile ; hFile
CODE: call GetFileSize
CODE: cmp eax, 12h
CODE: jnz short loc_401060
CODE:0040104B push ; uType
CODE:0040104D push offset aWellDone ; "Well done!"
CODE: push offset aYepKeyfileFoun ; "Yep, keyfile found!"
CODE: push ; hWnd
CODE: call MessageBoxA
CODE:0040105E jmp short loc_401088
CODE: ; ---------------------------------------------------------------------------
CODE:
CODE: loc_401060: ; CODE XREF: start+49j
CODE: push ; uType
CODE: push offset aError ; "Error"
CODE: push offset aTheFoundFileIs ; "The found file is not a valid keyfile!"
CODE:0040106C push ; hWnd
CODE:0040106E call MessageBoxA
CODE: jmp short loc_401088
CODE: ; ---------------------------------------------------------------------------
CODE:
CODE: loc_401075: ; CODE XREF: start+37j
CODE: push ; uType
CODE: push offset aError_0 ; "Error"
CODE:0040107C push offset aHmmmmmICanTFin ; "Hmmmmm, I can't find the file!"
CODE: push ; hWnd
CODE: call MessageBoxA
CODE:
CODE: loc_401088: ; CODE XREF: start+5Ej
CODE: ; start+73j
CODE: call ExitProcess
CODE: start endp ; sp-analysis failed
CODE:
程序查找一个Keyfile,文件名为“abex.l2c”,文件长度应为18字节,这样就可以通过验证。在abexcrackme3程序路径下新建文件,文件名为“abex.l2c”,用记事本打开并将内容设置为“012345678901234567”再运行abexcrackme3即可通过验证:
最新文章
- 2.0 (1)安装MongoDB
- (转)学习使用Jmeter做压力测试(一)--压力测试基本概念
- Aurelia – 模块化,简单,可测试的 JS 框架
- [BZOJ2438]杀人游戏(缩点+特判)
- pause 和 title
- Java基础之在窗口中绘图——显示曲线的控制点(CurveApplet 2 displaying control points)
- Js_字符串操作
- 线性函数拟合R语言示例
- Jquery动画效果--地铁站名指示等效果
- 【转】使用Auto Layout中的VFL(Visual format language)--代码实现自动布局
- adb logcat 查看日志
- InnoDB MyISAM区别及优化(摘录)
- hadoop 2.0--YARN
- swift学习 - 分类(Extensions)
- 自制简易Linux系统
- stolon cloud native postgresql 高可用方案
- [转]GitHub for Windows 安装失败,An error occurred attempting to install github 的解决办法
- Excel各种条件求和的公式汇总
- 2D and 3D Linear Geometry Kernel ( Geometry Kernels) CGAL 4.13 -User Manual
- javaperformanceoptimization