史萊姆論壇 - 查看單個文章

psac · 2006-01-08, 02:46 PM

破解軟體：三江影像科報告系統 1.2
破解工具：peid，od
破解作者：funinggaj
下載位址：http://www.ntsj.net/
軟體介紹：
軟體設計者放射科專業畢業，有著多年的放射科工作經驗，現再次創業進入IT業後推出了本軟體，軟體包含放射科報告系統，醫學CT報告系統，並且可以增加B超報告系統，1.2版功能如下：影像登記、預約管理、借片管理、影像報告、報告範本、各類報表等.
破解程序：od載人，下斷點來到：

00467C93 . 55 push ebp
00467C94 . 68 0F7E4600 push 影像科管.00467E0F ;下斷點
00467C99 . 64:FF30 push dword ptr fs:[eax]
00467C9C . 64:8920 mov dword ptr fs:[eax],esp
00467C9F . 8D55 EC lea edx,dword ptr ss:[ebp-14]
00467CA2 . 8B83 30030000 mov eax,dword ptr ds:[ebx+330]
00467CA8 . E8 13ADF9FF call <jmp.&vcl70.Controls::TControl::GetTex>
00467CAD . 8B45 EC mov eax,dword ptr ss:[ebp-14]
00467CB0 . 50 push eax
00467CB1 . 8D55 E8 lea edx,dword ptr ss:[ebp-18]
00467CB4 . 8B83 24030000 mov eax,dword ptr ds:[ebx+324]
00467CBA . E8 01ADF9FF call <jmp.&vcl70.Controls::TControl::GetTex>
00467CBF . 8B45 E8 mov eax,dword ptr ss:[ebp-18] ; 假註冊碼
00467CC2 . 8D4D F0 lea ecx,dword ptr ss:[ebp-10]
00467CC5 . 5A pop edx
00467CC6 . E8 4D870000 call 影像科管.00470418 ; 算法call
00467CCB . 8B45 F0 mov eax,dword ptr ss:[ebp-10]
00467CCE . 50 push eax
00467CCF . 8D55 E4 lea edx,dword ptr ss:[ebp-1C]
00467CD2 . 8B83 20030000 mov eax,dword ptr ds:[ebx+320]
00467CD8 . E8 E3ACF9FF call <jmp.&vcl70.Controls::TControl::GetTex>
00467CDD . 8B55 E4 mov edx,dword ptr ss:[ebp-1C] ; 機器碼
00467CE0 . 58 pop eax
00467CE1 . E8 0295F9FF call <jmp.&rtl70.System::LStrCmp> ; 比較call，也是爆破點
00467CE6 . 0F85 03010000 jnz 影像科管.00467DEF
00467CEC . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467CF2 . 33D2 xor edx,edx
00467CF4 . 8B08 mov ecx,dword ptr ds:[eax]
00467CF6 . FF91 78010000 call dword ptr ds:[ecx+178]
00467CFC . 8D55 D4 lea edx,dword ptr ss:[ebp-2C]
00467CFF . 8B83 3C030000 mov eax,dword ptr ds:[ebx+33C]
00467D05 . E8 1AA10000 call 影像科管.00471E24
00467D0A . 8D55 D4 lea edx,dword ptr ss:[ebp-2C]
00467D0D . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D13 . E8 88B8F9FF call <jmp.&dsnap70.Dbclient::TCustomClientD>
00467D18 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D1E . B2 01 mov dl,1
00467D20 . 8B08 mov ecx,dword ptr ds:[eax]
00467D22 . FF91 78010000 call dword ptr ds:[ecx+178]
00467D28 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D2E . E8 1DB6F9FF call <jmp.&dbrtl70.Db::TDataSet::Edit>
00467D33 . 8D4D D0 lea ecx,dword ptr ss:[ebp-30]
00467D36 . BA C07E4600 mov edx,影像科管.00467EC0 ; ASCII "sweetykiss"
00467D3B . B8 D47E4600 mov eax,影像科管.00467ED4 ; ASCII "true"
00467D40 . E8 77850000 call 影像科管.004702BC
00467D45 . 8B45 D0 mov eax,dword ptr ss:[ebp-30]
00467D48 . 50 push eax
00467D49 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D4F . 8B40 30 mov eax,dword ptr ds:[eax+30]
00467D52 . BA 01000000 mov edx,1
00467D57 . E8 4CB5F9FF call <jmp.&dbrtl70.Db::TFields::GetField>
00467D5C . 5A pop edx
00467D5D . 8B08 mov ecx,dword ptr ds:[eax]
00467D5F . FF91 B0000000 call dword ptr ds:[ecx+B0]
00467D65 . 8D55 CC lea edx,dword ptr ss:[ebp-34]
00467D68 . 8B83 24030000 mov eax,dword ptr ds:[ebx+324]
00467D6E . E8 4DACF9FF call <jmp.&vcl70.Controls::TControl::GetTex>
00467D73 . 8B45 CC mov eax,dword ptr ss:[ebp-34]
00467D76 . 50 push eax
00467D77 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D7D . 8B40 30 mov eax,dword ptr ds:[eax+30]
00467D80 . BA 02000000 mov edx,2
00467D85 . E8 1EB5F9FF call <jmp.&dbrtl70.Db::TFields::GetField>
00467D8A . 5A pop edx
00467D8B . 8B08 mov ecx,dword ptr ds:[eax]
00467D8D . FF91 B0000000 call dword ptr ds:[ecx+B0]
00467D93 . 8D55 BC lea edx,dword ptr ss:[ebp-44]
00467D96 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334]
00467D9C . E8 07B8F9FF call <jmp.&dsnap70.Dbclient::TCustomClientD>
00467DA1 . 8D55 BC lea edx,dword ptr ss:[ebp-44]
00467DA4 . 8D4D FC lea ecx,dword ptr ss:[ebp-4]
00467DA7 . 8B83 3C030000 mov eax,dword ptr ds:[ebx+33C]
00467DAD . E8 36A20000 call 影像科管.00471FE8
00467DB2 . C783 44030000 >mov dword ptr ds:[ebx+344],2
00467DBC . A1 207A4700 mov eax,dword ptr ds:[477A20]
00467DC1 . 8B00 mov eax,dword ptr ds:[eax]
00467DC3 . 8B80 4C030000 mov eax,dword ptr ds:[eax+34C]
00467DC9 . 33D2 xor edx,edx
00467DCB . E8 B8B0F9FF call <jmp.&vcl70.Actnlist::TCustomAction::S>
00467DD0 . 6A 03 push 3
00467DD2 . B9 01000000 mov ecx,1
00467DD7 . BA 987E4600 mov edx,影像科管.00467E98
00467DDC . B8 E47E4600 mov eax,影像科管.00467EE4

2006-01-08, 02:46 PM	#1 (permalink)
psac 榮譽會員榮譽勳章勳章總數19 UID - 3662 在線等級: 註冊日期: 2002-12-07 住址: 木柵市立動物園文章: 17381 精華: 2 現金: 5253 金幣資產: 33853 金幣	三江影像科報告系統 1.2的算法分析破解軟體：三江影像科報告系統 1.2 破解工具：peid，od 破解作者：funinggaj 下載位址：http://www.ntsj.net/ 軟體介紹：軟體設計者放射科專業畢業，有著多年的放射科工作經驗，現再次創業進入IT業後推出了本軟體，軟體包含放射科報告系統，醫學CT報告系統，並且可以增加B超報告系統，1.2版功能如下：影像登記、預約管理、借片管理、影像報告、報告範本、各類報表等. 破解程序：od載人，下斷點來到： 00467C93 . 55 push ebp 00467C94 . 68 0F7E4600 push 影像科管.00467E0F ;下斷點 00467C99 . 64:FF30 push dword ptr fs:[eax] 00467C9C . 64:8920 mov dword ptr fs:[eax],esp 00467C9F . 8D55 EC lea edx,dword ptr ss:[ebp-14] 00467CA2 . 8B83 30030000 mov eax,dword ptr ds:[ebx+330] 00467CA8 . E8 13ADF9FF call <jmp.&vcl70.Controls::TControl::GetTex> 00467CAD . 8B45 EC mov eax,dword ptr ss:[ebp-14] 00467CB0 . 50 push eax 00467CB1 . 8D55 E8 lea edx,dword ptr ss:[ebp-18] 00467CB4 . 8B83 24030000 mov eax,dword ptr ds:[ebx+324] 00467CBA . E8 01ADF9FF call <jmp.&vcl70.Controls::TControl::GetTex> 00467CBF . 8B45 E8 mov eax,dword ptr ss:[ebp-18] ; 假註冊碼 00467CC2 . 8D4D F0 lea ecx,dword ptr ss:[ebp-10] 00467CC5 . 5A pop edx 00467CC6 . E8 4D870000 call 影像科管.00470418 ; 算法call 00467CCB . 8B45 F0 mov eax,dword ptr ss:[ebp-10] 00467CCE . 50 push eax 00467CCF . 8D55 E4 lea edx,dword ptr ss:[ebp-1C] 00467CD2 . 8B83 20030000 mov eax,dword ptr ds:[ebx+320] 00467CD8 . E8 E3ACF9FF call <jmp.&vcl70.Controls::TControl::GetTex> 00467CDD . 8B55 E4 mov edx,dword ptr ss:[ebp-1C] ; 機器碼 00467CE0 . 58 pop eax 00467CE1 . E8 0295F9FF call <jmp.&rtl70.System::LStrCmp> ; 比較call，也是爆破點 00467CE6 . 0F85 03010000 jnz 影像科管.00467DEF 00467CEC . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467CF2 . 33D2 xor edx,edx 00467CF4 . 8B08 mov ecx,dword ptr ds:[eax] 00467CF6 . FF91 78010000 call dword ptr ds:[ecx+178] 00467CFC . 8D55 D4 lea edx,dword ptr ss:[ebp-2C] 00467CFF . 8B83 3C030000 mov eax,dword ptr ds:[ebx+33C] 00467D05 . E8 1AA10000 call 影像科管.00471E24 00467D0A . 8D55 D4 lea edx,dword ptr ss:[ebp-2C] 00467D0D . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D13 . E8 88B8F9FF call <jmp.&dsnap70.Dbclient::TCustomClientD> 00467D18 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D1E . B2 01 mov dl,1 00467D20 . 8B08 mov ecx,dword ptr ds:[eax] 00467D22 . FF91 78010000 call dword ptr ds:[ecx+178] 00467D28 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D2E . E8 1DB6F9FF call <jmp.&dbrtl70.Db::TDataSet::Edit> 00467D33 . 8D4D D0 lea ecx,dword ptr ss:[ebp-30] 00467D36 . BA C07E4600 mov edx,影像科管.00467EC0 ; ASCII "sweetykiss" 00467D3B . B8 D47E4600 mov eax,影像科管.00467ED4 ; ASCII "true" 00467D40 . E8 77850000 call 影像科管.004702BC 00467D45 . 8B45 D0 mov eax,dword ptr ss:[ebp-30] 00467D48 . 50 push eax 00467D49 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D4F . 8B40 30 mov eax,dword ptr ds:[eax+30] 00467D52 . BA 01000000 mov edx,1 00467D57 . E8 4CB5F9FF call <jmp.&dbrtl70.Db::TFields::GetField> 00467D5C . 5A pop edx 00467D5D . 8B08 mov ecx,dword ptr ds:[eax] 00467D5F . FF91 B0000000 call dword ptr ds:[ecx+B0] 00467D65 . 8D55 CC lea edx,dword ptr ss:[ebp-34] 00467D68 . 8B83 24030000 mov eax,dword ptr ds:[ebx+324] 00467D6E . E8 4DACF9FF call <jmp.&vcl70.Controls::TControl::GetTex> 00467D73 . 8B45 CC mov eax,dword ptr ss:[ebp-34] 00467D76 . 50 push eax 00467D77 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D7D . 8B40 30 mov eax,dword ptr ds:[eax+30] 00467D80 . BA 02000000 mov edx,2 00467D85 . E8 1EB5F9FF call <jmp.&dbrtl70.Db::TFields::GetField> 00467D8A . 5A pop edx 00467D8B . 8B08 mov ecx,dword ptr ds:[eax] 00467D8D . FF91 B0000000 call dword ptr ds:[ecx+B0] 00467D93 . 8D55 BC lea edx,dword ptr ss:[ebp-44] 00467D96 . 8B83 34030000 mov eax,dword ptr ds:[ebx+334] 00467D9C . E8 07B8F9FF call <jmp.&dsnap70.Dbclient::TCustomClientD> 00467DA1 . 8D55 BC lea edx,dword ptr ss:[ebp-44] 00467DA4 . 8D4D FC lea ecx,dword ptr ss:[ebp-4] 00467DA7 . 8B83 3C030000 mov eax,dword ptr ds:[ebx+33C] 00467DAD . E8 36A20000 call 影像科管.00471FE8 00467DB2 . C783 44030000 >mov dword ptr ds:[ebx+344],2 00467DBC . A1 207A4700 mov eax,dword ptr ds:[477A20] 00467DC1 . 8B00 mov eax,dword ptr ds:[eax] 00467DC3 . 8B80 4C030000 mov eax,dword ptr ds:[eax+34C] 00467DC9 . 33D2 xor edx,edx 00467DCB . E8 B8B0F9FF call <jmp.&vcl70.Actnlist::TCustomAction::S> 00467DD0 . 6A 03 push 3 00467DD2 . B9 01000000 mov ecx,1 00467DD7 . BA 987E4600 mov edx,影像科管.00467E98 00467DDC . B8 E47E4600 mov eax,影像科管.00467EE4
	__________________
	送花文章: 3, 收花文章: 1631 篇, 收花: 3205 次