00435BDB /$ 55 push ebp
00435BDC |. 8BEC mov ebp, esp
00435BDE |. 81EC DC000000 sub esp, 0DC
00435BE4 |. 57 push edi
00435BE5 |. 8B7D 08 mov edi, dword ptr [ebp+8]
00435BE8 |. 837F 26 09 cmp dword ptr [edi+26], 9 ; UDA是否已绑定标志
00435BEC |. 74 07 je short 00435BF5
00435BEE |. B8 33750000 mov eax, 7533
00435BF3 |. EB 41 jmp short 00435C36
00435BF5 |> 56 push esi
00435BF6 |. BE DA000000 mov esi, 0DA
00435BFB |. 56 push esi
00435BFC |. 8D85 24FFFFFF lea eax, dword ptr [ebp-DC]
00435C02 |. 57 push edi
00435C03 |. 50 push eax
00435C04 |. E8 AFFFFFFF call 00435BB8
00435C09 |. 83C4 0C add esp, 0C
00435C0C |. 83BF CA000000>cmp dword ptr [edi+CA], 55
00435C13 |. 74 09 je short 00435C1E
00435C15 |. 57 push edi
00435C16 |. E8 1E000000 call 00435C39
00435C1B |. 59 pop ecx
00435C1C |. EB 17 jmp short 00435C35
00435C1E |> 8D85 24FFFFFF lea eax, dword ptr [ebp-DC]
00435C24 |. 56 push esi
00435C25 |. 50 push eax
00435C26 |. 57 push edi
00435C27 |. E8 8CFFFFFF call 00435BB8
00435C2C |. 57 push edi
00435C2D |. E8 19270000 call 0043834B ; 操作狗过程在里面
00435C32 |. 83C4 10 add esp, 10
00435C35 |> 5E pop esi
00435C36 |> 5F pop edi
00435C37 |. C9 leave
00435C38 \. C3 retn
------------------------------------------------------------------------------------------
0043834B /$ 55 push ebp
0043834C |. 8BEC mov ebp, esp
0043834E |. 81EC EC010000 sub esp, 1EC
00438354 |. 56 push esi
00438355 |. 8B75 08 mov esi, dword ptr [ebp+8]
00438358 |. 57 push edi
00438359 |. 68 DA000000 push 0DA
0043835E |. 8D85 14FEFFFF lea eax, dword ptr [ebp-1EC]
00438364 |. 56 push esi
00438365 |. 50 push eax
00438366 |. E8 4DD8FFFF call 00435BB8
0043836B |. 83C4 0C add esp, 0C
0043836E |. 833D 107D4A00>cmp dword ptr [4A7D10], 1
00438375 |. 6A 02 push 2
00438377 |. 5F pop edi
00438378 |. 75 17 jnz short 00438391
0043837A |. 8D85 14FEFFFF lea eax, dword ptr [ebp-1EC]
00438380 |. 50 push eax
00438381 |. E8 D50E0000 call 0043925B ; 这里很多花头,大概是绑定验证
00438386 |. 85C0 test eax, eax
00438388 |. 59 pop ecx
00438389 |. 75 7F jnz short 0043840A
0043838B |. 893D 107D4A00 mov dword ptr [4A7D10], edi
00438391 |> 8D85 70FFFFFF lea eax, dword ptr [ebp-90]
00438397 |. 50 push eax ; lpinbuffer
00438398 |. 56 push esi
00438399 |. E8 70000000 call 0043840E ; 进去UDA加密,对inbuffer进行加密
0043839E |. 59 pop ecx
0043839F |. 59 pop ecx
004383A0 |. E8 1AD9FFFF call 00435CBF ; 这个Call要返回值为7
004383A5 |. 83E8 05 sub eax, 5 ; Switch (cases 5..7)
004383A8 |. 74 14 je short 004383BE
004383AA |. 48 dec eax
004383AB |. 74 0A je short 004383B7
004383AD |. 48 dec eax
004383AE |. 74 0E je short 004383BE
004383B0 |. B8 31750000 mov eax, 7531 ; Default case of switch 004383A5
004383B5 |. EB 53 jmp short 0043840A
004383B7 |> B8 33750000 mov eax, 7533 ; Case 6 of switch 004383A5
004383BC |. EB 4C jmp short 0043840A
004383BE |> 8D85 F0FEFFFF lea eax, dword ptr [ebp-110] ; Cases 5,7 of switch 004383A5
004383C4 |. 56 push esi
004383C5 |. 50 push eax
004383C6 |. 8D85 70FFFFFF lea eax, dword ptr [ebp-90]
004383CC |. 50 push eax ; 加密后的InBuffer数据
004383CD |. E8 F1070000 call 00438BC3 ; 有狗操作,解码过程也在里面
004383D2 |. 83C4 0C add esp, 0C
004383D5 |. 3D 374E0000 cmp eax, 4E37
004383DA |. 75 2E jnz short 0043840A
004383DC |. 8D85 14FEFFFF lea eax, dword ptr [ebp-1EC]
004383E2 |. 50 push eax
004383E3 |. E8 730E0000 call 0043925B
004383E8 |. 85C0 test eax, eax
004383EA |. 59 pop ecx
004383EB |. 75 1D jnz short 0043840A
004383ED |. 8D85 F0FEFFFF lea eax, dword ptr [ebp-110]
004383F3 |. 56 push esi
004383F4 |. 50 push eax
004383F5 |. 8D85 70FFFFFF lea eax, dword ptr [ebp-90]
004383FB |. 50 push eax
004383FC |. 893D 107D4A00 mov dword ptr [4A7D10], edi
00438402 |. E8 BC070000 call 00438BC3
00438407 |. 83C4 0C add esp, 0C
0043840A |> 5F pop edi
0043840B |. 5E pop esi
0043840C |. C9 leave
0043840D \. C3 retn
-------------------------------------------------------------------------------------
0043925B /$ 55 push ebp ; 很多花头的那个CALL函数
0043925C |. 8BEC mov ebp, esp
0043925E |. 81EC 00030000 sub esp, 300
00439264 |. 53 push ebx
00439265 |. 56 push esi
00439266 |. 57 push edi
00439267 |. 6A 18 push 18
00439269 |. 33DB xor ebx, ebx
0043926B |. 59 pop ecx
0043926C |. 33C0 xor eax, eax
0043926E |. 8DBD 81FEFFFF lea edi, dword ptr [ebp-17F]
00439274 |. 889D 80FEFFFF mov byte ptr [ebp-180], bl
0043927A |. 885D C0 mov byte ptr [ebp-40], bl
0043927D |. F3:AB rep stos dword ptr es:[edi]
0043927F |. 66:AB stos word ptr es:[edi]
00439281 |. AA stos byte ptr es:[edi]
00439282 |. 33C0 xor eax, eax
00439284 |. 8D7D C1 lea edi, dword ptr [ebp-3F]
00439287 |. AB stos dword ptr es:[edi]
00439288 |. AB stos dword ptr es:[edi]
00439289 |. AB stos dword ptr es:[edi]
0043928A |. 66:AB stos word ptr es:[edi]
0043928C |. AA stos byte ptr es:[edi]
0043928D |. 33C0 xor eax, eax
0043928F |. 8D7D F1 lea edi, dword ptr [ebp-F]
00439292 |. 885D F0 mov byte ptr [ebp-10], bl
00439295 |. 885D E0 mov byte ptr [ebp-20], bl
00439298 |. AB stos dword ptr es:[edi]
00439299 |. AB stos dword ptr es:[edi]
0043929A |. AB stos dword ptr es:[edi]
0043929B |. 66:AB stos word ptr es:[edi]
0043929D |. AA stos byte ptr es:[edi]
0043929E |. 33C0 xor eax, eax
004392A0 |. 8D7D E1 lea edi, dword ptr [ebp-1F]
004392A3 |. AB stos dword ptr es:[edi]
004392A4 |. AB stos dword ptr es:[edi]
004392A5 |. AB stos dword ptr es:[edi]
004392A6 |. 66:AB stos word ptr es:[edi]
004392A8 |. AA stos byte ptr es:[edi]
004392A9 |. 33C0 xor eax, eax
004392AB |. 8D7D D1 lea edi, dword ptr [ebp-2F]
004392AE |. 885D D0 mov byte ptr [ebp-30], bl
004392B1 |. 68 DA000000 push
真正的软件狗硬复制最新版
5星 · 超过95%的资源 需积分: 50 33 浏览量
2017-07-17
12:00:54
上传
评论 7
收藏 5.88MB RAR 举报 
真正的软件狗硬复制最新版.rar (17个子文件) 
绑定编辑工具制作.txt 414B
数据修改工具 微狗 
DogEdt32 v3.3版.rar 1.07MB DogEdt32 v4.0版.rar 1.15MB DogEdt32 v3.4版.rar 869KB UDA软件狗 
DogEdt32.exe 2.3MB 软件狗开发套件v3.1-官方驱动程序.zip.rar 426KB UDA硬复制.exe 1.34MB 分析文档 
OD断点.JPG 328KB 写结构.JPG 333KB 对代理商工具的UDA_OD过程.txt 22KB 读结构.JPG 305KB
代理商工具中的 软件狗 核心操作部份.doc 45KB 命令字说明.txt 262B 构造的内存结构.txt 2KB 远程CALL与A1值.jpg 587KB DogCheck结构.jpg 247KB 代理商驱动.exe 804KB资源评论
lihuawu20072017-10-12下载一个试试,先谢过
fsansy2018-07-17谢谢奉献!我这里试了一下,没成功,估计分加密
danxiaogui0082017-09-12下载一个试试,先谢过
valley_rain
- 粉丝: 4
- 资源: 3
