Crack is really easy - remove dialog box in binary code

zhaozj2021-02-08  236

In view of many people interested in this article, it is now reissued:

If you can't see the picture, please visit http://cvbnm.home.sohu.com/crack.htm

Crack is really easy - dialog box in the binary code with VC Chile 11/09/2001 BCGControlbar is a good stuff in an interface, but unfortunately uses its evaluation version. Each startup will have an information prompt dialog, very I am annoying. Below I introduce how to remove this dialog. By estimating and experimenting, I found that BCGControlbar's implementation code is placed in BCGCB553EVAL.DLL (Release version) and BCGCB553deVal.dll (DEBUG version). This information dialog is also here. Produced. We started from these two DLLs. Procedures on Windows, no matter what operation, it is done by calling the API. And these APIs are distributed in user32.dll, gdi32.dll, ole32.dll, etc. BCGCB553DEVAL.DLL with disassemble tool WDASM and generated into an ALF file. You can see the introduction of each system DLL. And I want to remove the dialog box, obviously popped up with MessageBoxa. The following picture is the program to user32.dll Quote, in which the MessageBoxa is imported. Find ORD: 01BEH in the ALF file, you can find the address using this API. From 1003FEA6 to 1003FEAB's binary code is called for this API. To remove this dialog, as long as you want to remove this dialog The comment is taken out. We use VC to open BCGCB553DEVAL.DLL with a binary method, find 03FEA6. Just replace these six bytes, the problem is solved. The following is the original code: after the change .90 represents NOP, mid-purpose operation. If the method is made, the Release version DLL is changed. The BCGCB553EVAL.DLL is contrasing with WDASM, and the introduction to user32.dll: Find the call: 01beh call code: because Release version The program is optimized for the code, so the above code is different, and the method of the change is different. Before the comment is called for the MessageBoxa call, you should also comment on the above four stack operations, otherwise the pointer after RET The turn is incorrect, and it has an illegal operation. Before the change: change: Ok, save the changed DLL, put the DLL in the system directory. Run a test program, is there no prompt, do not prompt, directly enter? What? Have an illegal operation? ? You must be what you are wrong, try it from the new test.

转载请注明原文地址:https://www.9cbs.com/read-2839.html

New Post(0)