Comparison and common ideas of six language attacks

VB MASM32 vc bcb easy language Delphi

VB cracking

1. Search for button events in VBExplorer
2. If there is a prompt box, bp rtcMsgBox
3. Use bp _ vbaStrCmp/_ vbaStrComp/_ vbaVarTstEq
Bp _ vbaStrCmp
Bp _ vbaStrComp
4. Universal breakpoint method (816C24 method)
The registration validators can use this breakpoint to break down, which is generally very close to the program's access to the registry:
Bp _ vbaStrToAnsi
5. F12 stack call
Summary:
Key redirection for vbprogram cracking, which is generally different from other languages without JPM XXXXXXX
Generally, the jump record with JE/jne xxxxxxxxx is not very long (although it is short-distance jump, but the key is here, you can set a large amount of information ). False/True may be the key point.
VB:
Xxxxxxx je/JNE XXXXX
Settings
Settings
Delphi BC ++ easy language VC ++ Compilation:
Xxxxxxx je/JNE XXXXX
Settings
Settings
XXXXXXX JMP XXXXX
Settings
Settings

VC ++ assembly (some sections and sections ):
Xxxxxxx je/JNE XXXXX
Settings
Settings
Retn
Push xx
Settings
Settings
Retn
Push xx
Settings
Settings
Retn

Easy language
Easy language cracking ideas:
1. Information Frame Method bp MessageBoxA (disconnected dialog box)
2. String Method
View easy language text information:
Bp GetProcessHeap F9 runs four times, and cancels the breakpoint to execute ALT + F9 user code f8.
Or, run the command when the section is ". data"/". ecode ".

3. window title method bp SetWindowTextA
4. F12 stack call

0040C0CB = easy language. 0040C0CB (ASCII "shaonanshaonvluntan ")

DELPHI cracking:
1. DEDE and PE Explorer ResScope are used as powerful auxiliary tools for searching for female events.
2. Point-H Method
3. bp GetDlgItem/GetDlgItemTextA (broken input box)
4. bp MessageBoxA (W) (disconnected dialog box) --- Ctrl + N
5. String method --- plug-in/search all reference texts
6. If the program interface title contains the words [unregistered/Registered/VIP/standard/diamond]
You can find the key flag by searching FormCreate/FormShow ---- DEDE!
To determine how the program is registered or user type
7. window title method bp SetWindowTextA
8. F12 stack call
Registry:
Bpx RegCreateKeyExA is suitable for the Delphi Program to use this breakpoint.
Bp RegCreateKeyExA for programs with Shell added
Registration Code: Rc1-420 + User Name (cannot be an integer,) + C00L

C + cracking

Class C
Point-H Method
Bp GetDlgItem (disconnect the button)
Bp MessageBoxA (disconnected dialog box)
String Method
F12 stack call
Window title method bp SetWindowTextA
★★Special breakpoint for C + program★★
Comparative use of bp lstrcmpA (KERNEL32.lstrcmpA)
Bp _ mbscmp // comparison
Typical breakpoint of class C Programs:
Bp GetWindowTextA (press the button) // It is also applicable to other languages
Bp GetWindowTextLengthA (disconnected button) // It is also applicable to other languages
Bp GetDlgItem (Disconnect button) // It is also applicable to other languages
Bp GetDlgItemTextA
Ds: [004021C8] = 77C01881 (msvcrt. _ mbscmp)

BC ++ cracking
1. DEDE and PE Explorer are used as powerful auxiliary tools to find upgirl events.
2. Point-H Method
3. bp GetDlgItem/GetDlgItemTextA (broken input box)
4. bp MessageBoxA (W) (disconnected dialog box) --- Ctrl + N
5. String method --- plug-in/search all reference texts
6. If the program interface title contains the words [unregistered/Registered/VIP/standard/diamond]
You can find the key flag by searching FormCreate/FormShow ---- DEDE!
To determine how the program is registered or user type
7. window title method bp SetWindowTextA
8. F12 stack call

Bpx RegCreateKeyExA is suitable for the Delphi Program to use this breakpoint.
Bp RegCreateKeyExA for programs with Shell added
MASM32/TASM32 cracking
Entry point:
004011C7 6A 00 push 0
004011C9 E8 5E070000 call 0040192C
004011CE A3 70614000 mov dword ptr ds: [406170], eax
004011D3 6A 00 push 0
004011D5 68 EE114000 push MASM32.004011EE
004011DA 6A 00 push 0
004011DC 68 C8000000 push 0C8
Point-H Method
Bp GetDlgItem (disconnect the button)
Bp MessageBoxA (disconnected dialog box)
String Method
F12 stack call
Window title method bp SetWindowTextA