菜鸟破解pdf2word3.0.docVIP

菜鸟破解pdf2word3.0（高手飘过） 1．下载pdf2word最新版（到官网下载）2．PEiD查壳upx的壳，用UpxUnpacker.exe ver0.3脱之3. 用OD载入脱壳后的程序，F9试运行，输入Email：pediy，序列号：123456然后下GetWindowTextA断点，点OK运行程序，程序被OD断下，ALT + F9返回，代码如下 代码: 004066A1 . 68 F0617F00 push pdf2word.007F61F0 ; ASCII 123456 004066A6 . E8 95F8FFFF call pdf2word.00405F40 004066AB . 83C4 04 add esp,0x4 004066AE . 85C0 test eax,eax 004066B0 . 74 44 je short pdf2word.004066F6 004066B2 . 6A 40 push 0x40 ; /Style = MB_OK|MB_ICONASTERISK|MB_APPLMODAL 004066B4 . 68 B42A5E00 push pdf2word.005E2AB4 ; |Title = Thank you. 004066B9 . 68 882A5E00 push pdf2word.005E2A88 ; |Text = Thank you registered VeryPDF PDF2Word v3.0. 004066BE . 56 push esi ; |hOwner 004066BF . FF15 00865B00 call dword ptr ds:[USER32.MessageBoxA; \MessageBoxA 上图红色部分即为关键call，F7跟进 00405F40 /$ 83EC 18 sub esp,0x18 00405F43 |. 83C9 FF or ecx,-0x1 00405F46 |. 33C0 xor eax,eax 00405F48 |. 53 push ebx 00405F49 |. 56 push esi 00405F4A |. 8B7424 24 mov esi,dword ptr ss:[esp+0x24] 00405F4E |. 57 push edi 00405F4F |. 8BFE mov edi,esi 00405F51 |. F2:AE repne scas byte ptr es:[edi] 00405F53 |. F7D1 not ecx 00405F55 |. 49 dec ecx 00405F56 |. 83F9 14 cmp ecx,0x14 00405F59 |. 74 07 je short pdf2word.00405F62 00405F5B |. 5F pop edi 00405F5C |. 5E pop esi 00405F5D |. 5B pop ebx 00405F5E |. 83C4 18 add esp,0x18 00405F61 |. C3 retn 00405F62 | 8A06 mov al,byte ptr ds:[esi] 00405F64 |. 8A4E 01 mov cl,byte ptr ds:[esi+0x1] 00405F67 |. 8D5424 0C lea edx,dword ptr ss:[esp+0xC] 00405F6B |. 32DB xor bl,bl 00405F6D |. 52 push edx 00405F6E |. 884424 1C mov byte ptr ss: