| 《Windows系统切换工具》包含了简体中文/繁体中文/英语三种语言包,并且在启动的过程中会自适应系统语言。相对来说《Windows系统切换工具》的操作非常简单,用户可以通过操作向导很容易完成系统切换任务。启动《Windows系统切换工具》,在“常规设定”中已经列出了程序已经检测出的安装的系统名称、目录、系统类型等等信息,用户可以通过右侧的按钮来进行添加(把安装了但没有检测到的系统添加到系统列表中去,注意只能添加Win9x/98/Me系统)、修改、默认等操作。“NT/2000/Xp启动菜单栏”这个主要是管理NT/2000/Xp启动菜单栏的,它可以用来管理NT/2000/Xp启动菜单的默认系统和菜单停留时间。除此之外,《Windows系统切换工具》还有设置系统和恢复IE设定的功能。
《Windows系统切换工具》未注册版本在功能和时间上没有任何限制,只是在启动时会显示一个评估版本的对话框。
软件性质: [免费版]
操作系统: WIN 9X/WIN NT/2000/XP
语言界面: 简体中文
文件大小:1176KB
源文件用ASPack v2.11加壳,脱壳后,由原来的50k变成136k。
破解工具:TRW2000 v1.22 娃娃修正版
程序运行后,点“注册”,要求输入,用户名、注册名和注册码,用户名和注册名都至少大于3个字符。(破解后得知,用户名并不参与运算,只是通过注册名算出相应的注册码,典型的name/serial型)
输入:
用户名:xqlk
注册名:ricemaster
注册码:1122334455
设断点:bpx hmemcpy,程序一共断下来3次,分别是在读取上述3个信息,3次后,来到:
:00407226 E847980000 Call 00410A72
:0040722B 8BCD mov ecx, ebp
:0040722D E80E030000 call 00407540 ===》标准形式!!!!我喜欢!!!!!
:00407232 85C0 test eax, eax
:00407234 0F842B020000 je 00407465 ===》不能跳,跳就game over了。
:0040723A 81EEB8040000 sub esi, 000004B8 ===》注册码保存到文件前减了4B8,可能是出于安全方面的考虑吧,不然,注册名及相应的注册码就直接暴露了。
:00407240 8D4C241C lea ecx, dword ptr [esp+1C]
:00407244 56 push esi
F8进去:
:00407540 6AFF push FFFFFFFF
:00407542 68581D4100 push 00411D58
:00407547 64A100000000 mov eax, dword ptr fs:[00000000]
:0040754D 50 push eax
:0040754E 64892500000000 mov dword ptr fs:[00000000], esp
:00407555 83EC10 sub esp, 00000010
:00407558 53 push ebx
:00407559 55 push ebp
:0040755A 56 push esi
:0040755B 57 push edi
:0040755C 8BF9 mov edi, ecx
:0040755E 51 push ecx
:0040755F 8D442434 lea eax, dword ptr [esp+34]
:00407563 8BCC mov ecx, esp
:00407565 8964241C mov dword ptr [esp+1C], esp
:00407569 50 push eax
:0040756A C744243000000000 mov [esp+30], 00000000
* Reference To: MFC42.Ordinal:0217, Ord:0217h
|
:00407572 E8FB940000 Call 00410A72
:00407577 8BCF mov ecx, edi
:00407579 E822010000 call 004076A0 *****传入的是用户名ricemaster
:0040757E 8BF0 mov esi, eax
:00407580 85F6 test esi, esi
:00407582 0F84F0000000 je 00407678
:00407588 51 push ecx
:00407589 8BCC mov ecx, esp
:0040758B 8964241C mov dword ptr [esp+1C], esp
* Possible StringData Ref from Data Obj ->"EasunLee"
|
:0040758F 68F4A64100 push 0041A6F4
* Reference To: MFC42.Ordinal:0219, Ord:0219h
|
:00407594 E8BF930000 Call 00410958
:00407599 8BCF mov ecx, edi
:0040759B E800010000 call 004076A0 *****传入的是EasunLee
:004075A0 51 push ecx
:004075A1 8BD8 mov ebx, eax
:004075A3 8BCC mov ecx, esp
:004075A5 8964241C mov dword ptr [esp+1C], esp
* Possible StringData Ref from Data Obj ->"EasunLee"
|
:004075A9 68F4A64100 push 0041A6F4
* Reference To: MFC42.Ordinal:0219, Ord:0219h
|
:004075AE E8A5930000 Call 00410958
:004075B3 8BCF mov ecx, edi
:004075B5 E8E6000000 call 004076A0 *****传入的是EasunLee
:004075BA 51 push ecx
:004075BB 8BE8 mov ebp, eax
:004075BD 8BCC mov ecx, esp
:004075BF 8964241C mov dword ptr [esp+1C], esp
* Possible StringData Ref from Data Obj ->"easunlee98meiosys"
|
:004075C3 68E0A64100 push 0041A6E0
* Reference To: MFC42.Ordinal:0219, Ord:0219h
|
:004075C8 E88B930000 Call 00410958
:004075CD 8BCF mov ecx, edi
:004075CF E8CC000000 call 004076A0 *****传入的是easunlee98meiosys
:004075D4 51 push ecx
:004075D5 89442418 mov dword ptr [esp+18], eax
:004075D9 8BCC mov ecx, esp
:004075DB 8964241C mov dword ptr [esp+1C], esp
* Possible StringData Ref from Data Obj ->"Luyanghs&&Tsai&&bluebird"
|
:004075DF 68C4A64100 push 0041A6C4
* Reference To: MFC42.Ordinal:0219, Ord:0219h
|
:004075E4 E86F930000 Call 00410958
:004075E9 8BCF mov ecx, edi
:004075EB E8B0000000 call 004076A0 *****传入的是
Luyanghs&&Tsai&&bluebird
:004075F0 51 push ecx
:004075F1 89442414 mov dword ptr [esp+14], eax
:004075F5 8BCC mov ecx, esp
:004075F7 8964241C mov dword ptr [esp+1C], esp
* Possible StringData Ref from Data Obj ->"heshengwssu1091119"
|
:004075FB 68B0A64100 push 0041A6B0
* Reference To: MFC42.Ordinal:0219, Ord:0219h
|
:00407600 E853930000 [1] [2] [3] 下一页 |
