程序代码:comment *=======================================================================
标题: MachineID
描述: MachineID.dll 是一个PC硬件ID生成库。使用了注册码注册方式。未注册版本会有干扰对话框出现。
本文件没有采取一往的分析算法,生成注册码方式进行CRACK。而是根据其采用全局变量进行注册合法标示判定的弱点,
采用定位数据写入方式直接成为正式版本。其中定义的CrackPoint为DLL加载后模块相对偏移量。
备注: MachineID SDK来源于 http://
建立: 2009.9.17
修改记录:
作者: 东海一鱼
=============================================================================*
IFNDEF MACHINEID_INC
MACHINEID equ <1>
IFNDEF _wininc_
include windows.inc
ENDIF
CTEXT MACRO y:VARARG
LOCAL sym
STRDATA segment dword private 'DATA'
IFIDNI <y>,<>
sym db 0
ELSE
sym db y,0
ENDIF
STRDATA ends
EXITM <OFFSET sym>
ENDM
IsVirtualMachine typedef proto ; Boolean; stdcall; external DLLName name 'IsVirtualMachine';
GetMachineID typedef proto ;: PAnsiChar; stdcall; external DLLName name 'GetMachineID'; //AnsiString Support UTF-8
GetMachineIDW typedef proto ;: PChar; stdcall; external DLLName name 'GetMachineIDW'; //Unicode Support UTF-16
MID_R typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_R'; //AnsiString Support UTF-8
MID_RW typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_RW'; // Unicode Support UTF-16
UserExtraInfo typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfo';
UserExtraInfoW typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfoW'; // Unicode Support UTF-16
SetSeparator typedef proto Separator:PCHAR ;PAnsiChar; stdcall; external DLLName name 'SetSeparator';
SetHardware typedef proto HDD:BOOL,CPU:BOOL,BIOS:BOOL
pIsVirtualMachine typedef ptr IsVirtualMachine
pGetMachineID typedef ptr GetMachineID
pGetMachineIDW typedef ptr GetMachineIDW
pMID_R typedef ptr MID_R
pMID_RW typedef ptr MID_RW
pUserExtraInfo typedef ptr UserExtraInfo
pUserExtraInfoW typedef ptr UserExtraInfoW
pSetSeparator typedef ptr SetSeparator
pSetHardware typedef ptr SetHardware
MacineID_Inint proto
MacineID_Free proto
.const
CrackPoint equ 0c55c8h ; //MachineID.dll 破解相对偏移量
CrackCode equ 01h ; //MachineID.dll 使用了全局检验标记
.data?
fnIsVm pIsVirtualMachine ?
fnGetID pGetMachineID ?
fnGetIDW pGetMachineIDW ?
fnMID_R pMID_R ?
fnMID_RW pMID_RW ?
fnUserEInfo pUserExtraInfo ?
fnUserEInfoW pUserExtraInfoW ?
fnSetSep pSetSeparator ?
fnSetHard pSetHardware ?
hDll dd ?
ELSEIF
echo--------------------------------
echo重复定义 MachineID.inc 文件
echo--------------------------------
ENDIF
标题: MachineID
描述: MachineID.dll 是一个PC硬件ID生成库。使用了注册码注册方式。未注册版本会有干扰对话框出现。
本文件没有采取一往的分析算法,生成注册码方式进行CRACK。而是根据其采用全局变量进行注册合法标示判定的弱点,
采用定位数据写入方式直接成为正式版本。其中定义的CrackPoint为DLL加载后模块相对偏移量。
备注: MachineID SDK来源于 http://
建立: 2009.9.17
修改记录:
作者: 东海一鱼
=============================================================================*
IFNDEF MACHINEID_INC
MACHINEID equ <1>
IFNDEF _wininc_
include windows.inc
ENDIF
CTEXT MACRO y:VARARG
LOCAL sym
STRDATA segment dword private 'DATA'
IFIDNI <y>,<>
sym db 0
ELSE
sym db y,0
ENDIF
STRDATA ends
EXITM <OFFSET sym>
ENDM
IsVirtualMachine typedef proto ; Boolean; stdcall; external DLLName name 'IsVirtualMachine';
GetMachineID typedef proto ;: PAnsiChar; stdcall; external DLLName name 'GetMachineID'; //AnsiString Support UTF-8
GetMachineIDW typedef proto ;: PChar; stdcall; external DLLName name 'GetMachineIDW'; //Unicode Support UTF-16
MID_R typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_R'; //AnsiString Support UTF-8
MID_RW typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_RW'; // Unicode Support UTF-16
UserExtraInfo typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfo';
UserExtraInfoW typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfoW'; // Unicode Support UTF-16
SetSeparator typedef proto Separator:PCHAR ;PAnsiChar; stdcall; external DLLName name 'SetSeparator';
SetHardware typedef proto HDD:BOOL,CPU:BOOL,BIOS:BOOL
pIsVirtualMachine typedef ptr IsVirtualMachine
pGetMachineID typedef ptr GetMachineID
pGetMachineIDW typedef ptr GetMachineIDW
pMID_R typedef ptr MID_R
pMID_RW typedef ptr MID_RW
pUserExtraInfo typedef ptr UserExtraInfo
pUserExtraInfoW typedef ptr UserExtraInfoW
pSetSeparator typedef ptr SetSeparator
pSetHardware typedef ptr SetHardware
MacineID_Inint proto
MacineID_Free proto
.const
CrackPoint equ 0c55c8h ; //MachineID.dll 破解相对偏移量
CrackCode equ 01h ; //MachineID.dll 使用了全局检验标记
.data?
fnIsVm pIsVirtualMachine ?
fnGetID pGetMachineID ?
fnGetIDW pGetMachineIDW ?
fnMID_R pMID_R ?
fnMID_RW pMID_RW ?
fnUserEInfo pUserExtraInfo ?
fnUserEInfoW pUserExtraInfoW ?
fnSetSep pSetSeparator ?
fnSetHard pSetHardware ?
hDll dd ?
ELSEIF
echo--------------------------------
echo重复定义 MachineID.inc 文件
echo--------------------------------
ENDIF
程序代码:include MachineID.inc
include kernel32.inc
MacineID_Inint proc
invoke LoadLibrary,CTEXT('MachineID.dll')
mov hDll,eax
.if eax
add eax,CrackPoint
mov edx,[eax + 4]
cmp edx,0ffffffffh
jnz error
mov byte ptr[eax], CrackCode
invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine')
mov fnIsVm,eax
invoke GetProcAddress,hDll,CTEXT('GetMachineID')
mov fnGetID,eax
invoke GetProcAddress,hDll,CTEXT('SetHardware')
mov fnSetHard,eax
invoke GetProcAddress,hDll,CTEXT('UserExtraInfo')
mov fnUserEInfo,eax
invoke GetProcAddress,hDll,CTEXT('UserExtraInfoW')
mov fnUserEInfoW,eax
invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine')
mov fnIsVm,eax
invoke GetProcAddress,hDll,CTEXT('MID_R')
mov fnMID_R,eax
invoke GetProcAddress,hDll,CTEXT('MID_RW')
mov fnMID_RW,eax
or eax,1
jmp over
.endif
error:
xor eax,eax
over:
ret
MacineID_Inint endp
MacineID_Free proc
.if hDll
invoke CloseHandle,hDll
mov hDll,0
.endif
ret
MacineID_Free endp
include kernel32.inc
MacineID_Inint proc
invoke LoadLibrary,CTEXT('MachineID.dll')
mov hDll,eax
.if eax
add eax,CrackPoint
mov edx,[eax + 4]
cmp edx,0ffffffffh
jnz error
mov byte ptr[eax], CrackCode
invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine')
mov fnIsVm,eax
invoke GetProcAddress,hDll,CTEXT('GetMachineID')
mov fnGetID,eax
invoke GetProcAddress,hDll,CTEXT('SetHardware')
mov fnSetHard,eax
invoke GetProcAddress,hDll,CTEXT('UserExtraInfo')
mov fnUserEInfo,eax
invoke GetProcAddress,hDll,CTEXT('UserExtraInfoW')
mov fnUserEInfoW,eax
invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine')
mov fnIsVm,eax
invoke GetProcAddress,hDll,CTEXT('MID_R')
mov fnMID_R,eax
invoke GetProcAddress,hDll,CTEXT('MID_RW')
mov fnMID_RW,eax
or eax,1
jmp over
.endif
error:
xor eax,eax
over:
ret
MacineID_Inint endp
MacineID_Free proc
.if hDll
invoke CloseHandle,hDll
mov hDll,0
.endif
ret
MacineID_Free endp