本帖最后由 solly 于 2023-9-20 11:52 编辑
在dll中检查的:
[C++] 纯文本查看 复制代码 .text:00000001400021EF 90 nop
.text:00000001400021F0 48 8B D3 mov rdx, rbx
.text:00000001400021F3 48 8B C8 mov rcx, rax
.text:00000001400021F6 FF 15 1C 2E 00 00 call cs:?CPW@CrackMe03DLL@@SA_NVQString@@0@Z ; CrackMe03DLL::CPW(QString,QString)
.text:00000001400021F6
.text:00000001400021FC 84 C0 test al, al
.text:00000001400021FE 74 14 jz short loc_140002214
.text:00000001400021FE
.text:0000000140002200 49 8D 4D 30 lea rcx, [r13+30h]
.text:0000000140002204 FF 15 FE 34 00 00 call cs:?show@QWidget@@QEAAXXZ ; QWidget::show(void)
.text:0000000140002204
.text:000000014000220A 49 8B CD mov rcx, r13
.text:000000014000220D FF 15 AD 34 00 00 call cs:?hide@QWidget@@QEAAXXZ ; QWidget::hide(void)
.text:000000014000220D
.text:0000000140002213 90 nop
.text:0000000140002213
.text:0000000140002214
.text:0000000140002214 loc_140002214:
改3个字节即可:
[Shell] 纯文本查看 复制代码 正在比较文件 CrackMe03_0000.exe 和 CRACKME03.EXE
00001599: EB 90
0000159A: 79 90
000015FF: 14 00
|