Table of Contents
Shortnote
Decloner is an OSX tool for finding duplicate files. The trial is a fully functional 30-day trial which can be easily converted to a never-ending trial.
Trial Title Text
The trial title text can be disabled by jumping over the intstructions that append the number of days left in the MainWindowController_title subroutine around 0x100009d62.
methImpl_MainWindowController_title: 0000000100009d62 55 push rbp 0000000100009d63 4889E5 mov rbp, rsp 0000000100009d66 4156 push r14 0000000100009d68 53 push rbx 0000000100009d69 488D3D08760500 lea rdi, qword [ds:cfstring_Decloner] ; @"Decloner" 0000000100009d70 E85F710200 call imp___stubs__objc_retain 0000000100009d75 488B3D9C550500 mov rdi, qword [ds:0x10005F318] 0000000100009d7c 488D355D530500 lea rsi, qword [ds:objc_msg_alloc] ; @selector(alloc) 0000000100009d83 FF1557530500 call qword [ds:objc_msg_alloc] ; @selector(alloc) 0000000100009d89 488B3548380500 mov rsi, qword [ds:objc_sel_init] ; @selector(init) 0000000100009d90 488B1D29640400 mov rbx, qword [ds:imp___got__objc_msgSend] 0000000100009d97 4889C7 mov rdi, rax 0000000100009d9a FFD3 call rbx 0000000100009d9c 4989C6 mov r14, rax 0000000100009d9f 488B35F23E0500 mov rsi, qword [ds:objc_sel_isValid] ; @selector(isValid) 0000000100009da6 4C89F7 mov rdi, r14 0000000100009da9 FFD3 call rbx 0000000100009dab 84C0 test al, al 0000000100009dad 90 nop 0000000100009dae 90 nop 0000000100009daf 488D1DC2750500 lea rbx, qword [ds:cfstring_Decloner] ; @"Decloner" 0000000100009db6 EB63 jmp 0x100009E1B ... 0000000100009e1b 4889DF mov rdi, rbx ; XREF=0x100009db6 0000000100009e1e E8B1700200 call imp___stubs__objc_retain 0000000100009e23 4C89F7 mov rdi, r14 ; XREF=0x100009e12 0000000100009e26 E8A3700200 call imp___stubs__objc_release 0000000100009e2b 488D3D46750500 lea rdi, qword [ds:cfstring_Decloner] ; @"Decloner" 0000000100009e32 E897700200 call imp___stubs__objc_release 0000000100009e37 4889DF mov rdi, rbx 0000000100009e3a 5B pop rbx 0000000100009e3b 415E pop r14 0000000100009e3d 5D pop rbp 0000000100009e3e E96D700200 jmp imp___stubs__objc_autoreleaseReturnValue
This is done by nop-ing the je and sliding to the jmp to 0x10009E1B which just leaves the title as Decloner.
Nag Window
The nag window can be disabled so that it never shows, by jumping over the code responsible for showing the window. This is done in the showNagWindow procedure by using a jmp to 0x100005690.
methImpl_MainWindowController_showNagWindow: 000000010000562c 55 push rbp 000000010000562d 4889E5 mov rbp, rsp 0000000100005630 4157 push r15 0000000100005632 4156 push r14 0000000100005634 4155 push r13 0000000100005636 4154 push r12 0000000100005638 53 push rbx 0000000100005639 50 push rax 000000010000563a 4989FC mov r12, rdi 000000010000563d 488B0524EF0500 mov rax, qword [ds:_OBJC_IVAR_$_MainWindowController.nagWindowController] 0000000100005644 498B3C04 mov rdi, qword [ds:r12+rax] 0000000100005648 4885FF test rdi, rdi 000000010000564b E940000000 jmp 0x100005690 ... 0000000100005690 488B05A1A90400 mov rax, qword [ds:imp___got__NSApp] ; XREF=0x10000564b 0000000100005697 4C8B30 mov r14, qword [ds:rax] 000000010000569a 488B35F7800500 mov rsi, qword [ds:objc_sel_window] ; @selector(window) 00000001000056a1 4C8B2D18AB0400 mov r13, qword [ds:imp___got__objc_msgSend] ...
Unregistered Text
The unregistered text can be disabled by using a jmp to 0x100013A9A in the unregisteredText method:
====== B E G I N O F P R O C E D U R E ======
; Basic Block Input Regs: rax - Killed Regs: rsi rdi
methImpl_static_RegistrationWindowController_unregisteredText:
0000000100013a29 55 push rbp
0000000100013a2a 4889E5 mov rbp, rsp
0000000100013a2d 53 push rbx
0000000100013a2e 50 push rax
0000000100013a2f 488B35D2A50400 mov rsi, qword [ds:objc_sel_trialDaysLeft] ; @selector(trialDaysLeft)
0000000100013a36 488B3D0BB90400 mov rdi, qword [ds:0x10005F348]
0000000100013a3d FF157DC70300 call qword [ds:imp___got__objc_msgSend]
0000000100013a43 4885C0 test rax, rax
0000000100013a46 E94F000000 jmp 0x100013A9A
...
; Basic Block Input Regs: rbx - Killed Regs: rbx rsp rbp rdi
0000000100013a9a 4889DF mov rdi, rbx ; XREF=0x100013a46, 0x100013a89
0000000100013a9d 4883C408 add rsp, 0x8
0000000100013aa1 5B pop rbx
0000000100013aa2 5D pop rbp
0000000100013aa3 E908D40100 jmp imp___stubs__objc_autoreleaseReturnValue
; endp
Trial Days
The number of trial days can be set permanently to 30 by jumping over the code responsible for calculating the number of days left in the trialDaysLeft procedure:
====== B E G I N O F P R O C E D U R E ======
; Basic Block Input Regs: rax - Killed Regs: rdx rbx rsi rdi r14 r15
methImpl_static_DCTrial_trialDaysLeft:
00000001000168ff 55 push rbp
...
0000000100016962 E9F4000000 jmp 0x100016A5B
0000000100016967 90 nop
...
; Basic Block Input Regs: rbx r14 - Killed Regs: rax rbx rsp rbp rdi r12 r13 r14 r15
0000000100016a5b 4C89F7 mov rdi, r14 ; XREF=0x100016962
0000000100016a5e E86BA40100 call imp___stubs__objc_release
0000000100016a63 4889D8 mov rax, rbx
0000000100016a66 4883C408 add rsp, 0x8
0000000100016a6a 5B pop rbx
0000000100016a6b 415C pop r12
0000000100016a6d 415D pop r13
0000000100016a6f 415E pop r14
0000000100016a71 415F pop r15
0000000100016a73 5D pop rbp
0000000100016a74 C3 ret
; endp
That is it for version 1.5.2.
For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.