好友
阅读权限10
听众
最后登录1970-1-1
|
飘之叶
发表于 2008-5-31 23:32
【破解作者】 飘之叶
【作者邮箱】 piaozhiye86@126.com
【作者主页】 http://bbs.hack54.cn
【使用工具】 od peid
【破解平台】 Win9x/NT/2000/XP
【软件名称】 QQ聊天记录远程查看器增版
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
--------------------------------------------------------------------------------
【破解内容】
爆破功能,所有的功能都可以用了。
方法,F12暂停法,用同样的方法一个一个的爆破
0043361B > \C745 FC 66000>mov dword ptr [ebp-4], 66 跳转来自 00431569,(nop)
00431576(nop)
00433622 . C785 FCFEFFFF>mov dword ptr [ebp-104], 80020004
0043362C . C785 F4FEFFFF>mov dword ptr [ebp-10C], 0A
00433636 . C785 0CFFFFFF>mov dword ptr [ebp-F4], 80020004
00433640 . C785 04FFFFFF>mov dword ptr [ebp-FC], 0A
0043364A . C785 1CFFFFFF>mov dword ptr [ebp-E4], 80020004
00433654 . C785 14FFFFFF>mov dword ptr [ebp-EC], 0A
0043365E . C785 2CFDFFFF>mov dword ptr [ebp-2D4], 0040D228
00433668 . C785 24FDFFFF>mov dword ptr [ebp-2DC], 8
00433672 . 8D95 24FDFFFF lea edx, dword ptr [ebp-2DC]
00433678 . 8D8D 24FFFFFF lea ecx, dword ptr [ebp-DC]
0043367E . FF15 3C124000 call dword ptr [<&msvbvm60.__vbaVarDu>;
msvbvm60.__vbaVarDup
00433684 . 8D8D F4FEFFFF lea ecx, dword ptr [ebp-10C]
0043368A . 51 push ecx
0043368B . 8D95 04FFFFFF lea edx, dword ptr [ebp-FC]
00433691 . 52 push edx
00433692 . 8D85 14FFFFFF lea eax, dword ptr [ebp-EC]
00433698 . 50 push eax
00433699 . 6A 00 push 0
0043369B . 8D8D 24FFFFFF lea ecx, dword ptr [ebp-DC]
004336A1 . 51 push ecx
004336A2 FF15 94104000 call dword ptr [<&msvbvm60.rtcMsgBox>>; 不可以查看远程查看
004336A8 . 8D95 F4FEFFFF lea edx, dword ptr [ebp-10C]
004336AE . 52 push edx
004336AF . 8D85 04FFFFFF lea eax, dword ptr [ebp-FC]
不可以远程聊天记录收取
00431339 > \C745 FC 20000>mov dword ptr [ebp-4], 20 跳转来自 00430E6E,
00430E7B nop
00431340 . C785 FCFEFFFF>mov dword ptr [ebp-104], 80020004
0043134A . C785 F4FEFFFF>mov dword ptr [ebp-10C], 0A
00431354 . C785 0CFFFFFF>mov dword ptr [ebp-F4], 80020004
0043135E . C785 04FFFFFF>mov dword ptr [ebp-FC], 0A
00431368 . C785 1CFFFFFF>mov dword ptr [ebp-E4], 80020004
00431372 . C785 14FFFFFF>mov dword ptr [ebp-EC], 0A
0043137C . C785 2CFDFFFF>mov dword ptr [ebp-2D4], 0040D1CC
00431386 . C785 24FDFFFF>mov dword ptr [ebp-2DC], 8
00431390 . 8D95 24FDFFFF lea edx, dword ptr [ebp-2DC]
00431396 . 8D8D 24FFFFFF lea ecx, dword ptr [ebp-DC]
0043139C . FF15 3C124000 call dword ptr [<&msvbvm60.__vbaVarDu>;
msvbvm60.__vbaVarDup
004313A2 . 8D95 F4FEFFFF lea edx, dword ptr [ebp-10C]
004313A8 . 52 push edx
004313A9 . 8D85 04FFFFFF lea eax, dword ptr [ebp-FC]
004313AF . 50 push eax
004313B0 . 8D8D 14FFFFFF lea ecx, dword ptr [ebp-EC]
004313B6 . 51 push ecx
004313B7 . 6A 00 push 0
004313B9 . 8D95 24FFFFFF lea edx, dword ptr [ebp-DC]
004313BF . 52 push edx
004313C0 . FF15 94104000 call dword ptr [<&msvbvm60.rtcMsgBox>>; 不可以远程聊天记录
收取
004313C6 . 8D85 F4FEFFFF lea eax, dword ptr [ebp-10C]
004313CC . 50 push eax
004336B5 . 50 push eax
00426984 . 89BD 3CFFFFFF mov dword ptr [ebp-C4], edi
0042698A 74 73 je short 004269FF ;jmp
0042698C . B9 04000280 mov ecx, 80020004
00426991 . B8 0A000000 mov eax, 0A
00426996 . 894D 94 mov dword ptr [ebp-6C], ecx
00426999 . 894D A4 mov dword ptr [ebp-5C], ecx
0042699C . 894D B4 mov dword ptr [ebp-4C], ecx
0042699F . 8D95 7CFFFFFF lea edx, dword ptr [ebp-84]
004269A5 . 8D4D BC lea ecx, dword ptr [ebp-44]
004269A8 . 8945 8C mov dword ptr [ebp-74], eax
004269AB . 8945 9C mov dword ptr [ebp-64], eax
004269AE . 8945 AC mov dword ptr [ebp-54], eax
004269B1 . C745 84 84C94000 mov dword ptr [ebp-7C], 0040C984
004269B8 . C785 7CFFFFFF 080>mov dword ptr [ebp-84], 8
004269C2 . FF15 3C124000 call dword ptr [<&msvbvm60.__vbaVarDu>;
msvbvm60.__vbaVarDup
004269C8 . 8D55 8C lea edx, dword ptr [ebp-74]
004269CB . 8D45 9C lea eax, dword ptr [ebp-64]
004269CE . 52 push edx
004269CF . 8D4D AC lea ecx, dword ptr [ebp-54]
004269D2 . 50 push eax
004269D3 . 51 push ecx
004269D4 . 8D55 BC lea edx, dword ptr [ebp-44]
004269D7 . 57 push edi
004269D8 . 52 push edx
004269D9 . FF15 94104000 call dword ptr [<&msvbvm60.rtcMsgBox>>; 没有注册无法备
置
004269DF . 8D45 8C lea eax, dword ptr [ebp-74]
004269E2 . 8D4D 9C lea ecx, dword ptr [ebp-64]
004269E5 . 50 push eax
004269E6 . 8D55 AC lea edx, dword ptr [ebp-54]
004269E9 . 51 push ecx
004269EA . 8D45 BC lea eax, dword ptr [ebp-44]
--------------------------------------------------------------------------------
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢!
|
|
[复制链接]
