|
|
【原创】破解Quick Screen Recorder
+ z, k+ C- y$ \$ }2 k: \【破解作者】 yijun9 O; _* V7 W8 C8 U2 |7 G
【作者邮箱】 [email protected]
& f- c$ _7 N% F& R【使用工具】 OD,PEID
5 ^5 p- C" F7 @0 D2 L( C【破解平台】 WinXP& J+ \% b- V: g0 r, d/ N& f2 k
【软件名称】 Quick Screen Recorder( C: O- E2 j+ z
【下载地址】 天空" M6 D7 w0 a5 R9 x) ]# G
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. : R- n" }6 t" x( _4 j
【软件大小】 540K
8 n n E- K) D4 E【加壳方式】 无
; ~# E V/ f7 E/ Y% ?& J% k【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:); f; t; ? a7 |
--------------------------------------------------------------------------------: n& b/ j4 T+ H9 a/ N7 d9 U+ ?
【破解内容】
! `/ g) J- r' V0 u/ W9 b PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:- R9 \8 k& K4 v7 z5 k% b* i0 f
00404C69 55 push ebp //在此下断
( Z2 `6 H' S( f0 O, Y00404C6A 56 push esi
; _+ M C: i. L6 O& n$ q00404C6B 57 push edi) N: V$ ]' [. u) _% [ K
00404C6C 8BE9 mov ebp,ecx" M t" Y: H$ C+ J: S
00404C6E 6A 01 push 1
8 Z2 @7 M# [, b. i; e8 j00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
& y/ c8 z2 E$ W00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
# X5 P4 ~) x ]$ s' z; b00404C78 8BCF mov ecx,edi' j' {6 W) M$ j
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码4 c$ i2 |4 ~( s: N; ~6 A
00404C7F 8BCF mov ecx,edi
- |" [/ u. E2 `! n+ {00404C81 E8 A73E0200 call qsr.00428B2D
s$ w: F# ]/ {00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]) e3 h6 z+ b/ ~& x8 }* f) @
00404C89 8BCE mov ecx,esi' \ r6 S1 I# u- y. K" v
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
- o; S# T# @0 Q# D9 Y00404C90 8BCE mov ecx,esi
$ X2 j" S) s6 {: v; w. ~/ Q4 A8 ?00404C92 E8 963E0200 call qsr.00428B2D
9 N9 n0 p! s) l8 r* H8 I! ]00404C97 8B06 mov eax,dword ptr ds:[esi]- O+ n8 B) @8 `$ f- z% n; `, M& a
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
; l( p; E# D5 o00404C9D 7D 26 jge short qsr.00404CC5
! e9 ~( R1 {) x2 a: `$ q- E00404C9F 6A 40 push 40
1 ^/ s1 s% _7 B5 I9 A; q" v7 W00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
, z2 T. D" @" U* t, M( L' i$ f4 P00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
% F) l4 Y: _; }) e; a3 t8 k00404CAB 8BCD mov ecx,ebp
5 x0 J4 {0 m- A4 z$ N0 n( Q00404CAD E8 C3840200 call qsr.0042D175
3 K$ f* X$ l+ l' E( f+ ]" w; n00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
: y$ } B# U2 g! y- y) G. ?0 k00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
+ [6 n; O3 e U+ S# m* L/ ^1 C00404CBD 5F pop edi
. Z, Y) S7 Z) N% v! s00404CBE 5E pop esi, Z: c$ j2 o1 p$ n( s1 I4 v' S7 Z" U
00404CBF 5D pop ebp
& b- r- p) [. q, `4 b8 I00404CC0 5B pop ebx0 r( }+ K6 k" A! Z: n* W
00404CC1 83C4 18 add esp,18
1 y, F# P: R! `- ?0 n Y* t00404CC4 C3 retn8 k9 |8 w$ n* x1 ]
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
) w) ?5 i* Z+ R00404CC8 84C0 test al,al/ C8 y) d$ ^: G3 {0 k3 Q W
00404CCA 0F85 1C010000 jnz qsr.00404DEC
3 r+ {: J( J; ~# M" B00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) ?* i, c4 \% b
00404CD4 E8 87E3FFFF call qsr.00403060, Z- `, I' n" @, \5 m( B/ A4 Y
00404CD9 51 push ecx
, y2 U, k2 W- `- B2 a- W; B00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],07 O6 n$ ]7 @; Q" Z ]6 u
00404CE2 8BCC mov ecx,esp1 }# Z9 r# z% n
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp! Z& X; v) \1 M s5 `
00404CE8 56 push esi! z! w3 P" g- L$ [ y- G
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是07 n1 E6 v3 m8 S5 U
00404CEE 51 push ecx5 q, x. h: @( C7 \2 @) k
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],14 T' X6 d* H0 z4 G
00404CF4 8BCC mov ecx,esp
5 S2 [0 A+ M8 C6 u& H00404CF6 896424 20 mov dword ptr ss:[esp+20],esp5 }, q. Y, d# D3 G0 ?$ J
00404CFA 57 push edi
: Y& e, [6 |6 P00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
7 k( o' a" l4 l$ f00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]; N* E# I$ T- E' f! p
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
4 I4 w/ d' `% A00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
# s# R' P9 `6 `9 P00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
" w* d. O" y% Z7 U; ]00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
. g4 h3 P/ H: S- r: @00404D12 6A 40 push 40! D$ a% p, A+ }* U% a' C
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
# ^9 c! X! q& C" y) U00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."4 e9 q8 V5 ^$ ?9 v* y
00404D1E 8BCD mov ecx,ebp3 W8 r: o) i" N! _5 e! A
00404D20 E8 50840200 call qsr.0042D175! T! O" r3 g- \* d; a u% I" y
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
& F: A6 b! T& S2 Z5 a+ ^* S00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
" ]) s" k2 r. o% J: e4 ]8 s00404D31 E8 5AE3FFFF call qsr.004030901 g5 @, @% i* G p3 I
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
. G) ~7 [2 f" l00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx3 f2 E0 b7 [4 X9 e& M( R2 b
00404D41 5F pop edi+ R4 b+ y* C" J, h6 Y! C, H2 M; C
00404D42 5E pop esi
% T, y/ o5 m L: I% S" S& a00404D43 5D pop ebp
& c {9 p( p# Y1 ?7 O9 v00404D44 5B pop ebx& G* m0 y7 o5 Y) `+ z
00404D45 83C4 18 add esp,18
9 g9 A1 M" K* U& W, c00404D48 C3 retn. B0 Q4 G. ?" h
*********************************************************************************************************************************************************" x* q, v1 c( W& p% s2 t
跟进00404D09处CALL来到:% W7 v3 @* D8 O2 u# R* l0 y
004030A0 6A FF push -1 //一路F8下去~~~~
], Q0 m4 U/ {004030A2 68 C88F4400 push qsr.00448FC8+ d# e$ w# T3 G! f4 h9 g) O
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
7 ^; V/ ?; p" z: ~2 V004030AD 50 push eax
: u x; Y/ |1 E004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
+ {5 i+ i3 T7 L/ N" H: k9 N004030B5 83EC 24 sub esp,24
. L$ s; g/ w7 v5 Q4 n% s, g o; ]0 x004030B8 53 push ebx$ [' r4 _- F: T1 y# t
004030B9 55 push ebp
, U8 ?7 U9 V+ h2 `8 a004030BA 56 push esi% B* O8 s2 I+ G) j1 L% X% q
004030BB 57 push edi
2 S9 e, h: ~' S004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"5 J9 R7 G* M4 K T* K; }5 a
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
1 Q# B0 n( J+ v; Q. T$ O004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],19 f+ s% }8 H9 B1 x$ C9 V/ |9 d
004030CD E8 27C40200 call qsr.0042F4F9
1 u( [/ u& P8 S004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
3 {' h7 F4 d( N5 M/ E004030D7 894424 2C mov dword ptr ss:[esp+2C],eax+ L* D6 r9 h) y$ Q' O' L
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
7 @4 d3 R9 k2 C a" M& o3 `004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
0 q1 A* Q9 I. h0 @- s% R7 q004030E4 E8 905A0200 call qsr.00428B79
: H7 y6 t/ W0 C) E, `004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
- y; J# m' g# H. ^& x' m004030ED E8 3B5A0200 call qsr.00428B2D
+ e5 S1 W, m5 m# c2 ]$ s" O$ X* P( J004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]9 a$ b( N! `: J. J2 _! n! E
004030F6 E8 7E5A0200 call qsr.00428B79# J) l9 |; `# _$ W6 G. T
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
3 m) d- c4 J: h2 I. R. T# O" q004030FF E8 295A0200 call qsr.00428B2D8 E+ r l/ u- l# s) F7 F' b& C! h
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
6 Z$ k v* t, W" h1 h/ l) k00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
8 V2 l, E/ A4 w% T" M$ J9 w0040310B 83F8 02 cmp eax,2
' n3 @/ L+ S8 x, A3 y0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
5 I8 u; G/ s$ N1 w# ~00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
K$ M9 h5 f$ x( u6 [6 t4 t7 l00403118 837A F8 18 cmp dword ptr ds:[edx-8],18 Q: J! \% _* Z& o' @) ~% n
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
" |$ p5 K6 ^" L' C" l00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]7 u3 |$ l, c9 C* L$ B8 r( C
00403126 6A 01 push 1
, t, R, B/ Z3 f m00403128 50 push eax$ ]' ~6 S" W5 ?' T5 K4 v. I# `
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ ~9 s/ o! z1 ]1 u+ `2 h2 C
0040312D E8 C4550200 call qsr.004286F6
$ M1 S# O! v' y" m4 O00403132 8B00 mov eax,dword ptr ds:[eax]
" D5 [, F8 w: @" ^" I% \% y- [00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" \! J- }% D+ d00403138 50 push eax
! B7 _$ [$ b( |- q% a00403139 C64424 40 04 mov byte ptr ss:[esp+40],4* r0 [) R! u. m% ?
0040313E E8 4D560200 call qsr.00428790# x8 X1 H& q3 b
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 h0 h# R/ u' t9 _& T' o00403147 8BF0 mov esi,eax
7 l. f( [- H: Y00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3 F0 y1 p7 i# e/ b. a
0040314E E8 38C30200 call qsr.0042F48B' {! ?' ^$ K& }" n6 v6 a B
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]0 v& n- P5 _! d1 ^6 U# ~
00403156 B9 3E000000 mov ecx,3E
5 q0 X% w& [+ c. k9 q" C0040315B 99 cdq
; @5 D) }. O: K6 B% M& W( q' e0040315C F7F9 idiv ecx; N) i0 @8 j5 X- O1 w7 j
0040315E 6A 01 push 1: x% N6 x* B! r5 T6 w+ m
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]1 K# D8 S5 D! `
00403164 8BF2 mov esi,edx' Z' _' p: `5 v# ~' p
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
) Z0 [: S* q; {/ X: \0040316A 52 push edx, d1 a1 E$ y3 A6 {% B( P) u* m! ]; M
0040316B E8 0A550200 call qsr.0042867A& S" c6 ?) O& ^, E L# i# C4 O
00403170 8B00 mov eax,dword ptr ds:[eax]
. f! i: o4 p/ h" \00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
( ?% {& ^( h& T8 R. b4 p00403176 50 push eax( c" g! H V |. `
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5) h1 z* ?3 L& ]) q+ `: W! h0 \
0040317C E8 0F560200 call qsr.00428790
7 i0 G8 Z1 U9 m00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ b( ]1 ^) ?5 s8 {6 z0 D7 b$ e L00403185 8BF8 mov edi,eax
% ?0 ^5 J. Y) y* P" G00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3* _. F) q6 j$ K
0040318C E8 FAC20200 call qsr.0042F48B
" o* t, c" g$ B: L8 J00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
5 `) P; _0 L$ E6 e00403194 B9 3E000000 mov ecx,3E/ ^1 d8 A& Y& m
00403199 99 cdq
- `8 i3 y6 ?. B+ N% _0040319A F7F9 idiv ecx0 h, l+ S5 ]7 o, S2 d
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
$ ?# H( H2 T8 r" v& {1 g0 F9 z( s004031A1 894424 28 mov dword ptr ss:[esp+28],eax* @: z/ b# T4 [# f
004031A5 8BCA mov ecx,edx
, S! ]% l6 U! r+ t004031A7 894424 24 mov dword ptr ss:[esp+24],eax
! l% n3 C6 G% C+ i" r004031AB 894424 1C mov dword ptr ss:[esp+1C],eax: K" Y( l- U- J4 B0 B
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
3 i1 g7 s7 V' W* V U004031B3 894424 14 mov dword ptr ss:[esp+14],eax8 d' ]# {9 Z4 H+ {3 V* v
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
/ j: l" Z' D' F8 w* v. V& E004031BB 8BC1 mov eax,ecx
* U- y! P8 x7 ` `" G: l004031BD BF 0A000000 mov edi,0A
* q( _; G# F( ^8 R5 ?004031C2 99 cdq" J9 d3 H- }: I* B, P
004031C3 F7FF idiv edi% I/ }: {) ^* {( y0 C
004031C5 8BC1 mov eax,ecx
1 ~5 v g+ c8 m! L, d) L, ~/ y" t004031C7 B3 0B mov bl,0B0 s K, d& w+ Y8 R
004031C9 0FAFC1 imul eax,ecx6 ~: j+ w# k5 r& M8 y' }
004031CC 8BCF mov ecx,edi0 K- `6 O$ W; y& S& L* k
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl: r9 C# v1 G* m
004031D2 52 push edx) w4 f7 n% U9 s& o" w( D
004031D3 99 cdq
2 R* _( q! s: d4 j1 X004031D4 F7F9 idiv ecx
( t* v4 R9 o' w; x- `: J' L! J004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]- R- L/ X& B# e2 Z9 c) N7 {$ o
004031DD 2BC6 sub eax,esi. ^& a% B# U( d( \5 e
004031DF 52 push edx
* ~/ J8 a/ D& A& W" R+ ]004031E0 99 cdq
* n4 _8 \' A3 |& W004031E1 F7F9 idiv ecx% {+ p( B$ e0 L' ?. T a- C
004031E3 8BC6 mov eax,esi
& h' h" J7 O3 i( e( _% ~: U004031E5 52 push edx
6 a) Z7 Y5 p1 \; E004031E6 99 cdq
0 x, k/ K c$ |2 B2 u3 [2 x004031E7 F7F9 idiv ecx
3 o# C- _/ L% W$ V004031E9 52 push edx
+ @& ~3 R& b! L1 m/ J$ `5 W004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
% H) p; j# W+ N) L. Z& F004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
+ X+ w! L p% F j! m5 T0 ]004031F3 52 push edx
/ \1 O- V- |0 z7 S! D8 y- v! u4 O004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
6 x Q- ^+ r9 s9 D6 i' U& g" s004031F9 83C4 18 add esp,181 W) G) t8 V# V
004031FC 6A 04 push 4
' K: F+ g0 g+ l, s( V0 T9 j0 [004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ x& T! x/ S% J% z9 z: ~/ e8 N& V00403202 6A 00 push 0, m' o# h3 j) q4 d4 }2 m
00403204 50 push eax
" Z6 C0 K7 x3 s% e# }' W7 g! o' y5 Q00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]( ^/ U' S: E, i
00403209 E8 D6530200 call qsr.004285E4
& a8 |$ o. @! s; h3 e4 u4 a0040320E 50 push eax
! R3 g/ L1 Y ^% F. N: k' P0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]2 B! I% i) ?0 L
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
8 ]( y* ^- M' o00403218 E8 A7C30200 call qsr.0042F5C4
+ k. v2 m) E. W( v/ e/ |/ A0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
+ M( Z: n! [$ g+ y9 `00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
) E$ B _, `4 J. A00403225 E8 61C20200 call qsr.0042F48B
3 l2 M; o# }# M' j/ p0 I0 v0040322A 6A 04 push 4- D+ ~4 [4 j. c% Q
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]4 d+ \; i) y% g
00403230 6A 05 push 5/ E' h2 Z9 E7 k
00403232 51 push ecx
a9 E7 o! V- a; m+ {2 z$ [00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50] k0 c! D6 e3 z- u' u0 { _
00403237 E8 A8530200 call qsr.004285E4
' z$ f6 u. m/ f: Z4 ]2 K$ |+ t! _, s0040323C 50 push eax A# D8 d2 ^/ F( @0 r/ o g
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. @; X+ d! D% R+ q, U
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
& a) L: {" J1 N3 l00403246 E8 79C30200 call qsr.0042F5C40 j3 x2 P f. g: z( K, \
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]* P9 h( I8 f! {/ i; \; K* G5 c
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
& V1 [# m4 [; H! i7 `% p1 E00403253 E8 33C20200 call qsr.0042F48B' L4 @( o& R2 J6 ]+ _+ c
00403258 6A 04 push 4
% Z P! b: \1 D& g# x0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
$ o! P" | e% ]0 g4 w, K1 B/ c0040325E 57 push edi
: |1 D6 c e8 X0 d/ i) O [7 L- z0040325F 52 push edx
0 Z/ v9 w, [2 d0 O00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]* a5 s8 P; b$ c+ o) ~. ~
00403264 E8 7B530200 call qsr.004285E4# n! |; X: S# S* E; V# ?# r0 m% Q. T
00403269 50 push eax
& @" Z0 g5 F$ |8 F5 R0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
3 |, ~) |1 f6 q- o: `8 L0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E* g8 I0 p! v$ r; f+ t8 R
00403273 E8 4CC30200 call qsr.0042F5C4
8 E. \3 y2 L3 q0 H9 n+ S& r00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
7 l7 H1 X; C$ l2 [6 _- P0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
+ v1 @9 N1 b" B) c# y# x2 d00403280 E8 06C20200 call qsr.0042F48B# L% |% G+ d# f3 C* Q
00403285 6A 04 push 4
3 {* s' A& @! R3 w; Y- w00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]- W1 {8 L+ Y# z. J9 B' I5 m! q9 H
0040328B 6A 0F push 0F/ U1 ~" G: A. V0 i5 m
0040328D 50 push eax& e7 H" k) S5 R2 e
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]3 L8 x( v9 U: @
00403292 E8 4D530200 call qsr.004285E4
+ y$ ]& b- A; H2 w# J8 R# B9 p00403297 50 push eax
) T1 Z) \$ t9 x9 w- R* E00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
" h' Y! k2 X" Z; _% y5 Y5 D0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F# b8 B4 z0 X/ [9 o% b
004032A1 E8 1EC30200 call qsr.0042F5C4
& O1 O1 `8 X% o8 r4 r004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
2 M+ i$ Y* F A J7 @; d004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl! j3 K2 H/ h1 J) Z- U* V3 r, U
004032AE E8 D8C10200 call qsr.0042F48B' {2 [% D8 C3 z+ T2 k
004032B3 6A 04 push 47 h7 B) O! T' M% m. p
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]( n! S% G- ~* q9 H
004032B9 6A 14 push 148 W ?# N0 l" G, D
004032BB 51 push ecx
( ~$ O9 |: U# I& g004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: d& X) S' b& X X) W
004032C0 E8 1F530200 call qsr.004285E42 V0 U+ q, [* w) w+ m! v
004032C5 50 push eax
9 H5 w7 A9 r3 K/ W9 b4 h004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) [" W( A8 D, x1 y1 i" M
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
. u- v: Z* R# G* ~' u2 ^004032CF E8 F0C20200 call qsr.0042F5C4; m: t. M9 c: z5 _
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 [ O, Z& z R; ?3 B7 s7 }004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl8 o$ J( S# {6 u* m" {; k
004032DC E8 AAC10200 call qsr.0042F48B
9 ?0 H- [* p1 O004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
. a+ p; v" s0 f W0 U }- f- }004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
7 ^+ {/ ?. e' X9 e& D( u& H004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL( F) c) n, d- o( e z) w
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
7 u9 }' O. l! a- B! f004032ED 8ACA mov cl,dl ; DL送CL
" l, V+ Z6 M. \# s. C004032EF 3AD3 cmp dl,bl ; DL和BL比较
5 g8 Y; D) f' M8 p004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
3 s) p4 Z. G2 q004032F3 84C9 test cl,cl
; [7 G6 ^+ K5 M: m9 p004032F5 74 16 je short qsr.0040330D
4 d" K8 T' k% e, C0 t, Q" m% x3 H004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL$ t8 ^( k' B# P6 v9 T
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
3 A3 p# W2 K7 i+ w0 s7 p004032FD 8ACA mov cl,dl
O& c/ i- m8 g- X9 h' f004032FF 3AD3 cmp dl,bl ; DL和BL比较
7 X; \- r+ I, x) x& } b00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)+ Q1 U+ J6 x7 D E: \
00403303 83C0 02 add eax,2 ; EAX加2( Z/ W+ F' O8 N; h5 ]) J: W, r% v
00403306 83C6 02 add esi,2 ; ESI加2
: ?" E% n# v( _4 l" b00403309 84C9 test cl,cl. i `; a* }4 x6 l2 E
0040330B ^ 75 DC jnz short qsr.004032E9; c& D% z9 M1 x
0040330D 33C0 xor eax,eax
; T# b1 I( H b0040330F EB 05 jmp short qsr.00403316 p" S4 R, w6 G) Z& N3 E
00403311 1BC0 sbb eax,eax. u* `" h( ?' Q0 S, d
00403313 83D8 FF sbb eax,-1( t0 g: d6 K: V' _) d3 Z8 ^0 H
00403316 85C0 test eax,eax+ g j: O9 q2 h9 [8 J% n7 k2 m
00403318 74 0E je short qsr.00403328. L( k* T7 ^& ?3 {7 x
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
2 a9 W# f4 z! u. r" U; I2 d2 v: g& z0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
5 g+ u" Q- T4 c \! h00403323 E9 F0000000 jmp qsr.004034185 }# K1 f: } @% M! x0 r0 [6 P9 h0 ^
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX5 t) t) o! R. f, a3 n9 p
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
5 _# s: [1 c5 |! H8 n00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
6 o& U. ?. I z! _) @00403333 50 push eax/ i* p% c/ {1 q) T3 F3 n9 d
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX: H7 K4 m6 q7 P4 ]* u
00403339 50 push eax, G% F; o% k( f
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX+ X1 a0 P# }3 t1 R0 \. Q4 n: F) e
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX9 u' |' D1 P G% f1 R
00403343 83C4 04 add esp,4
. y/ n: t3 ?4 X, b! ]3 n00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI* |) h8 V2 V( t; y+ F T, o$ Q9 D
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
7 l8 s+ w; e2 u) U- ?0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]: ?6 ^. ]5 L& G" u7 [( U
0040334F 50 push eax2 ^* j$ }' N* l8 |. P' ]& |
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
# ?7 {% A" i2 ^0 u: }) Z( w00403355 50 push eax% t8 G2 k: i- U3 b6 W2 u5 \# B0 d. B
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
! r% b3 h2 |4 i' I& i" y0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX& g8 j' ]/ Q5 X* @# _1 F: R: ~
0040335F 83C4 04 add esp,4/ t3 \6 U- m3 K. E* E
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI& H4 h* s! Y& G. G8 {" p
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( I( a) a9 `/ w$ J00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
6 K9 G3 k5 [8 J" h3 r0040336B 50 push eax
# G& i$ i& l6 ~: }0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX2 N- e* G1 @' Z. p1 s, ^+ Q6 x
00403371 50 push eax
3 g6 K: E. T4 E7 p; u" x00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
! p$ k6 l6 v8 o$ b00403377 8BD8 mov ebx,eax ; EAX送EBX# c; a9 K9 h! L' R
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX. i6 s( g2 G( }, r
0040337D 83C4 04 add esp,4
' u3 V9 Z9 m* x1 y" A. t0 {' I00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
, l; X8 d5 y: o; P4 F% t; M0 s3 H00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
, V. X' q: a' k# h00403387 50 push eax; C: r* c% ]- X% A0 p( K
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX" ^! }! M# x3 q# J5 t% v& J* Z
0040338D 50 push eax
) g% X" {# x' H0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
3 t/ R. s( e# W% u00403393 83C4 04 add esp,4: p7 O, g. r) G' b1 x: Q$ q7 \
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
c9 E9 l( D% M0040339A 8BE8 mov ebp,eax ; EAX送EBP; J% R; a2 V; ~1 v
0040339C 6A FF push -1
! n8 P$ v/ W; e- i& H" w3 m& C0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
7 [+ g8 L+ E; W1 B004033A3 6A FF push -1
6 q' _; L a7 P8 |0 _004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX- ~* k/ p- x$ ^6 s
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX$ |' }' b9 i+ K2 E, C' R
004033AE 6A FF push -1
- {- k. ?% k- W- m2 }% z004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
' v7 F# V/ c2 F; X4 _$ k% Y004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX9 Z2 n8 _3 ^$ Z7 p: K5 ~! Q
004033B9 6A FF push -1
' z7 Q- g9 K" K004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX. W" S& S( ~ K4 G
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
. S% L0 g, ~9 I+ `004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
8 \% l) k2 s! I |$ r004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX* Z, L- ?5 P8 r% m4 Y) T
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
+ N$ s* g l- Y: x- b1 Z/ ]6 H004033D7 D1E0 shl eax,1 ; EAX左移1位7 K; Q" p! d5 B3 W9 d
004033D9 99 cdq ; EAX扩展! H7 h8 u: {2 F1 l$ S7 k9 J0 N
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中* _9 O/ H3 C0 Y( G
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较6 R. H* f/ j L: o7 B/ d7 M
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)) o* f, |" ~0 p
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
/ `8 `, o( H1 G. s; o$ j004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]3 R8 d r9 I8 `" a- H
004033E9 EB 2D jmp short qsr.00403418$ K% i2 K+ i5 b) }: w* J$ T% e
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX& x# Z; \& U5 ~( k; |, W
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
. @4 B5 [# G! n3 X2 E* P. G! l004033F7 99 cdq ; EBX扩展7 |5 b$ x5 F1 h+ X7 U
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
8 Z" G+ H1 A7 _2 }9 Z004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) j& Q* A! Q0 }004033FF 2BC2 sub eax,edx ; EAX减去EDX
. S) \: `$ l, k# @/ c00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]" D* V3 }1 c$ ]# a$ y
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX4 [/ x" j2 ~/ P
00403409 99 cdq2 w4 B P' s2 l: h {7 [
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
# B& I5 {: Z& @1 v* s! q3 |. v4 d+ K0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX# @/ V8 t6 J- t- L4 W8 A
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较 k) h. y% f, E, E( `$ }% }2 M
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)- D5 o7 w4 e! H
00403418 E8 6EC00200 call qsr.0042F48B ; ; E( v' A) K2 ^- W* T" _
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 C3 U0 `: D+ B9 [" H* `
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],98 O) X& x5 \4 \ g) U' U
00403426 E8 60C00200 call qsr.0042F48B
4 g& h* H% i6 ~0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
1 T" o3 i2 L( E! o. c0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8; Y0 R( `$ @# z, n* h( W+ e/ b
00403434 E8 52C00200 call qsr.0042F48B. G: l! a9 Z, ]6 @% X
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
5 ^0 a, a! _/ F; o3 l2 I+ A4 g% d' s0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
. z M' F5 {; y9 f, j/ F00403442 E8 44C00200 call qsr.0042F48B- Q2 A/ L6 Z5 o/ @" i/ G# K: Y1 r
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
x4 _# U/ O0 t3 `- X0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6 d' y8 E: [ J1 ?: o/ ?! v
00403450 E8 36C00200 call qsr.0042F48B0 F" M7 m: m+ I6 D5 @; x
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]7 `- H" f) b) v6 D n% _
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
0 l- ~! ?2 N" c. n g4 J4 A0040345E E8 28C00200 call qsr.0042F48B6 F3 y( L6 ]" ^
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]; E9 P g- d! X9 Q4 M
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
( M; d+ c" K. Y0040346C E8 1AC00200 call qsr.0042F48B! U# G( k( o1 ?, W0 F
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 g$ c" V3 ? h' \7 ]
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1: ~1 t% P& y8 r7 L7 \5 b' |
0040347A E8 0CC00200 call qsr.0042F48B
2 J/ t0 z4 H6 U& A' V& H0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]0 H/ K2 j& C9 q, X. q7 u0 u
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
5 P5 a- H6 s5 k6 [! M" }4 c00403488 E8 FEBF0200 call qsr.0042F48B4 A! g8 X/ }: H% a9 L$ Y8 G
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; P! w8 [1 B0 \
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
' Z' o9 o3 H9 h2 f* E; V- f8 t00403499 E8 EDBF0200 call qsr.0042F48B, Z1 a: A X" ]2 ?- S4 l
0040349E 32C0 xor al,al ; AL清0
% o* f1 M# h, b2 K; C: e$ V004034A0 E9 88000000 jmp qsr.0040352D% o M9 u n; {2 S2 W/ I
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~0 @$ n$ Z& p6 G3 A9 |! m! w
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]+ g( \" t" H- D% Q
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9/ e! R! L R- o+ W8 u3 n& H/ ]
004034B3 E8 D3BF0200 call qsr.0042F48B7 d, l4 z, J) _, z
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
% F4 h/ h5 w! \& F5 O004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
& i1 ?% j$ l% @# q' c; Z004034C1 E8 C5BF0200 call qsr.0042F48B
4 |' F$ a9 ~4 Y: P" f004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]! e0 a1 t1 r" Y
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
' h& c$ l: J O8 }/ [004034CF E8 B7BF0200 call qsr.0042F48B0 ?- U/ y, M0 y5 R8 w: O3 w
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]; t- n! i- R* c( n" D# y
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],69 Y. q$ s6 v2 A- h! s
004034DD E8 A9BF0200 call qsr.0042F48B
; K' G! ^2 @8 C- Z; a" d% u( j) i004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]2 |9 p6 V3 v8 P1 |' j, \- p$ S# }
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],31 i7 V3 ^6 ?; F2 W
004034EB E8 9BBF0200 call qsr.0042F48B
9 h) s7 l* q% b/ N004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]5 r) z% i: f9 K9 B
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],25 T, G" u# X% q* K
004034F9 E8 8DBF0200 call qsr.0042F48B/ i: y& P( C0 P, P, F3 j
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]5 E0 z- g, Q; v" o5 k J, n, L" O
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1, D* s# h& u4 f, L
00403507 E8 7FBF0200 call qsr.0042F48B5 h! Z4 w4 k8 O% L5 C, X1 L5 u
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]: ?/ D( X- F1 Q a; q4 V5 h+ o! D
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0) J' P. U, @- K4 K) z
00403515 E8 71BF0200 call qsr.0042F48B$ _+ I6 X+ z( V- r
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]! U2 d+ {0 q' D+ s
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1 M) T2 C( t! ?, `% o1 g0 x
00403526 E8 60BF0200 call qsr.0042F48B
X3 R8 R! U4 L4 Z0040352B B0 01 mov al,11 N8 F3 h3 I4 |' J, u
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]" ^' \/ R& k. Y0 d, L' F: v2 ^
00403531 5F pop edi
# i5 [3 t2 [+ _; v00403532 5E pop esi. J& _6 `& d- I
00403533 5D pop ebp
0 [" h$ b% L/ v4 d00403534 5B pop ebx& @5 A, N' k; ^
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx& S' y! m/ ]& e! c, w" |. f/ a# E
0040353C 83C4 30 add esp,30* y/ ~- f; N1 L0 R
0040353F C2 0800 retn 8
4 {& w5 ^+ n5 P4 @$ |% f--------------------------------------------------------------------------------
0 f9 g) k3 C3 B# [5 m: N【破解总结】& o( T4 n' g% |; J
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^% `5 G, R9 U' ^5 o+ L
用户名:yijun N6 o0 H5 j" z' p% }$ F
注册码:4893*7777*3726*7777*0529
0 a9 d4 }' W) a- R--------------------------------------------------------------------------------9 j& O; b ?* U* I
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡