Preface: 4C simple method for local authentication, then it should more so, but probably based network authentication is not very good, though to a second window, or function should not be used
The reverse process:
1, loaded directly OD, first assembler instructions as found
0040120C > $ 68 6C434000 push killme.0040436C
2, we follow 0040120C directly in the data window + 4C to the following
3, and then continue to follow the address to machine code address 0040440C, came to the following
4, wherein the attention Red Label
5, when the flag 00 is to machine code is the first program to run when the form is loaded, the machine code 01 loaded second form, 01 to 00, 00 may be directly modified form loads for the replacement order of 01 to achieve the purpose of bypassing the validation
