home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Reverse Code Engineering RCE CD +sandman 2000
/
ReverseCodeEngineeringRceCdsandman2000.iso
/
RCE
/
Aptteam
/
cours
/
Winzip70.txt
< prev
next >
Wrap
Text File
|
2000-05-25
|
13KB
|
319 lines
**************************************
*******WinZip 7.0 SR-1 (1258f)********
**************************************
www.winzip.com
Limitation:
-21jours d'utilisation
-ne fonctionne plus aprΦs le mardi 29 fΘvrier 2000
-affiche non enregistrΘ dans la barre de titre et dans le "A Propos de WinZip..."
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A6EF(C)
|
:0041A705 391DACB24700 cmp dword ptr [0047B2AC], ebx
:0041A70B 755C jne 0041A769
:0041A70D 391D48D64700 cmp dword ptr [0047D648], ebx
:0041A713 7554 jne 0041A769
:0041A715 391D8CDD4700 cmp dword ptr [0047DD8C], ebx
:0041A71B 754C jne 0041A769<==========addresse pour le jump en 0041A72F
* Possible Ref to Menu: WINZIPMENU, Item: "Voir DerniΦre Sortie..."
|
* Possible Reference to String Resource ID=00029: "Voir les rΘsultats de la derniΦre opΘration d'archivage"
|
:0041A71D 6A1D push 0000001D
:0041A71F E86CCE0300 call 00457590
:0041A724 59 pop ecx
:0041A725 8BC8 mov ecx, eax
:0041A727 894DEC mov dword ptr [ebp-14], ecx
:0041A72A 3BCB cmp ecx, ebx
:0041A72C 895DFC mov dword ptr [ebp-04], ebx
:0041A72F 7409 je 0041A73A<====j'ai remplacΘ le jne par jmp 0041A769 (EB38)
:0041A731 E856000000 call 0041A78C<==Calcul le nombre de jours d'utilisaion
si plus de 21 jours affiche message
date > 29.02.2000 affiche message
:0041A736 8BF0 mov esi, eax
:0041A738 EB02 jmp 0041A73C
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A72F(C)
|
:0041A73A 33F6 xor esi, esi
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A738(U)
|
:0041A73C 834DFCFF or dword ptr [ebp-04], FFFFFFFF
:0041A740 381E cmp byte ptr [esi], bl
:0041A742 7511 jne 0041A755<==saut si plus de 21 jours, > 29.02.2000
:0041A744 8BCE mov ecx, esi
:0041A746 E8AE010000 call 0041A8F9<==affiche le message de dΘmarrage avec
le dΘlai d'attente et le nombre de
jours d'utilisation
:0041A74B 6A01 push 00000001
:0041A74D 59 pop ecx
:0041A74E 3BC1 cmp eax, ecx
:0041A750 7503 jne 0041A755
:0041A752 884DF3 mov byte ptr [ebp-0D], cl
**************************************************************************************
**************************************************************************************
dΘtail du call 0041A78C en 0041A731
* Referenced by a CALL at Address:
|:0041A731
|
:0041A78C B8A8634600 mov eax, 004663A8
:0041A791 E8BAC30300 call 00456B50
:0041A796 81ECA4030000 sub esp, 000003A4
:0041A79C 53 push ebx
:0041A79D 56 push esi
:0041A79E 8BF1 mov esi, ecx
:0041A7A0 8D85A8FEFFFF lea eax, dword ptr [ebp+FEA8]
:0041A7A6 57 push edi
:0041A7A7 50 push eax
:0041A7A8 83661100 and dword ptr [esi+11], 00000000
:0041A7AC 802600 and byte ptr [esi], 00
:0041A7AF E82CBE0300 call 004565E0
:0041A7B4 59 pop ecx
:0041A7B5 8D857CFDFFFF lea eax, dword ptr [ebp+FD7C]
* Possible StringData Ref from Data Obj ->"winzip32.ini"
|
:0041A7BB 68400E4700 push 00470E40
:0041A7C0 682C010000 push 0000012C
:0041A7C5 50 push eax
:0041A7C6 6858934700 push 00479358
:0041A7CB BF748A4600 mov edi, 00468A74
* Possible StringData Ref from Data Obj ->"Date"
|
:0041A7D0 68B4ED4600 push 0046EDB4
:0041A7D5 57 push edi
:0041A7D6 E83A780100 call 00432015
:0041A7DB 83C418 add esp, 00000018
:0041A7DE 8D85A8FEFFFF lea eax, dword ptr [ebp+FEA8]
:0041A7E4 50 push eax
:0041A7E5 8D857CFDFFFF lea eax, dword ptr [ebp+FD7C]
:0041A7EB 50 push eax
:0041A7EC E86FBC0300 call 00456460
:0041A7F1 59 pop ecx
:0041A7F2 8BD8 mov ebx, eax
:0041A7F4 59 pop ecx
:0041A7F5 F7DB neg ebx
* Possible StringData Ref from Data Obj ->"winzip32.ini"
|
:0041A7F7 68400E4700 push 00470E40
:0041A7FC 6A00 push 00000000
:0041A7FE 1BDB sbb ebx, ebx
* Possible StringData Ref from Data Obj ->"Days"
|
:0041A800 68ACED4600 push 0046EDAC
:0041A805 57 push edi
:0041A806 F7DB neg ebx
:0041A808 E8FC790100 call 00432209
:0041A80D 83C410 add esp, 00000010
:0041A810 894609 mov dword ptr [esi+09], eax
:0041A813 84DB test bl, bl
:0041A815 744F je 0041A866<===========saute si le jour change
:0041A817 40 inc eax <==============incrΘmente de 1 le nbr de jour
:0041A818 84DB test bl, bl
:0041A81A 894609 mov dword ptr [esi+09], eax
:0041A81D 7447 je 0041A866
:0041A81F 50 push eax
:0041A820 8D8550FCFFFF lea eax, dword ptr [ebp+FC50]
* Possible StringData Ref from Data Obj ->"%u"
|
:0041A826 6870EB4600 push 0046EB70
:0041A82B 50 push eax
* Reference To: USER32.wsprintfA, Ord:0264h
|
:0041A82C FF1534844600 Call dword ptr [00468434]
:0041A832 83C40C add esp, 0000000C
* Possible StringData Ref from Data Obj ->"winzip32.ini"
|
:0041A835 BB400E4700 mov ebx, 00470E40
:0041A83A 8D8550FCFFFF lea eax, dword ptr [ebp+FC50]
:0041A840 53 push ebx
:0041A841 50 push eax
* Possible StringData Ref from Data Obj ->"Days"
|
:0041A842 68ACED4600 push 0046EDAC
:0041A847 57 push edi
:0041A848 E817840100 call 00432C64
:0041A84D 83C410 add esp, 00000010
:0041A850 8D85A8FEFFFF lea eax, dword ptr [ebp+FEA8]
:0041A856 53 push ebx
:0041A857 50 push eax
* Possible StringData Ref from Data Obj ->"Date"
|
:0041A858 68B4ED4600 push 0046EDB4
:0041A85D 57 push edi
:0041A85E E801840100 call 00432C64
:0041A863 83C410 add esp, 00000010
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0041A815(C), :0041A81D(C)
|
:0041A866 8B4609 mov eax, dword ptr [esi+09]
* Possible Ref to Menu: WINZIPMENU, Item: "Ouvrir Archive... Ctrl+O"
|
* Possible Reference to String Resource ID=00004: "Ouvrir une archive existante"
|
:0041A869 C7460D04000000 mov [esi+0D], 00000004
:0041A870 83F807 cmp eax, 00000007
:0041A873 7E06 jle 0041A87B<=============saute si nbr de jour>7
:0041A875 8D48FD lea ecx, dword ptr [eax-03]
:0041A878 894E0D mov dword ptr [esi+0D], ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A873(C)
|
:0041A87B 83F815 cmp eax, 00000015<========15h hexa = 21d dΘcimal
:0041A87E 7E0E jle 0041A88E<=============saute si le nbr de jour<21
:0041A880 6854AC4100 push 0041AC54
:0041A885 6A00 push 00000000
:0041A887 68BE230000 push 000023BE
:0041A88C EB34 jmp 0041A8C2
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A87E(C)
|
:0041A88E 8D4DD4 lea ecx, dword ptr [ebp-2C]
:0041A891 E8BF22FFFF call 0040CB55
:0041A896 8365FC00 and dword ptr [ebp-04], 00000000
:0041A89A 8D4DD4 lea ecx, dword ptr [ebp-2C]
:0041A89D E87027FFFF call 0040D012
:0041A8A2 8D45D4 lea eax, dword ptr [ebp-2C]
:0041A8A5 68D0E34700 push 0047E3D0
:0041A8AA 50 push eax
:0041A8AB E8632EFFFF call 0040D713
:0041A8B0 59 pop ecx
:0041A8B1 84C0 test al, al
:0041A8B3 59 pop ecx
:0041A8B4 741D je 0041A8D3<=============saute si la date<29.02.2000
:0041A8B6 6854AC4100 push 0041AC54
:0041A8BB 6A00 push 00000000
:0041A8BD 68C8230000 push 000023C8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A88C(U)
|
:0041A8C2 FF35A8A14700 push dword ptr [0047A1A8]
:0041A8C8 E867DF0000 call 00428834<==========affiche message:
-pΘriode d'Θvaluation expirΘe
-pas aprΦs le 29.02.2000
:0041A8CD 83C410 add esp, 00000010
:0041A8D0 C60601 mov byte ptr [esi], 01
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A8B4(C)
|
:0041A8D3 8B4DF4 mov ecx, dword ptr [ebp-0C]
:0041A8D6 8BC6 mov eax, esi
:0041A8D8 5F pop edi
:0041A8D9 5E pop esi
:0041A8DA 64890D00000000 mov dword ptr fs:[00000000], ecx
:0041A8E1 5B pop ebx
:0041A8E2 C9 leave
:0041A8E3 C3 ret
**************************************************************************************
**************************************************************************************
pour utiliser WinZip sans restriction de date j'ai remplacΘ en 0041A72F
89 4D EC 3B CB 89 5D FC 74 09<==remplacΘ
89 4D EC 3B CB 89 5D FC EB 38<==par
Maintenant c'est bon... mais le programme affiche toujours non enregistrΘ dans la barre
de titre et dans le "A Propos de WinZip..."
recherche du texte dans W32Dasm "non enre":
-La c'est le texte affichΘ dans la barre du titre
:00403DC1 E8323D0000 call 00407AF8
:00403DC6 85C0 test eax, eax
:00403DC8 7531 jne 00403DFB
:00403DCA E86CEEFFFF call 00402C3B
:00403DCF 85C0 test eax, eax
:00403DD1 7428 je 00403DFB<=====remplacΘ par jmp 00403DFB (EB28)
* Possible StringData Ref from Data Obj ->" (Non enregistr"
|
:00403DD3 BFA0F24600 mov edi, 0046F2A0
:00403DD8 57 push edi
:00403DD9 E882270500 call 00456560
:00403DDE 83F811 cmp eax, 00000011
:00403DE1 59 pop ecx
:00403DE2 7406 je 00403DEA
:00403DE4 891D84BA4700 mov dword ptr [0047BA84], ebx
E8 6C EE FF FF 85 C0 74 28<==remplacΘ
E8 6C EE FF FF 85 C0 EB 28<==par
-La c'est le texte affichΘ dans la boite "A Propos de WinZip..."
:00401775 E8C1140000 call 00402C3B
:0040177A 85C0 test eax, eax
:0040177C 7437 je 004017B5
:0040177E E875630000 call 00407AF8
:00401783 85C0 test eax, eax
:00401785 752E jne 004017B5<=====remplacΘ par jmp 004017B5 (EB2E)
* Possible StringData Ref from Data Obj ->"Cette version est non enregistr"
|
:00401787 6820ED4600 push 0046ED20
:0040178C 68C1020000 push 000002C1
:00401791 53 push ebx
:00401792 FFD6 call esi
E8 75 63 00 00 85 C0 75 2E<==remplacΘ
E8 75 63 00 00 85 C0 EB 2E<==par
**************************************************************************************
**************************************************************************************
Voilα ma mΘthode pour WinZip mais j'ai encore des questions:
:0041A705 391DACB24700 cmp dword ptr [0047B2AC], ebx
:0041A70B 755C jne 0041A769
:0041A70D 391D48D64700 cmp dword ptr [0047D648], ebx
:0041A713 7554 jne 0041A769
:0041A715 391D8CDD4700 cmp dword ptr [0047DD8C], ebx
:0041A71B 754C jne 0041A769
-que fait ce code avant le test de la date (voir plus haut)?
-ou est enregistrΘ le dΘcompte des jours (base de registre,Winzip32.ini...)?
-pourquoi le mardi 29 fΘvrier 2000?
:0041A869 C7460D04000000 mov [esi+0D], 00000004
:0041A870 83F807 cmp eax, 00000007
:0041A873 7E06 jle 0041A87B<=============saute si nbr de jour>7 ?
-est-il possible de "dΘclarer" le programme comme enregistrΘ?
�
