VAX v10.9.2062.0-PiaoYun 破解分析 【转载请注明出处】

.text  Address=1ED01000

Patch-1:

offset=0x458A40 -> 0x1F159A40

1F159A40  55 8B EC 6A                                     

1F159A40    55                          PUSH EBP

1F159A41    8BEC                        MOV EBP,ESP

1F159A43    6A FF                      PUSH - 0x1

->

1F159A40  33 C0 C3 90                                     

1F159A40    33C0                        XOR EAX,EAX       ; Fuck License Batch-Check.

1F159A42    C3                         RETN

1F159A43    90                          NOP

---

Patch-2:

offset=0x60213D -> 0x1F30313D

1F30313D  74                                               

1F303133    E8 55DFFCFF                 CALL VA_X.1F2D108D

1F303138    8B41 48                     MOV EAX,DWORD PTR DS:[ECX+0x48]

1F30313B    85C0                        TEST EAX,EAX

1F30313D    74 0E                       JE SHORT VA_X.1F30314D

->

1F30313D  EB                                              

1F303133    E8 55DFFCFF                 CALL VA_X.1F2D108D

1F303138    8B41 48                     MOV EAX,DWORD PTR DS:[ECX+0x48]

1F30313B    85C0                        TEST EAX,EAX

1F30313D    EB 0E                       JMP SHORT VA_X.1F30314D  ; Fuck VAX:OzThread & LAN-Check.

---

Patch-3:

在注册表中设置如下信息：

[HKEY_CURRENT_USER\Software\Whole Tomato\Visual Assist X]
"UserKey"=" WwW.CHinaPYG.CoM"

"UserName"="WwW.CHinaPYG.CoM"

按照VAX的设计，如果检测显示已授权的话（Patch-1），则从注册表中读取信息并在About对话框中显示。

将检测机制暴破掉以后，只需保证 UserKey和UserName的均为非空字符串即可。