加密狗软件破解复制T-GOU工作室
RSS
当前位置 : 加密狗破解 > 行业新闻 >

T-GOU分享某公路资料管理软件Rockey4加密狗破解的全部详细过程

来源:未知 作者:admin 时间:2011-06-10 17:16 浏览:

给大家分享某公路资料管理软件Rockey4加密狗破解的全部详细过程

是一个公路资料管理软件,用的是Rockey4的加密狗

PEID检测为VB6所编写.
用OD加载软件,找到第一处读取加密狗的代码:
00439C40   . A1 C4F55800   mov eax,dword ptr ds:[0x58F5C4]
00439C45   . 0BC0          or eax,eax
00439C47   . 74 02         je short GLZL.00439C4B
00439C49   . FFE0          jmp eax
00439C4B   > 68 289C4300   push GLZL.00439C28
00439C50   . B8 20114000   mov eax,<jmp.&MSVBVM60.DllFunctionCall>
00439C55   . FFD0          call eax //LoadLibrary Rockey4.dll
00439C57   .- FFE0          jmp eax    //检测加密狗是否存在                               
 
 
02BB27B0 > 8B4424 04       mov eax,dword ptr ss:[esp+0x4]
02BB27B4    8BC8            mov ecx,eax
02BB27B6    C1E1 04         shl ecx,0x4
02BB27B9    03C8            add ecx,eax
02BB27BB    8D04C8          lea eax,dword ptr ds:[eax+ecx*8]
02BB27BE    D1E0            shl eax,1
02BB27C0    8B88 38BEBB02   mov ecx,dword ptr ds:[eax+0x2BBBE38]
02BB27C6    85C9            test ecx,ecx
02BB27C8    75 08           jnz short Rockey4.02BB27D2 //加密狗破解关键点一
02BB27CA    B8 020010A0     mov eax,0xA0100002
02BB27CF    C2 0800         retn 0x8
02BB27D2    33D2            xor edx,edx
02BB27D4    66:8B90 44BEBB0>mov dx,word ptr ds:[eax+0x2BBBE44]
02BB27DB    8B4424 08       mov eax,dword ptr ss:[esp+0x8]
02BB27DF    8910            mov dword ptr ds:[eax],edx
02BB27E1    33C0            xor eax,eax
02BB27E3    C2 0800         retn 0x8
 
02BB41E0     56              push esi
02BB41E1     8BF1            mov esi,ecx
02BB41E3     8B06            mov eax,dword ptr ds:[esi]
02BB41E5     85C0            test eax,eax
02BB41E7     74 0D           je short Rockey4.02BB41F6  //加密狗破解关键点二
02BB41E9     50              push eax
02BB41EA     FF15 58A0BB02   call dword ptr ds:[<&KERNEL32.CloseHandl>; kernel32.CloseHandle
02BB41F0     C706 00000000   mov dword ptr ds:[esi],0x0
02BB41F6     5E              pop esi
02BB41F7     C3              retn
 
 
02BB42BB     83C0 10         add eax,0x10
02BB42BE     50              push eax
02BB42BF     FF35 7028BC02   push dword ptr ds:[0x2BC2870]
02BB42C5     E8 7B050000     call Rockey4.02BB4845
02BB42CA     83C4 0C         add esp,0xC
02BB42CD     85C0            test eax,eax
02BB42CF     75 04           jnz short Rockey4.02BB42D5  //加密狗破解关键点三
02BB42D1     33F6            xor esi,esi
02BB42D3     EB 2C           jmp short Rockey4.02BB4301 //跳向ExitProcess
02BB42D5     8B0D 6C28BC02   mov ecx,dword ptr ds:[0x2BC286C]
02BB42DB     2B0D 7028BC02   sub ecx,dword ptr ds:[0x2BC2870]
02BB42E1     A3 7028BC02     mov dword ptr ds:[0x2BC2870],eax
 
 
02BB431C     68 80000000     push 0x80
02BB4321     E8 9C060000     call Rockey4.02BB49C2
02BB4326     85C0            test eax,eax
02BB4328     59              pop ecx
02BB4329     A3 7028BC02     mov dword ptr ds:[0x2BC2870],eax
02BB432E     75 0D           jnz short Rockey4.02BB433D //加密狗破解关键点四
02BB4330     6A 18           push 0x18
02BB4332     E8 BD030000     call Rockey4.02BB46F4
02BB4337     A1 7028BC02     mov eax,dword ptr ds:[0x2BC2870]
02BB433C     59              pop ecx
02BB433D     8320 00         and dword ptr ds:[eax],0x0
02BB4340     A1 7028BC02     mov eax,dword ptr ds:[0x2BC2870]
02BB4345     A3 6C28BC02     mov dword ptr ds:[0x2BC286C],eax
02BB434A     C3              retn
 
02BB43B5     837D E0 00      cmp dword ptr ss:[ebp-0x20],0x0
02BB43B9     75 11           jnz short Rockey4.02BB43CC  //加密狗破解关键点五
02BB43BB     FF75 18         push dword ptr ss:[ebp+0x18]
02BB43BE     FF75 E4         push dword ptr ss:[ebp-0x1C]
02BB43C1     FF75 0C         push dword ptr ss:[ebp+0xC]
02BB43C4     FF75 08         push dword ptr ss:[ebp+0x8]
02BB43C7     E8 81000000     call Rockey4.02BB444D
02BB43CC     C3              retn
02BB43CD     55              push ebp
02BB43CE     8BEC            mov ebp,esp
02BB43D0     6A FF           push -0x1
 
02BB6F55     56              push esi
02BB6F56     8B7424 08       mov esi,dword ptr ss:[esp+0x8]
02BB6F5A     85F6            test esi,esi
02BB6F5C     74 3D           je short Rockey4.02BB6F9B //加密狗破解关键点六
02BB6F5E     6A 09           push 0x9
02BB6F60     E8 E4F0FFFF     call Rockey4.02BB6049
02BB6F65     56              push esi
02BB6F66     E8 ADF1FFFF     call Rockey4.02BB6118
02BB6F6B     59              pop ecx
02BB6F6C     85C0            test eax,eax
02BB6F6E     59              pop ecx
02BB6F6F     74 13           je short Rockey4.02BB6F84  //加密狗破解关键点七
02BB6F71    56              push esi
02BB6F72     50              push eax
02BB6F73     E8 CBF1FFFF     call Rockey4.02BB6143
02BB6F78     6A 09           push 0x9
02BB6F7A     E8 2BF1FFFF     call Rockey4.02BB60AA
02BB6F7F&n, bsp;    83C4 0C         add esp,0xC
02BB6F82     5E              pop esi
02BB6F83     C3              retn
02BB6F84     6A 09           push 0x9
02BB6F86     E8 1FF1FFFF     call Rockey4.02BB60AA
02BB6F8B     59              pop ecx
02BB6F8C     56              push esi
02BB6F8D     6A 00           push 0x0
02BB6F8F     FF35 5C27BC02   push dword ptr ds:[0x2BC275C]
02BB6F95     FF15 D0A0BB02   call dword ptr ds:[<&KERNEL32.HeapFree>] ; ntdll.RtlFreeHeap
02BB6F9B     5E              pop esi
02BB6F9C     C3              retn
 
至此,所有读取加密狗的代码已找到并修改成功,加密狗破解成功,经过测试,没有任何问题.

电话:0755-83289619
咨询QQ:80926619
传真:0755-25318878
24小时电话:0755-83289619
联系邮箱 (Email):tou6619@foxmail.com
网址:http://www.t-gou.net
地址:深圳市福田区彩田南路彩福大厦23H


Tags:rockey4
最新评论共有 位网友发表了评论
发表评论
评论内容:不能超过250字,需审核,请自觉遵守互联网相关政策法规。
用户名: 密码:
匿名评论
立即注册账号