程序没什么保护,要破解也很简单。
关键代码如下:
00000001000f16e0 55 push rbp ; XREF=0x1000f1e35, 0x1000f403c
00000001000f16e1 4889E5 mov rbp, rsp
00000001000f16e4 4157 push r15
00000001000f16e6 4156 push r14
00000001000f16e8 4154 push r12
00000001000f16ea 53 push rbx
00000001000f16eb 4883EC30 sub rsp, 0x30
00000001000f16ef 4889D3 mov rbx, rdx
00000001000f16f2 4989F6 mov r14, rsi
00000001000f16f5 4989FF mov r15, rdi
00000001000f16f8 4C8D65D8 lea r12, qword [ss:rbp+0xffffffffffffffd8]
;省略部分代码
00000001000f1c29 E806BB2C00 call imp___stubs___ZNSsD1Ev ; std::basic_string, std::allocator >::~basic_string()
00000001000f1c2e 488D7DC8 lea rdi, qword [ss:rbp+0xffffffffffffffc8]
00000001000f1c32 E8FDBA2C00 call imp___stubs___ZNSsD1Ev ; std::basic_string , std::allocator >::~basic_string()
00000001000f1c37 488D7DD0 lea rdi, qword [ss:rbp+0xffffffffffffffd0]
00000001000f1c3b E8F4BA2C00 call imp___stubs___ZNSsD1Ev ; std::basic_string , std::allocator >::~basic_string()
00000001000f1c40 410FB6C7 movzx eax, r15L ; 修改rax返回值为1
00000001000f1c44 4883C430 add rsp, 0x30
00000001000f1c48 5B pop rbx
00000001000f1c49 415C pop r12
00000001000f1c4b 415E pop r14
00000001000f1c4d 415F pop r15
00000001000f1c4f 5D pop rbp
00000001000f1c50 C3 ret
__Z13check_licenseRKSsPSsPi: // check_license(std::string const&, std::string*, int*)
如不不像看到那个Registered to后面是空的,可以搜索字符串替换。就像上图那样!
1 comment
又发现一个IT技术博客