新CrackMe160之019 - CrackMe3

与旧版本109相同

脱壳
这个程序与上一个是同一个作者, 用的也是是每个人upx壳, 还是UPX Unpacker脱壳成功~
正常破解
还是用IDR查看按钮事件

 Unit1::TForm1.SpeedButton1Click
 00440EB0    push       ebp
 00440EB1    mov        ebp,esp
 00440EB3    push       0
 00440EB5    push       ebx
 00440EB6    mov        ebx,eax
 00440EB8    xor        eax,eax
 00440EBA    push       ebp
 00440EBB    push       440FBA
 00440EC0    push       dword ptr fs:[eax]
 00440EC3    mov        dword ptr fs:[eax],esp
 00440EC6    lea        edx,[ebp-4]
 00440EC9    mov        eax,dword ptr [ebx+2C4]; TForm1.Edit1:TEdit
 00440ECF    call       TControl.GetText
 00440ED4    cmp        dword ptr [ebp-4],0
>00440ED8    jne        00440EF2
 00440EDA    push       0
 00440EDC    mov        ecx,440FC8; 'No Name entered'
 00440EE1    mov        edx,440FD8; 'Enter a Name!'
 00440EE6    mov        eax,[00442C44]; ^Application:TApplication
 00440EEB    mov        eax,dword ptr [eax]
 00440EED    call       TApplication.MessageBox
 00440EF2    lea        edx,[ebp-4]
 00440EF5    mov        eax,dword ptr [ebx+2C8]; TForm1.Edit2:TEdit
 00440EFB    call       TControl.GetText
 00440F00    cmp        dword ptr [ebp-4],0
>00440F04    jne        00440F1E
 00440F06    push       0
 00440F08    mov        ecx,440FE8; 'No Serial entered'
 00440F0D    mov        edx,440FFC; 'Enter a Serial!'
 00440F12    mov        eax,[00442C44]; ^Application:TApplication
 00440F17    mov        eax,dword ptr [eax]
 00440F19    call       TApplication.MessageBox
 00440F1E    lea        edx,[ebp-4]
 00440F21    mov        eax,dword ptr [ebx+2C4]; TForm1.Edit1:TEdit
 00440F27    call       TControl.GetText
 00440F2C    mov        eax,dword ptr [ebp-4]
 00440F2F    mov        edx,441014; 'Registered User'
 00440F34    call       @LStrCmp
>00440F39    jne        00440F8C
 00440F3B    lea        edx,[ebp-4]
 00440F3E    mov        eax,dword ptr [ebx+2C8]; TForm1.Edit2:TEdit
 00440F44    call       TControl.GetText
 00440F49    mov        eax,dword ptr [ebp-4]
 00440F4C    mov        edx,44102C; 'GFX-754-IER-954'
 00440F51    call       @LStrCmp
>00440F56    jne        00440F72
 00440F58    push       0
 00440F5A    mov        ecx,44103C; 'CrackMe cracked successfully'
 00440F5F    mov        edx,44105C; 'Congrats! You cracked this CrackMe!'
 00440F64    mov        eax,[00442C44]; ^Application:TApplication
 00440F69    mov        eax,dword ptr [eax]
 00440F6B    call       TApplication.MessageBox
>00440F70    jmp        00440FA4
 00440F72    push       0
 00440F74    mov        ecx,441080; 'Beggar off!'
 00440F79    mov        edx,44108C; 'Wrong Serial,try again!'
 00440F7E    mov        eax,[00442C44]; ^Application:TApplication
 00440F83    mov        eax,dword ptr [eax]
 00440F85    call       TApplication.MessageBox
>00440F8A    jmp        00440FA4
 00440F8C    push       0
 00440F8E    mov        ecx,441080; 'Beggar off!'
 00440F93    mov        edx,44108C; 'Wrong Serial,try again!'
 00440F98    mov        eax,[00442C44]; ^Application:TApplication
 00440F9D    mov        eax,dword ptr [eax]
 00440F9F    call       TApplication.MessageBox
 00440FA4    xor        eax,eax
 00440FA6    pop        edx
 00440FA7    pop        ecx
 00440FA8    pop        ecx
 00440FA9    mov        dword ptr fs:[eax],edx
 00440FAC    push       440FC1
 00440FB1    lea        eax,[ebp-4]
 00440FB4    call       @LStrClr
 00440FB9    ret
<00440FBA    jmp        @HandleFinally
<00440FBF    jmp        00440FB1
 00440FC1    pop        ebx
 00440FC2    pop        ecx
 00440FC3    pop        ebp
 00440FC4    ret

还是固定串^_
用户名: Registered User
注册码: GFX-754-IER-954

本节高手录制的视频,点击前往查看

使用的工具连接(工具有点多有点大,可以先下OD,其它的后面慢慢下) 点击前往下载

下面是我的OD的界面布局,我觉得这4个是最常用的界面,其它的我基本上没用到~

posted @ 2024-12-09 17:25 hankerstudio 阅读(0) 评论(0) 收藏举报

刷新页面返回顶部