VB加壳脱壳程序源码

本文由nbdsb123456贡献最全的脱壳，反编译，汇编工具集合破解工具下载连接1 调试工具Ollydbg V1.10 正式汉化修改版+最新最全插件2.02mSmartCheck V6.20 20.54MCompuware SoftICE V4.3.1 精简版10.57MCompuware (SoftICE) Driver Studio V3.1 完全版176.52MTRW2000 V1.22 汉化修改版+全部最新插件1.47Mforwin9X动态破解VB P-code程序的工具WKTVBDebugger1.4e2 反汇编工具W32Dasm是一个静态反汇编工具，也是破解人常用的工具之一，它也被比作破解人的屠龙刀。

W32Dasm10.0修改版是经Killer在W32Dasm8.93基础上修改的，修改后的W32Dasm功能更强大，能完美显示中文字符串及VB程序，内含16进制编辑器，破解修改软件更容易，真可谓是反汇编极品！W32Dasm V10.0 汉化增强版419 KB反汇编工具老大，功能大大的胜过了w32dasm。

学习加解密的朋友不可错过。

即使不用你也要收藏一份。

：）IDA Pro Standard V4.60.785 零售版 + Flair + SDK33.08 MBC32Asm是集反汇编、16进制工具、Hiew修改功能与一体的新工具。

强烈推荐！C32Asm V0.4.12 1.97 MBC32Asm V0.4.12 破解补丁 650 KB3 反编译工具DelphiDeDe3.50.04 Fix增强版5.3 MB4 PE相关工具PE编辑工具Stud_PE1.8 PE工具，用来学习PE格式十分方便。

/tools/PE_tools/Editor/stdupe/Stud_PE1.8.zipProcDump32v1.6.2 FINAL Windows下的脱壳工具并可进行PE编辑。

可惜不更新了，己过时，现阶段一般只用来作为PE编辑工具使用。

例1-1Private Sub CommandButton1_Click()Dim textPoint(0 To 2) As Double '声明文字插入点Dim textHeight As Double '声明文字高度Dim textStr As String '声明字符串Dim textObject As AcadText '声明文字对象textPoint(0) = 20 '设置插入点的X坐标textPoint(1) = 40 '设置插入点的Y坐标textPoint(2) = 0 '设置插入点的Z坐标textHeight = 10 '设置文字高度为10textStr = "AutoCAD ActiveX/VBA" '设置字符串Set textObject = ThisDrawing.ModelSpace.AddText(textStr, textPoint, textHeight)'创建text对象ThisDrawing.Application.ZoomExtents '根据实际范围计算缩放textObject.Update '更新显示图形对象End SubPrivate Sub_CommandButton_Click()UnloadMe '卸载窗体End '结束应用程序End Sub例4—1：将AutoCAD应用程序窗口放在屏幕的左上角，并将其大小调整为宽400像素、高400像素。

okSub Ch4_PositionApplicationWindow()ThisDrawing.Application.WindowTop = 0ThisDrawing.Application.WindowLeft = 0ThisDrawing.Application.Width = 400ThisDrawing.Application.Height = 400End Sub例4—2：最大化应用程序窗口。

壳,加壳,脱壳,介绍壳的一些基本常识免杀入门 2009-08-06 16:58 阅读7 评论0 字号：大大中中小小在一些计算机软件里也有一段专门负责保护软件不被非法修改或反编译的程序。

它们一般都是先于程序运行，拿到控制权，然后完成它们保护软件的任务。

就像动植物的壳一般都是在身体外面一样理所当然（但后来也出现了所谓的“壳中带籽”的壳）。

由于这段程序和自然界的壳在功能上有很多相同的地方，基于命名的规则，大家就把这样的程序称为“壳”了。

就像计算机病毒和自然界的病毒一样，其实都是命名上的方法罢了。

从功能上抽象，软件的壳和自然界中的壳相差无几。

无非是保护、隐蔽壳内的东西。

而从技术的角度出发，壳是一段执行于原始程序前的代码。

原始程序的代码在加壳的过程中可能被压缩、加密……。

当加壳后的文件执行时，壳－这段代码先于原始程序运行，他把压缩、加密后的代码还原成原始程序代码，然后再把执行权交还给原始代码。

软件的壳分为加密壳、压缩壳、伪装壳、多层壳等类，目的都是为了隐藏程序真正的OEP（入口点，防止被破解）。

关于“壳”以及相关软件的发展历史请参阅吴先生的《一切从“壳”开始》。

（一）壳的概念作者编好软件后，编译成exe可执行文件。

1.有一些版权信息需要保护起来，不想让别人随便改动，如作者的姓名，即为了保护软件不被破解，通常都是采用加壳来进行保护。

2.需要把程序搞的小一点，从而方便使用。

于是，需要用到一些软件，它们能将exe可执行文件压缩，3.在黑客界给木马等软件加壳脱壳以躲避杀毒软件。

实现上述功能，这些软件称为加壳软件。

（二）加壳软件最常见的加壳软件ASPACK ，UPX，PEcompact 不常用的加壳软件WWPACK32；PE-PACK ；PETITE NEOLITE （三）侦测壳和软件所用编写语言的软件因为脱壳之前要查他的壳的类型。

1.侦测壳的软件fileinfo.exe 简称fi.exe（侦测壳的能力极强）。

2.侦测壳和软件所用编写语言的软件language.exe（两个功能合为一体，很棒），推荐language2000中文版（专门检测加壳类型）。

vb编程代码大全Visual Basic (VB) 是一种广泛用于软件开发的高级编程语言，可以用于开发 Windows 应用程序、Web 应用程序、数据库应用程序等。

在本文中，将介绍一些常用的 VB 编程代码，帮助初学者快速入门和提高编程水平。

一、基本数据类型1. 整型数据在 VB 中，整型数据可以使用 Integer 类型表示，范围为 -32,768 到32,767。

定义整型变量的代码如下：```Dim num As Integernum = 10```2. 浮点数据浮点数据可以使用 Single 或 Double 类型表示，分别表示单精度浮点数和双精度浮点数。

定义浮点变量的代码如下：```Dim num As Singlenum = 3.143. 字符串数据字符串数据可以使用 String 类型表示，可以存储文本数据。

定义字符串变量的代码如下：```Dim str As Stringstr = "Hello, World!"```二、控制流程1. If...Then...Else 语句If...Then...Else 语句用于根据条件执行不同的代码块。

例如：```Dim num As Integernum = 10If num > 0 ThenMsgBox("Num is positive.")ElseMsgBox("Num is negative.")End If2. For 循环For 循环用于重复执行一段代码。

例如：```For i = 1 To 10MsgBox(i)Next i```3. Do While 循环Do While 循环在满足条件时执行代码块。

例如：```Dim i As Integeri = 1Do While i <= 10MsgBox(i)i = i + 1Loop```三、数组1. 一维数组一维数组在 VB 中用于存储相同类型的多个元素。

哈哈哈20道编程代码1.1000以内的全部完数Private Sub Command1_Click()Dim n As IntegerDim i As IntegerDim s As LongFor n = 1 To 1000s = 1For i = 2 To n - 1If n Mod i = 0 Then s = s + iNext iIf s = n ThenText1 = Text1 & n & " "If k Mod 5 = 0 Then Text1 = Text1 & vbCrLfEnd IfNext nEnd SubPrivate Sub Command2_Click()EndEnd Sub2.百元买百鸡Private Sub Command1_Click()Dim i As IntegerDim j As IntegerFor i = 0 To 20For j = 0 To 33If 5 * i + 3 * j + (100 - i - j) * 1 / 3 = 100 ThenText1 = Text1 & "买" & CStr(i) & "只公鸡" & CStr(j) & "只母鸡" & CStr(100 - i - j) & "只小鸡"Text1 = Text1 & Chr(13) & Chr(10)End IfNext jNext iEnd SubPrivate Sub Command2_Click()EndEnd Sub3.不靠边元素和Private Sub Command1_Click()ClsRandomizeDim a(5, 5) As Integer, s%For i = 0 To 5For j = 0 To 5a(i, j) = Int(Rnd * 9)Print a(i, j) & ",";Sum = Sum + a(i, j)Next jPrintNext ik = SumSum = 0For i = 0 To 5Sum = Sum + a(i, 0) + a(i, 5) + a(0, i) + a(5, i) Next iSum = Sum - a(0, 0) - a(5, 0) - a(5, 5) - a(0, 5) Text1 = k - SumEnd SubPrivate Sub Command2_Click()EndEnd Sub4.递归函数求斐波拉契数列Option ExplicitPrivate Sub Command1_Click()Dim a1, a2, b As IntegerDim i, n As Integern = InputBox("显示数列的前N项")a1 = 1For i = 1 To nb = a1 + a2Text1.SelText = b & " "a1 = a2a2 = bNext iEnd SubPrivate Sub Command2_Click() EndEnd Sub5.各位数之和Private Sub Command1_Click() Dim i As StringDim j%Dim s%i = Text1For j = 1 To Len(i)st = Mid(i, j, 1)s = s + Val(st)Next jText2 = sEnd SubPrivate Sub Command2_Click() EndEnd Sub6.回文数Private Sub Command1_Click() Dim x$, y$, c$, i%x = Text1For i = 1 To Len(x)c = Mid(x, i, 1)y = c + yNext iIf y = x ThenText2 = "x是回文数"ElseText2 = "x不是回文数"End IfEnd Sub。

Armadillo标准加壳的程序的脱壳和引入表修复方案作者：jwh51 来源：看雪论坛加入时间：2003-6-14用过ARMADILLO的人都知道,用它加壳有两种方式,一是使用COPY MEMII,一是标准加壳.用COPY MEMII 的一般可用DILLODUMP脱(当然也有时脱不了),而用标准加壳用DILLODUMP是脱不了的,这是DILLODUMP中的说明,我们来看看:NOTE: This only really works on programs that are at least protected to some extent.For example, it will not work on "Standard Protection" aramadillo files, which isn'ta big deal, because for those you do not need to have any "advanced" tools to dump. I planon released a "lite" version to support those files soon..本人E文很菜,只能了解大意,是说标准加壳的脱壳比较简单,不需用工具.但是对我等菜来说,还是要用工具的好,不过既然现在还没有,还是手脱吧.脱壳目标:SoundEdit pro v1.30.634,5月29日更新.下载:/getit.asp?pid=6&server=/programs/sep13.exe加壳程序:Armadillo v3.00a工具:OLLYDBG,LOADPE,importRECSoundEdit是一个声音编辑软件(国外的),采用了ARMADILLO的KEY加密,启动要你输入KEY,否则要等N 秒才能让你启动,还有30天试用期,所以,如果脱了壳,上述现象都将没有了.现在开始脱壳历程.!!第一步,DUMP出程序:用OLLYDBG载入程序.在调试选项中忽略所有异常,这样可以少按SHIFT+F9BP V irtualProtect,F9运行,这时会有异常,用SHIFT+F9过程序会断下来,这时你不停按F9,一般在第5次会出现注册框,OK后再次中断,这时你要注意堆棧开始记下F9的次数了.我这第20下时在堆棧出现如下信息: 0012F214 7342F406 /CALL to V irtualProtect from MSVBVM60.7342F400说明程序,已经运行了.(VB是先运行MSVBVM60.DLL的,在其中也用调用V irtualProtect,如果是DELPHI等程序,可一直F9到程序运行为止)现在重新载入程序,到出现这个信息的前一次中断停下来,然后按几次CTRL+F9到程序中(也就是地址较低的地方,一般都是004*****,005*****,本程序在这:004DA060 83C4 04 ADD ESP, 4004DA063 8945 FC MOV DWORD PTR SS:[EBP-4], EAX004DA066 837D B8 00 CMP DWORD PTR SS:[EBP-48], 0004DA06A 74 0A JE SHORT SoundEdi.004DA076004DA06C 8B45 B8 MOV EAX, DWORD PTR SS:[EBP-48]004DA06F 50 PUSH EAX004DA070 FF15 E8615000 CALL DWORD PTR DS:[<&USER32.DestroyWi>; USER32.DestroyWindow 004DA076 8B45 FC MOV EAX, DWORD PTR SS:[EBP-4]004DA079 8BE5 MOV ESP, EBP004DA07B 5D POP EBP004DA07C C3 RETN这时小心地用F8,因为有一堆的JMP,JNZ,JO等,不过也用不了多久的,大概20多次就可来到这:004DB483 61 POP AD004DB484 6A 00 PUSH 0004DB486 E8 6E000000 CALL SoundEdi.004DB4F9004DB48B 83C4 04 ADD ESP, 4004DB48E 6A 00 PUSH 0004DB490 E8 46830000 CALL SoundEdi.004E37DB004DB495 83C4 04 ADD ESP, 4004DB498 837D E4 01 CMP DWORD PTR SS:[EBP-1C], 1004DB49C 75 11 JNZ SHOR T SoundEdi.004DB4AF004DB49E 68 E8965000 PUSH SoundEdi.005096E8004DB4A3 FF15 0C975000 CALL DWORD PTR DS:[50970C] ,这个CALL用F7跟进004DB4A9 83C4 04 ADD ESP, 4004DB4AC 8945 E4 MOV DWORD PTR SS:[EBP-1C], EAX004DB4AF 68 0C9E4D00 PUSH SoundEdi.004D9E0C在4db4a3这个CALL用f7跟进,然后继续F8,几次后就来到这:00D0B5E0 /75 29 JNZ SHOR T 00D0B60B00D0B5E2 |E8 A05AFFFF CALL 00D0108700D0B5E7 |FF76 04 PUSH DWORD PTR DS:[ESI+4]00D0B5EA |8BF8 MOV EDI, EAX00D0B5EC |A1 CCEED100 MOV EAX, DWORD PTR DS:[D1EECC]00D0B5F1 |FF76 08 PUSH DWORD PTR DS:[ESI+8]00D0B5F4 |8B48 70 MOV ECX, DWORD PTR DS:[EAX+70]00D0B5F7 |3348 50 XOR ECX, DWORD PTR DS:[EAX+50]00D0B5FA |6A 00 PUSH 000D0B5FC |3348 34 XOR ECX, DWORD PTR DS:[EAX+34]00D0B5FF |03F9 ADD EDI, ECX00D0B601 |E8 815AFFFF CALL 00D0108700D0B606 |50 PUSH EAX00D0B607 |FFD7 CALL EDI ; SoundEdi.004059B0看到最后这个CALL EDI吗,004059B0就是程序的OEP了,我们F7跟进:00405996 - FF25 3C114000 JMP DWORD PTR DS:[40113C]0040599C - FF25 8C104000 JMP DWORD PTR DS:[40108C]004059A2 - FF25 B0104000 JMP DWORD PTR DS:[4010B0]004059A8 - FF25 E8114000 JMP DWORD PTR DS:[4011E8]004059AE 0000 ADD BYTE PTR DS:[EAX], AL004059B0 68 787D4000 PUSH SoundEdi.00407D78 ,这是OEP了,004059B5 E8 EEFFFFFF CALL SoundEdi.004059A8呵,典型的VB代码.拿出LOADPE,快快DUMP吧.我们把DUMP的程序保存为DUMPED.EXE第二步,引入表的修复以前总以为它的修复很难,但实际上只要修改程序流程,完全可得到正确的引入表的.1.可先用importREC试试,有一个指针无效,如果CUT程序退出时会出错,所以要修复它.通过它我们可看到iat 的rva为1000,错误指针为1030,(如果很多指针无效,只要记住一个无效的RV A就可以了)2.重新载入程序,BP V irtualProtect,断下后f9,注意堆棧的变化,当出现如下信息时要注意了:0012DB28 00D0887E /CALL to V irtualProtect from 00D088780012DB2C 00401000 |Address = SoundEdi.004010000012DB30 000CB000 |Size = CB000 (831488.)0012DB34 00000004 |NewProtect = PAGE_READWRITE0012DB38 0012F034 \pOldProtect = 0012F034它将往401000也就是IAT所在的地方写入信息:这是再按一下F9,又停下来,D 401000,我们可看到,IA T所在的位置已经写入了东西,还不是dll的地址,还记得那个无效指针的地址吗:401030,我们清掉断点,然后在在内存定位到401030处,"右键-->breakpoint-->hardware on write-->dword",然后按F9运行,程序停了下来:00D0942F 8B85 5CFBFFFF MOV EAX, DWORD PTR SS:[EBP-4A4]00D09435 8B8D 48F9FFFF MOV ECX, DWORD PTR SS:[EBP-6B8]00D0943B 8908 MOV DWORD PTR DS:[EAX], ECX00D0943D 8B85 5CFBFFFF MOV EAX, DWORD PTR SS:[EBP-4A4] ; 停在这00D09443 83C0 04 ADD EAX, 400D09446 8985 5CFBFFFF MOV DWORD PTR SS:[EBP-4A4], EAX00D0944C ^ E9 78FEFFFF JMP 00D092C9看到上述二行:MOV ECX,DWORD PRT [EBP-6B8],我们再往上找几行可看到这个语句:00D093E3 E8 F8C0FEFF CALL 00CF54E000D093E8 8985 48F9FFFF MOV DWORD PTR SS:[EBP-6B8], EAX00D093EE 83BD 48F9FFFF 0>CMP DWORD PTR SS:[EBP-6B8], 000D093F5 75 38 JNZ SHORT 00D0942F在第二行也有个[EBP-6B8],注意前面这个CALL,我们去看一看00CF54E0 55 PUSH EBP00CF54E1 8BEC MOV EBP, ESP00CF54E3 53 PUSH EBX00CF54E4 56 PUSH ESI00CF54E5 57 PUSH EDI00CF54E6 33FF XOR EDI, EDI00CF54E8 33DB XOR EBX, EBX00CF54EA 66:F745 0E FFFF TEST WORD PTR SS:[EBP+E], 0FFFF00CF54F0 75 03 JNZ SHORT 00CF54F500CF54F2 8B5D 0C MOV EBX, DWORD PTR SS:[EBP+C]00CF54F5 57 PUSH EDI00CF54F6 FF15 A430D100 CALL DWORD PTR DS:[D130A4] ; kernel32.GetModuleHandleA 00CF54FC 3945 08 CMP DWORD PTR SS:[EBP+8], EAX00CF54FF 75 07 JNZ SHOR T 00CF550800CF5501 BE C053D100 MOV ESI, 0D153C000CF5506 EB 60 JMP SHOR T 00CF556800CF5508 393D 9859D100 CMP DWORD PTR DS:[D15998], EDI00CF550E B9 9859D100 MOV ECX, 0D1599800CF5513 74 3C JE SHORT 00CF555100CF5515 8B35 B8B1D100 MOV ESI, DWORD PTR DS:[D1B1B8]00CF551B A1 CCEED100 MOV EAX, DWORD PTR DS:[D1EECC]00CF5520 F641 08 01 TEST BYTE PTR DS:[ECX+8], 100CF5524 74 0E JE SHORT 00CF553400CF5526 8B50 70 MOV EDX, DWORD PTR DS:[EAX+70]00CF5529 3350 60 XOR EDX, DWORD PTR DS:[EAX+60]00CF552C 3350 3C XOR EDX, DWORD PTR DS:[EAX+3C]00CF552F F6C2 80 TEST DL, 8000CF5532 75 13 JNZ SHORT 00CF554700CF5534 8B50 70 MOV EDX, DWORD PTR DS:[EAX+70]00CF5537 3350 64 XOR EDX, DWORD PTR DS:[EAX+64]00CF553A 3350 58 XOR EDX, DWORD PTR DS:[EAX+58]00CF553D 3350 20 XOR EDX, DWORD PTR DS:[EAX+20]00CF5540 3316 XOR EDX, DWORD PTR DS:[ESI]00CF5542 3955 08 CMP DWORD PTR SS:[EBP+8], EDX00CF5545 74 1E JE SHORT 00CF556500CF5547 83C1 0C ADD ECX, 0C00CF554A 83C6 04 ADD ESI, 400CF554D 3939 CMP DWORD PTR DS:[ECX], EDI00CF554F ^ 75 CF JNZ SHORT 00CF552000CF5551 FF75 0C PUSH DWORD PTR SS:[EBP+C]这里面有几个跳转,其中最后一个CF554F是往上跳的.我们看一个就可发现:00CF5513 74 3C JE SHORT 00CF5551,这个跳正好可跳出这个循环.只要改这个跳,就不会破坏引入表了.再次重新载入,BP V irtualProtect,出现注册框后OK,程序再断下来,这时清除断点(包括硬件断点),CTRL+F9回程序领空,把CF5513的74 3c改成eb 3c,按F9运行,程序运行后打开importREC,选中程序,入口填入59b0,-->IA T自动搜索-->获得输入信息",如果还有无效的大可放心的cut,因为它们本来就不是有用指针了(也可能是importREC把IA T的大小判断错了),.然后修复脱壳后的文件.OK,大功告成.测试了下脱壳后的程序,运行正常,那个烦人的注册框没有,时间限制也注册了,别说30天,就是30年都没问题.。

VB编程常用代码大全讲解学习V B编程常用代码大全VB编程常用代码大全1.数值型函数：abs(num): 返回绝对值sgn(num): num>0 1; num=0 0; num<0 -1;判断数值正负hex(num): 返回十六进制值直接表示：&Hxx 最大8位oct(num): 返回八进制值直接表示：&Oxx 最大8位sqr(num): 返回平方根 num>0int(num): 取整 int(99.8)=99; int(-99.2)=100fix(num): 取整 fix(99.8)=99; fix(-99.2)=99round(num,n): 四舍五入取小数位round(3.14159,3)=3.142 中点数值四舍五入为近偶取整 round(3.25,1)=3.2log(num): 取以e为底的对数 num>0exp(n): 取e的n次幂通常用 num^nsin(num): 三角函数，以弧度为值计算(角度*Pai)/180=弧度con(num); tan(num); atn(num)2.字符串函数：len(str)：计算字符串长度中文字符长度也计为一！mid(str,起始字符,[读取长度])：截取字符串中间子字符串left(str,nlen)：从左边起截取nlen长度子字符串right(str,nlen)：从右边起截取nlen长度子字符串Lcase(str)：字符串转成小写Ucase(str)：字符串转成大写trim(str)：去除字符串两端空格Ltrim(str)：去除字符串左侧空格Rtrim(str)：去除字符串右侧空格replace(str,查找字符串,替代字符串,[起始字符,替代次数,比较方法])：替换字符串注：默认值：起始字符1；替代次数不限；比较方法区分大小写（0）InStr([起始字符,]str,查找字符串[,比较方法])：检测是否包含子字符串可选参数需同时选返回起始位置InStrRev(str,查找字符串[,起始字符][,比较方法])：反向检测是否包含子字符串返回起始位置space(n)：构造n个空格的字符串string(n,str)：构造由n个str第一个字符组成的字符串StrReverse(str)：反转字符串split(str,分割字符串[,次数][,比较方法])：以分割字符串为分割标志将字符串转为字符数组可选参数需同时选3.数据类型转换函数：Cint(str)：转换正数 True -1；False 0；日期距离1899/12/31天数；时间上午段 0；下午段 1；Cstr(str)：日期输出格式yyyy/mm/dd；时间输出格式Am/Pm hh:mm:ss。

VB加壳脱壳程序源码1、窗体代码Private Sub Check1_Click()Text2.SetFocusEnd SubPrivate Sub Image2_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image10.Visible = FalseEnd SubPrivate Sub Image3_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseList1.Visible = TrueList2.Visible = FalseFrame3.Visible = FalseList1.Text = " UPX 1.24 "Text2.SetFocusEnd IfEnd SubPrivate Sub Command2_Click()Dim path As String, back_path As String, file_t As String 'Dim's stringsText2.SetFocusCommonDialog1.ShowOpenText1.Text = CommonDialog1.FileNamepath = Text1.Textback_path = "Backupfile.exe"If Check1.Value = 1 Theni = FreeFileOpen path For Binary As #ifile_t = Space(LOF(i))Get #i, , file_tClose #iOpen back_path For Binary As #iPut #i, , file_tClose #iMsgBox " A Backup of the file has been created in the same location as the original file", vbInformationEnd IfEnd SubPrivate Sub Image3_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image8.Visible = TrueEnd SubPrivate Sub Image3_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image8.Visible = FalseImage3_ClickEnd SubPrivate Sub Image4_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseText2.SetFocusList2.Visible = TrueList1.Visible = FalseFrame3.Visible = FalseList2.Text = " Krypt "End IfEnd SubPrivate Sub Image4_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image9.Visible = TrueEnd SubPrivate Sub Image4_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image9.Visible = FalseImage4_ClickEnd SubPrivate Sub Image5_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseText2.SetFocusList1.Visible = FalseList2.Visible = FalseFrame3.Visible = TrueFrame4.Visible = TrueEnd IfEnd SubPrivate Sub Image5_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image7.Visible = TrueEnd SubPrivate Sub Image5_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image7.Visible = FalseImage5_ClickEnd SubPrivate Sub Image6_Click()Text2.SetFocusFrame3.Visible = TrueList1.Visible = FalseFrame4.Visible = FalseEnd SubPrivate Sub Command7_Click()Text2.SetFocusIf Text1.Text <> "" And Text3.Text > 0 Thenfsiz = ShowFileSize(Text1.Text)PB1.Value = 0PB1.Max = Text3.TextPB1.Visible = TrueOpen Text1.Text For Binary As #1For a = 1 To Text3.TextPut #1, fsiz - 1 + a, 0PB1.Value = aNextCloseEnd IfPB1.Visible = FalsePB1.Value = 0End SubFunction ShowFileSize(file)Dim fs, f, sSet fs = CreateObject("Scripting.FileSystemObject")Set f = fs.GetFile(file)ShowFileSize = f.Size's = UCase() & " uses " & f.Size & " bytes."'MsgBox s, 0, "Folder Size Info"End Function'94208Private Sub exit_Click()Unload MeEnd SubPrivate Sub Form_Load()Check1.Value = FalseList1.AddItem " Double Click To Pack " List1.AddItem " " List1.AddItem " UPX 1.24 " List1.AddItem " FSG 1.33 " List1.AddItem " PEPack " List1.AddItem " ASPack " List1.AddItem " PECompact " List1.AddItem " PE-Diminisher " List1.AddItem " PeX v0.99 " List2.AddItem " Double Click To Protect "List2.AddItem " " List2.AddItem " Krypt " List2.AddItem " UPX Scrambler 1.05 "List2.AddItem " UPX Scrambler 1.06 "List2.AddItem " tElock "End SubPrivate Sub Image2_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image10.Visible = TrueIf Button = 1 ThenDim linklink = ShellExecute(hWnd, "Open", "", &O0, &O0, SW_NORMAL)End IfEnd SubPrivate Sub Image6_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image2.Visible = TrueEnd SubPrivate Sub Image6_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image2.Visible = FalseImage6_ClickEnd SubPrivate Sub Image7_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image10.Visible = TrueEnd SubPrivate Sub Image7_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image10.Visible = FalseEnd SubPrivate Sub Label5_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single)If Button = 1 ThenDim linklink = ShellExecute(hWnd, "Open", "", &O0, &O0, SW_NORMAL)End IfEnd SubPrivate Sub Label9_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single)If Button = 1 ThenDim linklink = ShellExecute(hWnd, "Open", "", &O0, &O0, SW_NORMAL)End IfEnd SubPrivate Sub List1_DblClick()If List1.Text = " UPX 1.24 " ThenShell App.path & "\components\packers\upx124.exe " & Chr(34) & Text1.Text & Chr(34), vbNormalFocusEnd IfIf List1.Text = " FSG 1.33 " ThenShell App.path & "\components\packers\fsg133.EXE " & Text1.Text, vbNormalFocusEnd IfIf List1.Text = " PEPack " ThenShell App.path & "\components\packers\pepack.exe " & Chr(34) & Text1.Text & Chr(34), vbNormalFocusEnd IfIf List1.Text = " ASPack " ThenShell App.path & "\components\packers\aspack.exe " & Text3.Text, vbNormalFocusEnd IfEnd SubPrivate Sub List2_DblClick()If List2.Text = " Krypt " ThenShell App.path & "\components\protectors\client.exe ", vbNormalFocusSendKeys "{TAB}"SendKeys "{ENTER}"SendKeys Text1.TextSendKeys "{ENTER}"SendKeys "{TAB}"SendKeys "{TAB}"SendKeys "{ENTER}"SendKeys App.path & "\components\protectors\stub.exe"SendKeys "{ENTER}"End IfIf List2.Text = " UPX Scrambler 1.05 " ThenShell App.path & "\components\protectors\scramble.exe " & Chr(34) & Text1.Text & Chr(34), vbNormalFocusEnd IfIf List2.Text = " UPX Scrambler 1.06 " ThenShell App.path & "\components\protectors\scramble16.exe " & Chr(34) & Text1.Text & Chr(34), vbNormalFocusEnd IfIf List2.Text = " tElock " ThenShell App.path & "\components\protectors\telock.exe " & Chr(34) & Text1.Text & Chr(34), vbNormalFocusEnd IfEnd SubPrivate Sub open_Click()CommonDialog1.ShowOpenText1.Text = CommonDialog1.FileNameEnd SubPrivate Sub Option1_Click()Text2.SetFocusEnd SubPrivate Sub Option2_Click()Text2.SetFocusEnd Sub2、模块代码Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hWnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As LongPublic Const SW_NORMAL = 1。

VB加壳脱壳程序源码1、窗体代码Private Sub Check1_Click()Text2.SetFocusEnd SubPrivate Sub Image2_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image10.Visible = FalseEnd SubPrivate Sub Image3_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseList1.Visible = TrueList2.Visible = FalseFrame3.Visible = FalseList1.Text = " UPX 1.24 "Text2.SetFocusEnd IfEnd SubPrivate Sub Command2_Click()Dim path As String, back_path As String, file_t As String 'Dim's stringsText2.SetFocusCommonDialog1.ShowOpenText1.Text = CommonDialog1.FileNamepath = Text1.Textback_path = "Backupfile.exe"If Check1.Value = 1 Theni = FreeFileOpen path For Binary As #ifile_t = Space(LOF(i))Get #i, , file_tClose #iOpen back_path For Binary As #iPut #i, , file_tClose #iMsgBox " A Backup of the file has been created in the same location as the original file", vbInformationEnd IfEnd SubPrivate Sub Image3_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image8.Visible = TrueEnd SubPrivate Sub Image3_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image8.Visible = FalseImage3_ClickEnd SubPrivate Sub Image4_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseText2.SetFocusList2.Visible = TrueList1.Visible = FalseFrame3.Visible = FalseList2.Text = " Krypt "End IfEnd SubPrivate Sub Image4_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image9.Visible = TrueEnd SubPrivate Sub Image4_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image9.Visible = FalseImage4_ClickEnd SubPrivate Sub Image5_Click()If Text1.Text = "" ThenMsgBox "Please Select A File First!", vbInformationElseText2.SetFocusList1.Visible = FalseList2.Visible = FalseFrame3.Visible = TrueFrame4.Visible = TrueEnd IfEnd SubPrivate Sub Image5_MouseDown(Button As Integer, Shift As Integer, X As Single, Y As Single) Image7.Visible = TrueEnd SubPrivate Sub Image5_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single) Image7.Visible = FalseImage5_ClickEnd SubPrivate Sub Image6_Click()Text2.SetFocusFrame3.Visible = TrueList1.Visible = FalseFrame4.Visible = FalseEnd SubPrivate Sub Command7_Click()Text2.SetFocusIf Text1.Text <> "" And Text3.Text > 0 Thenfsiz = ShowFileSize(Text1.Text)PB1.Value = 0PB1.Max = Text3.TextPB1.Visible = TrueOpen Text1.Text For Binary As #1For a = 1 To Text3.TextPut #1, fsiz - 1 + a, 0PB1.Value = aNextCloseEnd IfPB1.Visible = FalsePB1.Value = 0End SubFunction ShowFileSize(file)Dim fs, f, sSet fs = CreateObject("Scripting.FileSystemObject")Set f = fs.GetFile(file)ShowFileSize = f.Size's = UCase() & " uses " & f.Size & " bytes."'MsgBox s, 0, "Folder Size Info"End Function'94208Private Sub exit_Click()Unload MeEnd SubPrivate Sub Form_Load()Check1.Value = FalseList1.AddItem " Double Click To Pack " List1.AddItem " " List1.AddItem " UPX 1.24 " List1.AddItem " FSG 1.33 " List1.AddItem " PEPack " List1.AddItem " ASPack " List1.AddItem " PECompact " List1.AddItem " PE-Diminisher " List1.AddItem " PeX v0.99 " List2.AddItem " Double Click To Protect "List2.AddItem " " List2.AddItem " Krypt " List2.AddItem " UPX Scrambler 1.05 "。

加壳和脱壳通常是在软件工程中使用的术语，它们涉及到对二进制代码进行加密和解密。

加壳：这是将代码进行加密的过程。

当代码被加壳时，它变得难以阅读和理解。

这可以防止未经授权的人查看或修改代码。

加壳后的代码通常会以一种特殊的方式执行，这使得原始代码在运行时才能被解密并执行。

脱壳：这是将加壳的代码进行解密的过程。

当你想查看或修改加壳的代码时，你需要进行脱壳。

脱壳后的代码通常是原始代码，可以被阅读和理解。

以下是一个简单的Python加壳和脱壳的示例：加壳：```pythondef obfuscate_code(code):encrypted_code = ""for char in code:encrypted_code += chr(ord(char) ^ 42) # XOR with 42 to encrypt the codereturn encrypted_codeoriginal_code = "print('Hello, World!')"encrypted_code = obfuscate_code(original_code)exec(encrypted_code) # This will run the encryptedcode```脱壳：```pythondef deobfuscate_code(encrypted_code):decrypted_code = ""for char in encrypted_code:decrypted_code += chr(ord(char) ^ 42) # XOR with 42 to decrypt the codereturn decrypted_codeencrypted_code = "print('Hello, World!')" # This is the encrypted code from the previous exampledecrypted_code = deobfuscate_code(encrypted_code)exec(decrypted_code) # This will run the decrypted code, which will print "Hello, World!"```请注意，这只是一个简单的示例，实际的加壳和脱壳技术要复杂得多，并且可以包括更高级的加密和混淆技术。

个人总结的一个VMP脱壳步骤个人在学习脱VMP加壳的过程中总结的一个步骤。

按照这个步骤，包括VMP1.6—2.0在内应该有70%-80%能脱壳。

脱不了的也别问我，我也刚开始学习。

我还想找人问呢。

想要脱VMP的壳，首要工作当然是要找一个强OD啦！至于是什么版本的OD自己多试验几个，网上大把大把的，一般来说只要加载了你想脱的VMP加壳程序不关闭都可以。

其次就是StrongOD.dll这个插件了，现在用的比较多的就是海风月影，同样网上也是大把大把的。

下载回来后复制到你的OD程序所在的文件夹里面的plugin里。

StrongOD的设置选项搞不懂就全部打钩。

接下来要做的工作就是搞清楚我们要脱壳的程序编程的语言了，可以用PEID或者fastscanner查看,如果在这里看不到也可以在OD载入以后通过里面的字符串判断了。

例如VB的程序会出现MSVB----/VC的会出现MSVC---等等。

这些都是程序运行所需要的windows链接文件。

做完这些预备工作接下来当然是用OD载入文件啦。

文件载入后在反汇编窗口CTRL+G搜索VirtualProtect(注意V跟P要大写，至于为什么要搜索这个别问我)。

一般来说搜索的结果会出现以下的类似：7C801AE3 E8 75FFFFFF call kernel32.VirtualProtectEx我们在这里下F2断点。

然后F9运行到我们下的这个断点。

接下来我们就要注意观察堆栈窗口了。

一般来说当我们F9运行到我们上面下的断点的时候在堆栈窗口会出现以下类似：0012F66C 00401000 |Address = TradeCen.004010000012F670 000280D1 |Size = 280D1 (164049.)0012F674 00000004 |NewProtect = PAGE_READWRITE0012F678 0012FF98 \pOldProtect = 0012FF98我们要注意观察的就是在接下来我们F9运行的时候，ADDRESS和NEWPROTECT这两行的变化。

第3章课前体验Private Sub Form_Click()For i = 1 To 10For j = 1 To iPrint "* ";Next jPrintNext iEnd Sub【例3-1】Private Sub Form_Click()c1$ = Chr$(13) + Chr$(10)msg1$ = "请输入您的名字: "msg2$ = "输入后按回车键"msg3$ = "或单击“确定”按钮"msg$ = msg1$ + c1$ + msg2$ + c1$ + msg3$name$ = InputBox(msg$, "InputBox 函数示例", "张三")Print name$End Sub【例3-2】Private Sub Form_Click()Msg1$=”Are you Continue to?”msg2$=”Operation Dialog Box”r=MsgBox(msg1$,34,msg2$)Print rEnd Sub【例3-3】编写程序，用MsgBox函数判断是否继续执行。

Private Sub Form_Click()msg$ = "请确认此数据是否正确"Title$ = "数据检查对话框"x = MsgBox(msg$, 19, Title$)If x = 6 ThenPrint x * xElseIf x = 7 ThenPrint "请重新输入"End IfEnd Sub【例3-5】Private Sub Form_Click()Print: PrintFontName = "隶书"FontSize = 16Print " 姓名"; Tab(8); "年龄"; Tab(16); "职务";Print Tab(24); "单位"; Tab(32); "籍贯"PrintPrint "吴大明"; Tab(8); 25; Tab(16); "职员"; Tab(24); "人事科"; Tab(32); "北京"Print "吴大明"; Tab(8); 25; Tab(16); "职员"; Tab(24); "人事科"; Tab(32); "北京"End Sub【例3-6】Private Sub Form_Click()X = InputBox("请输入成绩", "学生成绩录入", "00")Print xEnd Sub【例3-7】Private Sub Form_Click()Dim x As Single, y As Singlex=InputBox(“请输入x的值”)If x>0 Then y=1 ElseIf x=0 Then y=0 Else y=-1Print “x=”; x ,”y=” ; yEnd Sub【例3-8】Private Sub Form_Click()Dim msg, UserInputmsg = "请输入一个字母或0～9之间的数字."UserInput = InputBox(msg) ‘输入一个字母或数字If Not IsNumeric(UserInput) Then ‘判断是否是数字If Len(UserInput) = 1 Then ‘不是数字时，判断输入的字符串长度是否为1 Select Case Asc(UserInput) ‘判断输入字母的ASCII码值Case 60 To 90 '在60-90之间为大写字母msg = "你输入的是一个大写字母'"msg = msg & Chr(Asc(UserInput)) & "'。

个人收藏的VB精典实用源代码。

若朋友您想要问如何才能学好vb，或者入门需要看什么教材一类的问题，建议你抱着一颗刻苦钻研的心去面对这门学问，多动脑，少提问，遇到不知道的，多查资料，多看看帖子，或者用断点来亲自试验。

实在不会了，请在此贴中查找您的常见问题，如果还没有，那请您发出新贴，向各位高手讨教：）查找方法：按ctrl+f，输入要查找的问题关键字即可每个问题中间用///分隔，这只是一部分最常见到的问题，以后会逐渐更新。

////////////////////////////////////////////////////////////////////////////////////如何用VB建立快捷方式Private Declare Function fCreateShellLink Lib "STKIT432.DLL" (ByVal lpstrFolderName As String, ByVal lpstrLinkName As String, ByVal lpstrLinkPath As String, ByVal lpstrLinkArgs As String) As LongSub Command1_Click()Dim lReturn As Long'添加到桌面lReturn = fCreateShellLink("..\..\Desktop", "Shortcut to Calculator", "c:\windows\calc.exe", "")'添加到程序组lReturn = fCreateShellLink("", "Shortcut to Calculator", "c:\windows\calc.exe", "")'添加到启动组lReturn = fCreateShellLink("\Startup", "Shortcut to Calculator", "c:\windows\calc.exe", "")End Sub////////////////////////////////////////////////////////////////////////////////////如何让程序在Windows 启动时自动执行？有以下二个方法：方法1: 直接将快捷方式放到启动群组中。

‘模块Public Const GWL_WNDPROC = (-4)Public Const WM_USER = &H400Public Type RECTLeft As LongTop As LongRight As LongBottom As LongEnd TypePublic Const WM_FRAME_BUTTON = WM_USER + &H364 Public Const WM_TRANSPARENT_GIF = WM_USER + &H365 Public Const BK_MENU_HOVER = 10Public Const BK_CUSTOM = 10000Public Const FRAME_BUTTON_MAX = 1Public Const FRAME_BUTTON_RESTORE = 2Public Const FRAME_BUTTON_MIN = 3Public Const FRAME_BUTTON_CLOSE = 4Public Const FRAME_BUTTON_CUSTOMBASE = &H200 Public Const FB_COMMAND_REMOVE = 0Public Const FB_COMMAND_ENABLE = 1Public Const FB_COMMAND_DISABLE = 2Public Const FB_COMMAND_CHECK = 3Public Const FB_COMMAND_UNCHECK = 4Public Const GTP_LOAD_FILE = 1Public Const GTP_LOAD_MEMORY = 2Public Const GTP_LOAD_RESOURCE = 3Public Const GTP_LOAD_FILE_ONL Y = 4Public Const GTP_LOAD_MEMORY_ONL Y = 5Public Const GTP_LOAD_RESOURCE_ONL Y = 6Public Const WINDOW_TYPE_AUTOFILTER = 0Public Const WINDOW_TYPE_SDK = 1Public Const WINDOW_TYPE_VC = 1Public Const WINDOW_TYPE_VB6 = 2Public Const WINDOW_TYPE_BCB = 3Public Const WINDOW_TYPE_DELPHI = 3Public Const WINDOW_TYPE_NET = 4Public Const SKIN_CLASS_NOSKIN = 0Public Const SKIN_CLASS_AUTOFILTER = 1Public Const SKIN_CLASS_PAUSESKIN = 2Public Const SKIN_CLASS_REDOSKIN = 3Public Const SKIN_CLASS_REMOVESKIN = 4Public Const SKIN_CLASS_NOSKINEX = 5Public Const SKIN_CLASS_UNKNOWN = 6Public Const SKIN_CLASS_AUTOFILTEREX = 7Public Const SKIN_CLASS_SCROLLWIN = 10Public Const SKIN_CLASS_SCROLLWINBORDER = 11 Public Const SKIN_CLASS_FRAMEWIN = 101Public Const SKIN_CLASS_FRAMEDIALOG = 102 Public Const SKIN_CLASS_INSIDEDIALOG = 103Public Const SKIN_CLASS_MDICLIENT = 104Public Const SKIN_CLASS_SCROLLPANEL = 105Public Const SKIN_CLASS_FRAMEBACKGROUND = 106 Public Const SKIN_CLASS_COMBOBOX = 201Public Const SKIN_CLASS_DATETIME = 202Public Const SKIN_CLASS_HEADER = 203Public Const SKIN_CLASS_GROUPBOX = 204Public Const SKIN_CLASS_IMAGEBUTTON = 205 Public Const SKIN_CLASS_MENU = 206Public Const SKIN_CLASS_PROGRESS = 207Public Const SKIN_CLASS_PUSHBUTTON = 208Public Const SKIN_CLASS_SCROLLBAR = 209Public Const SKIN_CLASS_SLIDER = 210Public Const SKIN_CLASS_SPIN = 211Public Const SKIN_CLASS_SPILTER = 212Public Const SKIN_CLASS_STATUSBAR = 213Public Const SKIN_CLASS_TAB = 214Public Const SKIN_CLASS_TEXT = 215Public Const SKIN_CLASS_TOOLBAR = 216Public Const SKIN_CLASS_TOOLBARPANEL = 217 Public Const SKIN_CLASS_PANEL = 218Public Const SKIN_CLASS_PANELEX = 219Public Const SKIN_CLASS_PANELELIXIR = 220Public Const SKIN_CLASS_HYPERLINK = 221Public Const SKIN_CLASS_STATUSBAR_VB6 = 222 Public Const SKIN_CLASS_SHAPEWIN = 223Public Const SKIN_CLASS_CHECKBUTTON = 224 Public Const SKIN_CLASS_RADIOBUTTON = 225 Public Const SKIN_CLASS_READONL YEDIT = 226 Public Const SKIN_CLASS_FRAMEBTN = 227Public Const SKIN_CLASS_SLIDEREX = 228Public Const SKIN_SET_TRANSPARENT = 601Public Const SKIN_SET_THEME_COLOR = 602Public Const SKIN_SET_EFFECT = 603Public Const SKIN_SET_REDRAW = 604Public Const SKIN_SET_PAINTCUSTOMPROC = 605 Public Const SKIN_SET_NCPAINTCUSTOMPROC = 606 Public Const SKIN_SET_SPECIAL_TOOL = 610Public Const SKIN_SET_VB6_SCROLL_INFO = 611Public Const SKIN_SET_UNSKIN = 660Public Const SKIN_SET_UNICODE_URF_FONT = 661Public Const SKIN_SET_PAUSESKIN = 662Public Const SKIN_SET_REDOSKIN = 663Public Const SKIN_SET_VCLABEL = 664Public Const SKIN_SET_FRAMEBTN = 665Public Const SKIN_GET_BK = 701Public Declare Function SkinStart Lib "appface.dll" (ByVal SkinFile As String, ByVal nDefWinType As Long, ByVal CheckSum As String, ByVal nType As Long, ByVal hInstance As Long, szResType As Long) As BooleanPublic Declare Function SkinWindowSet Lib "appface.dll" (ByVal hWnd As Long, ByVal bSkin As Long) As BooleanPublic Declare Function SkinWindowSetEx Lib "appface.dll" (ByVal hWnd As Long, _ByVal nSkinType As Long, _ByVal nResourceId As Long, _ByVal nUrfLoadType As Long, _ByVal SkinFile As String, _ByVal hInstance As Long, _szResType As Long) As LongPublic Declare Function SkinRemove Lib "appface.dll" () As LongPublic Declare Function BkCreate Lib "appface.dll" (ByVal nBkType As Long) As LongPublic Declare Function BkDelete Lib "appface.dll" (ByVal nBkHandle As Long) As Long Public Declare Function BkDraw Lib "appface.dll" (ByVal nBkHandle As Long, ByVal dcTarget As Long, rcTarget As RECT, ByVal nReserved As Long) As Boolean‘引用Private Sub Form_Load()Dim bRes As BooleanbRes = SkinStart(App.Path & "\skin.urf", 2, "RQPJNW0N0V2QRMAP1KXVBHHDUVVQGUXR", 1, 0, 0)End Sub说明：除了有这些代码以外，在生成程序的目录下，还要有appface.dll、appfacebind、skin.urf 这三个必须的文件（可以在网上下），注意文件名。