[Cracking tool] PEiD, OllyDbg
[Difficulty of cracking] ++ beginner ++
[Cracking platform] WinXP SP2
Bytes ----------------------------------------------------------------------------------------------
[Introduction]
1. You can enter the website
2. You can find the URL
3. You can open the website
4. You can classify websites.
5. You can import URLs from IE favorites
6. You can import the website to IE favorites.
7. Clear IE favorites
8. supports real-name local networks (using Chinese to access the Internet and using your favorites as a database, you don't have to spend any money to buy real-name networks. You just need to record them yourself. What do you need, you can enter any keywords by yourself)
9. supports ad Interception
10. Various search engines are supported (baidu, google, yahoo, sogou, and yisou. If you type Chinese characters on IE's Web site, you can search by various search engines)
Bytes ----------------------------------------------------------------------------------------------
[Cracking process]
The PEiD detection shows that Borland Delphi 6.0-7.0 is not shelled.
Run the software, registration is not prompted.
After loading with OLLYDBG, use the string reference.
See some characters:
\. PhysicalDrive0
RegCode
RegUser
After calculation, it indicates that the checkpoint is correct.
004EB0C4/. 55 PUSH EBP
004EB0C5 |. 8BEC mov ebp, ESP
004EB0C7 |. 33C9 xor ecx, ECX
004EB0C9 |. 51 PUSH ECX
004EB0CA |. 51 PUSH ECX
004EB0CB |. 51 PUSH ECX
004EB0CC |. 51 PUSH ECX
004EB0CD |. 33C0 xor eax, EAX
004EB0CF |. 55 PUSH EBP
004EB0D0 |. 68 35B14E00 PUSH Favorite.004EB135
004EB0D5 |. 64: FF30 push dword ptr fs: [EAX]
004EB0D8 |. 64: 8920 mov dword ptr fs: [EAX], ESP
004EB0DB |. 8D45 F8 lea eax, dword ptr ss: [EBP-8]
004EB0DE |. E8 592 bffff call Favorite.004DDC3C; Calculate the machine code (if you are interested, go and have a look)
004EB0E3 |. 8B45 F8 mov eax, dword ptr ss: [EBP-8]
004EB0E6 |. 8D55 fc lea edx, dword ptr ss: [EBP-4]
004EB0E9 |. E8 AE33FFFF CALL Favorite.004DE49C; Calculate the MD5 value of the real registration code
004EB0EE |. 8B45 fc mov eax, dword ptr ss: [EBP-4]; give the MD5 value of the real registration code to EAX
004EB0F1 |. 50 PUSH EAX
004EB0F2 |. 8D55 F0 lea edx, dword ptr ss: [EBP-10]
004EB0F5 |. B8 48B14E00 mov eax, Favorite.004EB148; ASCII "regCode"
004EB0FA |. E8 d0000ffff CALL Favorite.004DE2D0; Calculate the MD5 value of the false registration code
004EB0FF |. 8B45 F0 mov eax, dword ptr ss: [EBP-10]; give the MD5 value of false registration code to EAX
004EB102 |. 8D55 F4 lea edx, dword ptr ss: [EBP-C]
004EB105 |. E8 D6E0F1FF CALL Favorite.004091E0
004EB10A |. 8B55 F4 mov edx, dword ptr ss: [EBP-C]
004EB10D |. 58 POP EAX
004EB10E |. E8 1D9BF1FF CALL Favorite.00404C30; compare whether two MD5 values are equal
004EB113 74 05 je short Favorite.004EB11A; this is the blasting Port
004EB115 |. E8 9 eddffff call Favorite.004E8EB8
004EB11A |> 33C0 xor eax, EAX
004EB11C |. 5A POP EDX
004EB11D |. 59 POP ECX
004EB11E |. 59 POP ECX
004EB11F |. 64: 8910 mov dword ptr fs: [EAX], EDX
004EB122 |. 68 3CB14E00 PUSH Favorite.004EB13C
004EB127 |> 8D45 F0 lea eax, dword ptr ss: [EBP-10]
004EB12A |. BA 04000000 mov edx, 4
004EB12F |. E8 1497F1FF CALL Favorite.00404848
004EB134. C3 RETN
Computing machine code
--------- 004EB0DE |. E8 592 bffff call Favorite.004DDC3C ---------
004DDC3C/$ Content $ nbsp; 55 PUSH EBP
004DDC3D |. 8BEC mov ebp, ESP
004DDC3F |. 33C9 xor ecx, ECX
004DDC41 |. 51 PUSH ECX
004DDC42 |. 51 PUSH ECX
004DDC43 |. 51 PUSH ECX
004DDC44 |. 51 PUSH ECX
004DDC45 |. 51 PUSH ECX
004DDC46 |. 51 PUSH ECX
004DDC47 |. 51 PUSH ECX
004DDC48 |. 53 PUSH EBX
004DDC49 |. 8BD8 mov ebx, EAX
004DDC4B |. 33C0 xor eax, EAX
004DDC4D |. 55 PUSH EBP
004DDC4E |. 68 F2DC4D00 PUSH Favorite.004DDCF2
004DDC53 |. 64: FF30 push dword ptr fs: [EAX]
004DDC56 |. 64: 8920 mov dword ptr fs: [EAX], ESP
004DDC59 |. 8D45 fc lea eax, dword ptr ss: [EBP-4]
004DDC5C |. E8 FF000000 CALL Favorite.004DDD60; obtain the hard disk physical serial number
004DDC61 |. 8D55 ec lea edx, dword ptr ss: [EBP-14]
004DDC64 |. 8B45 fc mov eax, dword ptr ss: [EBP-4]
004DDC67 |. E8 74B5F2FF CALL Favorite.004091E0
004DDC6C |. 837D EC 00 cmp dword ptr ss: [EBP-14], 0; Determine whether to obtain the hard disk physical serial number
004DDC70 |. 75 08 jnz short Favorite.004DDC7A