|
|
|
【原创】破解Quick Screen Recorder# T# J& ]+ t2 c9 ^$ a3 X: ~
【破解作者】 yijun% e9 G# k" ?: _' J$ p' [
【作者邮箱】 [email protected]: m m/ {* ~ O6 u8 s2 I/ F# b: ]
【使用工具】 OD,PEID9 Q/ Q8 H5 l6 [6 [' S. Q3 Y$ ^
【破解平台】 WinXP4 |/ S1 B2 g$ N0 O* X( O
【软件名称】 Quick Screen Recorder
g% y5 b3 H: W3 S4 B【下载地址】 天空
# Q) c% v5 }) L D; E3 G' c/ d【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
s2 M( X# q. e( @8 e【软件大小】 540K0 M* ?; k K& c8 j8 Z! L" A8 ~9 p
【加壳方式】 无
( q, s) o \0 m; \4 t【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)/ N4 B9 ~( }8 j
--------------------------------------------------------------------------------2 O2 v$ p: [! K( A: J9 |8 N1 K
【破解内容】
9 s7 T7 W; Q# ~8 }4 z PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
! W/ m# W; ~; H" q% K7 ~0 z00404C69 55 push ebp //在此下断
+ z' d9 h6 l& L00404C6A 56 push esi- B; E9 o& Z" ^. r
00404C6B 57 push edi" X1 Z# B- O. d: ?. M
00404C6C 8BE9 mov ebp,ecx6 N4 j6 i9 k' F' ~
00404C6E 6A 01 push 1
, S6 c9 o. K' z00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名 \5 d" j3 V2 x2 ^. b
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
) A8 K5 x3 r- p- S" C6 h/ k3 L00404C78 8BCF mov ecx,edi
( v9 O9 [# @7 ~7 |00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码0 |+ q- B$ p4 r$ E0 d& L
00404C7F 8BCF mov ecx,edi/ Q, { w' w' e$ R- ~
00404C81 E8 A73E0200 call qsr.00428B2D l4 E: v- W$ B# M, \
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]/ A( _/ t# `2 O) ?6 O0 ~2 ~
00404C89 8BCE mov ecx,esi' r' j$ w2 W7 @$ _9 z) m
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
: s: }/ n$ ~+ c3 d6 w: I00404C90 8BCE mov ecx,esi$ l: j" ?# Y- R9 m6 e
00404C92 E8 963E0200 call qsr.00428B2D, x8 N o, d& n3 p
00404C97 8B06 mov eax,dword ptr ds:[esi]$ q: c% }$ w6 a2 B7 E5 m
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
0 I- ~ _' t5 n3 |* k' q00404C9D 7D 26 jge short qsr.00404CC50 n) o% r8 m, Q
00404C9F 6A 40 push 40
% A% X/ m% X. Q! P, \% f" k8 Q00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
+ [, |& e! P) y# k3 z- _/ o8 Z. n/ Y00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name." U% y/ _. Z3 J, }9 x1 [
00404CAB 8BCD mov ecx,ebp' C% g' M5 R# J _
00404CAD E8 C3840200 call qsr.0042D1757 f) H9 S- @" {8 g* _' @
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
) Q9 c5 U% X2 d- M00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx9 l! o( Q6 x. u8 S& [
00404CBD 5F pop edi" t" V5 ?# D* B) d8 R+ _
00404CBE 5E pop esi( P. G4 ^$ X, R; S R
00404CBF 5D pop ebp
" k j% E! u# L4 { I5 }# t00404CC0 5B pop ebx0 i% T) Z6 }. r5 K2 d0 w
00404CC1 83C4 18 add esp,181 ?, B4 S! g* L
00404CC4 C3 retn* F" A+ I! I: e( i
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]1 }! J1 z7 U0 i
00404CC8 84C0 test al,al
: z% G. C4 `8 t6 h8 A00404CCA 0F85 1C010000 jnz qsr.00404DEC3 S& z. y; ~, s, d# J
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) A+ a" n& @8 W3 `4 o00404CD4 E8 87E3FFFF call qsr.00403060; `/ A/ R4 F7 A" H
00404CD9 51 push ecx
) Y" L3 F9 M9 X% c4 y* U00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],02 r6 _: p: P- H7 d
00404CE2 8BCC mov ecx,esp+ k, F9 H1 w4 N6 I4 _
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
5 Z9 ~! I* I6 G( C00404CE8 56 push esi* V; ?% J2 K4 m. v- r
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
6 b7 R! A4 d0 ?6 Q$ T1 J% }00404CEE 51 push ecx
/ h! K5 [6 G8 \5 t00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],17 I* b. C. q5 F8 _% L+ S D6 Y( {
00404CF4 8BCC mov ecx,esp
& N" z% E$ n) W2 O3 |- l ]00404CF6 896424 20 mov dword ptr ss:[esp+20],esp M" g0 E" R2 F% k7 P0 g& C
00404CFA 57 push edi
3 w! k' }: m+ v- W0 P4 T0 v" u% E00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0 N$ [: ^2 I2 t3 ^+ E5 `
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. W( u/ n! b4 ~2 {" H00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0$ U# h: O' x/ |, s
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
8 s! e: j! d. f& V8 n00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~% ^6 T, L5 p( j( n
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~% }, Q- R; _6 B; h2 c
00404D12 6A 40 push 40
3 R8 D( [5 K: [/ F1 ]# ^+ M00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
1 g6 I* s) i# y% v1 A00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."* p& C5 h" e6 t
00404D1E 8BCD mov ecx,ebp, f) q9 T5 [6 W1 U
00404D20 E8 50840200 call qsr.0042D175
. Z4 q. x7 k8 D( G$ w& p00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 P. z% l; I2 S) B$ p4 I
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
8 |; F" W: }7 S( G" M. U/ m& P6 Z00404D31 E8 5AE3FFFF call qsr.004030902 v% v$ |: {2 j' E, z8 Q
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
- x' @3 x1 M/ u# W7 F7 ~+ _5 y00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
- Z5 ~1 _* y. j8 |: M00404D41 5F pop edi
* I5 J7 V* Y( A, n% Y. J00404D42 5E pop esi
; u4 R6 f% S, J8 r9 u1 r1 R00404D43 5D pop ebp
) F; }7 P( ]( A- C+ O) l& B* f1 t00404D44 5B pop ebx
" ?, A- @$ I* e1 O+ A, Y. U! W8 K00404D45 83C4 18 add esp,18
0 p4 e7 q! c$ O# K0 O$ N6 X! u% T2 P# H00404D48 C3 retn
! r6 \2 A) D S* ?, I*********************************************************************************************************************************************************
4 I( h* \6 p9 z( c跟进00404D09处CALL来到:+ C8 [+ m2 p6 O2 C/ A, ~, K f
004030A0 6A FF push -1 //一路F8下去~~~~
7 h6 F7 o; y9 F+ \ n) C' X004030A2 68 C88F4400 push qsr.00448FC8
h; L) |, ]9 Z7 _# e# U+ Z( v5 j* @004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]& h, ^5 X3 z& P. o' ^
004030AD 50 push eax
8 \& g+ W! u8 N9 l) O. [; j004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
6 z& f6 E7 H6 T/ d$ m! _* u0 L004030B5 83EC 24 sub esp,248 T$ ?& n0 m) v
004030B8 53 push ebx
6 y3 t1 ?: X) b2 o; n0 f004030B9 55 push ebp& V: |: z) T, h* _* }# M9 h
004030BA 56 push esi
6 B: o! l7 [, W& K+ q004030BB 57 push edi
5 ~7 h1 n: V# j4 k0 @004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"9 \" R2 {2 P8 R" b% x# p* Q
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]+ h* e0 r# E2 N1 b) U# M
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
, T; K3 }( ~# p3 U' T0 K" |4 l004030CD E8 27C40200 call qsr.0042F4F9* N/ v7 @, r! z1 K+ f
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438], f Z: r5 z) q
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
( D* t7 k8 a, [: R2 e0 \( }, X# S004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]3 X4 @% j$ e# |$ m$ P& R
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],34 i- F) L+ N+ R
004030E4 E8 905A0200 call qsr.00428B79
3 T4 k O& a. G& O5 D6 i) Z% w004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]9 [; ]% T) }7 w# m
004030ED E8 3B5A0200 call qsr.00428B2D
- H' N! V+ b) ]( @: }7 s004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]6 Y) E# c; F* l. Y }2 n
004030F6 E8 7E5A0200 call qsr.00428B79
0 k9 B' M1 L( B C0 H7 t/ p004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
& V6 Z d: B1 v( {5 p004030FF E8 295A0200 call qsr.00428B2D( d: P9 x: ] R9 k( Z
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]' i- L; O3 _: \- E' V5 C$ V9 Y5 S+ u
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]8 e3 f7 [& ], x" N
0040310B 83F8 02 cmp eax,2
K/ p S# L/ \3 j& ?8 G0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳; R+ l$ ]! u/ [" e
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
) Q$ e+ v& ?( }00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
1 I `# Q% N0 M0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
& \4 g/ c7 u6 z& _7 ^) D$ F6 F; k00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]' l2 t" Q7 J# s/ b9 l& B; f0 x
00403126 6A 01 push 12 r' j( X9 b1 e! B4 t
00403128 50 push eax! e+ w& B: ^3 j- C) Y. M6 u( e
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 K. `6 `; u0 Y0 m# K& i; f+ k6 i
0040312D E8 C4550200 call qsr.004286F6
& t' i, W5 G. |- t00403132 8B00 mov eax,dword ptr ds:[eax]
0 i7 x) `8 a/ M' n7 p0 B00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]* b- y0 _! }- V
00403138 50 push eax
$ b h$ e Y' j" Z00403139 C64424 40 04 mov byte ptr ss:[esp+40],4# \7 K# @3 c/ q& \4 G7 c! Z
0040313E E8 4D560200 call qsr.00428790
, w" {& Q4 f. ~00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]3 Y/ V& w- S3 y0 C2 |
00403147 8BF0 mov esi,eax
$ {; p. _& v7 b& i# [00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],35 b' }% w/ Y* C. h* o
0040314E E8 38C30200 call qsr.0042F48B4 U8 m' L+ h/ O/ W
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
- a$ C1 @% K# ]! A' v; Y00403156 B9 3E000000 mov ecx,3E7 O" O% m+ W0 l$ y; t8 x! `4 D
0040315B 99 cdq0 D4 Z% F; t6 G! v; U, ^
0040315C F7F9 idiv ecx
6 [% r: }1 X7 x2 B0040315E 6A 01 push 1+ x& I, V5 d2 N" h$ T: b; P
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]( ^6 k' [. Y7 s
00403164 8BF2 mov esi,edx
# n* @5 |& ^- m( F& ]" q; d' g% s00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
. m8 E% _) ]2 l9 ~+ L+ f0040316A 52 push edx
, _1 \ t* Z! U4 O& ~0040316B E8 0A550200 call qsr.0042867A2 K0 w# D2 Y A: M- G' c
00403170 8B00 mov eax,dword ptr ds:[eax]3 g0 o" V6 M, x
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
- U8 i$ T( r8 l, ^00403176 50 push eax+ S& V3 N# I4 W1 k5 R Q7 o. Z
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
7 F, ]; l/ i3 t0040317C E8 0F560200 call qsr.004287909 \# m5 b4 T8 b- n$ `5 ^
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
* _/ C8 c& X3 G% y0 r! r) _00403185 8BF8 mov edi,eax
4 K; Q5 J5 \' w% D; }) W00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
& G' {/ R, v \; f( i2 V |& q5 _0040318C E8 FAC20200 call qsr.0042F48B2 K( h! j3 ]" {/ R3 {4 b; E
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
. z+ s v$ y1 m00403194 B9 3E000000 mov ecx,3E
, C+ b( ]4 e0 \. o2 W5 h00403199 99 cdq
7 g8 j+ L0 l1 s- `5 o0040319A F7F9 idiv ecx; U' P0 B1 `* Q/ L' P$ p+ r
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
% O7 h0 x" M. z* n004031A1 894424 28 mov dword ptr ss:[esp+28],eax
5 P' |2 e" M" z% d1 I004031A5 8BCA mov ecx,edx
, ]4 Z+ e5 f: Z: L. M! p5 h5 }004031A7 894424 24 mov dword ptr ss:[esp+24],eax
; t/ t8 n# p( p$ W004031AB 894424 1C mov dword ptr ss:[esp+1C],eax( G* X8 E0 w v
004031AF 894424 18 mov dword ptr ss:[esp+18],eax5 ~% B* `2 D/ @2 g' g6 i4 F
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
4 Z/ `1 T9 j1 J: l% A' F& {7 w- |004031B7 894424 10 mov dword ptr ss:[esp+10],eax
6 v" B \. S8 R1 Z004031BB 8BC1 mov eax,ecx
$ k# e( p' d- B! H+ }004031BD BF 0A000000 mov edi,0A
8 v& y+ h6 I4 X/ D6 Y004031C2 99 cdq
1 {* U: H# ?0 O6 g$ S" n004031C3 F7FF idiv edi
$ t/ G" [3 Q, y8 ~! E s- _004031C5 8BC1 mov eax,ecx
. x. w% F: Q8 h, W004031C7 B3 0B mov bl,0B
; }( X2 D( H0 z5 G004031C9 0FAFC1 imul eax,ecx
: y$ V- R6 j8 O1 e' b' ~+ Q5 `004031CC 8BCF mov ecx,edi
3 Q+ |. w, U1 p) l9 M9 [) J L004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl/ K% H+ Z1 p' c4 K# [. t
004031D2 52 push edx& F) F+ q0 d2 r/ U6 G: ~4 S/ w" c9 p
004031D3 99 cdq
3 u. f0 L A1 x' Q& y8 D004031D4 F7F9 idiv ecx) `9 g) O3 W* N+ z7 m/ c: W
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]$ Q Q( o0 L/ C( }% D; `, B8 q( R
004031DD 2BC6 sub eax,esi! N& O, j, V6 }/ f' T
004031DF 52 push edx/ v! D0 r. ^( B; @" {: |
004031E0 99 cdq1 {& C% G8 R! Y8 h6 m9 A9 f6 z. }- x
004031E1 F7F9 idiv ecx
+ t7 d; n* c* o! D, S N004031E3 8BC6 mov eax,esi. q4 |3 @& y, ~- |3 N
004031E5 52 push edx2 J( ~+ T8 Y# y, A# B$ S
004031E6 99 cdq
, p8 r c3 O6 S* X+ F004031E7 F7F9 idiv ecx/ g- J( E: Z q- ~! r" V7 G1 L
004031E9 52 push edx# _7 h7 O- ?) o1 }6 V& U6 d9 x
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
7 @+ ~ A$ e# @9 t+ b004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
" h2 k0 s) Z/ F# Z004031F3 52 push edx( F6 l1 \) ~/ l* B) [, d
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
7 v) I) S9 Y/ {5 S2 B) ^( ?" h004031F9 83C4 18 add esp,18
7 Y" [0 K3 F! q( f; |004031FC 6A 04 push 4
# k3 j) s y% Y( I004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
: o) C2 ^$ c) e% u8 a00403202 6A 00 push 0: v |/ ~ B }+ }' K: g% A7 E
00403204 50 push eax
/ b+ {3 e. N" l1 j( \7 H' S" I00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 o) ~ { C3 J9 Y% V) c00403209 E8 D6530200 call qsr.004285E4
+ V$ y' U% N6 f0040320E 50 push eax: ?7 C' G' ^! a& \# p' W! R
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
7 y: T8 J% i; Y6 w+ Y+ i00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C: m! T E5 u, z& ]! `% |- P+ b
00403218 E8 A7C30200 call qsr.0042F5C4+ H9 [1 R: d8 E7 I4 o; g
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 z' \: j- G2 p# }' n; j! G1 z& `+ m00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
" A% q, C2 J: o C( N00403225 E8 61C20200 call qsr.0042F48B
* y/ d6 t5 f" x* m7 q2 ^1 V A0040322A 6A 04 push 4
: e! _" S* g6 ]( y0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
" J; D* B& o$ }* A00403230 6A 05 push 5
+ z) E% T; q5 [( E5 X6 F% j00403232 51 push ecx, F% c& h: H0 t& P/ e
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]+ N7 u1 M' J, f7 z! S! G
00403237 E8 A8530200 call qsr.004285E4
' Z/ s' Z0 h& h: B7 ^! `0040323C 50 push eax
6 W1 ]3 n5 C9 L* o: k0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]6 q, g5 t7 d7 r0 Y) s9 U
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
. v5 }2 U1 B5 A00403246 E8 79C30200 call qsr.0042F5C45 P8 k! a5 J+ J7 c- z" G0 T) u9 d
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
2 f/ l, F/ @0 I, s. e7 @0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl9 [- D; Q9 I+ z2 v
00403253 E8 33C20200 call qsr.0042F48B
9 f7 E$ `: Q# X; E2 c00403258 6A 04 push 4
- ?, N) N5 G& P' |! y0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
7 U: E0 T4 k9 I U/ }0040325E 57 push edi- M9 c6 z2 M/ G" q
0040325F 52 push edx
% t' c( n+ J5 L5 v00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]. Q6 q# X* |# p4 X
00403264 E8 7B530200 call qsr.004285E4
0 n0 ^; f/ z( {/ F00403269 50 push eax
/ s$ I5 O; H: G. T7 |- {0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]. {9 P9 M& D' b& M
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E B2 a/ C6 \) {; Z4 v4 R$ n
00403273 E8 4CC30200 call qsr.0042F5C44 U; X3 G+ }, B5 u* z6 W
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
! w( b) V; v) ~" B0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl0 r5 y9 m2 I( H/ @
00403280 E8 06C20200 call qsr.0042F48B& {" q: N) o0 b( E2 a0 y( m1 d
00403285 6A 04 push 4 b+ B0 _1 |0 V) s* x
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
* p9 v( W& W' l0040328B 6A 0F push 0F
2 e6 W* X: `4 J1 B- S( W' f0040328D 50 push eax' e2 @4 {5 ~# A0 w4 j2 H
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]& Z* z% V" j6 }3 o
00403292 E8 4D530200 call qsr.004285E42 u& U8 \; N6 v. h5 |: |1 _
00403297 50 push eax' h3 b* H: ?" h( t0 O: W
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
. c0 j$ ^# Y1 e* N5 W* d5 ]) u0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F$ X& B2 T6 E p; J+ q
004032A1 E8 1EC30200 call qsr.0042F5C4$ v' @( @1 z* s: e/ s6 F# p
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
q c M4 h- }004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl3 a7 [6 A" G) n1 o! y2 m3 l
004032AE E8 D8C10200 call qsr.0042F48B- j) e* z9 S7 b$ c1 {" k$ |- c
004032B3 6A 04 push 4
. g0 J8 B9 f3 V* w& o004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]9 d( [& Y" v6 h7 j. l4 p: J
004032B9 6A 14 push 14
: K- w+ M8 E3 Q; A# G9 Z004032BB 51 push ecx
- J% x% ]8 O m) k" G* A004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]$ D8 t2 f% ]2 [" V
004032C0 E8 1F530200 call qsr.004285E4
; H; a( i; ~' i8 m004032C5 50 push eax
9 w1 |8 m6 O; X5 C3 @& t004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) j( r( [6 _& H, Q% s004032CA C64424 40 10 mov byte ptr ss:[esp+40],10; S7 q. ~$ a( a) u" X
004032CF E8 F0C20200 call qsr.0042F5C4" Q4 Y4 F% s3 J+ u# p0 W1 H1 L
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
2 Q( D7 p* ]9 a( Z004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
# |9 T* {8 R: Y% H- _. O& Q004032DC E8 AAC10200 call qsr.0042F48B) Q+ c5 ?4 v& [ |$ t- E
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI/ `1 z4 y) |9 c
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX5 e# U* l7 e$ A% O# w
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
3 o. c6 V( F( S2 z5 n/ h, r$ J* Q4 |004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL- U1 g( [' k6 a% N$ ^
004032ED 8ACA mov cl,dl ; DL送CL( m) R8 Y7 \6 b0 ]9 v) B
004032EF 3AD3 cmp dl,bl ; DL和BL比较
9 N; P! k7 t" J* U004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
4 r1 U7 ]2 W$ I7 b" E9 [9 J004032F3 84C9 test cl,cl
# J% f! E' |+ |004032F5 74 16 je short qsr.0040330D3 D6 l' |, H. p* y) z
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
' o/ G8 }* ^$ p1 [004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL( b0 E5 H7 D D9 {& T* P* N* L
004032FD 8ACA mov cl,dl2 \% m+ i2 R4 R! `6 k* H& q
004032FF 3AD3 cmp dl,bl ; DL和BL比较9 V/ C) g8 f: H7 Q% G
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)# g" `- Q# N4 R4 \4 ^& T# ^* }
00403303 83C0 02 add eax,2 ; EAX加28 h9 E* A7 I( B" u9 K' B8 Q
00403306 83C6 02 add esi,2 ; ESI加2; r8 ^/ s5 Z- e6 u7 F) z
00403309 84C9 test cl,cl
1 F, T1 ?$ L7 {5 G0040330B ^ 75 DC jnz short qsr.004032E9
0 x" c* i! I5 ?7 O0040330D 33C0 xor eax,eax
! w7 Z2 C, d0 }6 R |" D+ i- a: F0040330F EB 05 jmp short qsr.00403316# Y4 h% e" x- A `
00403311 1BC0 sbb eax,eax
" g: y3 P) s7 ~* A00403313 83D8 FF sbb eax,-1
+ |( y, b$ A% Q1 ?$ k1 L0 c00403316 85C0 test eax,eax% t5 `: {' I" ?0 L. D4 [. ~' [
00403318 74 0E je short qsr.00403328, s# s$ }$ S; v0 I1 G) y0 d1 x f7 H
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A6 A& f( ?8 S! O
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]8 }; ]+ z, Y' ^# T9 q- v
00403323 E9 F0000000 jmp qsr.00403418
/ H* V0 U0 z$ A1 g# J2 n* m1 k/ D00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX4 t* U' W! G9 Z" H4 k
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]" P0 t& p4 {& }% D& s$ w
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8], w1 _; k) o' A7 X
00403333 50 push eax
4 l) o6 A% o! P# u: d l. Y A; I2 t00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
) j/ E+ @8 i# J' r, {8 ]6 F5 [$ n00403339 50 push eax# Y- ]" k+ x @8 `
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX9 w5 Y; r+ ]6 j8 R, O u4 A
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX3 M8 }% Q c6 j5 r! B1 f( V1 m/ n! X0 Y
00403343 83C4 04 add esp,4
6 D, e, n: X' |# ?9 X/ j00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI$ H3 x+ ^$ V$ {3 ^. n
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]8 B3 X" j$ B$ q
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 `& l5 J8 `/ C/ s4 D3 m6 ?
0040334F 50 push eax
1 a2 q/ K, P; h, s# V3 z00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX3 |) H' e. P7 I6 x
00403355 50 push eax- D" f: b8 `0 n+ t& E% y# ^2 a
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX) j% {% t9 T2 H6 @( j! D
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX% s. l$ n7 O$ R- u# p
0040335F 83C4 04 add esp,4
! t' {! ]0 [$ {, e) P00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
; S" [$ s0 Q& W3 g: @- y00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 n, P5 g# d2 |# L
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
* M- y) y! Q, t s/ B0040336B 50 push eax. x5 X/ N/ f. O1 R9 e* y7 ~* e
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
2 E/ d; E8 f9 [, O7 L4 l00403371 50 push eax
- E9 p. Y9 j& v7 T00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX* l. }. X3 F1 v2 D4 V4 F
00403377 8BD8 mov ebx,eax ; EAX送EBX B1 y% u: b; V: K/ B" \3 y
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX [1 r. j2 `; c1 J
0040337D 83C4 04 add esp,44 U% Q' C' S1 ]/ h% y# D" q
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
# M% k$ g+ F5 r2 ]8 \0 J4 U" j! l00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]% J, k' p. I4 G/ v8 `* _
00403387 50 push eax8 o! V* ]* }9 L2 c
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX. l2 d5 `/ E* ~! M0 f
0040338D 50 push eax8 _ V: e8 _4 C5 B
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX2 X9 i* _7 k+ z" ?# _9 h( p
00403393 83C4 04 add esp,48 Y! f" f3 F( h& W' ?
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 n6 _# g! F3 \' Q7 h0 `. q- y
0040339A 8BE8 mov ebp,eax ; EAX送EBP0 |6 C, [" A4 ^
0040339C 6A FF push -13 V1 g. P( G0 z& K6 ]
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX# i1 P& u/ {: }! v
004033A3 6A FF push -1
) M2 X3 L* j$ O) @0 @004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
5 ^$ k, i; d6 I: y( T$ O/ f004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
, [+ k2 W+ ]; Y7 S9 T5 _004033AE 6A FF push -1
$ L4 a+ ~: T5 w+ H004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
( [ F* c+ w1 N8 |3 g2 J) u004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX% |3 \5 O9 q1 @& W
004033B9 6A FF push -1: t, e. P- v3 _: U
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
# e& d; t- D7 N4 U3 ?8 t) X' r0 F004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
8 s A R, y: u9 Z/ o8 ~+ y6 q004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
6 c9 N8 I; L3 U( M% \004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
3 b! T) a6 ^- g004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX5 e; \; R$ |+ B1 [' {, w! |* m
004033D7 D1E0 shl eax,1 ; EAX左移1位
7 C) V; S3 r; g9 t6 K# }1 N' H004033D9 99 cdq ; EAX扩展
5 B3 Z2 v1 g+ L7 E7 b004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中$ E& H: D4 J; e
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
4 t1 r; l% t7 t( F0 p. d3 O R004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)& Y% X4 |& A$ E1 R& R
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A+ J* L$ u1 ?) g1 V; j: F
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
2 T( I4 K) _% \+ W1 \+ j& L004033E9 EB 2D jmp short qsr.00403418 C* L' Z& [& n# k# G
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX" Y7 ?4 s: Y5 ^! b, h7 L; Q, p% s
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2- R9 X' t$ v+ M( w, P
004033F7 99 cdq ; EBX扩展3 G; H% ^/ g! d8 p1 [
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
; W! q, s, g" k: O+ @004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX. s; M1 P; b! t+ f0 s! z. `8 ?
004033FF 2BC2 sub eax,edx ; EAX减去EDX
8 x3 |" V! P6 Z2 g9 U d00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
$ `2 G) d0 e" t: y1 W, i00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX+ a' C( J7 ?% F8 k- Y3 C
00403409 99 cdq
1 v2 s. n* `' d8 i; g- F0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
i0 K+ S" U$ W e7 m+ \/ E4 `0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX) A7 n% J* H: Y _% K1 X9 ?
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
! t+ t" o- O% A0 D) E+ Y3 B/ v00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)% j0 ^' x' w& |) O1 S+ X% V
00403418 E8 6EC00200 call qsr.0042F48B ; % U$ j) N6 M3 k
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]- i' _- T( [; G4 t3 a# `
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
. g9 ]1 }( @8 g' t/ X9 H00403426 E8 60C00200 call qsr.0042F48B7 S: k8 ]; ~# e+ v: {$ n! C' c
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]. g) _% V& g1 K( K
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
+ P5 M7 T" H$ p; d& ^* t00403434 E8 52C00200 call qsr.0042F48B
, D- w+ I* I+ \, s+ _& g' F00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] j* N) q2 Y; W! J7 S& r
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],79 h2 k3 J& w$ Z9 w* g" p2 Y
00403442 E8 44C00200 call qsr.0042F48B
* X8 m; o7 x3 ]+ S4 k2 G00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
2 ^* k- R( h- `0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6. o" ^+ r6 Z$ D* ^0 p
00403450 E8 36C00200 call qsr.0042F48B
" v7 `* h4 f( H( h! K" F: f4 a& b( |00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]6 {( y k( B& [2 K2 @8 e
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],37 F1 ?: y' I% r2 J0 h; K7 b% g
0040345E E8 28C00200 call qsr.0042F48B2 N" O: H% d# B
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]+ O) N5 j" i3 y; R) `
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2' ]2 s" V( }4 P+ [
0040346C E8 1AC00200 call qsr.0042F48B. b: W- b6 @# {% ~$ N9 u6 x4 c, x
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]; N) ?5 Q7 }8 V# u$ k) u% O
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],18 u0 b/ a) x2 v- `( [( F
0040347A E8 0CC00200 call qsr.0042F48B
/ G+ M! s* a' ]0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]' p }/ d! P' v$ t4 h0 b
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0; w: j, [# d9 w: o
00403488 E8 FEBF0200 call qsr.0042F48B4 T2 B2 Y- o* v; t3 _
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
l9 e3 p; k1 A6 P; O00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
3 Y/ i5 }6 j. E; O- H; m# f00403499 E8 EDBF0200 call qsr.0042F48B9 ~" f3 M, J9 U- J3 z, {
0040349E 32C0 xor al,al ; AL清0
/ p( l* D+ k8 W004034A0 E9 88000000 jmp qsr.0040352D4 b7 T% J$ n* X5 D
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~" {, m8 I. v, z# k% _% V
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 \, w& H8 I! D$ u' @/ i. A
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9 o+ g% \2 w. g' w7 p) a5 r! u
004034B3 E8 D3BF0200 call qsr.0042F48B! K; x4 R4 ^2 P. i$ b
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
7 l9 w. A2 }" D004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8 ?; V" ~. _, W4 K2 q6 u$ H
004034C1 E8 C5BF0200 call qsr.0042F48B$ b" d+ h+ e' b. N- |
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ D2 G2 T. r# G- N$ W7 z004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
( w6 S. v2 ^2 c* o2 p2 N004034CF E8 B7BF0200 call qsr.0042F48B
3 o# t: B! |0 a P8 F004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
! U7 U/ G5 W4 @6 p/ _" U004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6& [5 O9 N+ [ p! p# s+ o
004034DD E8 A9BF0200 call qsr.0042F48B
( ]; w! L n3 F/ A004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]& O8 O5 A: n* ?
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
7 [- i8 J7 X$ U& L( E004034EB E8 9BBF0200 call qsr.0042F48B
8 h" X* K- @9 R004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
2 I' S3 d3 ^% g# e0 x004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2. R2 r( ]9 K; H5 k% m/ u
004034F9 E8 8DBF0200 call qsr.0042F48B
% o! T. F# w' \9 w4 Z& U) V) x004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]; f! E# s. K; k% p3 B3 ]8 Y% U
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1( B$ w: \" M" z8 M) X
00403507 E8 7FBF0200 call qsr.0042F48B5 ^3 h8 M( |) p8 z! S, h
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]; ^ D3 c& {: m
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
- P L2 X6 X8 {& D# [- Q. u00403515 E8 71BF0200 call qsr.0042F48B
7 y3 x: Q( t/ i/ O! {0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]6 r" b ~& H* M0 K6 m1 l
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1* G+ w4 l w. q f M) v% X
00403526 E8 60BF0200 call qsr.0042F48B
3 ^. I0 m2 P. S! b. L0 P8 {0040352B B0 01 mov al,1
' F5 d5 ]$ _! {0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34], e5 M9 @2 I* \$ F
00403531 5F pop edi* k8 d, @! }/ K/ R; v
00403532 5E pop esi
. }/ \& k; ^& y& q00403533 5D pop ebp1 i5 o' P* n6 C' ]
00403534 5B pop ebx2 T) E, }, g) D [3 U4 ?- z& m
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx4 u5 w7 @ Z# ~) k' N! U
0040353C 83C4 30 add esp,30
' q9 [ B: Q1 r% X X8 k0 J0040353F C2 0800 retn 8
0 T" o" [: N( D% b0 C* \( u$ u--------------------------------------------------------------------------------- P* U7 @# k1 I; Y" \* v! @2 t
【破解总结】
$ H! W7 @0 z1 l: J5 s7 h 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
8 X! |7 _0 K1 u* U7 |用户名:yijun7 R: m7 x9 I$ @$ e7 W3 D8 L
注册码:4893*7777*3726*7777*05292 _( J6 q3 R1 R! K0 I
--------------------------------------------------------------------------------1 ], v2 Q8 F0 _5 f: {8 A
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡