|
|
|
【原创】破解Quick Screen Recorder
: \0 g8 l! u1 j5 ^【破解作者】 yijun
3 {7 |& t& }" y) W8 l5 K+ R `【作者邮箱】 [email protected]* _' J ~5 U- h, C
【使用工具】 OD,PEID
! l# R# ]4 R- s a【破解平台】 WinXP
8 a1 d3 q" S4 i8 \【软件名称】 Quick Screen Recorder
; F! E4 x3 x& y: c B- P【下载地址】 天空
% o) q- [& H+ X6 B1 j" g& ^【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. : J; {" @; }' @$ a* S, V
【软件大小】 540K
6 H1 I! q5 m* E7 `( T【加壳方式】 无& r* M# W5 }1 U4 J, K7 a3 B# B
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)4 _6 n9 J3 {2 P# H! V: i
--------------------------------------------------------------------------------
! d1 K* B' B! Z/ e C0 V7 E! u【破解内容】
4 M" a( y7 f) c" u5 Y PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
9 X9 ~2 P/ U& B% H s. G4 B00404C69 55 push ebp //在此下断" P: I5 { i" r+ f( g; c
00404C6A 56 push esi
$ k8 m0 ?7 y _! K00404C6B 57 push edi
. o2 Z! K+ x3 m5 e7 w00404C6C 8BE9 mov ebp,ecx
, V0 e3 b9 O1 g00404C6E 6A 01 push 1: ` l; |# N1 k, L9 V
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名( b7 p: w( w5 g/ P5 W& E+ @* @
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]# L# C$ l1 M: |' r
00404C78 8BCF mov ecx,edi
/ J1 z7 z. u# ^ p, G. m4 S2 b00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
, I6 I. T8 y( i& T0 `7 ^* Y00404C7F 8BCF mov ecx,edi
6 g t( ]/ X: I& Q) V00404C81 E8 A73E0200 call qsr.00428B2D
. r) X% W4 }1 i+ Z+ e00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
$ b7 z2 W/ V$ `! V6 V4 v' ]00404C89 8BCE mov ecx,esi) J& l, d2 j+ r3 P( N$ A
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX9 F" W' B9 M& `" Q2 Z, P5 ?2 k
00404C90 8BCE mov ecx,esi) m9 I9 y5 V: |6 i7 _5 N
00404C92 E8 963E0200 call qsr.00428B2D
+ i O2 ]) \( b00404C97 8B06 mov eax,dword ptr ds:[esi]7 u4 D* l5 W0 w1 i: H
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
: Q- Q8 q+ i& A" ~' K' t00404C9D 7D 26 jge short qsr.00404CC5
0 s1 q4 P# ~' B( @* u2 P, _. ?00404C9F 6A 40 push 403 ~* ]8 Q( U* }- f% g" J: x1 W1 ]6 v
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
" h/ Z1 I4 g& k; h& X, y8 ]$ j00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
6 }5 R# w* V$ L7 ~00404CAB 8BCD mov ecx,ebp* z2 T* p. @/ j6 S
00404CAD E8 C3840200 call qsr.0042D175
: q# a5 ~9 q# W4 N00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]8 E3 h! r: l& a" p/ w' Z8 R% H
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx! J! B1 Z. [/ `4 t) f
00404CBD 5F pop edi
& G; G* b0 C: i( q00404CBE 5E pop esi
2 l& X( A( O0 e* m& [# s; g. d00404CBF 5D pop ebp
5 U" U( _4 K( `5 z00404CC0 5B pop ebx# y( F$ `: [1 [7 E) _
00404CC1 83C4 18 add esp,18) w# ?% s' ]) N3 A- n" `8 G
00404CC4 C3 retn: t( X; Z- } v Y$ C" m3 p; `7 Q
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]7 m* |& H8 V$ B0 ]) A' z
00404CC8 84C0 test al,al
/ s- Q1 V& t, _00404CCA 0F85 1C010000 jnz qsr.00404DEC
( l/ X. u( D) }2 B+ j. v00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" \% P/ c8 S5 ~; g( b00404CD4 E8 87E3FFFF call qsr.00403060
1 Q; ?4 u3 o% S' w5 \/ ?# q00404CD9 51 push ecx( ?* e. n* {1 C% J/ T/ e
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
( R/ C4 n. i/ O5 z1 w' v: ~) f00404CE2 8BCC mov ecx,esp
5 I. k. v' _. [& R( Z6 S00404CE4 896424 14 mov dword ptr ss:[esp+14],esp) F& U9 K9 w5 f# S& G+ k/ r
00404CE8 56 push esi; J7 A3 g8 {; s+ Y3 A' z' g
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0! x! d7 Z. P9 M" h
00404CEE 51 push ecx- ~8 r0 v* d$ m- n% w; C9 I1 F; l
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1# _# t' E0 T6 U+ O
00404CF4 8BCC mov ecx,esp
G) ~# s: r5 Y! \4 {+ P4 e7 B0 P00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
' l3 f. D6 z/ T' z+ L% y( E00404CFA 57 push edi( k, ]: T1 C( \1 v4 Z! t. i
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0: ?5 m4 [3 a/ r$ r: F5 Y
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]# T6 X" R6 ?2 K0 x/ d% b( u
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
9 |/ B4 A7 f/ o00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~/ @% \% w1 F8 i% \6 d; V# ^
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~- t- z1 n$ U* K( ^- [
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~ W" b7 Y5 H4 ~
00404D12 6A 40 push 40 \ f. Z7 O% p/ c* E7 ^7 k
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"5 a; j0 c7 q5 H7 A, @
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again.", X( Z: \: t1 h. E
00404D1E 8BCD mov ecx,ebp2 \$ k/ W) O; L7 ]
00404D20 E8 50840200 call qsr.0042D175# M- A+ {) M' L _5 H
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]9 s4 @9 `8 O) p w: {/ ~/ A
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1+ t5 f* B5 S. j, O
00404D31 E8 5AE3FFFF call qsr.004030901 t6 v ?$ Y1 U
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C], [& O2 m+ g! h" g2 J$ H/ E6 O
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx. p# h& P" `1 y' S5 C
00404D41 5F pop edi6 J; N3 w' W7 d) h6 a
00404D42 5E pop esi: M* J2 z" n! c. T3 {2 n' y9 o
00404D43 5D pop ebp
6 w7 }7 Q. h9 p& l! {00404D44 5B pop ebx0 j7 w p" ]1 [# @1 k! g- S/ d7 F6 {
00404D45 83C4 18 add esp,18
, V& R1 N8 l; ?; l2 r7 s. p4 d% H00404D48 C3 retn7 f- }' q2 Y2 F$ G. ^" [% s- h, S
*********************************************************************************************************************************************************
' [5 z1 K; h1 Q% [! P跟进00404D09处CALL来到:* {% U3 _3 Q; @
004030A0 6A FF push -1 //一路F8下去~~~~
" Y9 V) D& G" R" O: B8 o004030A2 68 C88F4400 push qsr.00448FC8# H! m- b7 H" f
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]5 T7 M/ B: i9 b& z% T
004030AD 50 push eax* q# ^+ L0 B. ~# M: |/ g2 X) L5 g1 q
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
( n9 D/ a/ s; r004030B5 83EC 24 sub esp,24
/ t$ T9 `3 I- ~* ?$ u0 j004030B8 53 push ebx
& h; S' W( l8 m6 h& E# _& S: P% W004030B9 55 push ebp: X1 a- e8 }4 f4 _. U6 G6 @, Y
004030BA 56 push esi
7 k. @( |" c: F1 D! M) H2 f4 G. w004030BB 57 push edi
/ }& ^* y; T/ g; V" \* i004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
& Y/ P2 P$ w9 S# P& M9 n004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
" b0 j; u' O K2 j( L004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
( S o$ O6 r1 c' t* D004030CD E8 27C40200 call qsr.0042F4F9
# C. O0 a/ @9 K6 {% {004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]: G- b7 f6 ~) G2 `6 H6 S
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax5 q6 v9 z; g! ^" e* k# r
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]" ]6 e3 f5 p( c5 B5 L) d/ `
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3" ]6 l2 z6 r3 Y9 x/ U' d/ |0 q
004030E4 E8 905A0200 call qsr.00428B791 V- @ r/ v& h( T9 c3 C
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
+ W2 @! A0 @! X9 r% v8 D3 ?# O004030ED E8 3B5A0200 call qsr.00428B2D
$ N7 Y0 ^+ y0 |: C004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 Z' ~. r2 I, s5 D004030F6 E8 7E5A0200 call qsr.00428B79
( z @8 k* {- R. O9 i9 G6 P) V5 z004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]7 B2 F% {6 y- Y) ~9 Q
004030FF E8 295A0200 call qsr.00428B2D9 i* F9 ]/ c+ ]7 t% [
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
8 `4 A6 |+ a" s$ w00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8], |+ F! N, e- M9 _7 V
0040310B 83F8 02 cmp eax,2
! H. x0 M+ W/ y3 k0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳" z# B. X, b2 a, o! V9 h
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
4 t- O) V# o& ~' B/ B00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
" Z; T- \0 N& T' G0 A8 _& i0 b0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
: h1 S( a) r5 c00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]! k; E5 R8 U q+ l/ {! y/ f
00403126 6A 01 push 1 N- [- l1 e- V# s% g% j# {
00403128 50 push eax
& u4 V6 N% J% ? x00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
2 T2 l' _8 ?, O1 E% W& k0040312D E8 C4550200 call qsr.004286F6
& D" e; A; G2 ]( U" F9 b7 y) ~00403132 8B00 mov eax,dword ptr ds:[eax] L4 I. r" y% e) s
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
) \- W( o' k: n1 m: ~- e4 H, N00403138 50 push eax# ]) r2 B/ s& O5 ^3 @3 b
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
3 T+ R( W5 E6 U4 O; v" P/ ~; Q0040313E E8 4D560200 call qsr.00428790
+ _0 a9 A8 d9 k. ^00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
: S! S* w* `. T0 {00403147 8BF0 mov esi,eax4 q8 b7 p- E$ Q5 W) K
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
) G1 j0 R, o& a- ~0040314E E8 38C30200 call qsr.0042F48B
1 b9 g7 l1 H& B1 Z4 Z4 y00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
" O# o( X+ @3 ?+ ~ c+ T5 h00403156 B9 3E000000 mov ecx,3E
3 N9 Q* w! I, T$ S8 G) a0040315B 99 cdq/ ]6 k0 W$ Z2 A( T5 [! ?
0040315C F7F9 idiv ecx
; P7 P+ i% D x3 l+ i0040315E 6A 01 push 1& a# b* Y! G ]2 {, E, G' Y" ?8 n
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
, _6 y) n) b P* \1 I# G: f00403164 8BF2 mov esi,edx
" t( L$ T, }5 i @7 _; {$ z00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]) k. d2 w2 y% H6 t6 E) A
0040316A 52 push edx$ w9 }5 w+ s' k8 F: ^
0040316B E8 0A550200 call qsr.0042867A
8 f: i% V" s6 E00403170 8B00 mov eax,dword ptr ds:[eax]' V5 j6 {% W" I: {* X
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]" n% c, v4 p$ G* L; n2 Z0 R8 X; V
00403176 50 push eax
5 o: |7 G8 _: l00403177 C64424 40 05 mov byte ptr ss:[esp+40],54 Z c" ^( N8 r4 }8 G7 S
0040317C E8 0F560200 call qsr.00428790
$ A" Y, Y) j4 I2 ~7 W6 b% u3 i00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]! J$ @2 o4 ~) P- ~1 s$ O
00403185 8BF8 mov edi,eax
- u6 e4 J- a6 ^7 b5 T: J. [2 s00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
9 i& C3 D: F' S; A0040318C E8 FAC20200 call qsr.0042F48B
8 G$ H4 Q$ G7 _00403191 8D47 0A lea eax,dword ptr ds:[edi+A]7 l, M3 z" d6 a6 G: Y; ]
00403194 B9 3E000000 mov ecx,3E2 X; _) C6 B4 h7 T
00403199 99 cdq' B' U1 r4 A o7 q0 y
0040319A F7F9 idiv ecx
/ ?# W% a5 W4 z1 u" @0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
& a3 s# g' j7 V# H2 i- ?. t/ u+ F004031A1 894424 28 mov dword ptr ss:[esp+28],eax' q$ ^, }/ X5 S0 B2 ]3 Z2 _
004031A5 8BCA mov ecx,edx
& S3 f5 P K" q5 c4 a004031A7 894424 24 mov dword ptr ss:[esp+24],eax3 q* q. U# b4 U" z
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax# F- S) A1 t# R7 I$ ?, }, {
004031AF 894424 18 mov dword ptr ss:[esp+18],eax8 Q3 z6 u6 t/ t" M+ ^) v0 e5 M
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
+ }8 M3 h* Z% j% ^; i( b004031B7 894424 10 mov dword ptr ss:[esp+10],eax
' M+ [1 u& O) K. b& ^004031BB 8BC1 mov eax,ecx
\7 J0 R5 h" G$ ~/ r, q) l004031BD BF 0A000000 mov edi,0A: I T/ M! E( }" r Y$ U
004031C2 99 cdq5 \8 g7 R1 p6 L, K9 w" s3 Q
004031C3 F7FF idiv edi4 f/ I0 E2 }' v! C
004031C5 8BC1 mov eax,ecx
# b! `! ^8 O' A9 y004031C7 B3 0B mov bl,0B
; G" @& [. ^" H8 [7 s004031C9 0FAFC1 imul eax,ecx
( {) S: P1 Y5 l004031CC 8BCF mov ecx,edi
$ F: J2 @. t7 W6 p) r004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
1 K* G) e1 d+ i: U% E004031D2 52 push edx
$ i4 z$ c2 }! P+ N6 d2 Z5 _2 _004031D3 99 cdq- O& u. p6 L+ a6 L- \( D
004031D4 F7F9 idiv ecx
, h* y6 ~7 M/ b& g ~004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]/ d: p) E, A6 @" e9 t( }1 p6 t! d; z
004031DD 2BC6 sub eax,esi
7 ?( {$ U- z% Z4 c" Y+ U004031DF 52 push edx! t+ t( T; u: t- i2 e0 M1 W
004031E0 99 cdq
( c ^ [$ u4 u& u7 Q004031E1 F7F9 idiv ecx
. v% P: P: n E3 S% p7 P004031E3 8BC6 mov eax,esi
& h/ o- E, b! j7 G5 t, Q7 c5 S4 k004031E5 52 push edx
0 C* Y& e$ i% n004031E6 99 cdq3 M& q# f H# p8 L
004031E7 F7F9 idiv ecx- A+ f7 o# ]7 @4 m, F- a
004031E9 52 push edx+ X, M2 L8 a, l/ y9 N( {
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]0 K+ L T9 V9 D
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
9 ~( ? T& x$ {' k: [6 E4 Q004031F3 52 push edx
: o4 X l# V" G004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
$ j0 f9 s/ J0 H2 C, x004031F9 83C4 18 add esp,189 u9 Z! r U4 d
004031FC 6A 04 push 4
7 ^ S! S& E* n; p0 R. ?) k9 I004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]3 L c! p/ U* P6 w* F5 G
00403202 6A 00 push 0
3 O6 J4 L, v/ }1 A+ a+ m, x00403204 50 push eax
9 s0 q; ~3 A) W( ], j$ u00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 \* g2 s6 u! H* L. v2 b
00403209 E8 D6530200 call qsr.004285E4
! j7 p& M; H: ~1 ?& q0040320E 50 push eax
$ P) [% \: U4 p0 ~# ]0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
1 w9 [$ }: B% x9 O \( H00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
% |8 K9 F6 r1 G! [" s, e5 P: P00403218 E8 A7C30200 call qsr.0042F5C43 k9 J( z& D+ O8 I7 b8 {
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
* j: P' g4 y9 S00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
! ^ l) |6 Z- t& d( i! C00403225 E8 61C20200 call qsr.0042F48B( ^+ m8 ?1 @; O) `: }2 Y) F/ J
0040322A 6A 04 push 43 N a; a2 g, N
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]) {4 N# U9 K; l$ g8 y
00403230 6A 05 push 5
$ g6 C0 w. d. y: n2 F- i9 `00403232 51 push ecx0 y9 m+ F* ?- H# @2 N
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" A! B$ o; B$ d) L00403237 E8 A8530200 call qsr.004285E4$ f a# z7 T( b5 t& t
0040323C 50 push eax
4 v( t. X/ p3 j$ z4 U0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
+ g1 q) l2 M9 r00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D/ N* O z* m5 M* ~ J
00403246 E8 79C30200 call qsr.0042F5C4
z) U- M6 v* w& S8 G( c4 t0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]9 U% I3 b$ o. P6 k
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl% u. x" ]+ J- u1 ], B' Y: A
00403253 E8 33C20200 call qsr.0042F48B
4 ]3 F& M. ~+ |$ D% Z( |5 M00403258 6A 04 push 4
* A7 ]) b6 Y& e: c0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]* {; e7 O: S. Q- P2 q, |' M o
0040325E 57 push edi7 \( E+ \0 C" C4 N+ w. [& {
0040325F 52 push edx3 n `# @$ k! j6 p) @: o( V3 R
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]+ A0 b7 X* }- h0 B1 g5 ~+ t0 j
00403264 E8 7B530200 call qsr.004285E4
6 M. I( b9 M! v) U00403269 50 push eax
. X2 w6 Y, t- ^- e2 h% x0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]4 v2 s! s/ B% k( G, V- h
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
3 z: I8 z( c2 `* H8 P00403273 E8 4CC30200 call qsr.0042F5C47 c3 u9 o8 _" p y# S" W
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 ?! [; I) |- U1 J0 B% R& w! ?0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl' n1 k" X% R: W" q# I
00403280 E8 06C20200 call qsr.0042F48B9 p8 B0 C6 y6 l- N" V, _; g
00403285 6A 04 push 4
1 ~ o% X" m, ]# O( j2 W6 t# k0 A" Q00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
; U- Z# L* h. b* h$ r1 ]: a {6 G0040328B 6A 0F push 0F
; [6 Y# z+ C* ~9 q ]0040328D 50 push eax
+ U, o, U3 Y6 f2 \$ M6 m0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]1 B) b3 U7 c! G+ C- h3 l; E/ M
00403292 E8 4D530200 call qsr.004285E4
1 P: E A6 J$ [4 u00403297 50 push eax
, l- F% W) g, w: l00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
5 n8 t5 u9 T4 ~$ {, u0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F- C, J# |: @4 }, Z' n$ W8 p
004032A1 E8 1EC30200 call qsr.0042F5C4; K7 M9 W6 r+ N
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 c6 l4 Z& Z0 v% M2 v
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
^2 q! i# i$ D2 g004032AE E8 D8C10200 call qsr.0042F48B
7 A1 u& p3 }" Z004032B3 6A 04 push 4) Y7 `! L# A. c$ i3 s- x
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]2 w) n# v# \9 S1 v& X) C
004032B9 6A 14 push 14
+ n4 h3 ]" M9 c. ?, A" v4 J1 N004032BB 51 push ecx
/ L6 B2 Q' I) A. X- r004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: D6 |2 G; r/ ^) `$ M, T
004032C0 E8 1F530200 call qsr.004285E4$ }% c1 T3 @1 [ W$ f' u8 L1 h
004032C5 50 push eax8 ]6 G* v7 P1 B) r0 s
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* n0 |+ G/ J" q3 K6 W
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
3 m6 ~: \& J" g$ |, h004032CF E8 F0C20200 call qsr.0042F5C4
: N- @" J9 }" H7 X, y004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
+ |- L) L- v9 k004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl( c" e# X# ]% ?7 j
004032DC E8 AAC10200 call qsr.0042F48B
9 c( \/ i& _- l7 X6 S9 s004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI L- D5 w/ R- ~# g ^
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX) T, P* Q8 P9 ^( B+ W' @; C2 d
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL7 J3 y' d' M7 a
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL2 c, v- {# e3 q+ S" E
004032ED 8ACA mov cl,dl ; DL送CL. w/ V# @9 k0 |: z
004032EF 3AD3 cmp dl,bl ; DL和BL比较
# M2 M, d' ^4 c3 }, c9 Y004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
1 c1 q h% @/ ^( O! `$ b004032F3 84C9 test cl,cl) d5 o2 `: i. v0 k: Y! j
004032F5 74 16 je short qsr.0040330D
! Q3 @- _+ @) S8 g( O1 K {004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL, q" ?9 U& }% x9 w" t+ Q6 w
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL8 Y' B( T. L9 K% E0 l' `7 b
004032FD 8ACA mov cl,dl
8 Q* K) g+ I& y6 s. b+ c004032FF 3AD3 cmp dl,bl ; DL和BL比较
2 R( @1 D$ g- W7 @% D' k) u00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
3 ^& ?/ w7 ^& R6 @! h- E2 V q00403303 83C0 02 add eax,2 ; EAX加2
0 @, s# _. ~8 [9 K+ e1 {# a00403306 83C6 02 add esi,2 ; ESI加2
8 |3 ]) O9 R. [/ J8 U+ {7 t9 M) z00403309 84C9 test cl,cl
1 \) ^1 |9 K, P0 w0040330B ^ 75 DC jnz short qsr.004032E9
1 Y2 w; x+ | d- O J7 h0040330D 33C0 xor eax,eax
, O+ A! Z D9 |$ c0040330F EB 05 jmp short qsr.00403316, C+ o) t) b) [$ ~
00403311 1BC0 sbb eax,eax
' B( L/ s) t, _00403313 83D8 FF sbb eax,-1
0 }$ v3 W1 v* f$ l) Z00403316 85C0 test eax,eax* w9 B6 m R. i3 m8 V1 y4 ?8 `
00403318 74 0E je short qsr.004033281 m2 b) Y" V& D4 c- R
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A* C$ I. H! c1 }0 }0 K. ^3 I7 O8 z: Q) e0 h
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
& O$ O" ^: v* ^# m00403323 E9 F0000000 jmp qsr.004034180 p+ R/ Q. X5 R+ m; l9 \8 }
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
& `2 h. x* N1 M6 f6 O1 r* e7 b( ^0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: x9 a8 @# x% r. H0 }
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]! ]( T u$ ~5 j: r6 I1 U+ v T
00403333 50 push eax) E: g% p% R8 ~$ Z: C5 V, m
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
! ?' F8 ^1 l: F! Z00403339 50 push eax
8 \7 U! G) M0 d( J2 R: w. E0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX0 U2 x. Q6 Q( |
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
3 U' L V% H3 K3 Y: a: y( [00403343 83C4 04 add esp,4
0 y' F* ~8 n9 D# ~5 @3 Y00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI$ z8 q& R) N X R3 u/ ^
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
8 O" i! I! p8 A- l0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 g+ ^. O. a! h
0040334F 50 push eax
3 j7 h4 j8 h3 C) j m* n3 a00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX7 k$ ?( F% O1 ^( [
00403355 50 push eax
% \- `( O7 [# E7 r" ^( T, J00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX3 p( R) t) Q9 B1 C, u
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
$ n& X/ ?4 w6 ~& Y9 M8 Z) }0040335F 83C4 04 add esp,4# S; n, Q+ o( b' ]& d
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
m( Y& R/ Y; N5 A" y0 c* k8 |! |% g3 S00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" z6 @% D O( X00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
- j5 T" G; w5 z N0040336B 50 push eax# C3 m' W+ F4 T; ]& J2 T7 Z3 `' K
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX. y: g( Z& s0 }! ?1 o
00403371 50 push eax
' ~: j# f/ h$ O& F; _00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX, n3 J A0 K$ l) v& x; R5 Q3 v, M
00403377 8BD8 mov ebx,eax ; EAX送EBX1 d# b% f1 H/ d6 f* R- K% f
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX0 s7 ^1 A/ j! n- A0 x
0040337D 83C4 04 add esp,4
0 W- b" |0 [/ z n- }- h b00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
) R# \0 E( X$ w0 b8 A/ j w* c0 y00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
$ n; }, n! n, K7 n0 k! G00403387 50 push eax
( {/ r" B2 s+ o- Y+ L* T00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX1 ]* j. P* U. ?/ g$ i3 E& O
0040338D 50 push eax
) {3 q7 V+ G8 `3 ?* R7 }, g# h0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
+ _2 I" N' e7 B' A7 \00403393 83C4 04 add esp,45 p% ?7 |* D4 S. y
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
& V2 g3 Y2 |0 H0040339A 8BE8 mov ebp,eax ; EAX送EBP! U, G4 B w' f1 h
0040339C 6A FF push -1
9 d8 ?5 s" ~2 f s, K0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
+ T5 J% w; ^4 x0 a/ R/ W" b5 ~- {004033A3 6A FF push -1
+ r, A [& }' x. u' [% @004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
3 ~7 T0 Y' C8 H3 }" Q( ^004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX! c% L/ W' G4 `# h) R+ e3 d1 W
004033AE 6A FF push -1
( P3 `9 Q0 e8 {0 H8 ?004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
( ?4 Z* ^; O8 u# M5 @ ?- l004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX! e4 Y7 T, n$ |& C8 _2 {/ U
004033B9 6A FF push -1
2 k! T, n- z# M% U5 X9 e M) a004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
8 h& x3 i1 p* c2 x4 c! q, P) T004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
" P' ]2 K0 M1 l5 t5 A' f004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX( ]: y( E5 \/ ]7 _( @% X; f) P
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX2 m) m/ T" n/ w* a
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) R: x) P: A1 L) b* W) b004033D7 D1E0 shl eax,1 ; EAX左移1位
: i% L4 j; ]- X+ g004033D9 99 cdq ; EAX扩展7 T; g/ d: w/ H' w2 d' D
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中6 Y- ~* h* b* i" Z7 e
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较9 F$ \8 v6 _8 f: ?! m7 _4 Q
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
) d; P* f6 y3 K7 u& A, S1 Z" B) s0 l004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
- Y' N! _9 T, c004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]0 c( X, b1 ~, O5 x7 N. F( t
004033E9 EB 2D jmp short qsr.00403418
# E8 `$ t6 l& l004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX$ M ?, J0 B4 R! B
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
8 b/ k1 r& X! g% {# f004033F7 99 cdq ; EBX扩展
3 G$ n1 O% n+ U' P! r- O004033F8 33C2 xor eax,edx ; EAX和EDX取异或
- R: v( Y. w' X# s! X004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
! U1 q; @ k% h! i004033FF 2BC2 sub eax,edx ; EAX减去EDX, m6 }9 s2 e/ V+ m$ X& x7 h8 x% T
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]3 L$ N5 r+ s2 r$ M# b* |% H
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
1 J; }. C$ C1 T# p! r+ Q' N00403409 99 cdq- S/ h1 i. s' ]6 I. j! b: h0 b
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中# C7 S4 e# n+ y2 g( C2 i8 B& E. }; N
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX: O& j! o4 Y7 `, Q, ~' | [% d
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
- P0 B5 y: }- U& T00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)+ U' }( e" T0 Y& {9 P' o! f0 ^
00403418 E8 6EC00200 call qsr.0042F48B ; 9 H7 ~6 Q; @; v% r2 i
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* z) W) p4 v' m8 M00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
1 c8 N( t3 t# g00403426 E8 60C00200 call qsr.0042F48B4 D5 Y$ S V3 X- ]3 z. r+ T8 v
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
3 s0 c! d. f( s# i0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8* N8 S. I' _* h6 i* o
00403434 E8 52C00200 call qsr.0042F48B
% Z' W. s! E, R00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]5 j: p" L3 T0 f5 p' d
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
8 t, P% _, |6 y6 f00403442 E8 44C00200 call qsr.0042F48B! d3 Q/ B h* w% s
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
; R' @& f0 ?6 S. t8 j- H0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
" F, {! }. Y- T00403450 E8 36C00200 call qsr.0042F48B
4 C5 Q2 W k f' F5 m00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
; S1 z; ~& z. V& l8 D# }# t U5 w00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],37 [& b- {# m3 G! P0 x
0040345E E8 28C00200 call qsr.0042F48B7 K) p7 d( w6 R% \$ x9 Z
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]* Z0 X( y: V; k& s
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
|, m5 j( N; g+ p0040346C E8 1AC00200 call qsr.0042F48B
- ?( Y( }2 L3 k) G1 i w, T! }- @' b( B00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, Y$ y4 `2 V& X! ~00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1! |; \( @& x1 l2 }5 Q
0040347A E8 0CC00200 call qsr.0042F48B
; x7 D: a$ H/ {0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
& E! b% B. s+ \) N* a/ U# G00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],01 U* |3 u) w( t7 g O, R0 P! E6 |8 E
00403488 E8 FEBF0200 call qsr.0042F48B
! O- M$ j9 p; g M; j0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 U2 \1 _' u3 O5 k# r) i n00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
# \0 P# L7 u" w2 t3 K8 h00403499 E8 EDBF0200 call qsr.0042F48B' M1 O% Q0 F* _: c K* Z" [) L4 U9 z- A6 D
0040349E 32C0 xor al,al ; AL清0
" n- M( r$ A, \) v004034A0 E9 88000000 jmp qsr.0040352D
. B) t, f( T* p, |& x004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
( z/ `/ C" `& r% S; ^" r, ^004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" O# T, t; D' S6 @6 W4 o004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
' c% P9 J7 l) Q% b! e# o0 i4 c004034B3 E8 D3BF0200 call qsr.0042F48B& Q9 ~$ x* X3 S3 b* z& ^2 [
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]7 Z- @! I7 N! g" T6 i5 A
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8; x( `+ L9 n6 S8 @. J2 L4 K
004034C1 E8 C5BF0200 call qsr.0042F48B
. h* p4 j6 \$ [ n, u004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]6 x$ D( m Z6 X3 O+ T$ Q& {
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7: E! j2 A6 q* \$ V
004034CF E8 B7BF0200 call qsr.0042F48B
- V5 o1 V: q4 k: F# ?004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
5 ?; O) ^ Q$ `6 W004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
, V2 {# k& \) `4 ?0 M7 u004034DD E8 A9BF0200 call qsr.0042F48B
6 y/ T$ r& U. C% { h004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
3 |6 V/ h! S, t9 H004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" Q x9 a: b* ^4 p# ]004034EB E8 9BBF0200 call qsr.0042F48B6 ^0 {( O( _- t; P3 N! I, x: d5 x
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
5 [/ ]% b" B3 i/ z( @7 J004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],27 [1 V- z; b4 V* d' l" t5 k9 {
004034F9 E8 8DBF0200 call qsr.0042F48B' a) G! G8 |) e; `+ \& Z( O+ |
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 x) N' `3 H) C3 s5 q
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1 g6 T3 q+ \: g! u! G
00403507 E8 7FBF0200 call qsr.0042F48B; t$ ? P* C3 T# x0 _
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
* x! I: s9 Q2 p4 \' J9 M5 t* |00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
8 R' S+ W2 w9 E9 j: g7 o: m* `00403515 E8 71BF0200 call qsr.0042F48B' y- H+ q2 F) p* t* O7 G3 j
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; o' m3 r! K/ k
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
( _8 i$ h* p2 H. |3 z00403526 E8 60BF0200 call qsr.0042F48B
- H6 R3 |+ w7 o- e5 w, z0040352B B0 01 mov al,1
, T( b. Z+ f4 ]" o3 c" M. \0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]5 R5 M2 @/ B* S% } P5 l, u5 Y
00403531 5F pop edi
2 i4 Z' H% O1 t& w. s00403532 5E pop esi" i) D, m' [) B! u6 D; X& o
00403533 5D pop ebp d7 b$ Q* @0 O8 ]
00403534 5B pop ebx
) |# B3 C n: U1 K3 `" P7 Y% k00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
, s9 _3 V3 @- h4 ~0040353C 83C4 30 add esp,30" U* P( S* U1 d- J1 A
0040353F C2 0800 retn 8' D1 e6 n7 ?0 Y4 M- i
--------------------------------------------------------------------------------" U/ N, I8 w4 j: |" t) M
【破解总结】% {7 M, @/ o" _4 h3 Q0 c% \* G" Q
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
; U2 M. Q: Y: C用户名:yijun J* F0 v; M) B5 J6 V4 K& e
注册码:4893*7777*3726*7777*0529$ w& `/ b4 Q* ~; M: `$ ^- w M* O/ a
--------------------------------------------------------------------------------
6 ~$ H+ x* D% c: E4 R. t: r【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡