易游特征码:userlogin checkuserStatus
飘零通杀:cmp dword ptr ds:[ebx],0x1
可可通杀:55 8B EC 81 EC 18 00 00 00
飘零4.0特征码:83 C4 04 8B 5D F4 53 8B 0B 83 C3 04 85 C9 74 11 8B 03 83 C3 04 49 74 05 0F AF 03 EB F5 8B C8 85 C9 0F 84 19 00 00 00 51 8B 03 85 C0 74 0B 53 50
修改:58 8B D8 83 C3 1C C7 03 01 00 00 00 8B E5 5D C3
可可第一个验证:83C404837DEC00
二次验证:83C404837DF400
退出验证
C3 CC CC CC 55 8B EC 8B 45 08 50
易游通杀:
53 8B C1 56 8D 70 01 8A 10 40 84 D2
00402358
某某验证通杀特征码:
55 8B EC 81 EC F8 00 00 00
注册宝高级API特征码:8B5424048B4C240885D2
B8 00 00 00 00 C3 90 90
8B 54 24 40 8B 4C 24 80
通杀特征码83C404837DE0000F84????????C745FC000000006A008D45FC50E8????????8945F88B5DFC85DB
837DE0000F84B7000000C745FC
837DF8010F8544000000
可可9.5形式通杀特征码:55 8B EC 81 EC 34 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 00 00 00 00 8B 5D 08 8B 03 85 C0 74 15
补码特征码:8B 54 24 04 8B 4C 24 08 85 D2
MD5:F7 C2 03 00 00 00
VB:
816C24
Delphi:
740E8BD38B83????????FF93????????
MFC:
sub eax,0a
VC++:
sub eax,0a
易语言:
FF 55 FC 5F 5E或(e-debug)
万能断点:
F3A58BC883E103F3A4E8
飘零云:
55 8B EC 81 EC 84 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 00 00 00 00 C7 45 F4 00 00 00 00 C7 45
F0 00 00 00 00 C7 45 EC 00 00 00 00 C7 45 E8 00 00 00 00
蓝屏防御特征码:
55 8B EC 81 EC 14 00 00 00 68 0C 00 00 00
蓝屏保护特征码:
55 8B EC BB 06 00 00 00
蓝屏特征码(断首retn)
飘零金盾1.5
55 8B EC BB 06 00 00 00
飘零金盾2.0
55 8B EC EB 10 56 4D 50 72 6F 74 65 63 74 20 62 65 67 69 6E 00 BB 06 00 00 00
飘零一般无VM通用
0F 84 ?? ?? ?? ?? E8 ?? ?? ?? ?? EB ??
飘零3.0
55 8B EC EB 10 56 4D 50 72 6F 74 65 63 74 20 62 65 67 69 6E 00 BB 06 00 00 00
飘零商业版3.5(爆破特征码,先搜到期时间,retn,再搜特征码 mov eax,1 retn)
无VM
55 8B EC 81 EC 18 00 00 00 C7 45 FC 00 00 00 00 C7 45 F8 00 00 00 00 C7 45 F4 00 00 00 00
有VM
B8 01 00 00 00 55 8B EC 83 EC 18 C7 45 FC 00 00 00 00 C7 45 F8 00 00 00 00 C7 45 F4 00 00 00 00
雷音(NOP)
75D2
飘零2.8(断首修改 mov eax,1 retn)
push ebp
mov ebp,esp
sub esp,0x38
mov dword ptr ss:[ebp-0x4],0x0
mov dword ptr ss:[ebp-0x8],0x0
mov dword ptr ss:[ebp-0xC],0x0
mov dword ptr ss:[ebp-0x10],0x0
可可V8(断首修改 mov eax,0 retn)
ks_CheckKeyE: 55 8B EC 81 EC CC 00 00 00 C7 45 FC 00 00 00 00 68 0C 00 00 00
取签名数据: 55 8B EC 81 EC 10 00 00 00 68 08 00 00 00
可可V9(断首修改 mov eax,64 retn)
ks_CheckKeyE: 55 8B EC 81 EC 10 00 00 00 68 08 00 00 00
取签名数据: 75 FB FF E6 55 8B EC 88 00 00 00
退出验证: 55 8B EC 8B 45 08 50
558BEC81ECCC000000C745FC00000000680C000000 第一段登入验证
558BEC81EC100000006808000000 第二段登入验证
558BEC8B450850
LOLLastHit(搜索INVALID VIP ACCOUNT OR PASSWORD,来到断首,修改JMPXXXXXX(004A6902)搜索LOGIN TO YOUR VIP ACCOUNT TO ACTIVATE THE TOOL,下断,运行修改为JMP)
4\n9999/11/11 11:11:11\n0 转换为16进制
004A6902 C681 B8000000 3>mov byte ptr ds:[ecx+0xB8],0x34
004A6909 C681 B9000000 0>mov byte ptr ds:[ecx+0xB9],0xA
004A6910 C681 BA000000 3>mov byte ptr ds:[ecx+0xBA],0x39
004A6917 C681 BB000000 3>mov byte ptr ds:[ecx+0xBB],0x39
004A691E C681 BC000000 3>mov byte ptr ds:[ecx+0xBC],0x39
004A6925 C681 BD000000 3>mov byte ptr ds:[ecx+0xBD],0x39
004A692C C681 BE000000 2>mov byte ptr ds:[ecx+0xBE],0x2F
004A6933 C681 BF000000 3>mov byte ptr ds:[ecx+0xBF],0x31
004A693A C681 C0000000 3>mov byte ptr ds:[ecx+0xC0],0x31
004A6941 C681 C1000000 2>mov byte ptr ds:[ecx+0xC1],0x27
004A6948 C681 C2000000 3>mov byte ptr ds:[ecx+0xC2],0x31
004A694F C681 C3000000 3>mov byte ptr ds:[ecx+0xC3],0x31
004A6956 C681 C4000000 2>mov byte ptr ds:[ecx+0xC4],0x20
004A695D C681 C5000000 3>mov byte ptr ds:[ecx+0xC5],0x31
004A6964 C681 C6000000 3>mov byte ptr ds:[ecx+0xC6],0x31
004A696B C681 C7000000 3>mov byte ptr ds:[ecx+0xC7],0x3A
004A6972 C681 C8000000 3>mov byte ptr ds:[ecx+0xC8],0x31
004A6979 C681 C9000000 3>mov byte ptr ds:[ecx+0xC9],0x31
004A6980 C681 CA000000 3>mov byte ptr ds:[ecx+0xCA],0x3A
004A6987 C681 CB000000 3>mov byte ptr ds:[ecx+0xCB],0x31
004A698E C681 CC000000 3>mov byte ptr ds:[ecx+0xCC],0x31
004A6995 C681 CD000000 3>mov byte ptr ds:[ecx+0xCD],0x3A
004A699C C681 CE000000 3>mov byte ptr ds:[ecx+0xCE],0x30
004A69A3 55 push ebp
004A69A4 8BEC mov ebp,esp
004A69A6 6A FF push -0x1
004A69A8 ^ E9 D8C9F5FF jmp LOLLastH.00403385
004A69AD 90 nop
飘零时间漏洞
送时间 = 飘零_查询 (“admin”, “pass”, “use='” + 编辑框_注册QQ.内容 + “'”)
飘零改密漏洞
判断 (飘零是否存在 (“admin”, “use='” + 编辑框_改密账号.内容 + “'”) = 假)
PUS恒大法(直接查找,CTRL+L,在FF55FC5F5E处下断,跟随,retn)
68 ?? ?? ?? 52
DNF界神特征(84改85,退出验证)
0F847B0000008D45F850
0F84FE000000DB45FC
金盾秒杀(每处都下断,mov eax,1 retn)
mov eax,dword ptr ss:[esp+0xC]
mov ecx,dword ptr ss:[esp+0x8]
mov edx,dword ptr ss:[esp+0x4]
push 0x0
push eax
push ecx
push edx
秒金盾
code:
83 C4 04 58 8B E5 5D C3 55 8B EC 81 EC 18 00 00 00 C7 45 FC 00 00 00 00
pop:
52 69 67 68 74 2C B5 C7 C2 BD B3 C9 B9 A6 2C B5 BD C6 DA CA B1 BC E4 CE AA 3A 32 30 31 33 2F 31
31 2F 31 39 20 31 37 3A 35 38 3A 32 34
80网络验证 1.1死码
83C404588BE55DC20800558BEC
连接密码等密钥:8BE55DC3558BEC81EC34000000C745FC00000000C745F800000000C745F400000000
私密一系列:83C404588BE55DC20400558BEC81EC0C000000C745FC000000008B5D08FF33
静态数据:83C404588BE55DC3558BEC81EC
爆破点:
code:8BE55DC3558BEC81EC14000000
pop:52696768742CB5C7C2BDB3C9B9A62CB5BDC6DACAB1BCE4CEAA3A323032302F30322F30322031373A35383A3234
飘零二次效验:5B5F5EC3558BEC81EC0C000000
通杀所有金盾:ADABADABC745F400000000C745F800000000C745F000000000
只有这么多论坛的工具包里面特征码就有了还有的是论坛弄的希望对楼主有帮助 |