Cracking the python integrated development environment wingide4.1 in Linux

Main reference:

Http://hi.baidu.com/hacklzt/blog/item/358cc512f1532538dd540105.html/cmtid/a3e8a36f9ab185d581cb4aa7#0

Http://hi.baidu.com/vessial/blog/item/4a2d2cfdafcd0c0c08244dd9.html

Http://bbs.pediy.com/showthread.php? T = 138599

1. In archlinux, yaourt-s wingide will be downloaded, compiled, and installed. A box will pop up asking you to register. For example, you will get a 10-day trial license after clicking it. (I have already cracked the attack, so I can only borrow others' images .)


2. Find the file. Under archlinux, extract the abstract. Pyo file under the process directory in/opt/wingide4.0/bin/2.5.

3. Go to the http://pypi.python.org/pypi/unpyclib/0.8.1 to download this unpyclib Python library.

4. Put the extracted abstract. Pyo in the directory of the unpyclib database, together with application. py, and execute the command for disassembly: python2.7 application. py-D abstract. Pyo> abstract.txt. In my python, the default value is 3.2, so we need to specify 2.7 here.

5. Open the compilation result file abstract.txt and find the key point by searching for the key function _ gettermdaysleft:
Listen 50b8 STR: 't\ x00 \ x00d \ x01 \ x00 \ x83 \ x01 \ x00 | \ x01 \ x00d \ x02 \ x00 <X6 \ x00t \ x01 \ x00d]. \ x00} \ x03 \ x00 | \ x01 \ x00i \ x02 \ x00... '(2f 03 00 00 74 00 00 64 01 00 83 01 ...)
........................................ ..... Omitted in the middle ...................................... ..................
000001c6 6e-jump_forward-> 000001ca
000001c9 01-pop_top
000001ca 7C-load_fast 'self'
000001cd 69-load_attr '_ gettermdaysleft'
000001d0 7C-load_fast 'lic'
000001d3 83-call_function
000001d6 7d-store_fast 'daysleft'
000001d9 7C-load_fast 'daysleft'
000001dc 64-load_const-1
000001df 6a-compare_op "="
000001e2 6f-jump_if_true-> 000001f9 change 6f to 70 here to determine whether the time is unlimited. The command for 70 is jump_if_false.
000001e5 01-pop_top
000001e6 74-load_global '_'
000001e9 64-load_const 'unlimited'
000001ec 83-call_function

The starting address of this section is 255.50b8, And the offset address is 000001e2. It is calculated using Python: 0x529a for hex (0x50b8 + 0x01e2. Note that the starting address of different versions is different.

6. Use Vim to change the binary file abstract. Pyo. Enter the command to open: vim-B abstract. Pyo (if the-B parameter is not added, it cannot be modified and opened in read-only mode). Then, run the following command in ex mode:
: %! Xxd

In the binary editing status, locate address 5290 and find the location to be modified,

Change the 6f at the end of the row to 70.

7. After editing, execute the following command to convert it back.
: %! Xxd-R
Finally, WQ is saved and exited.

8. The last step is very critical. Use 7zipto open src.zip, delete abstract. Pyo in process, and add the modified abstract. Pyo. This is very important. src.zip cannot be generated by itself, or it cannot be started. Copy the src.zip file back to/opt/wingide4.0/bin/2.5.

9. You can try to change the system time to 10 days later.