|
|
|
【原创】破解Quick Screen Recorder$ G1 w& k- v1 Y
【破解作者】 yijun
7 ?6 q2 R" Y' g+ x @【作者邮箱】 [email protected]( u) X7 m/ v$ K
【使用工具】 OD,PEID+ i; w( m1 q2 Q8 ], q9 v+ L# i
【破解平台】 WinXP0 T j# g% I+ d5 [6 j
【软件名称】 Quick Screen Recorder
1 Z: I; W6 \7 ^) Q# w o【下载地址】 天空
% F- t# w# H0 o u【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 7 _1 } K* Q2 g% ? ^, o
【软件大小】 540K1 s; R7 W/ _" Z
【加壳方式】 无" R! m [; p9 v* m$ k2 _- f- |
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
+ p2 T: n3 U7 g$ J" h& U--------------------------------------------------------------------------------' X- d9 G5 C% X# ?+ L* C
【破解内容】
- C3 W/ [' P: ~2 s. Z) p9 _ PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
A& w& G7 }8 i! c9 ?) l1 F! R- J/ [00404C69 55 push ebp //在此下断
3 g( v$ o( @# `% {00404C6A 56 push esi
. C" F, I1 F8 Q# h v00404C6B 57 push edi0 l- }) y! L5 b. K" h/ j
00404C6C 8BE9 mov ebp,ecx
' g4 o; d1 ]0 J, E/ B$ q; d00404C6E 6A 01 push 1
+ S2 m$ f* g5 U& R+ Z5 U2 R00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名4 A" l+ W# f5 a! r, s6 h
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
/ v/ I* N0 b0 `2 ]00404C78 8BCF mov ecx,edi
& n; Q1 M; ^: b+ p- L00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
- {8 D3 n" {& d1 O8 W3 r( {00404C7F 8BCF mov ecx,edi& F' E: q M: Y# d
00404C81 E8 A73E0200 call qsr.00428B2D
7 y& c: `' j+ i; Y00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
) @2 C8 Z0 W" L* L00404C89 8BCE mov ecx,esi/ u+ d e4 L! M7 W; v# |7 w
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX, i1 s4 `; \# A: h( R, _2 P
00404C90 8BCE mov ecx,esi8 u3 Q; q3 k" @" n8 K( l+ i
00404C92 E8 963E0200 call qsr.00428B2D
8 r- I3 v+ g9 m3 f! w$ T00404C97 8B06 mov eax,dword ptr ds:[esi]
3 B8 S3 y: Z d6 }* [; y5 X" ?00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
/ H9 [6 W; |- ]$ c- M( Q: T" y00404C9D 7D 26 jge short qsr.00404CC5
7 J4 ]+ I j* B( m7 Z. ]00404C9F 6A 40 push 40
2 [, Y9 x5 f1 ^7 v9 |. g* t00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
) V8 z4 O' o% \. }0 l# d6 r- w& y00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
. X1 Y0 `# Q* Z) D% X3 _6 |- K00404CAB 8BCD mov ecx,ebp& ~# M9 {' u2 V% s: [, J& z
00404CAD E8 C3840200 call qsr.0042D1753 K* ~6 k4 R; H& B
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
3 Y8 f1 Z7 h6 g, q% ?! }00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx5 h8 m5 Q/ l# `! R1 }! K
00404CBD 5F pop edi
' \4 `: f6 c8 G. q) y$ _ O00404CBE 5E pop esi5 ], i5 E0 W5 Y, ?3 p' \: ]
00404CBF 5D pop ebp6 g; c. P! Q; B; r& R7 e
00404CC0 5B pop ebx
0 X/ V5 D4 w+ a2 @4 J2 y/ F. q00404CC1 83C4 18 add esp,180 D: M9 ~& |' I$ h1 X& c$ a- |
00404CC4 C3 retn$ f; e. p: W3 P! a& s) T O
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
) G- H5 l- O8 R00404CC8 84C0 test al,al
8 E: U4 d! M3 }+ t+ J6 Q+ |00404CCA 0F85 1C010000 jnz qsr.00404DEC
# o: o8 k; \2 r1 b* d5 Q) I00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
2 N% F' ~9 U$ h0 {0 t00404CD4 E8 87E3FFFF call qsr.00403060: ?, J4 Z5 J1 O" n3 a3 t5 `- x# O `
00404CD9 51 push ecx' R. e' k+ Q6 ^5 W/ Z: a
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0. L9 b. _$ F, h$ O! g
00404CE2 8BCC mov ecx,esp
3 S" C. e2 G, {9 G00404CE4 896424 14 mov dword ptr ss:[esp+14],esp, G$ @0 a* N* r+ E# G9 [- Q& D5 k
00404CE8 56 push esi0 a- N; L- ?1 U# G% E% k
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0* f% H1 N9 B- |, W
00404CEE 51 push ecx
! J% V4 d6 b& Y7 k o00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
7 j' ]! l: L7 A) g$ U" x) F. V9 M5 j00404CF4 8BCC mov ecx,esp% j- K2 D* I, P
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
! I8 V+ j2 x+ h: p3 X+ b8 _00404CFA 57 push edi
" m8 u6 J% F9 q$ \00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
. |) \; _$ q* `& u$ O! i2 V00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]& T* J3 u! J# D
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
8 u# O& ~ r* ~ Q0 |' R00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~/ t8 p( _( k# `0 M0 p/ P" j
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
4 i$ i; W( ]5 ^" v- E. O00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~& v6 W5 f% ]1 y2 y$ E* ?! q8 ]
00404D12 6A 40 push 406 |# o. `5 v) ^+ Q" E
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"+ G! |2 Y( F O6 _; [0 h* [
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
: J, c* k& P% Y X00404D1E 8BCD mov ecx,ebp. A: J- R/ R6 s, j
00404D20 E8 50840200 call qsr.0042D175
1 N: h8 V/ C1 m7 t& N00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. b% K- F- O; n/ E00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1; `- A! I$ `) s
00404D31 E8 5AE3FFFF call qsr.00403090* c* Y4 h G" }& {
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
* m# r" o; G9 }) w; }. B9 ]00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx, P7 `- \& p& d0 }3 i
00404D41 5F pop edi1 W+ k& c4 N( H- n; D7 h, K
00404D42 5E pop esi
* Y% n; f: Y K* m+ o1 T( z u: |: M00404D43 5D pop ebp
( ~. i# w; R# A2 T1 J00404D44 5B pop ebx0 }$ B3 r& B- m7 x$ ?% ^
00404D45 83C4 18 add esp,18$ j7 d/ r# Z; Q3 ~) ?6 e
00404D48 C3 retn5 F/ `- r8 W) _" Z
*********************************************************************************************************************************************************# j! k7 @* ]- G9 p
跟进00404D09处CALL来到:
j- x0 v4 c8 u4 ]004030A0 6A FF push -1 //一路F8下去~~~~
! n. a( N M+ p( w: b004030A2 68 C88F4400 push qsr.00448FC8
$ V& ^# b1 A k9 y3 R& P! X _, |004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]) O/ q: M! v# K
004030AD 50 push eax
' u1 D L6 t ]5 L5 S. y004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
4 m% B# E7 B3 d! W& h" e004030B5 83EC 24 sub esp,24
0 [5 B: I4 p' X004030B8 53 push ebx
. K! u% n8 E6 ~004030B9 55 push ebp
4 @; d( R+ \) o& p9 @$ j004030BA 56 push esi
3 X0 `8 A$ [6 z/ `; P- {0 i/ ~/ _004030BB 57 push edi
. ~" R, Y! r+ B: Q! O. \004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"7 J6 }. C' j5 i6 {
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]/ j, |3 U3 T* w: A
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
/ `0 t# A) o, f6 M2 i4 C, C004030CD E8 27C40200 call qsr.0042F4F9: }9 o$ N0 `' v2 Q0 L0 W
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
( m# V: n | g8 P7 [1 T' f6 t004030D7 894424 2C mov dword ptr ss:[esp+2C],eax% m& a- i8 x5 i0 b, f: P+ N/ G/ V! g/ _
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]6 W( ?& l( X+ r* F/ k' O& y7 y
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3/ Y [8 t' E: ~, V7 h/ H
004030E4 E8 905A0200 call qsr.00428B793 b3 G# S% `# [$ N' V' k# J
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 i3 L$ v7 Q3 s) `2 E. K004030ED E8 3B5A0200 call qsr.00428B2D$ |3 d( X( c/ h) |* d6 m
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]2 c' f; P2 z' Q0 [! E+ z5 [
004030F6 E8 7E5A0200 call qsr.00428B79
" b2 S# D3 F; v) I, M004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]+ |( h' a' ]! V& D
004030FF E8 295A0200 call qsr.00428B2D6 J4 [% U; {( \$ ?1 i0 i
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
, }% z3 m0 b6 V3 F! @: ^00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
8 C" K" y+ c2 d0040310B 83F8 02 cmp eax,2
% n! e/ D( W0 g0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
% S0 ]7 p( N# @/ ]$ Q8 E( p00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]; i7 V0 W) k* ~
00403118 837A F8 18 cmp dword ptr ds:[edx-8],186 T; V. n; @4 h4 Y9 A
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳' e2 M8 a$ D( A, S$ n0 y
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]' @0 b' ]- s6 V* X2 b. V
00403126 6A 01 push 1. V$ G. P3 m! g7 q1 c- ]( z
00403128 50 push eax- A4 ?1 r1 {2 B6 z. W2 S+ G
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
8 a4 P, {1 X( h" B. B G! ^0040312D E8 C4550200 call qsr.004286F6
! X8 Y/ F" m3 [3 l( Z4 d+ B00403132 8B00 mov eax,dword ptr ds:[eax]6 A4 l: }6 ^) Z: F0 u
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]% z, B# U) D% Z' i, G
00403138 50 push eax( O3 ]# S( u8 d+ w) j- u1 S
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4! Y7 x5 _4 h G, W8 _
0040313E E8 4D560200 call qsr.00428790. p1 I; n1 |. v2 g. s7 N
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 w" ]9 P5 D- ]' U3 ~5 @' W00403147 8BF0 mov esi,eax
# X* Q& F4 e# P: P$ w& v, U7 j! ^00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3 O! Y# J* y f+ t, l1 ?* @
0040314E E8 38C30200 call qsr.0042F48B1 i8 ]3 I4 u5 M3 W
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]: |1 K$ |& t+ \" T# y
00403156 B9 3E000000 mov ecx,3E( O v" K, D1 R" d7 z2 G
0040315B 99 cdq
0 A- a# C$ }9 {. J- l0 N& V! w0 j0040315C F7F9 idiv ecx: x) _$ q a6 i+ B: |2 w( O" j
0040315E 6A 01 push 1. @3 r! L; c8 O
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]% ~, e; Z8 E7 O0 G9 T: \
00403164 8BF2 mov esi,edx) K& Y9 d7 g. y" Z6 d1 y' T) m
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]5 h7 ~: Y2 C* g Z
0040316A 52 push edx
# J. o: |) ]* ?6 K% ^0040316B E8 0A550200 call qsr.0042867A7 U/ s* J0 u$ Z+ S; x! ^
00403170 8B00 mov eax,dword ptr ds:[eax]0 U4 y5 N8 x: a5 S2 c
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. r! `* N4 f3 R& s* T3 n' Q6 b
00403176 50 push eax
- q! b) x1 y1 {$ z" h+ n00403177 C64424 40 05 mov byte ptr ss:[esp+40],5% S5 p1 M }! v8 K
0040317C E8 0F560200 call qsr.00428790
# G j: D) p' [/ _+ P00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]- [) Y2 c2 f/ T# p# U) `6 s
00403185 8BF8 mov edi,eax+ p) l$ V, _* V
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],37 t z' K' Z/ s( t
0040318C E8 FAC20200 call qsr.0042F48B
; ~$ n( f" J) |8 T5 }& j4 k00403191 8D47 0A lea eax,dword ptr ds:[edi+A]0 Y# t4 q. {5 e/ D
00403194 B9 3E000000 mov ecx,3E
* n: l2 J" y2 X; T/ B00403199 99 cdq& \4 g' p4 G; z# ^. C) X* a, B
0040319A F7F9 idiv ecx
, Y2 M6 H" W/ E6 {2 {1 J0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
" ~: N- r4 x0 q! _3 k X: P- D004031A1 894424 28 mov dword ptr ss:[esp+28],eax
- O$ I( v( X* P5 l2 D004031A5 8BCA mov ecx,edx
% Z! C8 Q$ u5 E; \5 l004031A7 894424 24 mov dword ptr ss:[esp+24],eax3 h4 _/ b* Q! V# n3 H4 S3 @
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
& p' n* F. y' ?3 z7 _$ b004031AF 894424 18 mov dword ptr ss:[esp+18],eax! U7 i0 M, d8 J
004031B3 894424 14 mov dword ptr ss:[esp+14],eax2 q6 K3 [) W L# Q' U
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
# {3 J" A6 S5 H5 \# C8 c7 D7 C004031BB 8BC1 mov eax,ecx( w/ L' f/ q9 n7 f7 w
004031BD BF 0A000000 mov edi,0A
3 r- x, ]6 k, T% K004031C2 99 cdq6 S# |' X, t3 ~4 Q* J: z
004031C3 F7FF idiv edi
- h0 \ s( o0 ^004031C5 8BC1 mov eax,ecx9 S. M# @4 S l+ W3 ^
004031C7 B3 0B mov bl,0B
$ p- t9 q2 s: o9 }% F1 f! ?7 T9 s% n004031C9 0FAFC1 imul eax,ecx. n- i3 h1 Z0 B+ ?- j
004031CC 8BCF mov ecx,edi- V; T* _, |+ |
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
3 b- Y m. s3 q: i004031D2 52 push edx) y" x) ]# ~( N5 q% u1 o( j
004031D3 99 cdq
* C$ @# n' S) q+ w004031D4 F7F9 idiv ecx
* ^# o# a" t4 j% w004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
6 v/ o) n. j4 q2 v* @" V9 A% {7 C004031DD 2BC6 sub eax,esi% \: g ?* u2 u$ n: {; Q: E9 n
004031DF 52 push edx) s$ W9 Z; t* Z; V. Y1 ?
004031E0 99 cdq
) o* g$ m. r$ \7 S8 A3 I% W/ U004031E1 F7F9 idiv ecx+ D5 i L6 i5 I4 ]+ L; p' l$ ~0 p
004031E3 8BC6 mov eax,esi
3 T" [9 j0 c/ g% p; c" }004031E5 52 push edx6 y! ^, e& E& Q; |
004031E6 99 cdq$ N6 J0 o2 u8 n
004031E7 F7F9 idiv ecx" K' i- \6 K+ k. f+ L
004031E9 52 push edx- Q7 [4 A1 u# Y, j2 B- L- _
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]$ r! ^8 F4 y* x
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
9 C; m( q1 p" m. k& g004031F3 52 push edx9 x& t0 X* J; y9 b P! b% P; c
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48933 l) k. \ p3 h7 }& k$ b. A o
004031F9 83C4 18 add esp,18, l0 p5 p. U2 E; S( R
004031FC 6A 04 push 4
* e4 ]) A. C- O+ D$ B" f004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
& _. ^3 L) p, N# T1 S00403202 6A 00 push 05 @# [( x3 g# o# ]( G
00403204 50 push eax* L6 S1 i$ g+ Q c- I8 [& {
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]3 V. ]6 n, g1 [- [% p0 a& m
00403209 E8 D6530200 call qsr.004285E4* w! f; e& l5 U2 @
0040320E 50 push eax% Z6 S4 P( ~3 v
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]6 B* }# F/ ^4 C: F# [
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C/ k' k1 x5 Y& ?9 H) }7 w' q- H# h
00403218 E8 A7C30200 call qsr.0042F5C4
! m$ y j4 U* P; c/ T4 p' U% A0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
% Z7 A- \* Y3 f' p9 s. F4 f00403221 885C24 3C mov byte ptr ss:[esp+3C],bl P4 K# m; v" H5 ]: d
00403225 E8 61C20200 call qsr.0042F48B
6 R7 _4 P* \3 X/ ?9 X- P3 C2 H( W( o0040322A 6A 04 push 4. f# ]' e- X/ N7 Z" F* l+ Z
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]" I) ?2 N' }- c( r
00403230 6A 05 push 5& E: }/ E: J9 m% s
00403232 51 push ecx t# \) p) B; w: v8 q
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
# G6 X G% _/ f- l3 i" z2 S# ^00403237 E8 A8530200 call qsr.004285E4
" R4 `! |$ k, i& p- H0040323C 50 push eax
* t- ?5 t8 ?7 ]8 J3 ^2 Y0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
5 g# L- y! |9 q1 P00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
2 U1 v( T. _- C! w' M, w00403246 E8 79C30200 call qsr.0042F5C4
1 w' b5 p ?4 P. r( O% B# i0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]3 X7 s/ v! ^4 l0 i/ b3 y! x7 U& d! _
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
; J1 g( P: F. X' H1 A& {* O& A00403253 E8 33C20200 call qsr.0042F48B$ A* Q* Q! Z$ R o! n! m
00403258 6A 04 push 4
, z! v$ W, f' l6 ]$ u; }0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
! l1 Z, e2 a" ~+ ~& U( F0040325E 57 push edi o- T* d: a7 N2 M) G2 t& j# _
0040325F 52 push edx
% J) g& W# ~$ `. V- e6 Z8 Q1 a00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]* F6 ~& [! w4 F% p2 G Z. U: {7 H
00403264 E8 7B530200 call qsr.004285E4
" Z4 N% }2 o) y. z2 U( H00403269 50 push eax8 \- _* Z0 d+ f0 i0 s+ _1 c& i
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
) L# i2 m6 k, r$ X0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
1 p* a5 k( S# V7 Q! l# A# r6 H" w* _$ R00403273 E8 4CC30200 call qsr.0042F5C47 g8 l4 j! W1 m) N! `
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ w9 M% @- R4 a' @ E R0 ?0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl0 e) S2 T9 D+ I+ l
00403280 E8 06C20200 call qsr.0042F48B$ J8 s) c% w' o7 y- M1 s
00403285 6A 04 push 46 x! p5 X c3 R" [) b
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]4 ]6 k: f5 U" g% @9 w& J
0040328B 6A 0F push 0F: u" E6 w' g: V' ?
0040328D 50 push eax
( u, y: |5 o% V2 k0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
: p0 G$ O) z' z& W00403292 E8 4D530200 call qsr.004285E4+ |+ ]% ~9 f" R2 ^/ l& u* f2 c
00403297 50 push eax
( `4 }% c* h" @" f8 N+ M00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]( @4 x9 l1 L/ L3 s4 _4 K
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F- \! ?1 x7 {, S0 h3 Z; _% q
004032A1 E8 1EC30200 call qsr.0042F5C4
( @( t, g8 q/ I% t004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 j4 L+ n, u4 n% K004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
6 t0 L, d% ]* S. |1 y- {: Z004032AE E8 D8C10200 call qsr.0042F48B& n9 \' S. I: I c- e7 h+ t( z1 K# E
004032B3 6A 04 push 49 N: y7 x1 p- t! Z: r( B+ [- Z, s" s6 s
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
- k4 d1 ]$ \! K; x9 l( H6 O) k# y004032B9 6A 14 push 14
( j' i/ x. j7 b004032BB 51 push ecx
3 b, R% d! s# s; _1 ^004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
, q; k0 T! w; R" f* H5 x004032C0 E8 1F530200 call qsr.004285E4
' j; J& F5 U1 x' `004032C5 50 push eax0 B8 o C" L9 p/ f" Q4 s
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 p3 F$ V# K+ G+ o5 u/ A6 N; F004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
( p' b7 y, D/ s' q* P* k004032CF E8 F0C20200 call qsr.0042F5C4$ C% N7 B+ m7 T: @
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 T$ V$ k e) |/ g2 P
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl- b7 t9 K' W" Y( M Q
004032DC E8 AAC10200 call qsr.0042F48B* K. |- R5 o0 p8 A y. y
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI' T ?) e+ o8 M( O2 d9 c
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
8 ]) L5 s, c- n0 W0 n004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL( C- A; F* C; x T, j" v
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL, }8 H- t3 R! F7 E, q
004032ED 8ACA mov cl,dl ; DL送CL
2 h$ x, R. B. b- u* x5 g* R) [004032EF 3AD3 cmp dl,bl ; DL和BL比较
8 j6 y) g1 [; z/ H) U0 L004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)5 N& p: ?# ^8 D' d/ V
004032F3 84C9 test cl,cl
. u \5 P- f0 O9 S$ W c; F004032F5 74 16 je short qsr.0040330D
- c4 J2 ?/ a+ {/ q; P- y004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL* w. N O4 Z; H! a1 a
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
+ h, R- [# p& ^, j o+ `" v004032FD 8ACA mov cl,dl
* q. R, T4 i& T, }004032FF 3AD3 cmp dl,bl ; DL和BL比较
, S0 u- p2 v8 g8 l6 X00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)0 O" V2 A. Q% ^$ u7 m/ ^& z
00403303 83C0 02 add eax,2 ; EAX加2
+ i$ [* K" F- S4 G' z' \; ^4 J00403306 83C6 02 add esi,2 ; ESI加2- L' I+ h4 e: j' M# P9 V
00403309 84C9 test cl,cl
- V3 u$ v# @2 Z7 t# V0 t: a0040330B ^ 75 DC jnz short qsr.004032E9! o5 o4 t* X, O) a4 f4 D
0040330D 33C0 xor eax,eax
" }5 r: c8 \7 G5 j" X$ d( x4 w0040330F EB 05 jmp short qsr.00403316 [& S4 U" S E, I
00403311 1BC0 sbb eax,eax
/ Q; c M* w2 ]# p00403313 83D8 FF sbb eax,-1
+ L% R9 P: s; z; V00403316 85C0 test eax,eax
: j+ X1 {! M/ G00403318 74 0E je short qsr.00403328
! G3 c; l/ a3 l; C. r, C$ L/ f) o0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A1 [% b2 X) Z6 ]" M/ l7 P
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
1 s$ k- W, N9 ?2 M* s00403323 E9 F0000000 jmp qsr.00403418$ ^4 V% z G/ ~ @6 @
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
6 R5 m0 a9 n! l0 D) \" \( D; D0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 @: \. F, y( I) W$ y' e1 f, W
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
9 F+ W U+ e5 I% [" N00403333 50 push eax
! w E, ~0 _7 [5 Z6 X/ y ]00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
0 V$ q' l* m2 K; l$ U8 L" L00403339 50 push eax
. ^* r; B) u3 {% [3 \% p, W0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
! @$ ~2 a. j) ^& C8 @2 Q' w; _0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
$ G; {: D2 @1 R; h) _+ T00403343 83C4 04 add esp,48 m% u% L0 O) H9 S- P2 |& u
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI" y* z4 T* h: o9 K; D) u7 L, Q: p2 C
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]1 a+ e7 i5 A( R, l
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
* c3 R& k$ m$ w1 C8 Q7 O& P5 J0040334F 50 push eax
T' i9 _( D$ X f) @) F00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
2 W% Z+ N* i# L. H% ]00403355 50 push eax$ a; z- u1 `# @8 H$ K6 W& v2 q
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX' M( l1 s7 |+ @2 V# }5 S
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
) U" }7 F* J" P* P! V2 C' ?7 @+ G0040335F 83C4 04 add esp,4+ T, n3 Y0 b: |* b# @
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
) C" L. F5 a& e$ ]5 H! y' e( `6 k00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]2 l0 S+ i, @2 x8 H+ W
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
4 n+ O' k/ `' m _6 T3 A0040336B 50 push eax# t; `1 t4 g0 V! H( p7 o K6 m( ^
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX* D) y' y" v" Z B
00403371 50 push eax
6 o2 v I" {- F" e( p00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX, {5 L% g! |! K
00403377 8BD8 mov ebx,eax ; EAX送EBX
7 D& ~, c p( D% Y00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX# T: _, H' h/ W+ z% j
0040337D 83C4 04 add esp,4
/ G; b' |) H3 B _; |' s00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
+ a0 ^" W% m, T1 V8 n+ w00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]0 t" d( p( q9 H0 Y* x3 F" s! o
00403387 50 push eax
# c& S4 D! i0 v00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX; ^6 }7 L$ {; t0 h2 ]' N2 g
0040338D 50 push eax
$ X! E Q9 ?* `' I( h" n0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX9 w5 a2 _5 d' r. z, k( V `
00403393 83C4 04 add esp,46 ]1 W, m3 r9 S+ ?4 B* |$ A
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
* Q, Q) I& a" p2 }+ E0 j( p0040339A 8BE8 mov ebp,eax ; EAX送EBP
/ e) ~" q; \7 Q7 F+ N0040339C 6A FF push -1
5 G# l- M# n" N) ~( G% ?0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX3 V8 H1 j$ B- F" h& {9 t
004033A3 6A FF push -1
& v) T( k4 K ^& [ t004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX# _ f* N. j+ L2 S, h; P
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
. G2 L6 g% O* r5 t004033AE 6A FF push -1) }# O9 P* _3 m! i
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX4 _* s' V F- y; w9 |
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX; ?4 O+ f f8 G; e3 W
004033B9 6A FF push -1
+ b4 [7 Y, C: J9 t( v004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX5 A9 J& p/ w+ U+ h' j1 c Z1 |
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
! p& K9 M. ]/ \) E+ Q3 C004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
8 z7 K: c2 A' [+ U+ x004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
# v- C! S$ s* R3 N004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
/ G% R/ R% A4 M( Q/ C004033D7 D1E0 shl eax,1 ; EAX左移1位
3 P% s9 @- ^# ]! G9 l2 E0 S004033D9 99 cdq ; EAX扩展1 q9 t8 Q* S9 _8 A8 ]' J
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
3 j! r! g1 R& p; V004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
8 _3 F8 p$ L" C5 L4 D$ H; B3 [/ Q! x004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
' N0 _: R @8 j. O0 p- n+ \004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
, O! s0 m5 g: M004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]4 r* Y5 W. M: C2 l1 m6 k. [7 M
004033E9 EB 2D jmp short qsr.00403418
7 X3 n6 P8 x& w9 a& g004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
9 X+ p* f& e3 T9 i# @004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
- u+ Y# u* Q+ m; i" Q! t, |% q004033F7 99 cdq ; EBX扩展
+ J: |7 y% g4 T, m004033F8 33C2 xor eax,edx ; EAX和EDX取异或/ E/ `' d! h: G* r- v. T
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX h. T) C$ _2 m2 J
004033FF 2BC2 sub eax,edx ; EAX减去EDX* o* b; N% B- L
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]* U# R$ E7 _3 p/ f
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX- j) H9 C4 O1 H! O; C- W3 F
00403409 99 cdq) E( Q E7 W' g3 e5 P$ V' q K/ S
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
& G. P F0 M/ g- W" |0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX ^; I8 l6 V, j2 y' L
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较/ s9 x6 {9 K6 ~: D
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)! m% p# w& C5 d, [0 }/ J
00403418 E8 6EC00200 call qsr.0042F48B ; # O2 o& b; p2 q4 R) r8 q/ [
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 m7 B, i4 \# Z* z1 Y' [% p7 J
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],99 V9 J; }# M' {* t
00403426 E8 60C00200 call qsr.0042F48B
1 r2 v6 q( {9 ?! E( _; u0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 t0 b" v' a8 ^4 \0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],89 z8 \! o4 ^1 j7 j$ Y, E4 A
00403434 E8 52C00200 call qsr.0042F48B
$ I1 y8 G/ R$ ]; R1 b, Q00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
( g4 w0 G* A8 ~" x7 O0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],73 ]6 m+ O% a# r$ ]2 [+ @+ h3 `
00403442 E8 44C00200 call qsr.0042F48B
. S+ j7 @% C# C00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]4 D2 H8 d( K# o$ x2 H, b
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
* ?- H1 o) @9 I00403450 E8 36C00200 call qsr.0042F48B
$ ~9 \) o! k/ o00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
! B: B5 y2 c. j- m2 b. j" Z00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],34 Y3 Z9 g0 w% R
0040345E E8 28C00200 call qsr.0042F48B
9 c; O) d1 A+ t3 y# G- F00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
+ ]9 l4 \9 b) \0 V7 ]5 \* L; l00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2# Q0 V% s. P$ `" @/ f2 ?
0040346C E8 1AC00200 call qsr.0042F48B$ \. Y F& I' r' d
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]" M' w/ t% l& A- L7 I! M3 E2 V
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
* m9 y7 q: a2 A' j; r2 }% H R6 L) z+ d0040347A E8 0CC00200 call qsr.0042F48B
; \. L% P' m5 F x0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
- @0 v9 A2 p8 P: z* m00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
% @( p* m5 Y* P9 a- Z00403488 E8 FEBF0200 call qsr.0042F48B
+ ~4 D$ o/ r- O' `& H' k0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
7 }) A. N- T) X0 z00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
& \; ^* C3 o7 r4 }8 m6 D00403499 E8 EDBF0200 call qsr.0042F48B9 `0 `8 Z* l5 n/ i) J4 m9 ^% Z7 h( P; S
0040349E 32C0 xor al,al ; AL清0! P: j) i4 \- V4 O5 I( |
004034A0 E9 88000000 jmp qsr.0040352D: o5 y8 C* i9 d
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
8 d x- E4 Y( J. _2 |: E q004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14] Y6 A* x6 J. {" T- l8 v3 x
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
6 e3 [ d* S& T- n. R004034B3 E8 D3BF0200 call qsr.0042F48B
) P7 m8 ]- o' r* o: n7 ?$ e& T004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 A" i! s/ C1 p; Z2 _) r, P$ [# }004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8# R- b$ g0 V% q0 n; j
004034C1 E8 C5BF0200 call qsr.0042F48B
% ]" G# J) b4 p% u" E7 i a004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 D0 n) q# P, v. f6 w, a
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],76 g/ i- s, w3 n& @5 m: r
004034CF E8 B7BF0200 call qsr.0042F48B
' J0 e- b! ]( a004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
$ K8 T" X- f. y7 Q( y004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
' W |) {4 r3 v- Q3 @0 r2 y. ]004034DD E8 A9BF0200 call qsr.0042F48B
" J7 i6 k" t1 t* F h0 l004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
% m2 X# n3 C" t# b/ [) b004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],30 s3 H+ J3 ]: W) f. A
004034EB E8 9BBF0200 call qsr.0042F48B
# b% @" {+ o( \' `0 ]4 @; {004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]% O, q- Y, z7 o
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2& o2 `7 w. ?$ a. Y! X, x
004034F9 E8 8DBF0200 call qsr.0042F48B( b) d$ o4 \: v L k
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]9 Z5 F7 @& P- r8 V+ a
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1& k% } h- l( h! J$ ]7 a/ m
00403507 E8 7FBF0200 call qsr.0042F48B
+ }4 h1 N! }& ~8 F( @3 L0 ]* Q0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]0 y5 u1 _, F) p/ b, t# I
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
5 ~% ^% j+ M1 _4 z8 f00403515 E8 71BF0200 call qsr.0042F48B+ J# h) g6 E& J
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
0 i. ]( A- t6 X3 T) a9 S0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-14 f& n+ ]3 T: g: T
00403526 E8 60BF0200 call qsr.0042F48B1 B S: u, {% T/ U
0040352B B0 01 mov al,1
[ Y* q6 O" r) L I+ t: e0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]5 a8 n' E m& C( u- n+ m* y
00403531 5F pop edi8 b. Z/ B) E1 ?: N
00403532 5E pop esi
) P, a) ^. E5 u3 b" m7 s7 R0 y; c00403533 5D pop ebp* p6 r( D+ d3 d8 w
00403534 5B pop ebx3 R7 J8 j5 x0 _8 Y; y: e+ ?
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx: b1 p/ j# I& P6 @* f: }: k% E8 y
0040353C 83C4 30 add esp,30
9 N. b3 K- W, i2 |% s0040353F C2 0800 retn 8% ~8 p2 }( ?/ b; C# o
--------------------------------------------------------------------------------5 p! \: f& N4 E0 I L. ~
【破解总结】
6 ~; L; b h# s+ ` 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
; S/ J1 R& F2 ]! H用户名:yijun' u7 K4 f$ q4 x0 a& N
注册码:4893*7777*3726*7777*0529
2 g7 S! G# y: w, {--------------------------------------------------------------------------------
* Z- ~9 v( j% r. _9 o# N2 s【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡