|
|
|
【原创】破解Quick Screen Recorder
# o* A# x# {- K2 y6 w【破解作者】 yijun8 C/ Y# w0 o6 d' U. w# k
【作者邮箱】 [email protected]
6 m' |: |- _! v) S' s【使用工具】 OD,PEID* _& }' P/ x) w" a& }
【破解平台】 WinXP
* o& @7 \$ t2 k2 m% T【软件名称】 Quick Screen Recorder
+ w/ X% i7 f" w【下载地址】 天空 P0 |8 O. b6 t! A6 L$ r" i- H0 s
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
f7 n( z5 y; B5 V: [, [" F【软件大小】 540K+ p- ~& M0 u% a
【加壳方式】 无
+ T2 B1 f3 ~& Q$ T% p& ?【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)' W, q# ?4 B) c
--------------------------------------------------------------------------------
! F& {' n& D/ ~& H【破解内容】/ `7 ^0 A: G- p/ [
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
" ~# h5 x0 e6 s& s00404C69 55 push ebp //在此下断" s w$ Y% u2 n0 j* s
00404C6A 56 push esi
, \+ t* J0 B- g8 p3 P00404C6B 57 push edi; l5 I! u* {. Y7 u
00404C6C 8BE9 mov ebp,ecx
( P. `" r7 A: _5 y8 w2 c; J9 [; J6 q00404C6E 6A 01 push 1- w c- Y _; E: w
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
3 ~6 K" I+ M2 X/ @0 e00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]" J6 s6 b; T1 W3 k6 Z" {. A
00404C78 8BCF mov ecx,edi
, ^; D7 J4 {+ f4 ?2 }4 f3 S6 K00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码 w2 y, d2 ~8 H6 ^ j" g* N. D/ O. u
00404C7F 8BCF mov ecx,edi5 E3 ]8 n# M! [$ ?7 ^
00404C81 E8 A73E0200 call qsr.00428B2D
' K7 Z( b4 h( _7 k7 j00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]9 d1 e& W% ?% g# N3 f
00404C89 8BCE mov ecx,esi
7 o( Z1 ~6 `/ J y00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX% s+ I. r; s& x/ x. R/ ^
00404C90 8BCE mov ecx,esi
8 [3 E a3 V W$ K00404C92 E8 963E0200 call qsr.00428B2D
7 ~+ Q! t9 Q2 K; `4 I) d00404C97 8B06 mov eax,dword ptr ds:[esi]
4 Q) l. _+ c' N9 `9 }8 L00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
3 Z0 F1 r6 T# N6 r0 [) @9 U00404C9D 7D 26 jge short qsr.00404CC5) z) p& u2 H. w2 H, Q! U3 R
00404C9F 6A 40 push 40
' H8 J6 `( Z! T& ?; G. ^3 f00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
/ ?- I P3 G9 P& z0 ]: A00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."8 N. Y6 L! {- `/ h4 G ?, e' a, Z! j
00404CAB 8BCD mov ecx,ebp8 H4 n! A2 e0 ^, N7 ^
00404CAD E8 C3840200 call qsr.0042D175$ V9 h: l, _! v+ Y2 {4 l! p
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
" M* `2 W) d. D1 K. K a5 ~00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx, s; T. A4 g$ v8 o9 Q
00404CBD 5F pop edi! O$ J+ F* R/ H( J4 q) K1 x: b. k0 R
00404CBE 5E pop esi9 C, ?+ Z' T& A* A1 U3 J! | a7 E4 e
00404CBF 5D pop ebp
: Y5 O; k( D8 E3 l: l! Y00404CC0 5B pop ebx9 W9 P) J4 L# d' Y( K% ^
00404CC1 83C4 18 add esp,18
! D" D) _* i9 ?- a3 ]) T6 J6 h00404CC4 C3 retn
3 x9 |& B1 h% i. t [00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]+ i' W: ]. ]- h5 K7 S0 E& ]
00404CC8 84C0 test al,al8 w$ \, E$ D( S, q- a$ y* J9 L4 ?
00404CCA 0F85 1C010000 jnz qsr.00404DEC
% w- B& A- c, h4 ^+ Q E" R2 t0 ~5 l00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
4 H7 Z* C) Q5 V$ H }( s( f$ w00404CD4 E8 87E3FFFF call qsr.00403060
" Q# X' V' S9 E6 I' h00404CD9 51 push ecx
: T" q w; W' W" Y- o) {00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0* _3 t& d6 r$ T
00404CE2 8BCC mov ecx,esp2 x0 B' ~1 D3 c% R
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp! R# J* j6 Q1 g8 M2 l$ @# p
00404CE8 56 push esi5 R }/ w7 s. y+ `$ {7 }
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
# f! z6 ~# w7 n' r* @2 M00404CEE 51 push ecx! x) I# t. d1 J0 S s, Z
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],11 t0 m2 m3 \' X( X. A
00404CF4 8BCC mov ecx,esp( C' g' K* x! q5 ~- L! C+ p
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp1 q! y: L" H/ u e, W
00404CFA 57 push edi
; I$ S$ w4 k2 p- E, N3 ]+ q! }% i00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
/ c0 L/ [. T6 U: X# I Q0 L00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]' K9 }1 j- I0 P$ j. Y1 ~6 p
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0 w3 u6 Y: h% f9 `" I
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
. D4 w4 Y, q2 l" J& \1 h00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
' [* F$ Y# n+ A0 [! M00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~+ J9 q5 C3 [1 e! F( M
00404D12 6A 40 push 40
& h# T% D8 H* X4 P2 S" Z- P00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
3 _0 t( b# f6 J2 X/ i00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
6 m- h$ J9 ^, z* r0 I00404D1E 8BCD mov ecx,ebp% B# K) h; C9 d* d. s
00404D20 E8 50840200 call qsr.0042D175
$ m% }9 V4 R6 [9 J5 f6 k. m; V00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. ^! r2 @! R/ Q. g9 v+ v2 s4 Z00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
( }- I" o V9 Y9 x6 T00404D31 E8 5AE3FFFF call qsr.00403090; V3 i; L! r: {
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]- A* d0 m. Y2 e, b9 O
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx/ ]4 z9 d( J+ L* x* d' B% K6 m
00404D41 5F pop edi. m2 a% G8 T% Q# h) v8 _4 A- N: }
00404D42 5E pop esi
/ i7 s+ b, X& g00404D43 5D pop ebp# I' S4 \) l- v; k2 ~7 \6 f
00404D44 5B pop ebx
1 D. g/ o8 F+ ?4 L; W00404D45 83C4 18 add esp,18
) H$ S" N, N7 {$ P" [00404D48 C3 retn, t' e3 B$ i. k* P; A. Z5 p
*********************************************************************************************************************************************************
% K8 r* r3 {+ ^1 j) G7 c: o& z跟进00404D09处CALL来到:
! G0 b' j0 Z; Q) D004030A0 6A FF push -1 //一路F8下去~~~~
- s; @& \7 ]3 N+ N8 u004030A2 68 C88F4400 push qsr.00448FC8
, _8 g$ P% H- [% ~2 g& `# e$ f: o004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
1 Q* y+ t# l$ d k004030AD 50 push eax
! \) d5 g; n. H1 R004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
' p; Y" @- \) x" m" I# Z004030B5 83EC 24 sub esp,242 K% n0 E! C& B
004030B8 53 push ebx
$ `! z* N. e! b* d004030B9 55 push ebp
6 v( Q/ Q6 ]5 G& |6 |004030BA 56 push esi' Z. Y j9 c$ u; `5 g2 P: q+ l
004030BB 57 push edi
4 d7 s: J3 r6 m9 m004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
# j& h7 B- E$ z5 B) F004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]4 ?8 }4 }! P, p* n' U [: B
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
5 t8 g B4 \( S) s7 V7 ?" i004030CD E8 27C40200 call qsr.0042F4F9
0 ~, v: i* d" F; w( W004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]6 p/ E1 ~2 }, D8 {& ^, E- L1 T
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
2 J' `9 g( ^; @5 H% N% R004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
9 q; N8 S0 @8 b9 ~2 b) y- e z004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3/ B; P2 e6 ?/ u. m+ Q k
004030E4 E8 905A0200 call qsr.00428B79
" R: N1 m @# G u' D9 @% z5 Y+ Z004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]' |% B' ~9 {. @* C0 V: `9 ~8 \1 K2 O
004030ED E8 3B5A0200 call qsr.00428B2D
; e0 H) T, f( @% z O004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]. N' z V. F; p# q: d" }3 }
004030F6 E8 7E5A0200 call qsr.00428B79
: \; \( f( g* d9 w! C9 [& N004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 c! c8 l1 T: v; o/ C) G004030FF E8 295A0200 call qsr.00428B2D
4 P, \" n, q! H8 _00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]5 I: r' a# k2 \$ A6 L" r$ h7 P
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
" H+ d P8 [) `; S2 s8 r4 `0040310B 83F8 02 cmp eax,2
H8 Q ] c& V0 f) S q0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
" H/ A6 ?: C5 o00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
9 g& P3 s' z( Z& [3 n00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
+ B `% P0 b$ o# t0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳- m0 V1 k; ?* }, T
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
$ \/ c0 j8 c( r2 C% ?# ^% ^00403126 6A 01 push 15 b# A2 f% a) Q, `, R6 M
00403128 50 push eax
! a6 P1 H: p. a2 g3 m00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
8 \4 F' ~1 I. K9 P' J" D! F3 S0 l0040312D E8 C4550200 call qsr.004286F6
/ c: ]5 [+ Y/ i; F* S- `00403132 8B00 mov eax,dword ptr ds:[eax]
) Y- ?( x$ I' p: H& _" V00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
% _, A) y5 ` p+ n00403138 50 push eax7 q; K$ L& n' Y/ E0 t
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
. n1 p J. j) ^- g0 v0040313E E8 4D560200 call qsr.00428790
+ f3 Y. _' o* i% Z9 X( g, f00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ V9 e0 X/ f/ U: O00403147 8BF0 mov esi,eax2 f, s( k$ r! I3 U
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
' ~8 d3 T8 X, i1 j/ l G0040314E E8 38C30200 call qsr.0042F48B' R7 Q) K5 @% V
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]& c w6 b- C8 G6 E" v/ [: j
00403156 B9 3E000000 mov ecx,3E- Z* Q: c. Y q2 Y0 z5 w3 `
0040315B 99 cdq7 i8 e6 K3 }" @( C7 N M
0040315C F7F9 idiv ecx, I0 ^ S. w$ z: Q
0040315E 6A 01 push 13 Y% U8 [$ b2 x0 w) C
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
* z8 x% L( L9 W/ F( ^) H00403164 8BF2 mov esi,edx
4 ?) q0 R# w$ t2 q00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
3 f$ R+ o( _: ]5 |* G0040316A 52 push edx
3 U' V9 l$ `2 y0040316B E8 0A550200 call qsr.0042867A( P/ a) H( m9 q: H) s
00403170 8B00 mov eax,dword ptr ds:[eax]4 T$ d, k A' v7 [& ]. F
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
6 y' ]9 M* U$ v) S8 K9 f00403176 50 push eax
6 g" l- \( C, W00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
8 }4 H. ]+ Y6 h, c0040317C E8 0F560200 call qsr.00428790
/ _. }: m8 X8 O. _00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]+ w5 \! }, K4 J7 W
00403185 8BF8 mov edi,eax* u g Y0 \; A# M( T L' q
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
4 R/ F0 r# W3 l1 G1 m) v: ` n0040318C E8 FAC20200 call qsr.0042F48B2 O0 o5 ^7 O4 P4 U; o
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
7 g f1 I5 K8 Z00403194 B9 3E000000 mov ecx,3E* h8 d( ~4 F- [
00403199 99 cdq1 d# `" ^) r3 Q. T+ s5 U
0040319A F7F9 idiv ecx0 e; `* r0 Y1 L
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]/ ^" ~: I W* o7 \, R a6 n3 k
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
: C4 C! O9 H9 q/ F004031A5 8BCA mov ecx,edx8 h# E# A# a2 y/ a. ~* f
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
* Q9 g- w% v: l O+ I004031AB 894424 1C mov dword ptr ss:[esp+1C],eax' o$ b: E. z8 s! C' ]6 o
004031AF 894424 18 mov dword ptr ss:[esp+18],eax9 f: d$ f' S- O5 _
004031B3 894424 14 mov dword ptr ss:[esp+14],eax% \3 B/ t/ F) K. V3 a
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
3 L0 `! t1 d* T! {7 |004031BB 8BC1 mov eax,ecx
& U# f2 m0 R" U% q004031BD BF 0A000000 mov edi,0A
! }( R& X. o' _- p4 M! n9 O004031C2 99 cdq
& p5 L. c+ G) Z4 T& v8 y1 H004031C3 F7FF idiv edi* P3 d+ w4 Q( m( A9 S9 W
004031C5 8BC1 mov eax,ecx/ z1 M9 I f: W& Q; Y, ]% ]2 ~
004031C7 B3 0B mov bl,0B% r2 d1 H0 x) K5 O7 ?$ e
004031C9 0FAFC1 imul eax,ecx
3 ]0 m2 c* H+ D5 x7 s004031CC 8BCF mov ecx,edi
6 l! B% _4 _, }- d, C004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl. h4 o- f6 p& c% }5 _4 x1 T4 Y
004031D2 52 push edx4 O" W6 c8 J& |' c' I
004031D3 99 cdq' m! C% @" k+ Y0 n
004031D4 F7F9 idiv ecx! N* F, l! J' ]9 w
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
9 G$ E$ ]1 x& {* s1 F- _! X004031DD 2BC6 sub eax,esi' E2 z( `6 r6 U J" P5 \
004031DF 52 push edx% ^6 e! f- A5 S( r
004031E0 99 cdq
* k" Q6 e& w+ L% U8 b' q004031E1 F7F9 idiv ecx
& |1 C5 b3 ^% j8 n! G004031E3 8BC6 mov eax,esi
& [$ `/ E8 l) [$ n1 w% b004031E5 52 push edx
; S C3 g1 }9 ~, G n/ Z, R. d) l# C1 D004031E6 99 cdq
; Z6 _& x/ z3 F0 Y2 V004031E7 F7F9 idiv ecx
$ k4 u7 }3 ]1 N004031E9 52 push edx
" a. Y9 U7 F6 u3 H004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]' g# a1 k5 Q/ z' U, A. \
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"; L# k$ G% S8 D: K
004031F3 52 push edx
: n0 ~, s1 g! \( Y1 z! ]& ?) V4 k004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
+ T6 U& H; l' Q+ z' {! W) d$ g1 g/ U004031F9 83C4 18 add esp,180 U6 q4 J1 ^. \8 _+ {
004031FC 6A 04 push 4+ Z; G' G7 h9 C5 k1 Q
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
" f% R: I' J. h, C00403202 6A 00 push 04 U' o) h7 T l$ O% M' \/ ?0 \" J$ ?
00403204 50 push eax
# I, v0 _; M# c/ Q$ M9 ~6 _; ~00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]& j+ W# K% ^& w( } M, D0 H! c
00403209 E8 D6530200 call qsr.004285E4
; j* z G: H2 E0040320E 50 push eax
' @ {8 z/ _' k( Q. v: j0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]& i, r0 Q' W, I `1 {+ O; p
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
8 U0 \& M" ~8 m: Q e9 R: q00403218 E8 A7C30200 call qsr.0042F5C4; Y& B1 f B1 D2 Z
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' W4 z; y4 q g+ f
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl' A# W4 E* W; x$ |3 A* `6 d" `
00403225 E8 61C20200 call qsr.0042F48B
2 {& i) b; k2 v0040322A 6A 04 push 4
) D: J) Z3 L4 l+ @6 W5 w$ L0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
2 N% o! U6 u4 Y6 o# I( M2 i. D- A00403230 6A 05 push 51 z2 y6 K% o3 G1 H8 i& g, f' U
00403232 51 push ecx6 q5 }: g) U9 i; d1 h
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50] r. o" P+ c" s. a8 `0 F1 ?
00403237 E8 A8530200 call qsr.004285E4
" M( j% G3 T: e9 a( A0040323C 50 push eax6 e% ^8 S+ u, }* s+ H
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
1 b' I) k& d( T" f# K9 P00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D+ ]9 z. k3 B# E4 ~6 T/ N
00403246 E8 79C30200 call qsr.0042F5C4
' n: s; y% `5 h0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) o0 |$ H, Z: H: X" [0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl- W! \8 I2 S6 Y) Z
00403253 E8 33C20200 call qsr.0042F48B
0 L0 K2 n3 g9 \00403258 6A 04 push 4
0 P; I' u M' F2 E* k0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
2 w, l0 k# }* R) Q M$ L5 e7 r/ }0040325E 57 push edi, V) A: _0 x* Y
0040325F 52 push edx
/ W9 ~. ?* i& D7 X. W00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 c7 \ L) s" K9 {3 u/ X00403264 E8 7B530200 call qsr.004285E4. g$ y8 F6 p4 Z+ Y6 y# J
00403269 50 push eax
# X3 {, S# f) Z' x" u0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]& V: D8 k! z3 y) |
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
! T' b& c) C8 B" P! ~0 Y00403273 E8 4CC30200 call qsr.0042F5C4
8 D% t5 M5 F- t4 V4 [6 v, Y00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
. W: r/ O: M4 \0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
3 G6 U7 h& [ a* o/ F( g. L/ X00403280 E8 06C20200 call qsr.0042F48B& X4 e$ r0 \/ ], g7 u
00403285 6A 04 push 47 y* `# f; v* s9 p" Q. Z' T
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ w' R8 {, T6 n& h0040328B 6A 0F push 0F9 D/ b0 q+ a* o2 j$ j
0040328D 50 push eax
( |( I& Z6 E7 R5 a6 N4 s4 M4 |0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 w; e1 e- H! e7 Y3 P. [
00403292 E8 4D530200 call qsr.004285E4! Z! F/ N1 F( |
00403297 50 push eax% ? q8 ^0 s" p! t, X
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]9 P" z+ P4 i2 s- C* r4 ?
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F" d" p# i2 z& D& i: n3 F
004032A1 E8 1EC30200 call qsr.0042F5C4
, R( x# u0 G5 |, g0 a" b004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 a' Y- }3 C0 x) U. `/ ^
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
/ V5 b# n3 z# |* r004032AE E8 D8C10200 call qsr.0042F48B
# B d1 y* Z/ Q$ b. C9 e" m004032B3 6A 04 push 47 q4 `$ Q) s X/ C6 @: B8 y
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34], _0 r T5 g& p$ V; n% I
004032B9 6A 14 push 14
0 ^6 u \4 f l- q004032BB 51 push ecx
$ E4 m _3 @% Q004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" q% E! v4 l, q. G+ s$ W1 m. o3 [1 |004032C0 E8 1F530200 call qsr.004285E4
0 u& u1 i$ M1 C$ E3 _$ J2 e/ P7 R; V004032C5 50 push eax
6 O3 j; v- |1 K004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
$ {# [+ u& m( ^9 E004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
/ ?# ^9 w& x! F- F L' K* [6 V004032CF E8 F0C20200 call qsr.0042F5C4+ t6 Z! g- M) d
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
. k( Z1 I- c$ Z" G/ S5 L' ^. Y004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl) U6 d: U, U; j2 {7 x3 H; ~
004032DC E8 AAC10200 call qsr.0042F48B8 }" t- N* q) P! |8 [
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
; q4 |7 X' i6 d004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
" n3 n3 v2 i& b/ d' I6 M! S W004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
2 K$ |, Q5 u# g4 ^5 x004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL( U2 O- f8 w/ h4 [) T
004032ED 8ACA mov cl,dl ; DL送CL
$ w# X- G' `8 n0 y, Q+ N004032EF 3AD3 cmp dl,bl ; DL和BL比较
0 n; [- m1 I+ ^1 J( }004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)* g8 |+ }& X2 |) @) u @+ }
004032F3 84C9 test cl,cl
, V: q! O. d6 w/ D004032F5 74 16 je short qsr.0040330D Q# Q2 _! t, p, N
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
6 S8 o8 ]% B8 H, S; p004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL) u+ t1 _( X, P; L: s9 S
004032FD 8ACA mov cl,dl- R8 l: u2 }0 Q- r- N: U5 y
004032FF 3AD3 cmp dl,bl ; DL和BL比较
) o/ j. M1 c3 S$ O6 P t$ e00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)0 |3 i3 Y8 O0 k' h
00403303 83C0 02 add eax,2 ; EAX加2: i) w3 \9 R' L9 ]6 q
00403306 83C6 02 add esi,2 ; ESI加2
S- m3 J1 P: P! W2 A00403309 84C9 test cl,cl) s2 `0 |0 \) U; A
0040330B ^ 75 DC jnz short qsr.004032E9
8 Q$ z5 G8 `& L0040330D 33C0 xor eax,eax8 R- K1 ?0 r' W) b; `+ a: Z% |
0040330F EB 05 jmp short qsr.00403316$ z7 e/ B% f) K5 [" J5 w
00403311 1BC0 sbb eax,eax2 w% O7 @4 V: ]( H( {% Y
00403313 83D8 FF sbb eax,-1
" |4 Z5 @) o. }% x0 y t00403316 85C0 test eax,eax7 H: N; c- p) n' d' M
00403318 74 0E je short qsr.00403328
4 S) {/ q1 o# X0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
2 _3 t" J8 E% v2 P& ]4 g0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
( @ C2 U1 {; [) R, X' u00403323 E9 F0000000 jmp qsr.00403418; `0 U, u3 @$ s
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
8 G4 u3 l* x8 E, \8 J6 v0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]. w$ Z# x/ L `! H$ a& l1 W
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8], n$ L9 `1 v8 j0 |+ [6 X/ ?
00403333 50 push eax+ ~# d2 Y. F, w" \: l# _* B# `
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
) o/ K8 q& k: X00403339 50 push eax W$ ~) {8 ?: F7 R, l4 ?
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
% n# a, C! E: S5 Q/ }0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX' [' _% U6 i% i* v: H+ l) m U
00403343 83C4 04 add esp,4
: s, m) x8 s3 k4 \00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
/ }. ?5 f0 i2 Q. p00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]8 x1 x/ F$ C6 X% R4 k( O% a
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
4 J* N6 C# h8 N# \0040334F 50 push eax8 R" @& m* i4 R" g2 B
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX5 H1 m- R* ~& u
00403355 50 push eax7 \, Y; m$ g, K
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
, `$ F# M6 q/ f5 Q) X0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
2 X! w4 _) e; V3 _: a* x1 z0040335F 83C4 04 add esp,4
/ v7 v4 }! _# g7 P00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
+ u5 V. ~; G0 |/ }, `( W/ \00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]3 f2 c1 }& y' Q" \
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
2 d9 f" j! r% \# G' o0040336B 50 push eax
% H% a0 T. X3 h2 t: B- K0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
3 l9 F6 A& [5 a; b: q: |00403371 50 push eax
6 i2 Y6 n. ]' x% z5 z4 R+ T1 T00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
( v2 N+ Q- C9 ~9 \( K! f! b00403377 8BD8 mov ebx,eax ; EAX送EBX1 h4 s6 S6 v% p1 I3 t5 d
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX, S: G: n8 S9 `5 o$ G/ v
0040337D 83C4 04 add esp,4
7 H' b: r/ X' }' k# ^! _00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]% `. I8 C) Z8 P( s7 F- S
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
. |) s! p7 [& Q9 T7 D2 i* h' g6 S5 R00403387 50 push eax* u8 d/ Z" c9 }8 u- X# B+ Y [
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX( J% G( g% {* p
0040338D 50 push eax6 _& {# N( O! N2 r$ w) [0 Y- ?* L
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX0 N" G, I! Q! P4 F* i2 v& U
00403393 83C4 04 add esp,4& M! h$ \% ]/ i, f5 V3 a2 q! w
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* @& L6 c/ q" i8 o2 } C
0040339A 8BE8 mov ebp,eax ; EAX送EBP
9 U* q. |" b* @6 E1 N0040339C 6A FF push -1
* H' f2 f( U4 t: V0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX3 u2 ?! y6 X/ v# K3 {1 s* P
004033A3 6A FF push -1 c! f2 r* z. C& ^7 f
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
7 O% m( s, }- v z! A m& ?004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX' j& X" B; S g4 e8 F6 \
004033AE 6A FF push -15 h9 V- O8 Y3 T5 z) Q6 [* S
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX# ]8 V* ^" r$ F2 w+ j( S
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
3 A" q8 e& v7 u) l: s4 d" g `004033B9 6A FF push -1. ?4 a$ u; p+ j0 p% N
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
$ T" m! G7 p3 U004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
" o7 l, @! J7 E004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX0 N9 \! i3 d4 c" m( S4 {
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
3 y. Y5 G9 p. X) {+ U- J004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX6 H( \% k- y0 @
004033D7 D1E0 shl eax,1 ; EAX左移1位2 @' i$ d# L) ?. m+ L! l
004033D9 99 cdq ; EAX扩展
9 ]* t7 N8 \0 j& R8 a. M5 z' [+ o004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中' q; _1 R$ z- b$ x! P$ T* Z! M/ |
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
5 h; J% J5 e, h( V9 ~" H. F004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
/ F7 E6 ]2 D& L5 s' ?004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
- F8 W; |9 O) z0 o/ h/ Y004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
# L8 z1 a% }2 t. O" v7 x004033E9 EB 2D jmp short qsr.00403418) {$ M1 Q/ X& c% M' t- i
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX3 B* i/ [" K9 @ o
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
' ?# `* J9 ]7 L8 i8 G! a004033F7 99 cdq ; EBX扩展
: F- q' D3 e$ k: ^+ c004033F8 33C2 xor eax,edx ; EAX和EDX取异或
6 W9 C/ b2 o( t( O: v$ ~$ L004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX% _( w4 r& v* T2 N% i0 L) H+ a r
004033FF 2BC2 sub eax,edx ; EAX减去EDX
5 r/ z* C3 V( t9 M7 B( [' A00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
; N- J; ?% a8 r* z00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX- U' m8 C- t) Y6 L- E- ?
00403409 99 cdq
% @* p/ m" Z( }5 R0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
9 M5 y( b+ `3 Z4 q" f& D4 l0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
9 R" E( W4 x$ {& h/ ?& k* q# E00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
8 ? o( J! ~8 j) v00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
- q9 O( Q/ g' e( E6 [00403418 E8 6EC00200 call qsr.0042F48B ; 2 }: F% R, \( {+ Y y
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]9 Z& u' h6 g6 Y( t
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
" S( Q7 H+ K" ]7 E00403426 E8 60C00200 call qsr.0042F48B$ ^) Z0 x! D5 T3 `* x
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 u% y/ b# u" E0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8& [: h+ {/ s: d8 k
00403434 E8 52C00200 call qsr.0042F48B
1 L# U, b8 Q# X+ R8 u3 Y00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C], V0 @" d/ T1 x
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7" ~5 x, u/ D# @8 [% {* r: p# L0 B
00403442 E8 44C00200 call qsr.0042F48B
7 Y) }2 _1 n4 n) I; u) r1 w+ B8 \/ `00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]4 N" Q7 h7 U. ^5 t: l% ?+ r
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
* r) v. S6 n! i) c" }: n$ d/ P, S00403450 E8 36C00200 call qsr.0042F48B
( K) j/ H/ _% a6 Y# l: T00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& u/ I% q/ P/ L7 G' ~ ]& @00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
& z% I4 E2 s3 N8 M+ q5 r3 @0040345E E8 28C00200 call qsr.0042F48B
+ h m2 K% G: W8 q, x00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
/ G& E- J1 w6 p/ e3 Y; z6 G9 @# s, k00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
! C' N/ E8 k, }2 z9 Z0040346C E8 1AC00200 call qsr.0042F48B
( G; T5 i; p* N6 X* h# m0 w8 `00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, n" P9 Z: O. V9 Z+ A00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
: \: b2 s6 l: Y0040347A E8 0CC00200 call qsr.0042F48B/ L$ N/ d; p% B$ K: T; G1 |' k) u
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
n% J! n9 `: L) z2 c- K00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
0 p/ ~- d9 I6 |+ ?" n. Q00403488 E8 FEBF0200 call qsr.0042F48B
. m! f& e6 `# K3 q) K+ }0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]7 @9 \% M# {& ?) \2 u
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) l# ?3 ~# o8 x- e
00403499 E8 EDBF0200 call qsr.0042F48B0 V* _2 L+ I8 ?: L9 _
0040349E 32C0 xor al,al ; AL清0. z$ L! w6 |: N
004034A0 E9 88000000 jmp qsr.0040352D
* o1 P' f3 n+ a3 Q# G004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~; ~- P. |, X$ t, y# M$ b
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
6 n4 i ~. I% o) H7 M- }5 P004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
6 ]3 b3 i% n+ U ~% V004034B3 E8 D3BF0200 call qsr.0042F48B
9 T5 P) i6 O* v9 `" ~8 L6 K- K: e004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]9 b" j' [3 ~0 Z2 j6 m. R
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
6 F& q7 e+ h9 h7 N* a8 f k004034C1 E8 C5BF0200 call qsr.0042F48B( V5 D2 n8 c* c z; R
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
9 \, C9 ~/ P. g7 F; \- [004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
6 S9 \$ I$ C+ ?8 X004034CF E8 B7BF0200 call qsr.0042F48B
8 f% K. `" v4 ? M. g; _2 J: P004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
8 a, g6 _4 E9 X8 e004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],65 j: s1 B8 o: N: c! D% h0 E
004034DD E8 A9BF0200 call qsr.0042F48B& A2 Y7 ^% T0 d5 s2 k% x: u
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]$ |7 h+ O5 E: B, M4 q
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
! Z8 s+ [* D6 H/ A7 w" t004034EB E8 9BBF0200 call qsr.0042F48B
* m4 G4 J7 y# ~2 Q: a004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
. j! C; ^2 K9 ^! l% k" @& `004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
2 U1 l1 l$ r D: G9 r/ ^( Q4 ], ]% @004034F9 E8 8DBF0200 call qsr.0042F48B
0 ~) a0 G( V/ z+ {' J3 l004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]) ~# U8 o( I6 q
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1+ \' k# Z x2 \- L4 \- _5 z Y
00403507 E8 7FBF0200 call qsr.0042F48B) R; M/ [: I$ Q! N& z' W8 p
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
* Y! \) L( b, v& u% c00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
& d7 x- b ?8 ?3 S2 y9 l/ c; t- X+ {00403515 E8 71BF0200 call qsr.0042F48B
5 _7 ~5 ~% \' U2 R# I1 I0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: e6 C8 Z2 b5 Q0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
5 _" x- S" q* D( B9 j1 N00403526 E8 60BF0200 call qsr.0042F48B, f3 Y+ f5 y P: z: a- _9 i1 b
0040352B B0 01 mov al,1& g3 R! X& d' P0 R
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]1 _9 W# V% t- @4 k" J
00403531 5F pop edi5 g4 H- j; h$ `8 l' d( n) l ^
00403532 5E pop esi1 @, Y+ H8 O' Q8 _
00403533 5D pop ebp
( C1 y! W# j* D' L00403534 5B pop ebx H/ j6 ]& N8 n5 L/ R
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx! U% T, u+ Y/ j& i' v4 K- d5 c# a$ p% r
0040353C 83C4 30 add esp,30
2 s; j% G$ w, l4 B8 y$ ~0040353F C2 0800 retn 8+ d- ^0 ], R E( C9 G0 ?
--------------------------------------------------------------------------------
! Q4 @, |4 v4 c/ P* t( k8 U$ t3 T【破解总结】
1 s' y7 `- I) G2 ^! O/ A5 Z1 X 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^' {( B4 d1 `6 B- ?* s: @6 }8 E& ?
用户名:yijun
0 T4 `$ J/ X: y! h注册码:4893*7777*3726*7777*0529
. N4 Y$ E, j, d/ x--------------------------------------------------------------------------------
# Z; F; ]% _. K! x) ~; x2 _【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡