| yksoft1 |
2007-02-11 00:04 |
用WinHex或者UltraEdit-32打开Vista下安装的QQ2007Beta1目录的LoginCtrl.dll,找到代码"FF0673186A10",将其中的73改为EB即可。
实际是将如下代码:
(以上省略)
* Reference To: KERNEL32.GetVersionExA, Ord:0175h
|
:10012146 FF15C0B00110 Call dword ptr [1001B0C0]
:1001214C 8D4DF0 lea ecx, dword ptr [ebp-10] '调用GetVersionExA得到系统版本
* Reference To: MFC42.Ordinal:021C, Ord:021Ch
|
:1001214F E8FE430000 Call 10016552
:10012154 33DB xor ebx, ebx
:10012156 68AF0B0000 push 00000BAF
:1001215B 8D4DF0 lea ecx, dword ptr [ebp-10]
:1001215E 895DFC mov dword ptr [ebp-04], ebx
* Reference To: MFC42.Ordinal:1040, Ord:1040h
|
:10012161 E83A440000 Call 100165A0
:10012166 83BD60FFFFFF06 cmp dword ptr [ebp+FFFFFF60], 00000006 '主版本号是6?
:1001216D 7318 jnb 10012187 '是则跳
:1001216F 6A10 push 00000010
:10012171 6828490210 push 10024928
:10012176 FF75F0 push [ebp-10]
:10012179 53 push ebx
* Reference To: USER32.MessageBoxA, Ord:01BEh
|
:1001217A FF15F0B70110 Call dword ptr [1001B7F0]
:10012180 53 push ebx ‘弹出“文件损坏"警告
* Reference To: KERNEL32.ExitProcess, Ord:007Dh
|
:10012181 FF15C4B00110 Call dword ptr [1001B0C4] '退出
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:1001216D(C)
|
* Reference To: MFC42.Ordinal:0490, Ord:0490h
|
:10012187 E87A440000 Call 10016606 '进入登陆对话框过程
:1001218C 8B400C mov eax, dword ptr [eax+0C]
:1001218F 53 push ebx
:10012190 6A10 push 00000010
:10012192 6A10 push 00000010
:10012194 6A01 push 00000001
:10012196 68C33E0000 push 00003EC3
:1001219B 50 push eax
(以下省略)
这一修改实际上是把
:1001216D 7318 jnb 10012187 '是则跳
改成了
:1001216D EB18 jmp 10012187 '直接跳
,这样则绕过了检测出系统是XP之后的退出程序的过程,直接进入登录画面
这一修改在QQ升级后便会无效。但是破解法应该差不多。 |
|