chilkat破解
Chilkat类库的确好用 所以我一直在用 结果今天突然发现 HTTP的老是访问失败 但是我浏览器也能打开网站啊 结果http.LastErrorText发现解锁CODE过期了 结果上chilkat官网上一搜 我类个擦 竟然每个模块都要钱买 买的还不是永久的1年期限 貌似也不便宜 100多刀 咋整呢 当时哥就怒了 直接上注册表搜chilkat,结果发现有注册表项 chilkat corporation inc.里面就有CODE 直接删掉 再用 OK好了 那这样还是30天的啊 不行 直接破解吧!
过程如下:
破解重点函数在解锁上 success=http.UnlockComponent("test for crack");
直接OD跟进去 发现了一段程序用来比较CODE的 应该就是这里了
00420F05 |. 68 B4A75900 push FakeRefe.0059A7B4 ; ASCII "UnlockComponent"
00420F0A |. E8 71CEFFFF call FakeRefe.0041DD80
00420F0F |. 8B46 10 mov eax, dword ptr ds:[esi+10]
00420F12 |. 83C6 10 add esi, 10
00420F15 |. 68 ACA75900 push FakeRefe.0059A7AC ; ASCII "Http"
00420F1A |. 68 A0A75900 push FakeRefe.0059A7A0 ; ASCII "component"
00420F1F |. 8BCE mov ecx, esi
00420F21 |. FF50 28 call dword ptr ds:[eax+28]
00420F24 |. 8B16 mov edx, dword ptr ds:[esi]
00420F26 |. 55 push ebp
00420F27 |. 68 94A75900 push FakeRefe.0059A794 ; ASCII "unlockCode"
00420F2C |. 8BCE mov ecx, esi
00420F2E |. FF52 28 call dword ptr ds:[edx+28]
00420F31 |. 8D4C24 0C lea ecx, dword ptr ss:[esp+C]
00420F35 |. E8 96370300 call FakeRefe.004546D0
00420F3A |. 55 push ebp
00420F3B |. 8D4C24 10 lea ecx, dword ptr ss:[esp+10]
00420F3F |. C74424 40 000>mov dword ptr ss:[esp+40], 0
00420F47 |. E8 24320300 call FakeRefe.00454170
00420F4C |. 68 ACA75900 push FakeRefe.0059A7AC ; ASCII "Http"
上面是信息,一看就知道这段是判断CODE解锁用的
继续下面
00420F51 |. 8D4C24 10 lea ecx, dword ptr ss:[esp+10]
00420F55 |. E8 F6330300 call FakeRefe.00454350
00420F5A |. 84C0 test al, al
00420F5C |. 74 48 je short FakeRefe.00420FA6
00420F5E |. C605 107D5F00>mov byte ptr ds:[5F7D10], 0
00420F65 |. C605 34A45900>mov byte ptr ds:[59A434], 0
00420F6C |. 8B06 mov eax, dword ptr ds:[esi]
00420F6E |. 68 7CA75900 push FakeRefe.0059A77C ; ASCII "Unlock code is invalid."
00420F73 |. 8BCE mov ecx, esi
00420F75 |. FF50 14 call dword ptr ds:[eax+14]
00420F78 |. 8B16 mov edx, dword ptr ds:[esi]
00420F7A |. 8BCE mov ecx, esi
00420F7C |. FF52 24 call dword ptr ds:[edx+24]
00420F7F |. 8D4C24 0C lea ecx, dword ptr ss:[esp+C]
00420F83 |. C74424 3C FFF>mov dword ptr ss:[esp+3C], -1
00420F8B |. E8 303A0300 call FakeRefe.004549C0
00420F90 |. 5E pop esi
00420F91 |. 5D pop ebp
00420F92 |. 32C0 xor al, al
00420F94 |. 5B pop ebx
00420F95 |. 8B4C24 28 mov ecx, dword ptr ss:[esp+28]
00420F99 |. 64:890D 00000>mov dword ptr fs:[0], ecx
00420FA0 |. 83C4 34 add esp, 34
00420FA3 |. C2 0400 retn 4
00420FA6 |> 57 push edi
00420FA7 |. BF 70A75900 mov edi, FakeRefe.0059A770 ; ASCII "30277129240"
//下面就是循环比较是否是30277129240是就跳到"Unlocked with permanent unlock code."上 然后写类成员变量表示已经解锁了
00420FAC |. 8BC5 mov eax, ebp
00420FAE |> 8A10 /mov dl, byte ptr ds:[eax]
00420FB0 |. 8A1F |mov bl, byte ptr ds:[edi]
00420FB2 |. 8ACA |mov cl, dl
00420FB4 |. 3AD3 |cmp dl, bl
00420FB6 |. 75 1E |jnz short FakeRefe.00420FD6
00420FB8 |. 84C9 |test cl, cl
00420FBA |. 74 16 |je short FakeRefe.00420FD2
00420FBC |. 8A50 01 |mov dl, byte ptr ds:[eax+1]
00420FBF |. 8A5F 01 |mov bl, byte ptr ds:[edi+1]
00420FC2 |. 8ACA |mov cl, dl
00420FC4 |. 3AD3 |cmp dl, bl
00420FC6 |. 75 0E |jnz short FakeRefe.00420FD6
00420FC8 |. 83C0 02 |add eax, 2
00420FCB |. 83C7 02 |add edi, 2
00420FCE |. 84C9 |test cl, cl
00420FD0 |.^ 75 DC \jnz short FakeRefe.00420FAE
//-----------------------------------------------------------------------
00420FD2 |> 33C0 xor eax, eax
00420FD4 |. EB 05 jmp short FakeRefe.00420FDB
00420FD6 |> 1BC0 sbb eax, eax
00420FD8 |. 83D8 FF sbb eax, -1
00420FDB |> 85C0 test eax, eax
00420FDD |. 5F pop edi
00420FDE |. 75 46 jnz short FakeRefe.00421026
00420FE0 |. C605 107D5F00>mov byte ptr ds:[5F7D10], 1
00420FE7 |. A2 34A45900 mov byte ptr ds:[59A434], al
00420FEC |. 8B06 mov eax, dword ptr ds:[esi]
00420FEE |. 68 48A75900 push FakeRefe.0059A748 ; ASCII "Unlocked with permanent unlock code."
00420FF3 |. 8BCE mov ecx, esi
00420FF5 |. FF50 14 call dword ptr ds:[eax+14]
00420FF8 |. 8B16 mov edx, dword ptr ds:[esi]
00420FFA |. 8BCE mov ecx, esi
00420FFC |. FF52 24 call dword ptr ds:[edx+24]
00420FFF |. 8D4C24 0C lea ecx, dword ptr ss:[esp+C]
00421003 |. C74424 3C FFF>mov dword ptr ss:[esp+3C], -1
0042100B |. E8 B0390300 call FakeRefe.004549C0
00421010 |. 5E pop esi
00421011 |. 5D pop ebp
00421012 |. B0 01 mov al, 1
00421014 |. 5B pop ebx
00421015 |. 8B4C24 28 mov ecx, dword ptr ss:[esp+28]
00421019 |. 64:890D 00000>mov dword ptr fs:[0], ecx
00421020 |. 83C4 34 add esp, 34
00421023 |. C2 0400 retn 4
00421026 |> 8D4C24 44 lea ecx, dword ptr ss:[esp+44]
0042102A |. E8 D17E0500 call FakeRefe.00478F00
0042102F |. 6A 00 push 0
00421031 |. 56 push esi
00421032 |. 68 34A45900 push FakeRefe.0059A434
00421037 |. 68 34A75900 push FakeRefe.0059A734 ; ASCII "Q2hpbGthdEh0dHA="
0042103C |. 68 28A75900 push FakeRefe.0059A728 ; ASCII "SHR0cA=="
00421041 |. 55 push ebp
00421042 |. 8D4C24 5C lea ecx, dword ptr ss:[esp+5C]
00421046 |. C64424 54 01 mov byte ptr ss:[esp+54], 1
0042104B |. E8 70840500 call FakeRefe.004794C0
具体的汇编代码我就不一一解释了 这样用这个CODE就破解了 永久使用 不需要花钱啦!
思路就是这样 希望使用愉快!很好的一个类库
因为之前一直搜CHILKAT破解没什么好的结果 然后直接把CODE:30277129240放GG一搜 还有不少结果 不过都是一个被各大站转了
ZIP ZIPT34MB34N_0F616ABFp16E
XMP XMPT34MB34N_44A7297C859L
RSA RSAT34MB34N_3A94AF1A644V
Socket SocketT34MB34N_7773F201lv9D
MIME SMIMET34MB34N_60B499B6GA9M
MHT MHTT34MB34N_2587780BoR8L
IMAP IMAPT34MB34N_70D7AD534IAG
Http 30277129240
FTP2 FTP212345678_1E34EC01jA1U
Email MAILT34MB34N_6ADE5E140UIY
Crypt CryptT34MB34N_2CF2A9DCKRoJ
Charset CharsetT34MB34N_6F6DC191CRIn
Mail Bounce BOUNCET34MB34N_0EBF4FBEKC30
HtmlToXml HtmlToXmlT34MB34N_320C4A82mR5H
PFX PFXT34MB34N_44EFB679852G
Tar TarArchT34MB34N_55B4E54Al6j8
AES Interoperate AesInteropT34MB34N_5739893B98lM
DSA DSAT34MB34N_0260AD3A293G
Diffie-Hellman DiffieT34MB34N_190CBC0EGrDW
Compression CompressT34MB34N_130E47FBprRK
SSH SSHT34MB34N_0E97B983514G