|
|
|
【原创】破解Quick Screen Recorder
9 c% x, R4 X$ y; w, M) b) Z【破解作者】 yijun
# J, U/ }" z9 w2 \7 }, s【作者邮箱】 [email protected]) |0 K) Q W+ ^# {4 y0 K* i) t. O' F
【使用工具】 OD,PEID
% ~( L N9 H; _【破解平台】 WinXP- n/ Z2 e0 a0 v# B
【软件名称】 Quick Screen Recorder% j( I9 Z' M- y; S
【下载地址】 天空
( s* L: F) F% ]; f# D. O【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
5 O5 }7 a: i: w2 e, w【软件大小】 540K
/ d6 m( y" R# @) |3 F" Q8 G6 |1 j8 E【加壳方式】 无0 l# L y! c- z# w7 B2 A
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
! w% |; g [6 ?, [$ K0 O; V1 J' c$ X--------------------------------------------------------------------------------
) w& d: L0 S* ~4 o$ K【破解内容】4 P6 r, K6 I8 c) b# F) s
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:: b: w* n5 b" X' A F9 m
00404C69 55 push ebp //在此下断3 e& w! O7 }5 G: w$ `
00404C6A 56 push esi
9 i3 t1 W3 z$ _+ H! G: J+ D00404C6B 57 push edi
2 M+ s9 E1 E$ o: J5 R00404C6C 8BE9 mov ebp,ecx7 g# |' u3 ~2 U
00404C6E 6A 01 push 15 [# d4 E' _& @& R2 F
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
7 i, n) E% F8 J& V' W00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
. a3 P8 n7 E' _2 i, [* W00404C78 8BCF mov ecx,edi
2 ]: w% R; p; g3 t( l: @00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码( \: }+ u8 t; |, Y- W9 Z f8 D6 P
00404C7F 8BCF mov ecx,edi
6 D! G& b- F/ i; C: T) g/ ~00404C81 E8 A73E0200 call qsr.00428B2D
* h' L4 j* _& [ O3 W1 N00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
o% y9 ^" S+ M% ?# A+ t00404C89 8BCE mov ecx,esi6 W3 x/ W6 r" u" a, y
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX5 }3 {& W$ d& B/ H W
00404C90 8BCE mov ecx,esi
0 z0 ?; z6 c+ N' O5 W00404C92 E8 963E0200 call qsr.00428B2D; q/ n# @# |: { L" N
00404C97 8B06 mov eax,dword ptr ds:[esi]- y1 d5 M6 b- W- v; t; M" w
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
2 |8 O% n+ N8 i& r) V8 ~00404C9D 7D 26 jge short qsr.00404CC50 R: T* L" L, p H& [) ~/ N6 V9 A
00404C9F 6A 40 push 40' m* O }7 \( q, q: S; G' Y
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
: o& j4 g8 E) u8 Z+ G# j( G00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
6 _( `; g- k4 J' w00404CAB 8BCD mov ecx,ebp
: i2 V# ]0 S5 V1 c2 y N00404CAD E8 C3840200 call qsr.0042D175/ V/ u- j/ d7 d
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]. K" { V6 f2 V* T5 y4 _/ n
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx/ X5 R2 N: K1 m/ q
00404CBD 5F pop edi
" _0 N6 @, }/ H4 d00404CBE 5E pop esi
& [) {% I7 p1 P4 d/ b5 L3 Q! S00404CBF 5D pop ebp8 {" [. t) s- N& ~! ?
00404CC0 5B pop ebx
- k/ ~1 A: k& S' ~8 M00404CC1 83C4 18 add esp,18
8 k/ A- }) a% N6 g) H; _00404CC4 C3 retn. i+ u+ O" H; S+ Z! m( ~
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]2 F) q" O8 ?9 X W5 h& u' j
00404CC8 84C0 test al,al
5 G! r( e! ^ L. ^* n' l00404CCA 0F85 1C010000 jnz qsr.00404DEC
# g$ K& Z2 ]% v# [00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14] G$ \ v9 j- A: q
00404CD4 E8 87E3FFFF call qsr.00403060
6 x. K- H: P1 M8 n* b3 \00404CD9 51 push ecx4 V1 w: [! X! ^0 i( r$ d
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],05 p" Q! z. o/ ^. N8 W
00404CE2 8BCC mov ecx,esp
; E1 M, z% x \ I! [) F00404CE4 896424 14 mov dword ptr ss:[esp+14],esp+ j% t, r" @. f6 b
00404CE8 56 push esi4 e" L( g# i, g) Z' x
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0) h5 B b, T4 H5 y: A; ^
00404CEE 51 push ecx6 p5 o) }" [6 Y
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
5 A* _# g/ R* _0 R0 J4 L. c. q+ k00404CF4 8BCC mov ecx,esp
- R+ R+ ?$ \) [) i00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
- f. b% q( F" m$ W00404CFA 57 push edi
+ Y1 W& D+ V( r5 h: f3 D1 k) \00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
- Y4 m. t9 d# U/ b% W+ f" d6 a5 \00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 L" \0 r; b8 m7 A8 t @/ X
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
. y! B9 P; ]: B: o6 W! w8 N, f0 U* {00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~% F" m1 S. i6 X+ ?! T/ ~% \ ~
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
" R0 _- O4 r& h. I" ]* n& u00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
$ \+ B, g m) E! P7 f* L3 N00404D12 6A 40 push 40
! Z; P8 O1 C+ x9 V" x' C' ^8 X00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"& D) g) M3 N( Z8 j0 G4 e- b
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
+ @, A, ~8 v) Z+ i( G. T00404D1E 8BCD mov ecx,ebp
, D9 @, Q( M4 r/ Y3 ]00404D20 E8 50840200 call qsr.0042D175( f9 S2 G5 T* H5 g l' Z6 [
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
7 }% n; t9 O8 g) g- T$ p00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
7 W/ t4 m+ I9 u1 a2 N00404D31 E8 5AE3FFFF call qsr.004030906 n/ o. u# Y$ ~9 j5 _1 B i
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]' w" Y" ?# ?$ a& f( [# Y
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
! e9 b/ S6 g) y: c: m- f00404D41 5F pop edi
1 G; `6 B" C! q/ R+ A' R00404D42 5E pop esi. ^7 g% W- A8 a% b
00404D43 5D pop ebp
+ c% g) B* {) \; v3 S+ c! a' D( e# Z00404D44 5B pop ebx/ K8 H* O, I4 A7 f6 H, [% w
00404D45 83C4 18 add esp,18
+ O, ^8 b! M+ _$ F1 H" H; r00404D48 C3 retn
! O3 o+ K R& s8 Y8 i7 u8 K, B*********************************************************************************************************************************************************: P2 |" b$ U) b- B' T
跟进00404D09处CALL来到:1 m* ~$ J5 t! H! v- s
004030A0 6A FF push -1 //一路F8下去~~~~; b) P2 L9 ]" z: I2 a1 s: d1 s' F$ @ X
004030A2 68 C88F4400 push qsr.00448FC8
5 b5 r' Q0 S! p# B004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
/ ?- r: s( H1 K0 S z004030AD 50 push eax
D$ D7 u4 ^- ~2 A8 M) R# p$ A004030AE 64:8925 0000000>mov dword ptr fs:[0],esp$ x( g+ x" E! C; `0 E: L7 Q
004030B5 83EC 24 sub esp,24
4 |3 C1 o. k5 b5 f004030B8 53 push ebx8 \5 Z, m$ l! |! ]6 d! K+ p
004030B9 55 push ebp
" }1 B; ~' [+ P% C+ B, i5 ?& l4 z* M004030BA 56 push esi8 M( p& K# k4 |* @1 L h, s. I! c
004030BB 57 push edi: V) j7 i4 w, K- e# |
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"8 s, C% R* u2 a1 L7 W/ }1 ` C
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
# C/ R/ @) ` [6 H& G004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1& z# {# D8 g r6 b. M7 O+ d
004030CD E8 27C40200 call qsr.0042F4F9
' f( ^4 Q/ g! H& j( X. L6 Q- d004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]" M2 j( C1 [+ z1 o- z( H# k
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
. z$ _+ S- d3 E% F, q3 }004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
8 x/ q# q! ~0 F004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
: w' T3 r9 |: n" ?5 h004030E4 E8 905A0200 call qsr.00428B799 N! w0 w7 ?: j- X9 A' ]' |
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
, M, N/ L# V# f' ~9 m& W$ p: c004030ED E8 3B5A0200 call qsr.00428B2D
% ~, N0 [9 q0 K' A" S004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ J+ p$ @ F* C& G8 G3 P) E+ d004030F6 E8 7E5A0200 call qsr.00428B79
5 |+ v/ E- Z) A' }2 [; V- D4 G004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]6 J7 N |9 [" [, k
004030FF E8 295A0200 call qsr.00428B2D5 i- ?' Y4 K4 h* I% i% V
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
# w& d8 x2 p, R0 m( A2 N- K3 B00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]% q3 Y& v- y4 C5 e2 p# P
0040310B 83F8 02 cmp eax,2
3 D6 |+ ]) ?, `; w/ O$ ]0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
+ s: S* h6 @3 [( I0 F00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]# M' `6 R2 w: W
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
( { u! ^; D5 S' f2 B+ Z0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳' H& O6 o0 R' s; ?6 |' L
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
( ~0 T- f3 G5 o5 r! H1 P* P | [00403126 6A 01 push 1
* j0 {: G( s: G7 G c6 A00403128 50 push eax
% A) R0 }. \) ?: t00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! ?9 Z7 n3 [+ u( r) p! }0040312D E8 C4550200 call qsr.004286F64 O6 s2 |2 k' s/ R, ~1 r+ U7 V
00403132 8B00 mov eax,dword ptr ds:[eax]. r& E _* y' y8 A T
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]" l0 H2 P P" \% J' F
00403138 50 push eax
" y8 a; j- O2 P; u7 B: y$ x$ J00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
X; U' {" O- x/ ~, E: w! x# E0040313E E8 4D560200 call qsr.00428790
8 O8 R0 x. O k) G& A1 p6 ~00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
0 v# r+ W4 Q9 n2 F/ x" M00403147 8BF0 mov esi,eax
" u2 q& o# h5 s2 a( M/ U$ r n00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3. ^$ J0 d/ D, r# b7 [7 g1 q8 ?
0040314E E8 38C30200 call qsr.0042F48B
- i+ M, }$ r7 a: }9 c! o, s8 _2 H: _00403153 8D46 0A lea eax,dword ptr ds:[esi+A]1 T8 [; c& n: P' g Q( @* Z
00403156 B9 3E000000 mov ecx,3E# J( X. t) g4 Y/ [! Y% f
0040315B 99 cdq8 c8 C1 E) _' C
0040315C F7F9 idiv ecx, V" e9 F$ R' c: z: `
0040315E 6A 01 push 1
8 f; z3 A( r) p+ b9 j+ @00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]# X( k6 x* o& ^; c0 t
00403164 8BF2 mov esi,edx
5 k1 E4 b. N, x$ k: U. z! A00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
5 n' V5 G6 O7 \+ f' X+ y8 z6 b0040316A 52 push edx
7 N/ C- m% q- } X2 ]$ d0040316B E8 0A550200 call qsr.0042867A
6 {! G0 r, r) c0 Q00403170 8B00 mov eax,dword ptr ds:[eax], Z8 m0 e/ E( v+ k- v. l6 Q
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]1 v+ y# \+ V- V$ r2 o: K" N
00403176 50 push eax
z, j2 s7 x. I# l9 B, F' Z g/ e00403177 C64424 40 05 mov byte ptr ss:[esp+40],52 O0 {7 d5 q. v1 w" t
0040317C E8 0F560200 call qsr.00428790' A4 `. f( S( t+ M
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ O [ y' F6 b+ Z5 l/ n00403185 8BF8 mov edi,eax0 }8 m- E5 E3 r- A* P! d$ ?/ ]
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3* L2 h9 G3 v0 P4 T% D+ v
0040318C E8 FAC20200 call qsr.0042F48B) u4 S8 D6 G. {5 ^ h s0 N/ C
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]/ K" O0 X) U( X! ~9 C2 N* o, d2 R
00403194 B9 3E000000 mov ecx,3E
l, m3 N/ L. q* G, @6 ]00403199 99 cdq/ ^3 F) h* d6 V* H! I) P5 L# c
0040319A F7F9 idiv ecx1 T$ T. A$ ?% ?, ^
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
+ |( B6 B& [7 g- c' j& y004031A1 894424 28 mov dword ptr ss:[esp+28],eax' s* M0 i- _+ Z. Z; I' P
004031A5 8BCA mov ecx,edx
9 R' t8 w( |; I, ^! s9 ~004031A7 894424 24 mov dword ptr ss:[esp+24],eax
1 g3 g5 }9 P2 a$ U3 C" d9 ` o004031AB 894424 1C mov dword ptr ss:[esp+1C],eax, n9 u/ z& P5 H3 s0 ~2 x. b) b
004031AF 894424 18 mov dword ptr ss:[esp+18],eax0 N7 d, P( s, ^8 k! O
004031B3 894424 14 mov dword ptr ss:[esp+14],eax! r7 q' j' G! E, Y" b
004031B7 894424 10 mov dword ptr ss:[esp+10],eax8 S) r2 i; j2 x6 R& C
004031BB 8BC1 mov eax,ecx( X# J$ _* t/ W* z! m; x4 V
004031BD BF 0A000000 mov edi,0A
/ o1 `; \/ a& _- Y2 q! v004031C2 99 cdq
/ h+ N! z( \; Z3 e3 p004031C3 F7FF idiv edi+ L: B7 q! e% T: S) `5 V+ O s5 H
004031C5 8BC1 mov eax,ecx6 L8 c7 n. r0 f+ D
004031C7 B3 0B mov bl,0B
+ Z5 T3 U( @/ W/ i! e2 y3 |4 V004031C9 0FAFC1 imul eax,ecx
8 H) i# s E8 {$ _( e004031CC 8BCF mov ecx,edi6 G: H. y9 D# y% O! A T- b* O- P2 r
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
. S0 U+ K; j) J$ k8 n! n" x) e$ H004031D2 52 push edx/ g" Q j) p( t7 c( \
004031D3 99 cdq
" |0 J8 S9 j+ Z004031D4 F7F9 idiv ecx
, X {+ F: ]" d$ r0 t2 x$ ^/ k004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]8 M# Y7 Z) n5 {9 G) k3 O4 x* p! {
004031DD 2BC6 sub eax,esi1 h5 n: g9 @* k7 j% q4 T5 D
004031DF 52 push edx
- H, f) N0 K; O3 s2 `1 ]/ F4 J) G004031E0 99 cdq( ~- p, ]0 \( d& a$ }; C: t: H
004031E1 F7F9 idiv ecx
2 D i9 R6 ^* u* D) Z+ L004031E3 8BC6 mov eax,esi6 N: ~( ^' B; W9 H
004031E5 52 push edx% A' [) h4 {* ^( D+ }8 @
004031E6 99 cdq0 @$ o: R3 a* s+ D% O6 Z3 ~0 T. L% [
004031E7 F7F9 idiv ecx
0 @7 C5 x9 q: Q M9 v( g004031E9 52 push edx4 R( P6 Y) w! X% _4 x2 n) U
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
: v: ?/ e! @; E1 S7 P* s004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"8 B. ]9 |1 y. @+ q7 V, |
004031F3 52 push edx z5 n+ ^/ R. Q' P+ ]
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
! |; H: o6 ? x' I004031F9 83C4 18 add esp,18
- W! l' L( S9 P- N004031FC 6A 04 push 4, d/ z# f- ?7 p2 b
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]: s5 S+ n- I0 B0 {+ x/ E/ t2 |
00403202 6A 00 push 03 I4 }( u8 y% v9 t; r L/ j- ^
00403204 50 push eax6 z' |: b; O+ W
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: {' s* O. t$ b$ J i
00403209 E8 D6530200 call qsr.004285E45 y( |% c: p, d( d2 _$ {4 B
0040320E 50 push eax
( A3 \) j% O, O8 X0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]. I3 v) P" D+ y+ }! [
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C! P) h; {/ K2 u6 `6 L; t
00403218 E8 A7C30200 call qsr.0042F5C41 Q# v0 l6 I; W' b
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# F+ S0 b% w6 `$ A; B00403221 885C24 3C mov byte ptr ss:[esp+3C],bl) ?7 [: c& n, M% k) |# K3 G! a
00403225 E8 61C20200 call qsr.0042F48B% J# M+ z3 k) l- T
0040322A 6A 04 push 4+ ?; Q/ _; i" i, I* f. c" t
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
; z0 d. M8 t; G& ]$ n- }% V5 P A8 j00403230 6A 05 push 5# j. J0 w+ M! h% d: }+ e
00403232 51 push ecx+ i7 ~/ t: C" G" Y: k
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. s/ \$ @ r* j- m; }- l00403237 E8 A8530200 call qsr.004285E4/ W8 r f5 a' Y. r3 `3 }$ P
0040323C 50 push eax
0 y: E& ^# H5 r# G2 }) f0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' g3 y+ V% D9 C# f* N9 A
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D# d9 s" _+ o' c2 G
00403246 E8 79C30200 call qsr.0042F5C4
4 [1 H/ Z9 T; |) I' f1 H+ ^4 M0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
/ K* R0 \* W! D' [3 ~; ~0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl7 }7 I5 k" x7 E4 ]
00403253 E8 33C20200 call qsr.0042F48B
7 O9 A. Y6 e. X. ]00403258 6A 04 push 4
+ y1 K# u1 H6 A0 Q2 X; o1 S$ h1 v# h; Q6 M/ D0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]( [: L, P* w5 K; |; f8 l( `3 U
0040325E 57 push edi1 U# n( ], g! \- k3 @
0040325F 52 push edx
$ T5 n" J' u" Y: j6 n; @, x00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
1 A5 Q4 r- r8 p4 b" }) O00403264 E8 7B530200 call qsr.004285E4& `2 J% M& U. C% v5 Q z0 l4 G% q8 N
00403269 50 push eax( z1 d& N5 n- J- q( x8 [
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
8 H+ h# u* J' K/ [+ w1 ~9 K- C0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E! f8 P: E2 y: d3 @5 Z5 h
00403273 E8 4CC30200 call qsr.0042F5C40 v5 O/ E0 h# |: s0 E
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]( B v; e6 G" ^. y- g$ |1 K& V0 r
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl+ \0 a8 \, n% i1 G# W9 v1 z& s
00403280 E8 06C20200 call qsr.0042F48B# S! x, S3 \0 c8 D" Q: a! b0 q1 ?
00403285 6A 04 push 4' G5 o; @0 d) K% p$ U9 q. E. |9 w
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
2 Z2 Y: y- W0 w; E0040328B 6A 0F push 0F
* j8 U- K: f/ D( r, n7 d0040328D 50 push eax
+ f/ ^8 X X5 T* n: I9 n% i6 |0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ c0 d. d( ]/ r' ?" {) |. [: \00403292 E8 4D530200 call qsr.004285E4% k+ ^; N6 h& ]0 t! N' q: b) l0 X4 r+ B
00403297 50 push eax" l$ p! R+ l4 \& v: m
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, D+ T# U$ h# n2 X0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F* C, a6 S8 |0 q6 o
004032A1 E8 1EC30200 call qsr.0042F5C4
& Q5 L6 f6 v2 u/ {$ j5 A( U% G5 ~004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ \/ a; k0 ^" e+ S6 \9 h004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl0 l( N5 b& y5 v9 N/ b* I
004032AE E8 D8C10200 call qsr.0042F48B4 F) L7 _9 U1 F) B
004032B3 6A 04 push 4
5 s& J( r U, k* V% v' I+ S004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
% G) Z+ L5 v2 x3 s( s8 h6 x004032B9 6A 14 push 14) ^! g; O/ e; R5 x' z
004032BB 51 push ecx3 p* S% [: L# N. a( \
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
; `1 f! @) r3 P. w. D2 @" x004032C0 E8 1F530200 call qsr.004285E4
{3 z1 b- X7 m- F9 X9 U- X" M. z004032C5 50 push eax
; o2 T+ u& d+ T( h004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]0 W/ ] ]" Z& j4 l/ t; C9 G
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
: p, D( O; \3 [0 |4 G7 }. m004032CF E8 F0C20200 call qsr.0042F5C49 p9 n6 A7 o) o& |* X* `
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ E: T. Z. ~' i9 u9 c1 G: O004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
% F, W$ F$ c5 B! v* ^) {004032DC E8 AAC10200 call qsr.0042F48B
, A1 N' v. C$ A004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI% w" q, u9 L4 q, B- y
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX4 G( o1 t+ Z: j- }8 r- |) K
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
$ p2 u: F! L+ _3 H) {/ z# ^004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
! K; I6 m% g' p; ~) `004032ED 8ACA mov cl,dl ; DL送CL9 k. d" J; u" Q2 w3 x$ O. |
004032EF 3AD3 cmp dl,bl ; DL和BL比较
4 g$ E0 J0 w' C0 |! L. W. X004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
. H( k& E. E5 r8 ~8 l8 }5 u) u3 B004032F3 84C9 test cl,cl
4 z+ I/ m" r! k004032F5 74 16 je short qsr.0040330D
: c$ Q+ ~- c2 g/ g004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL( N; V) }4 h% [& B' ~+ P
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL( p/ D* C* `5 R) g; q. ?$ h& T. N
004032FD 8ACA mov cl,dl0 s9 W. F, c0 @5 H4 `4 N
004032FF 3AD3 cmp dl,bl ; DL和BL比较
2 J2 f9 v& f+ Q. b3 p/ X( q00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
# N* B' v! ~5 M) Z00403303 83C0 02 add eax,2 ; EAX加2
# v# K0 u9 P( Z& a4 @3 H) B00403306 83C6 02 add esi,2 ; ESI加2/ _3 z- l7 v0 C0 y
00403309 84C9 test cl,cl
3 N4 Q& _# N4 r+ X# \! D; j; Q0040330B ^ 75 DC jnz short qsr.004032E9) O7 i2 J5 x4 _8 F" ]
0040330D 33C0 xor eax,eax R- _0 u. W. M( l3 T: u3 ?7 C
0040330F EB 05 jmp short qsr.00403316
3 t0 r; }$ ~/ p, C: n00403311 1BC0 sbb eax,eax3 x/ o' R. N4 y8 U
00403313 83D8 FF sbb eax,-17 v6 B. W- P+ n, D
00403316 85C0 test eax,eax
0 \8 \/ M0 ^! j6 Y/ d/ d! O00403318 74 0E je short qsr.00403328* h( r: x x) D3 ~9 a3 \* O
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A% M5 Z) y2 b( p8 c
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
3 ^ l+ O6 a5 {' g4 o9 \00403323 E9 F0000000 jmp qsr.00403418& z( m+ W5 P/ }
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
8 }% L/ \5 K9 i* { U$ x5 s# _* k0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ |- {4 M* y8 u) ~4 _: e# e00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
/ T) E4 e$ a. q/ {00403333 50 push eax
; J( C# L/ H5 h# b3 E, w00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX/ Z' i/ J1 u9 w6 [
00403339 50 push eax
" @3 w* \. _( r, t1 B0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
3 K g! x/ r& J/ r) z* ?0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX4 z: }" Y7 _$ | @- X; K$ ^4 p
00403343 83C4 04 add esp,4; f: [/ K t/ B. N
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
+ G" D8 C7 j7 k) y5 a: `00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]1 k% [$ J0 z# B2 y" v/ @2 b
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
9 L& `5 [' A# C' @! a0040334F 50 push eax% @# C. ?, W; `" b) a% r
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX* F4 v0 b7 O1 `7 c9 k: U3 G
00403355 50 push eax
& `$ F/ v" h. ?) `0 _; V00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
% [( K9 N: Q" ~, ]: @0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
! ?6 \3 q$ g/ a8 R0040335F 83C4 04 add esp,4
6 \7 @2 \! x# u+ }$ S00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI; J/ _% a6 q4 p0 M* o7 ]
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
& z1 ]# m3 m1 m0 _8 U* H* _3 ?3 J3 [00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
2 c2 G# K8 ?- Z: a& T0040336B 50 push eax
, |' I; t7 D) K/ A0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
0 L$ }* [' { j00403371 50 push eax
3 L3 N0 R! K6 M/ U) ?, l/ D00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
4 `" f; W8 F h: O, i& v00403377 8BD8 mov ebx,eax ; EAX送EBX7 ^/ r! ~, j. D: d2 \' Z9 ~5 n( g7 v# B
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX5 u- n( j3 K d5 t. o3 L+ v8 R5 i
0040337D 83C4 04 add esp,4. U4 |6 Q- o9 E, k& c) [6 g
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
8 K, z5 d* x( o% m7 A, m00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]% I; [" `3 b% M; f; z: ^7 n
00403387 50 push eax
" v* z- O/ U2 t' H4 ]00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
# E ?. c$ I0 F1 f0040338D 50 push eax
, l/ h/ n% d. V: l' r# M+ p* s0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
0 i2 b7 Y& P* p( D( a00403393 83C4 04 add esp,4
8 ]) b- @/ [0 P* h4 V* p, [- I0 a00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" c0 H4 e- \! U: t6 N0040339A 8BE8 mov ebp,eax ; EAX送EBP% y6 D( }$ J6 S
0040339C 6A FF push -1
7 j7 S# p4 S8 u& t0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
9 W, Q K5 `+ I, f6 ~6 Q; ^004033A3 6A FF push -18 ?- q, r2 N5 _. I
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX% B3 d) p! ^! ~2 k( r3 N. E J
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
" h" w j% l Q: O9 h004033AE 6A FF push -13 j- G8 ]2 C5 ?6 S' ] c; c
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
( M1 x- R; d6 S# u, O/ f: ~004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX. B; j, _3 O! P! f
004033B9 6A FF push -1( R& U" f7 l4 n. v
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
( M+ U1 m3 n+ k6 B- w) Q004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX- O: w8 Z+ c2 s5 ^0 p! G) C
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX; s7 N) @4 e* ?
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
$ f0 Z/ C, @; y1 o/ v T004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX2 T( @+ p) I" T" c
004033D7 D1E0 shl eax,1 ; EAX左移1位7 {3 a& _& O$ |
004033D9 99 cdq ; EAX扩展
6 {: _) I6 X% r004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
0 \- P/ h7 B: N1 v1 A# I. Z004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
& s' `% y# D; U3 k004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
; U% z5 `3 h7 n# y! T! X004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A$ L9 Z; _! X9 C! y' s# a7 t8 a
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]* d6 v: j* `- _
004033E9 EB 2D jmp short qsr.00403418
1 [4 C: f" B% g% ] [004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX$ e% O0 o' a# V" v
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2( W" E4 |& ?7 p8 C
004033F7 99 cdq ; EBX扩展
) t5 l! `7 {1 e( n* b. s004033F8 33C2 xor eax,edx ; EAX和EDX取异或
/ T+ d) w+ H0 _/ I/ U% R004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX, o( }- c+ B- H; c4 ]) Z; P/ G6 G, M
004033FF 2BC2 sub eax,edx ; EAX减去EDX3 A( F6 Y5 e8 A$ c/ c- h) J
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
" B7 Q8 R& Q y; C00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
3 S) y# a) e) ~00403409 99 cdq% i+ k* \) V( J5 r4 T- B5 `+ N$ F1 \
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
0 J0 j4 ^6 J% Y7 K2 H0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX- m" l* G& B: p' }3 M9 c. i
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较3 ]8 j" a6 v3 ^# D
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)2 j: B: C+ W5 p: g2 j
00403418 E8 6EC00200 call qsr.0042F48B ;
8 `/ A5 y! ]6 r, Z! n0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& A; Z) n$ u$ c; H: s
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9. d! q4 o5 G& P# j) \9 e1 V7 N6 P
00403426 E8 60C00200 call qsr.0042F48B
* p( U: F1 z/ K; j& g( ]1 C* y0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 P/ v5 r3 y h7 @/ B
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
& I0 e/ p# S: U6 E1 d; D00403434 E8 52C00200 call qsr.0042F48B
4 g a* x4 u" i f1 i- q7 @00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 N2 i, N: L% U @5 \" H6 Q
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
8 s8 s! b) G: i00403442 E8 44C00200 call qsr.0042F48B
- @* z' h( A; b1 p00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]: h& X, ^7 b) o8 @' g
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6! Q3 J6 ~9 R' j) h/ r' m( P
00403450 E8 36C00200 call qsr.0042F48B
8 V0 _& D+ y3 g3 d2 L- C/ N; [00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
3 B Y* k6 z/ r4 N, c2 P00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
* m8 K# R$ X* s# q& G0040345E E8 28C00200 call qsr.0042F48B
/ A" Y2 s; v4 o3 d# b00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]) ^ W& }3 Y; l
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],28 [# V5 R% t: s/ ~
0040346C E8 1AC00200 call qsr.0042F48B% n0 }& y# U; b- s
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
0 f5 s% H# s# o9 C2 j5 g1 P y00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
0 |9 T8 _$ B. M0040347A E8 0CC00200 call qsr.0042F48B
& v7 m d) C* R3 I( D0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
% F8 f+ H& B3 O. W* F0 {00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
# f# p. S& {% J: A00403488 E8 FEBF0200 call qsr.0042F48B
0 T9 h+ \& k$ r0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]) _+ z0 C* l( v4 M7 d) s3 g
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1% W8 o, Y# u: p9 l
00403499 E8 EDBF0200 call qsr.0042F48B
5 B# g( J3 a P" X, E4 d1 P/ c4 v0040349E 32C0 xor al,al ; AL清0% S; n& E# u: \' I4 [
004034A0 E9 88000000 jmp qsr.0040352D
. y" V) H0 }! i1 T/ A. e: r004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~6 t' p9 [# c6 W8 C
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
7 F% Q" e" m: w% s7 U2 B+ j004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9: `6 U: u3 T) R0 h6 }5 Y) m
004034B3 E8 D3BF0200 call qsr.0042F48B% t$ L! |' p) J; u; Q/ x0 x H
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
7 I) p: W' H3 U3 C3 N% K004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
" U* x" B% I. P: ?" ~004034C1 E8 C5BF0200 call qsr.0042F48B
2 Z2 ~7 Q2 v5 N004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
) M( s5 c5 O G9 w+ u/ z3 e5 t004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
`- @! }& X" D/ k& H, w004034CF E8 B7BF0200 call qsr.0042F48B- ^8 |7 p T! q/ f! s
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
) \7 m) g% x( o004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
# w5 g$ U! G i6 r004034DD E8 A9BF0200 call qsr.0042F48B$ q( I8 C8 T9 z0 k! N) k
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]6 P4 A9 E6 C a. M# }9 H6 A
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3; L% x4 T1 |, |7 X6 X |! e3 M
004034EB E8 9BBF0200 call qsr.0042F48B
4 a0 D' K% u1 C* \0 N. o0 J- \004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
( `+ Z: G D' k8 f004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
1 Y5 W* ?% u5 R- Z0 |5 G3 Q. V004034F9 E8 8DBF0200 call qsr.0042F48B
; m: E& v8 I4 C) P+ T/ Q004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]: Y, p; R; o' [! E
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],17 d- C5 m( [/ O/ y# A; T
00403507 E8 7FBF0200 call qsr.0042F48B5 u* e, B0 f; `% @! g* W
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
" } A, p7 Y( _4 _& b: ?00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
9 n; l2 j0 z6 m7 R00403515 E8 71BF0200 call qsr.0042F48B- a2 P) E5 X' W# V4 e- F
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]) C( I8 r" W7 b/ g# V5 i
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1" u( ?+ T: R9 M' Y% e
00403526 E8 60BF0200 call qsr.0042F48B
% h/ n0 s& {: @" o" O0040352B B0 01 mov al,1, g% _4 D G3 [7 F. P
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
6 Y1 |: y' d, ]- d: |00403531 5F pop edi6 W$ c$ [* a8 _! I+ J0 m" Z# l: e
00403532 5E pop esi" v2 |* ^7 c# {1 h f
00403533 5D pop ebp
0 v+ K" P8 h7 P00403534 5B pop ebx
' ~8 I: x3 N& V' b# t: d00403535 64:890D 0000000>mov dword ptr fs:[0],ecx1 S0 f; s* l! Z# W0 v6 ~+ A9 }
0040353C 83C4 30 add esp,30' f9 R! {- w( M4 m: q
0040353F C2 0800 retn 8
+ o5 u; `, T1 l- h0 h. N/ l) c--------------------------------------------------------------------------------
0 e, O! k; X5 }+ O' g" ^【破解总结】* l7 }* q3 v! j; W: Z' V) F( l5 v
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^7 {) Y, m U2 t
用户名:yijun
/ y* U z; M* f; e* O3 t4 {6 |注册码:4893*7777*3726*7777*05299 c$ P/ W, E% O3 \: `7 h+ A" z
--------------------------------------------------------------------------------
0 b+ P, r. e; F* x" d: p, C【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡