qml crackme 破解
源码
C:\Users\Administrator.DESKTOP-345JED8\Downloads\qml>tree /F .
文件夹 PATH 列表
卷序列号为 00000097 66FB:E131
C:\USERS\ADMINISTRATOR.DESKTOP-345JED8\DOWNLOADS\QML
CMakeLists.txt
main.cpp
main.qml
qml.qrc
没有子文件夹
main.cpp
#include <QGuiApplication>
#include <QQmlApplicationEngine>
int main(int argc, char *argv[])
{
QCoreApplication::setAttribute(Qt::AA_EnableHighDpiScaling);
QGuiApplication app(argc, argv);
QQmlApplicationEngine engine;
engine.load(QUrl(QStringLiteral("qrc:/main.qml")));
if (engine.rootObjects().isEmpty())
return -1;
return app.exec();
}
main.qml
import QtQuick 2.1
import QtQuick.Controls 2.1
import QtQuick.Layouts 1.1
ApplicationWindow {
id: mainWindow
width: 400
height: 200
visible: true
title: "输入验证示例"
// 主界面布局
ColumnLayout {
anchors.centerIn: parent
spacing: 20
TextField {
id: inputField
placeholderText: "请输入密码"
Layout.preferredWidth: 200
focus: true
onAccepted: validateInput() // 回车键触发验证
}
Button {
text: "验证"
Layout.alignment: Qt.AlignHCenter
onClicked: validateInput()
}
}
// 验证逻辑
function validateInput() {
if (inputField.text === "123") { // 正确密码设为123
successDialog.open()
} else {
errorDialog.open()
}
inputField.clear()
}
// 成功提示对话框
Dialog {
id: successDialog
title: "验证结果"
modal: true
anchors.centerIn: parent
standardButtons: Dialog.Ok
Label {
text: "✅ 输入正确!"
font.pixelSize: 16
padding: 10
}
}
// 错误提示对话框
Dialog {
id: errorDialog
title: "验证结果"
modal: true
anchors.centerIn: parent
standardButtons: Dialog.Ok
Label {
text: "❌ 输入错误,请重试!"
font.pixelSize: 16
padding: 10
}
}
}
qml.qrc
<RCC>
<qresource prefix="/">
<file>main.qml</file>
</qresource>
</RCC>
CMakeLists.txt
cmake_minimum_required(VERSION 2.8.12)
project(01_qml LANGUAGES CXX)
set(CMAKE_INCLUDE_CURRENT_DIR ON)
set(CMAKE_AUTOMOC ON)
set(CMAKE_AUTORCC ON)
find_package(Qt5 COMPONENTS Core Quick REQUIRED)
add_executable(${PROJECT_NAME} "main.cpp" "qml.qrc")
target_link_libraries(${PROJECT_NAME} Qt5::Core Qt5::Quick)
功能演示
功能很简单,输入文本,若正确就会弹出输入正确,错误就会弹出输入错误
破解思路
qml相当是一个执行字节码的虚拟机系统,所以找到qml代码或者字节码才是正确的思路
破解过程
搜索qml源码
直接在内存中搜索输入错误字符串,由于qt都是使用的utf-8字符串,所以请搜索utf-8编码
转到内存布局窗口,按下Ctr + A 全选
右键选择搜索匹配特征
在utf-8文本框输入输入错误,点击确定
点击搜索的结果,跳转过去
找到了qml的源码,前面的是源码的所占字节的内存大小
右键选择在内存布局中转到,确认是否是硬编的
确实在主模块的静态节区
修改qml源码
把qml源码复制出来
import QtQuick 2.1
import QtQuick.Controls 2.1
import QtQuick.Layouts 1.1
ApplicationWindow {
id: mainWindow
width: 400
height: 200
visible: true
title: "输入验证示例"
// 主界面布局
ColumnLayout {
anchors.centerIn: parent
spacing: 20
TextField {
id: inputField
placeholderText: "请输入密码"
Layout.preferredWidth: 200
focus: true
onAccepted: validateInput() // 回车键触发验证
}
Button {
text: "验证"
Layout.alignment: Qt.AlignHCenter
onClicked: validateInput()
}
}
// 验证逻辑
function validateInput() {
if (inputField.text === "123") { // 正确密码设为123
successDialog.open()
} else {
errorDialog.open()
}
inputField.clear()
}
// 成功提示对话框
Dialog {
id: successDialog
title: "验证结果"
modal: true
anchors.centerIn: parent
standardButtons: Dialog.Ok
Label {
text: "✅ 输入正确!"
font.pixelSize: 16
padding: 10
}
}
// 错误提示对话框
Dialog {
id: errorDialog
title: "验证结果"
modal: true
anchors.centerIn: parent
standardButtons: Dialog.Ok
Label {
text: "❌ 输入错误,请重试!"
font.pixelSize: 16
padding: 10
}
}
}
发现只要把inputField.text === "123"改成 "123" === "123"即可,这样可以保持长度一致
然后保存补丁即可
最后也是成功破解
浙公网安备 33010602011771号