|
|
|
【原创】破解Quick Screen Recorder: H( _# b, V& w
【破解作者】 yijun
' f8 }, S- F* Y( o: \【作者邮箱】 [email protected]9 ]& d+ |# Y( F
【使用工具】 OD,PEID$ I+ z$ _2 Z( _% `/ ^8 @8 y4 R
【破解平台】 WinXP" ?2 e( F5 {* {- H' k5 A @
【软件名称】 Quick Screen Recorder
$ `# @. @4 \ Q【下载地址】 天空+ M3 V; R9 x1 T, e& O0 P1 j2 R) {
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. , o5 X1 m2 Z) t% P$ c) g) m! \
【软件大小】 540K* z' q/ q+ z5 ~7 I) M6 |; Q
【加壳方式】 无
0 y7 y" T/ V4 M$ ~$ C1 d【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)" D( |' i# I" Q
--------------------------------------------------------------------------------
5 p# B% A# N4 {- F' L: h7 I. o5 L S- K0 L【破解内容】, \2 S6 l, \7 P7 A
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:/ L; e: M# L( T$ n
00404C69 55 push ebp //在此下断
) q: E1 _+ r6 F$ B H5 }00404C6A 56 push esi
8 V! M3 h$ ^- P' T+ i6 o% B% V6 G00404C6B 57 push edi- \0 s* K3 z) \5 q
00404C6C 8BE9 mov ebp,ecx% F) d, a9 ^+ f; F. U5 L: h8 E( ?
00404C6E 6A 01 push 18 L+ y4 M2 w6 J, ?. o$ K4 r
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
6 ^7 I' G/ @1 z" \) o+ v! o! }6 u00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
/ w9 {! j! x& V) f3 T% c- f00404C78 8BCF mov ecx,edi
9 f% g: g) g7 o' E) v; D! F- j00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码) x `* X/ O/ f0 a/ O9 j* m
00404C7F 8BCF mov ecx,edi9 u _ G+ j+ b# d8 a. l+ L: j. T
00404C81 E8 A73E0200 call qsr.00428B2D
$ ~0 m! D7 p5 b/ g/ c+ @00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
$ D$ Y) q! I) T" W" Z* _1 x00404C89 8BCE mov ecx,esi6 [; @) E4 e/ \5 |: v
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX8 v, d- Z& {( w3 U# A2 |5 X0 }
00404C90 8BCE mov ecx,esi
+ v" b7 X% L1 q. H& _% U00404C92 E8 963E0200 call qsr.00428B2D6 ~$ `4 h6 H; U" p6 X
00404C97 8B06 mov eax,dword ptr ds:[esi]
4 k- p. i2 m5 I00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2' e1 [: \( r4 L$ p X i
00404C9D 7D 26 jge short qsr.00404CC50 t4 }& N- O/ N8 R H$ F% H
00404C9F 6A 40 push 40
6 y }2 }; h! }' G00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder") Y, {+ n4 k9 n! S3 ^
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name.": }6 e- e0 F# i5 b$ J2 ~- w: k
00404CAB 8BCD mov ecx,ebp" _% K" h0 |! M3 H
00404CAD E8 C3840200 call qsr.0042D175
9 M7 u9 O" W# J& A00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
5 Y6 b' Y6 S) T+ _00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
* h6 T, }' b2 Q u, Z% Q00404CBD 5F pop edi
+ f7 i' z& Z, g8 j00404CBE 5E pop esi
; }" B. J& n3 w: ~! c00404CBF 5D pop ebp$ `6 `, f/ H$ C1 }, f$ F/ M f) d
00404CC0 5B pop ebx
! @6 n9 ?3 @. h/ H+ S00404CC1 83C4 18 add esp,189 q' ]0 ~$ D+ n) D G
00404CC4 C3 retn
1 M5 }: _+ c- }+ {: c0 k00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]9 j! E) r7 L0 Y' b
00404CC8 84C0 test al,al
. n/ }5 j ]; }& p% [& Z00404CCA 0F85 1C010000 jnz qsr.00404DEC/ O* G7 C2 s# x! d" H3 E4 }
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. P' d; S' y! A$ T00404CD4 E8 87E3FFFF call qsr.00403060
P* s+ B9 }: f& H4 ?9 U3 t00404CD9 51 push ecx
7 k$ p5 _4 P! \& W00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
4 N! w( j+ h3 _00404CE2 8BCC mov ecx,esp
$ E' A( p: \1 Z2 a" Q# C00404CE4 896424 14 mov dword ptr ss:[esp+14],esp+ O& g, N* I! Z) I& r$ H" y7 i6 F
00404CE8 56 push esi
- V' a+ r8 `% x" D4 S" ]00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是09 ~- ~' Q4 d8 z$ A8 n
00404CEE 51 push ecx8 O0 l7 S) b6 p
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1% p% [, j5 q' n p% H
00404CF4 8BCC mov ecx,esp
$ p1 f- K/ i/ W, g: m0 |00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
; }4 ~( A/ E' K; L0 ]+ j. o00404CFA 57 push edi
* ~: n/ a$ \4 k0 U" p. C5 U00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0/ O- t: l; j8 j* e$ U8 V3 d
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C], Z* ^6 y' H; @4 G: e
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
* }; s- G) n" Q6 w00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~" x9 H' g" e3 l5 U2 v1 o
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
1 Y) b. P6 w4 R" l5 e00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~: ?7 R0 F7 v7 J" W. T
00404D12 6A 40 push 404 n" U" K. ~ t- j4 d$ b
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
/ q9 b2 Q6 @4 C. n& P/ X00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."9 Z* A$ x/ Z# Y* s8 S9 |
00404D1E 8BCD mov ecx,ebp
0 G9 B$ y. D# j& k R& `00404D20 E8 50840200 call qsr.0042D175: l6 Y" b& a! a& \3 q
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]; L- k! t U$ v5 w. l$ Z: r$ \
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
* ]" s; }' C, P' A00404D31 E8 5AE3FFFF call qsr.00403090$ |5 E0 b& Y4 T; x/ \
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]& l* Z/ M& ?: @$ a; d
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
X/ i x0 a' H7 |' w9 C00404D41 5F pop edi
# ^$ B) a2 _2 {, ]; e4 ?* `00404D42 5E pop esi
' @* p. V3 p7 s# {2 ]) Y6 A. p" a- Z00404D43 5D pop ebp* U- \) ^0 r* d+ j( j4 {
00404D44 5B pop ebx
5 R" m6 i/ k) k& E/ u: [00404D45 83C4 18 add esp,18
3 |/ H, r% \7 T* g5 s6 Q" p00404D48 C3 retn) Z2 K8 O8 R0 r* B& n" V
*********************************************************************************************************************************************************
' J$ o' d$ A+ p ?" x9 g) |跟进00404D09处CALL来到:
8 T0 ^& I" G3 j004030A0 6A FF push -1 //一路F8下去~~~~: i: t) N7 D+ I; Z1 F
004030A2 68 C88F4400 push qsr.00448FC8! y, S/ D; b, L+ m, L6 b
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]( u- U3 q% y( {" Q h# U
004030AD 50 push eax
3 A+ k, O& U0 A: {0 ^9 j& I0 F7 i004030AE 64:8925 0000000>mov dword ptr fs:[0],esp/ U- o. V0 Z4 H
004030B5 83EC 24 sub esp,24# `- M) f7 |% E( K
004030B8 53 push ebx+ I, @( \# v" y0 _7 q- M
004030B9 55 push ebp/ q0 h0 s3 [) w1 T4 n7 ~# i; @
004030BA 56 push esi! H: j5 X6 k; z/ f! y) Y' B3 q# I
004030BB 57 push edi% ] ^5 t$ r/ }. i9 S' ]
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
# l/ Q$ G* O% A! p9 [/ t) F3 {004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
0 a8 a/ f) n8 ?+ {3 I$ W( v004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
- C ?; c {+ |0 p! R1 T0 l* A004030CD E8 27C40200 call qsr.0042F4F9. V/ L# N" U% B1 r" M" s( A
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
* G! L: ]+ e7 X" w# h004030D7 894424 2C mov dword ptr ss:[esp+2C],eax9 V5 A+ t1 ^; N( |. l1 W' u$ L
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
( t! x) o. ^$ v" ?# c" @004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
( I. ?. I& G# e* Q# A004030E4 E8 905A0200 call qsr.00428B798 {6 _6 b C# I1 L. j3 e
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]: c& |$ B, B$ b0 i7 h* [( a; h: G& I
004030ED E8 3B5A0200 call qsr.00428B2D
$ v/ ^3 i) s2 u+ p: U004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
9 x& Q* u' n+ {8 P6 L/ R004030F6 E8 7E5A0200 call qsr.00428B79
# s3 z5 q, Q! e6 I+ i2 u5 ^004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ {# h2 j/ D+ ^# ~: r; d/ q! x( g: `004030FF E8 295A0200 call qsr.00428B2D
# |; S% p' V) i# C/ s4 C3 l0 b00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
8 ]$ O7 O) E/ X( P; S G$ X00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
% {, o2 K2 b0 o% Q' p G! Q0040310B 83F8 02 cmp eax,2( E7 W7 t+ a8 I+ k6 L# {
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
; R7 g4 z. Y4 y& w) R00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]5 q! P+ i5 s5 j
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
9 Y/ v7 }$ z% N: A( g0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
/ z' U' r/ P. Z+ _00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
2 v3 l" ]. L1 ?00403126 6A 01 push 1
' U A% q6 }5 V" P+ H00403128 50 push eax
) G' K' Q( k4 \& I r# f( P% W. k00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
) a2 p0 Q/ b* x, Z4 T9 G* ^0 _0040312D E8 C4550200 call qsr.004286F6: j+ d% T6 [4 ?. A" A
00403132 8B00 mov eax,dword ptr ds:[eax]
' M9 k0 ]; Z5 o4 `" D( y00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]$ m# L9 [* E& C# q9 p
00403138 50 push eax
" P4 P/ A7 r8 u, N4 S4 J V00403139 C64424 40 04 mov byte ptr ss:[esp+40],4$ ^ r9 Z" F2 Z: U
0040313E E8 4D560200 call qsr.00428790
7 f) D. m V! h; z" w3 C; `8 w00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" n' \1 R1 `+ r7 i; K' \00403147 8BF0 mov esi,eax8 s ?; d% W1 R) t- ?" y
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
% J- @9 A3 T' a6 o n; \/ Y# x0040314E E8 38C30200 call qsr.0042F48B
. z! H# H P) k7 L00403153 8D46 0A lea eax,dword ptr ds:[esi+A]% A6 x! A+ y) u
00403156 B9 3E000000 mov ecx,3E9 r& ~9 O, o/ R9 Z8 w7 Z7 P p9 f
0040315B 99 cdq1 B; I" o; H+ y2 k
0040315C F7F9 idiv ecx. T6 o) k* _+ W+ a
0040315E 6A 01 push 18 \8 C7 Z$ L! `- w4 O
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
$ h+ A$ a. v+ ^5 l' c00403164 8BF2 mov esi,edx
5 X) t" U4 x; j, A `( T9 b00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]( Z/ s( @9 s/ d. h1 c
0040316A 52 push edx
~" S4 ^7 W5 B; H0040316B E8 0A550200 call qsr.0042867A
7 j3 u8 j1 v \& u6 w( s" p00403170 8B00 mov eax,dword ptr ds:[eax]4 s' S1 n* X- b1 }4 E; Q/ J
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]+ n( T5 P0 W c1 T
00403176 50 push eax
2 Z# s3 C' T8 J5 s3 x; ?0 W9 O' s, M7 L00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
( }6 d) }- p# ]5 c. p9 p0040317C E8 0F560200 call qsr.00428790# T9 ^6 T& G6 t4 @; S1 m1 C
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 w5 I9 J2 U, j00403185 8BF8 mov edi,eax$ R' e3 a' p+ o# l Y$ |
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
. t9 e a6 H/ I( f0040318C E8 FAC20200 call qsr.0042F48B! n& \" ?( e& F- l" j4 ^
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
/ r1 g/ ^# p% h8 E0 s00403194 B9 3E000000 mov ecx,3E
! s+ ?3 i6 E5 g1 Q5 `+ O- V00403199 99 cdq
& \+ s: E4 w" H0040319A F7F9 idiv ecx
0 _. I% e8 V3 g5 U8 d! s6 ~0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]& }* w9 n9 u# n+ p5 x1 C2 D
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
+ j( f, j# C( E' V5 E004031A5 8BCA mov ecx,edx5 \6 W8 U: J; d- [5 |6 I6 J+ t
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
! ?" `9 T- ~$ k004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
# f) O$ z/ }1 x; ^2 B! N/ d004031AF 894424 18 mov dword ptr ss:[esp+18],eax9 o- n% ?7 i: ^
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
# d; O. b; \: L1 E X. Z5 r004031B7 894424 10 mov dword ptr ss:[esp+10],eax
$ G8 c1 B' I6 L004031BB 8BC1 mov eax,ecx; \0 U$ [3 C, p$ X, z9 e
004031BD BF 0A000000 mov edi,0A, N6 _( K7 X' a5 @& ^! Z
004031C2 99 cdq+ \& K ~' D, S: k/ d" }/ R) A3 T
004031C3 F7FF idiv edi+ S4 }# o; ~' F0 R3 z7 c6 W
004031C5 8BC1 mov eax,ecx
: Z/ \' S% ?2 K% t/ y6 B1 {( j" A: r004031C7 B3 0B mov bl,0B+ E" L" J n/ a( {4 d
004031C9 0FAFC1 imul eax,ecx& D1 k* y9 p& ` r7 U5 S3 ^
004031CC 8BCF mov ecx,edi
5 I, [, e4 J3 d004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl# w7 Q! P: J) d# r
004031D2 52 push edx) n9 n, w K: ]
004031D3 99 cdq) X2 V% i4 T9 _1 X0 Y/ _
004031D4 F7F9 idiv ecx
! H8 v% d( w: B( ] j. W5 g3 S004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]( q4 {, L" S/ c$ ]4 u$ ~
004031DD 2BC6 sub eax,esi
9 e6 K$ K( E: Z, m, Q4 ^/ Y, S004031DF 52 push edx7 t C) h; d2 g0 P9 ]
004031E0 99 cdq3 T' j. [. m' G5 X' U
004031E1 F7F9 idiv ecx
1 S( ?2 ]7 Q, P! R6 g004031E3 8BC6 mov eax,esi
9 y/ n! f9 ]0 ], ^004031E5 52 push edx$ }7 ]1 W, a( {8 z9 @. G* u9 b
004031E6 99 cdq
# d+ C) J: r: X4 z" @0 Z/ [ H004031E7 F7F9 idiv ecx) U; J4 X7 i n" @6 l
004031E9 52 push edx
2 k8 _% s/ ^8 J004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
( L w, ?; R1 F004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"# r: q! C3 t* L" X$ i' _: C
004031F3 52 push edx. i& |3 z. l6 a6 [) q
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893, ?0 _7 R# c1 T: R
004031F9 83C4 18 add esp,18- {+ E. I3 d8 C: s) i( Z2 e( }, R
004031FC 6A 04 push 4) o8 c+ r& s1 z, _1 _7 E9 G
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]6 Y6 u8 G( _ I
00403202 6A 00 push 0
! H+ w9 Z8 N2 S/ P# V7 D0 B00403204 50 push eax
% o4 c+ t: [3 d6 _00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]; n) n3 k* B4 U4 P2 X U
00403209 E8 D6530200 call qsr.004285E4
( ]6 k" z* E+ u; F2 s, Q/ o0040320E 50 push eax
o4 _* A( F6 h$ t0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]* x5 J+ Z: e8 X/ E" e( c3 J
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
% b/ i% W& _ G4 T$ c3 w7 \00403218 E8 A7C30200 call qsr.0042F5C4
% _2 @4 s% n5 M$ c1 V x0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
9 r! `. @' R( I/ ~00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
( U: r$ Q E, G9 w* f4 h4 g; b$ E00403225 E8 61C20200 call qsr.0042F48B; o- \, d# ?# o9 ^ S/ s0 A/ G6 e
0040322A 6A 04 push 4+ y: E& B! p2 C, x/ ^. H
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]: j( _/ f0 Y1 N; @- ^
00403230 6A 05 push 5
( z8 \9 H/ ^, p) \* R2 D00403232 51 push ecx
; a( k( j& A. g) Y& ]4 E2 T; r; L00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
9 N* W& K% n1 i8 D- q3 t00403237 E8 A8530200 call qsr.004285E4% v/ A6 K: Y6 z: }3 a( C# Y
0040323C 50 push eax; P) A7 L7 z: `+ [ E! z6 y
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]! W+ b0 ~7 {+ J( p6 h. j2 E
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
" t5 Z5 m7 A5 S- G00403246 E8 79C30200 call qsr.0042F5C4
# i, P# m9 E1 q( A% ~0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]* G8 _4 Q, X6 M/ N: ]
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl/ J; ~+ J' [8 B5 r& Y" d8 x. \
00403253 E8 33C20200 call qsr.0042F48B: t. x) e4 T3 l$ P7 z* M' t
00403258 6A 04 push 4
% }0 ?% n, c& q0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
3 }2 B9 W# l& F* E5 ?8 @/ u0040325E 57 push edi
9 r0 I l- V" R0040325F 52 push edx4 H2 y# Y" R' {( K2 e( g9 D: e
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! H0 ]) a' H# h8 A9 z$ P" ?00403264 E8 7B530200 call qsr.004285E4
" I+ j2 W4 L1 K* h) f/ q00403269 50 push eax
1 D* a1 x5 M$ T! ^5 \) H9 V9 P0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
( K! k$ U3 L0 P: B% a8 M0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E* t" D# Q# G1 L9 e$ g
00403273 E8 4CC30200 call qsr.0042F5C4
0 B: a* Q8 A: Y00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]) I3 h4 n* U3 E, S$ N
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl4 s( ~9 W: q& ~6 Q" ]( N0 L
00403280 E8 06C20200 call qsr.0042F48B
7 ` L, I% R, N |00403285 6A 04 push 4
) g3 r7 X# K2 g; M1 \& \' `00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
# E6 J# N$ F8 A% C0040328B 6A 0F push 0F
2 o" U. Y6 H! d( d! h0040328D 50 push eax
& B5 E3 J [1 A5 x, s5 z5 C6 O0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 A+ m8 r' a# G! B
00403292 E8 4D530200 call qsr.004285E4
0 ]; _6 b4 r) u" c# ~5 n( z00403297 50 push eax. n) D2 R7 x G2 [9 L
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]. q; D6 I+ J# {3 `
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F: O- |) t% K$ t8 }4 u
004032A1 E8 1EC30200 call qsr.0042F5C4+ O" @* p2 c7 Y9 b' g
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]$ J9 _6 ^' U" {1 \3 a
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
& s6 f `9 f5 {8 Z3 l: u, m004032AE E8 D8C10200 call qsr.0042F48B
+ q- g) C$ p$ S0 _. Q# _& i+ \3 e004032B3 6A 04 push 4" T2 ?4 m1 Z0 M, X U, u8 C
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
" J' y% k9 ~0 ]) w5 h004032B9 6A 14 push 146 o9 Q) {5 ~; l4 B9 J7 y d. h' K
004032BB 51 push ecx4 S, Y1 ?# u% \ }: R5 d% [4 q
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]7 a- z8 o5 G; V
004032C0 E8 1F530200 call qsr.004285E4
9 k3 _1 z+ J' `- F2 D: D% r004032C5 50 push eax2 ^7 B* Z4 L: _8 n
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
: q b# \3 [" X5 V7 c# M: [ b004032CA C64424 40 10 mov byte ptr ss:[esp+40],10$ r1 b9 v h. L/ [6 ?- I
004032CF E8 F0C20200 call qsr.0042F5C4+ ]( y" L0 r1 M3 S! q0 `2 D1 I
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( T. O) i* a4 k% n- e9 |( ]' V004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl$ s( A0 n* ^6 Y0 P# w/ I
004032DC E8 AAC10200 call qsr.0042F48B' i+ T1 E3 Z; f
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
6 @. o. B* m! O( z* m004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
; x! Q* t# O, V% u004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL) c; q& B. |- i0 ^+ L$ m4 }
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL0 s! }' k- d3 S% }0 b
004032ED 8ACA mov cl,dl ; DL送CL
9 o# f% d1 U7 s004032EF 3AD3 cmp dl,bl ; DL和BL比较
0 ~% A3 G/ P- m004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
0 a3 M! E9 x! {: A& T004032F3 84C9 test cl,cl' c. w: @; ^3 N( @+ [
004032F5 74 16 je short qsr.0040330D
" ^8 S( E5 f& o6 ?004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
2 z6 Z9 V9 s4 T5 `# ^. D6 V004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL/ W0 K/ {9 f+ s5 N4 y; _
004032FD 8ACA mov cl,dl0 X1 d" k9 T- h5 A2 x) q6 M
004032FF 3AD3 cmp dl,bl ; DL和BL比较
$ k% N2 X* s4 q- K ^% i00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
1 J! h2 Q0 Z' `1 W5 \- v+ Z00403303 83C0 02 add eax,2 ; EAX加2 f/ I) R/ f4 J3 ~
00403306 83C6 02 add esi,2 ; ESI加2
, a. ^9 s) t# X- [& Y/ k9 v00403309 84C9 test cl,cl i. b* o7 {0 o" ~1 X3 X* {
0040330B ^ 75 DC jnz short qsr.004032E9
" M% c+ e* D5 J0 q# f. ] z0040330D 33C0 xor eax,eax0 b: G8 S* i. U* l( b5 J2 b
0040330F EB 05 jmp short qsr.00403316
6 l, ?; n. v6 [$ H. @: q+ M00403311 1BC0 sbb eax,eax3 L5 b: F0 t: ?. j9 ^
00403313 83D8 FF sbb eax,-19 k/ `# U1 e* P3 j6 T4 _
00403316 85C0 test eax,eax% `4 n k# [( f. L H8 t" u
00403318 74 0E je short qsr.00403328
& h/ h4 r. K% W0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A8 c% A3 e7 b6 Y: Q
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
8 s, m+ W& |1 c" U00403323 E9 F0000000 jmp qsr.00403418( q2 a J3 p- M7 W
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
. k0 Z) e n+ z! e, B' U0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]% b6 I' X* W* A) S c) \7 e4 L
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
1 l& P" ?9 Z: o& C$ c00403333 50 push eax, F$ E3 Q. K9 [7 ]7 H) f5 U; x
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
3 x9 ]+ t& [0 a0 D! c00403339 50 push eax
8 }, c1 J0 f1 c4 V' t5 I0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
3 b7 j+ w0 e9 [5 u0 d0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
; m, A+ D/ O( T% ?% N2 T00403343 83C4 04 add esp,4' X& q3 p$ T: {) e
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
; O$ v! d! P; q" ?9 a. W2 f00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
1 f/ v3 z9 ^0 U* R0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]. D2 ~0 j$ p2 d0 E1 T- f2 [- g
0040334F 50 push eax& T) K9 `' [% O7 l2 ?
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
3 i: F: q, S$ b- A( G+ T00403355 50 push eax( s" y) Q' \, \
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX9 h; Z3 K0 L0 E. K3 \3 i, D9 p2 Y
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
* i/ i3 Q) M' J. T* F. e4 Y0040335F 83C4 04 add esp,4
) { C" z, C; m8 b00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI. O7 H# x) h6 U( l* Z; X3 u" M8 w
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]; a2 q& l1 a( p
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
: A) F8 Z, |) U3 F1 U. |8 W& b) |& {# w0040336B 50 push eax
- d8 @& b% M' z0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX, @! ~7 l* a5 r- m( l+ {
00403371 50 push eax* r+ j1 I0 E3 s7 O# A; l
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX% R+ |$ s0 A; {' J* T, Q
00403377 8BD8 mov ebx,eax ; EAX送EBX- F- M! s6 c0 G- y: g; E( f/ ]
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
, J# o3 @$ s, g0 A& Z0040337D 83C4 04 add esp,4
3 ~% u% O/ U6 Z00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]) d5 M2 h% M J
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]: V5 i% P9 j8 D. }; t% Q
00403387 50 push eax
; v4 B' }! w9 Q. ]3 S9 ?% c" }9 p00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX% l) V% m: f/ g4 q [
0040338D 50 push eax
2 _: S5 E2 U7 T+ u2 B3 f0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
" n/ {& p$ n/ b* k- ?00403393 83C4 04 add esp,4
5 r; ]- Q7 ?! C8 G& l8 J. P00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 O6 w) b0 ` Y, R! I' a! o
0040339A 8BE8 mov ebp,eax ; EAX送EBP2 [+ F6 L- G- x* k
0040339C 6A FF push -1
: L& T+ E; H* B! D7 A4 n( W0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX7 T6 P& ?! i; K: d% m2 o q
004033A3 6A FF push -1
& a* o E" s! k0 _& P( N004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX- H+ f F. K# @
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX: Q3 R5 H: k& o* Z: C. A+ L/ t+ O
004033AE 6A FF push -1
7 s, F: o* l; d! S004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
( V' h% N+ V _# J) p004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
7 }+ P1 l. l4 z: a- [# I9 k! j, \* |004033B9 6A FF push -1! {4 p. K/ \ I- `* \
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX. h k! E1 J! n0 I3 \" w# ~
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
6 ?' d& ?5 n! ^& b! m# q, h004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
9 u3 V9 O \9 h004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX- a# `/ ~; l& J/ E# b
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
- i8 c; S5 P3 F9 t9 j004033D7 D1E0 shl eax,1 ; EAX左移1位
6 M# U' U- e0 Z7 Y0 T& E004033D9 99 cdq ; EAX扩展
$ n# H& [6 n2 J$ V) X/ y4 x- O004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中& s1 p( G8 D# }, R, o
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
1 u t3 U* x @: E) C. L6 b004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
: M4 p5 i% D( n' n7 g004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
/ ]7 b2 Z! y: T! N, Z% v004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]4 Q9 v E& U6 n; t& Q- u& t
004033E9 EB 2D jmp short qsr.00403418! o) W- O, N; C
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX4 n% o2 `+ w C/ f4 \. c: b
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E26 W' L. G! _. P. P
004033F7 99 cdq ; EBX扩展1 H: E9 _. ^; G, h- ]
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
5 J& J$ {: U) }# W004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) R9 }4 `; N+ ?004033FF 2BC2 sub eax,edx ; EAX减去EDX
5 X, ^$ n" P4 N( Q5 J00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C] E2 i" G# U- t
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX: [5 X- g0 r# s |3 p; p
00403409 99 cdq2 e: X; z/ f0 n
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
! J b" I4 X* j5 ^ ]8 C0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX* D, @ X z' p" G# [7 v6 y) w
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
m9 k0 x9 X; l& R/ r0 z1 @00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
7 w' G, \5 }4 q0 @# _3 E7 n( [; e00403418 E8 6EC00200 call qsr.0042F48B ;
! n9 ^" P2 ^6 h0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 [9 g# }! {, t* h00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],98 t! t) N0 ^: `) ?% m8 M Q f
00403426 E8 60C00200 call qsr.0042F48B, o% ?& c5 I. g/ N8 P# ?0 E
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]; o( K3 q1 Y7 _ Y' _
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
+ E/ V$ }* K( f) j- Y00403434 E8 52C00200 call qsr.0042F48B
& w7 ^! R/ o/ R7 h+ g1 j00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 D- b* x( U% z) [) I
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
1 g! Y q' P' Y" o; j, j00403442 E8 44C00200 call qsr.0042F48B
u4 }; D6 a+ G5 B5 X0 q+ g00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
9 U/ N& n i4 U* z; h. T, ?0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],69 Z6 {) s2 \8 }+ u
00403450 E8 36C00200 call qsr.0042F48B9 K, s8 n7 d0 K- E
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 B; E/ t" J* k5 D& C7 q3 v6 l) K00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],33 [' n& P8 B9 B( w- b* ?* U1 B
0040345E E8 28C00200 call qsr.0042F48B# r8 r1 T6 T' L+ e( d: C9 S
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
$ p' k! a3 O# z- c; L4 J" S. F00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
3 w& b+ D( x7 r; N% M* ]6 v0040346C E8 1AC00200 call qsr.0042F48B; v* B: x( A4 d7 P& g
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
9 S! l! I$ t* h% g$ d7 p- h8 R00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
; K7 L& ?3 N: W$ f- A H0040347A E8 0CC00200 call qsr.0042F48B
: ?& W5 o6 ~1 L& {0 F0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ f5 y. m$ [7 \" t9 z00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0. F( g' C3 e; f- k
00403488 E8 FEBF0200 call qsr.0042F48B) h. h% `6 \1 ?/ a' T+ f- v
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
9 Z- C( u' `1 [( f00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
% d! F3 O) M7 s- J* ?00403499 E8 EDBF0200 call qsr.0042F48B( @) Z. _# N3 i& Q$ ?
0040349E 32C0 xor al,al ; AL清0
" B2 K; B I ~3 D004034A0 E9 88000000 jmp qsr.0040352D
5 `! `& ?- {9 K) G% I5 G004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~# m* |- G9 A# D6 G' ]0 [
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]- ?+ l# R, X/ W: G
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
* w% e# N' b* ]2 U" N c9 H004034B3 E8 D3BF0200 call qsr.0042F48B( ~" Y% k( U$ d, H1 J* [: p3 ?
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
* c/ A$ d! y$ ?* K) Y004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8- s& J0 P' y' C; I, z
004034C1 E8 C5BF0200 call qsr.0042F48B& k% [$ l. V9 F+ T: q& S& \
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]+ f- L/ U1 K+ E: [0 |8 G c
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7& I9 d4 T- ?) O
004034CF E8 B7BF0200 call qsr.0042F48B
( Y+ K8 p3 C7 C004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
9 s; |/ A$ B1 O$ c# X8 L004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
. s9 p/ Z+ a! K- X% d; C2 k' O004034DD E8 A9BF0200 call qsr.0042F48B
7 I! r# }# D; o4 Z004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
# U- _8 r) D" S( f# g' N- a004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3* E. W0 K% B- u9 @4 j
004034EB E8 9BBF0200 call qsr.0042F48B7 _8 K0 U: a+ q4 U# N6 E& l
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]6 {: h2 {! \* b( o
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2' e8 T: n' s$ ~
004034F9 E8 8DBF0200 call qsr.0042F48B: [6 p9 l2 a! k3 i
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 J2 s9 ]6 w% J, H0 W
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],12 G. p! J$ E) p% o+ B3 _+ ]
00403507 E8 7FBF0200 call qsr.0042F48B' y) }9 h2 Z( ?' M3 `! L
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
; K# j5 u9 J' b00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],09 U# G" b- M+ c; h3 S, n0 w# }
00403515 E8 71BF0200 call qsr.0042F48B _2 i' O4 f1 B9 |2 I
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]& ?, x# x3 m& d; j1 k
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-13 d8 f9 X; |& y; g% o6 b
00403526 E8 60BF0200 call qsr.0042F48B
+ W1 j- s7 t8 P" g' V, g0040352B B0 01 mov al,1; r; H" d* q6 c$ J4 V3 T$ l
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34], g3 e' i }) h" i
00403531 5F pop edi
# J$ I7 Y5 S- `7 \. m3 V00403532 5E pop esi6 k$ y3 c2 _( F' O3 Y1 T8 r0 V
00403533 5D pop ebp5 Q" H( D9 b& _# @& r& S
00403534 5B pop ebx8 m2 `& Z1 j! h% x+ I4 q0 q! j
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx0 @; ~6 @+ e. Z! W2 n4 R- \9 j
0040353C 83C4 30 add esp,30( _ p% V7 c4 A! _& g& `
0040353F C2 0800 retn 88 `/ Z8 R9 ^3 K+ D# F6 W
--------------------------------------------------------------------------------
4 g/ f0 @, ?! x# M【破解总结】- _# s! u* `5 F& B4 o$ P
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^. _4 V- K& g0 k4 l
用户名:yijun
1 |9 K; Q9 M. ]注册码:4893*7777*3726*7777*0529
! O3 V4 Q8 ^# o- Z4 r-------------------------------------------------------------------------------- h+ ]5 V+ \4 }8 F X$ N& k! B& N
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡