[Original] netlimiter 3 pro official version cracked! Method sharing.

I don't need to introduce netlimiter? It is a well-known speed-limiting software. When using P2P software, you can limit the upload and download speeds, while ensuring that the network is not stuck. I use Windows 7, and netlimiter 2 pro does not support Windows 7, so I have been using netlimiter 3 pro for a long time. The official version of 2010.8.31 netlimiter 3 Pro was finally released. The version is 3.0.0.10, So you downloaded a trial. The trial period has ended recently and cannot be used any more. When the problem was solved, he studied how to crack it. I searched the internet for the official version, but I found a cracked version of netlimiter 3 pro 3.0.0.9. I was wondering if I could use the 3.0.0.9 cracked version to create an official version of the cracking patch. I tried it and it turned out to be successful. I am afraid to enjoy it exclusively. I will post the process to share with you.
First, we use beyond compare to compare the differences between the original version of nlclientapp.exe and the cracked version 3.0.0.9. The original version is on the left and the cracked version is on the right. There are two different places in total, as shown in the following two figures.

 

 

Through comparison, we can find that most of the bytes are changed to 90, and those who have learned the assembly language should know that 90 is the NOP command, that is, the empty command. That is, this attack is to change the registration verification command to an empty command, which is also a common method for cracking. What is the use of this information for us? Let me hear about it. Generally, the program changes with very similar version numbers are not very large, while the machine code generated by the same code segment is generally the same, and only some address data will be different. Based on this idea, we only need to find the same code segment in version 3.0.0.10 and change it to an empty command in the same way to complete the cracking. Use winhex to open nlclientapp.exe of version 3.0.0.10 and search in hexadecimal format. We can quickly find the location of the first section, as shown in.

 

It can be seen that the three rows of data are exactly the same as the original version 3.0.0.9, and you just need to change it. As shown in.

 

When searching for the differences in the second paragraph, we were not so lucky to find the same segment. At this time, it is lucky to use its hexadecimal value for feature search. The difference in the second paragraph is also found out. As shown in.

 

Based on the data related to the front and back, we can basically determine this section. Although there are several different bytes in the middle, the front and back sections of the data are consistent, indicating that the several different bytes may be the address value. After changing the corresponding byte to an empty command, the attack is completed. As shown in.

Let's take a look at the version information after successful cracking.

 

Crack patch download: http://download.csdn.net/source/2738203