一个比较有意思的开发库
应朋友所托,HX的一个SDK。感觉比较有意思。放在这里。给需要的朋友。程序代码:
comment *======================================================================= 标题: MachineID 描述: MachineID.dll 是一个PC硬件ID生成库。使用了注册码注册方式。未注册版本会有干扰对话框出现。 本文件没有采取一往的分析算法,生成注册码方式进行CRACK。而是根据其采用全局变量进行注册合法标示判定的弱点, 采用定位数据写入方式直接成为正式版本。其中定义的CrackPoint为DLL加载后模块相对偏移量。 备注: MachineID SDK来源于 http:// 建立: 2009.9.17 修改记录: 作者: 东海一鱼 =============================================================================* IFNDEF MACHINEID_INC MACHINEID equ <1> IFNDEF _wininc_ include windows.inc ENDIF CTEXT MACRO y:VARARG LOCAL sym STRDATA segment dword private 'DATA' IFIDNI <y>,<> sym db 0 ELSE sym db y,0 ENDIF STRDATA ends EXITM <OFFSET sym> ENDM IsVirtualMachine typedef proto ; Boolean; stdcall; external DLLName name 'IsVirtualMachine'; GetMachineID typedef proto ;: PAnsiChar; stdcall; external DLLName name 'GetMachineID'; //AnsiString Support UTF-8 GetMachineIDW typedef proto ;: PChar; stdcall; external DLLName name 'GetMachineIDW'; //Unicode Support UTF-16 MID_R typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_R'; //AnsiString Support UTF-8 MID_RW typedef proto USERID:LPSTR, LicenseKey:LPSTR ; stdcall external DLLName name 'MID_RW'; // Unicode Support UTF-16 UserExtraInfo typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfo'; UserExtraInfoW typedef proto Info:LPSTR ; stdcall; external DLLName name 'UserExtraInfoW'; // Unicode Support UTF-16 SetSeparator typedef proto Separator:PCHAR ;PAnsiChar; stdcall; external DLLName name 'SetSeparator'; SetHardware typedef proto HDD:BOOL,CPU:BOOL,BIOS:BOOL pIsVirtualMachine typedef ptr IsVirtualMachine pGetMachineID typedef ptr GetMachineID pGetMachineIDW typedef ptr GetMachineIDW pMID_R typedef ptr MID_R pMID_RW typedef ptr MID_RW pUserExtraInfo typedef ptr UserExtraInfo pUserExtraInfoW typedef ptr UserExtraInfoW pSetSeparator typedef ptr SetSeparator pSetHardware typedef ptr SetHardware MacineID_Inint proto MacineID_Free proto .const CrackPoint equ 0c55c8h ; //MachineID.dll 破解相对偏移量 CrackCode equ 01h ; //MachineID.dll 使用了全局检验标记 .data? fnIsVm pIsVirtualMachine ? fnGetID pGetMachineID ? fnGetIDW pGetMachineIDW ? fnMID_R pMID_R ? fnMID_RW pMID_RW ? fnUserEInfo pUserExtraInfo ? fnUserEInfoW pUserExtraInfoW ? fnSetSep pSetSeparator ? fnSetHard pSetHardware ? hDll dd ? ELSEIF echo-------------------------------- echo重复定义 MachineID.inc 文件 echo-------------------------------- ENDIF
程序代码:
include MachineID.inc include kernel32.inc MacineID_Inint proc invoke LoadLibrary,CTEXT('MachineID.dll') mov hDll,eax .if eax add eax,CrackPoint mov edx,[eax + 4] cmp edx,0ffffffffh jnz error mov byte ptr[eax], CrackCode invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine') mov fnIsVm,eax invoke GetProcAddress,hDll,CTEXT('GetMachineID') mov fnGetID,eax invoke GetProcAddress,hDll,CTEXT('SetHardware') mov fnSetHard,eax invoke GetProcAddress,hDll,CTEXT('UserExtraInfo') mov fnUserEInfo,eax invoke GetProcAddress,hDll,CTEXT('UserExtraInfoW') mov fnUserEInfoW,eax invoke GetProcAddress,hDll,CTEXT('IsVirtualMachine') mov fnIsVm,eax invoke GetProcAddress,hDll,CTEXT('MID_R') mov fnMID_R,eax invoke GetProcAddress,hDll,CTEXT('MID_RW') mov fnMID_RW,eax or eax,1 jmp over .endif error: xor eax,eax over: ret MacineID_Inint endp MacineID_Free proc .if hDll invoke CloseHandle,hDll mov hDll,0 .endif ret MacineID_Free endp