2009-2012 I had to use a broadband client plug-in to access the Internet at school. In the past 11 years, I had to dial up and chat on the LAN...
Through my analysis, after you dial-up Internet access, this broadband client plug-in will change the ARP cache table of the WindowsXP system and define it as a place where the MAC address is 00-00-00-00-00-66, in this way, when an IP address in the lan sends an ARP packet, the physical MAC address of the IP address in the ARP cache table on your computer becomes 00-00-00-00-00-66, therefore, you cannot get the real MAC address and thus cannot communicate with each other.
Through disassembly, you can change encryption and decryption...
It brings me the following problems:
1. Open two webpages after dialing. The reason is: it is annoying for me and I don't need it.
2. Change the ARP cache table. Cause: LAN communication is not allowed, that is, after dial-up Internet access, lan files cannot be used, shared, or local network games (CS) cannot be used ).
My tools:
1. w32dasm; Disassembly tool
2, UltraEdit-32; 16-bit Viewer
3. vmunpacker v1.2; shelling tool (the broadband client plug-in ishare_user.exe is shelled)
The first is shelling. This is required. Then, it is the Disassembly tool. Find the location where 00-00-00-00-00-66 is set. in the Assembly, it is generally a jump command: JMP and other commands to convert its NOP.
Another one is to open two web pages after dialing. This actually calls your IE browser. You can find "C: \ progra ~" in disassembly ~ 1 \ plus! \ Micros ~ 1 \ iexplore.exe "string, find the jump command to call this stuff.
Are you specific?, don't say it, boring...