|
|
【原创】破解Quick Screen Recorder
/ a7 L- x _) r) T& E+ ]. {【破解作者】 yijun
# ~2 k% c1 k& E" q. x% x2 x' ~【作者邮箱】 [email protected]
) G& M: X. b. ?9 Y【使用工具】 OD,PEID9 V- u# j+ z& j( P/ }3 T
【破解平台】 WinXP" P2 s0 ^; |2 O* G
【软件名称】 Quick Screen Recorder
' h7 i: K' C) v0 C# K& E【下载地址】 天空
1 R: y/ U+ M1 C7 x- K【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 8 E S& C$ t# L" M
【软件大小】 540K
0 Y! T* n1 I5 S【加壳方式】 无
, j, Y$ t% e+ W6 S0 I【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)5 ]8 {2 Q: L7 \* h6 u
--------------------------------------------------------------------------------6 u$ \: e' W5 Y5 L3 `
【破解内容】
: G# @4 n. b: b g7 _ PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
/ C5 n( Y3 f' I00404C69 55 push ebp //在此下断
h* J; K9 |# M! F, U00404C6A 56 push esi6 N9 c( w$ U5 b; H/ `9 J6 E) @
00404C6B 57 push edi
) U6 N7 |! g4 P# f# L00404C6C 8BE9 mov ebp,ecx) c) G) D2 x0 x8 @: J/ j. G
00404C6E 6A 01 push 1
7 e6 o' g& F! _' ?1 O00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名/ {- A3 U9 u) O
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]# [2 ?1 w3 t# L% H, @
00404C78 8BCF mov ecx,edi
/ A! q& f7 Q8 C& T! B" }. U00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码: J" N0 ?+ F( p9 v# y% \
00404C7F 8BCF mov ecx,edi* j# Y. z/ b$ N5 Z
00404C81 E8 A73E0200 call qsr.00428B2D
- E# |3 c/ q$ S1 W: s00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]; X G! C6 H4 Y( ^& |7 M* `
00404C89 8BCE mov ecx,esi
( _+ @- P7 ?8 T- ]/ x- {- K5 W2 _00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX5 x( D# x* y, y
00404C90 8BCE mov ecx,esi
6 C! W4 L6 C; x; t00404C92 E8 963E0200 call qsr.00428B2D
# a- M, `# t- }3 x: ^% F: @9 B00404C97 8B06 mov eax,dword ptr ds:[esi] a& g; w0 z9 Z8 y
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2& t6 l M- g9 x& R+ K
00404C9D 7D 26 jge short qsr.00404CC5+ m# I5 d9 O7 [6 ~6 x+ H9 F; f
00404C9F 6A 40 push 40- \- I2 a# _# H) |) S$ I, `
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"5 \/ `, {: O1 y5 Z* _- a( q
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
' w- H: f ?$ h% ?00404CAB 8BCD mov ecx,ebp7 \9 r" j8 S q/ C! U& o0 I; L* w
00404CAD E8 C3840200 call qsr.0042D175% h& a) [) [7 v5 m6 h
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
8 U! Q) H- V% G4 V7 j- W4 P00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
( A( [) \; s& X9 p* x00404CBD 5F pop edi5 G8 ?0 j8 b8 }3 @/ h% i+ N* _
00404CBE 5E pop esi
9 v8 j: \$ p. ]4 p4 j! c9 Z; b00404CBF 5D pop ebp
2 F$ G' l+ Z( J+ t4 _( ]00404CC0 5B pop ebx* M" r4 x7 P) B- |4 S, L
00404CC1 83C4 18 add esp,18& J* E+ U2 p3 v6 X
00404CC4 C3 retn% b' X1 C+ h9 V) D! w4 A
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C] _! _6 l$ `1 K$ E ]
00404CC8 84C0 test al,al3 E' W# A- b: T I. o. S
00404CCA 0F85 1C010000 jnz qsr.00404DEC
- s: x4 H+ u$ o5 f) g. T( c00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
+ c Y/ R( f+ c/ q; D% h00404CD4 E8 87E3FFFF call qsr.004030600 C! e; G2 c, d
00404CD9 51 push ecx* q( k# H7 N4 ~: X `
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],02 k" ^4 _% u' h1 W7 p
00404CE2 8BCC mov ecx,esp
0 q' {$ r! l: m- X: V! E) H00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
2 ^% F- B0 b1 w/ t5 f* q& l00404CE8 56 push esi( U8 V$ t0 m) L; L
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0- t" ?. c5 I1 V1 c* Q$ n
00404CEE 51 push ecx/ N n5 b) u. W; n$ n
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
0 z! o9 t. q& I2 Y2 @- v00404CF4 8BCC mov ecx,esp
& q& _# Z' x/ [% w7 p, M& X00404CF6 896424 20 mov dword ptr ss:[esp+20],esp, t$ |( n5 o' e4 [% \ B$ M5 p z
00404CFA 57 push edi( [- M3 u6 y2 @6 p
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
0 V1 r( C! ?7 i% X9 p% b00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
a- b2 `! j, b' z! t- }! J00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],06 j1 W l. R& }5 T
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~! q+ ]4 R5 L1 U0 V8 b- x6 E
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
' ~- P; R v. D/ T9 L; Q4 f* H00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~( {8 H% m) ~ l1 N8 @
00404D12 6A 40 push 40
X/ ]6 r( N2 d4 c- G00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
+ {" h7 ]) V; L. R! o& x; O; H00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
9 y& O- @0 ?1 ^4 g) t+ T K00404D1E 8BCD mov ecx,ebp* p5 j9 a8 P& z# B" f8 B
00404D20 E8 50840200 call qsr.0042D175
* w. t( n$ |/ f3 d {) p. z00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14], H1 m$ U8 D* b- X# O) F h
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
' `# X# F- {8 W$ k0 t- s) R00404D31 E8 5AE3FFFF call qsr.00403090
- v$ u8 I# [9 D. S: p/ H2 o; k {4 l00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]% o' Y6 M9 M2 J* {
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx# I6 I. Q* ^+ Q+ a1 o+ c0 t) ^
00404D41 5F pop edi
0 T5 \- m* B u* K _00404D42 5E pop esi
. V5 J6 D- y4 J, m1 z3 F00404D43 5D pop ebp7 [2 w8 {3 D6 U3 v; p
00404D44 5B pop ebx! y$ k2 {' e4 f9 S8 _ N# l
00404D45 83C4 18 add esp,18( M& A( x: d. I$ Z, U6 L9 `* \
00404D48 C3 retn
# `7 g4 w# ~, M+ J# c0 L- B: @, m*********************************************************************************************************************************************************
& E5 n( C+ b- g& O2 W! L跟进00404D09处CALL来到:
, R; _% V4 a$ a( k3 O004030A0 6A FF push -1 //一路F8下去~~~~
, K4 w0 R# k- F0 F1 ?3 y3 j004030A2 68 C88F4400 push qsr.00448FC8
t! L# W! |' o3 B- \004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
" F; v( h& g" l$ B9 J004030AD 50 push eax0 M$ F& N; [! m
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
- S, M7 U8 @4 J. g) W: s004030B5 83EC 24 sub esp,24- U1 `! L2 g1 @- @6 \* w
004030B8 53 push ebx3 g) q% Y" {! F& _$ b
004030B9 55 push ebp
8 s* S; o' G9 x, ]* `* w2 I, W( t004030BA 56 push esi p. U7 z3 q- n1 o
004030BB 57 push edi
/ }! {" `0 l6 w3 K a004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"& Q" G2 w( ?: c
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
+ O+ k0 i/ }* }4 O004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],18 A- e" Z& M, r
004030CD E8 27C40200 call qsr.0042F4F9
! n4 X7 [* S/ d, [8 T! W004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]9 ^, ^% N& l' j! u( u0 `" t$ d
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax& P, \& j# J8 J# Z% ~9 c9 z
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; p: l5 l3 @- A* E, e. s) S
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3! f" t- S/ Q! O/ y
004030E4 E8 905A0200 call qsr.00428B79
2 C; H( b0 a8 n6 {9 i004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]' z" k3 M& b" Z$ A) \- d8 W
004030ED E8 3B5A0200 call qsr.00428B2D
/ E) y ~/ `# C2 m/ D$ z) Q% e9 D$ b004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]. n, S0 u0 K' Y4 ^1 m' ?$ K
004030F6 E8 7E5A0200 call qsr.00428B79
% g( ]4 M- k) [9 v4 O. j004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
' [/ |5 K2 j& a, N# {& c, u004030FF E8 295A0200 call qsr.00428B2D" b' B0 B6 H- j: |0 p. S2 M% ?" W
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
`" d+ A) b5 m; p00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
8 X$ m$ _) m0 K6 G( e0040310B 83F8 02 cmp eax,2
$ r0 I- Y# X- X0 c( c- k0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳9 `1 B h% F6 S5 ?' L1 X: v9 I
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]+ j, e/ Z' T9 t! q
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18) w) q% Y3 @" q$ ^9 \
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
: [4 M: K1 e( }/ ]0 j00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]) \. s7 H) M9 m/ P4 K
00403126 6A 01 push 1
$ Y6 [* e( @$ S" ?1 @; z00403128 50 push eax! z1 J- ]$ q/ a+ {. y
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 I$ f$ a+ ?$ _# {' I0040312D E8 C4550200 call qsr.004286F6; w; ]3 S) w$ l) o; P
00403132 8B00 mov eax,dword ptr ds:[eax]( f1 U- y: \( i
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]5 A- P, \: Q, R$ r! h
00403138 50 push eax
: t$ G( [7 |- T0 t9 S3 k00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
( X f# B+ B2 T! I0040313E E8 4D560200 call qsr.00428790* e* h6 ?0 M* q% W$ k1 u$ a ^
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
% V* g+ c7 G$ }: o1 C5 ~1 Q0 n! c00403147 8BF0 mov esi,eax
7 S) l: `' H3 v; I4 }; g3 s; M00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3. }. U! q' }3 e; B! c7 t
0040314E E8 38C30200 call qsr.0042F48B6 q0 i; N# G$ X
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
* s' i+ B. ^2 k& O( f* \) s9 Z00403156 B9 3E000000 mov ecx,3E
1 F* s5 c' s" a* c9 [% h0040315B 99 cdq/ O( \$ s& ^2 o" u: K Z0 u: M
0040315C F7F9 idiv ecx* t/ N5 g1 l; g8 t6 B6 S
0040315E 6A 01 push 1
% i% q4 u7 x- N00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]% K. O; M: H7 E Z1 E
00403164 8BF2 mov esi,edx3 S9 `, G {$ X. H' t% R# e
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
: K4 X. F. N$ `( N8 _; L0040316A 52 push edx) y# K @2 q* Z5 w: l6 P" {
0040316B E8 0A550200 call qsr.0042867A' k0 y% V8 W! I2 l- p6 }" h/ @
00403170 8B00 mov eax,dword ptr ds:[eax]9 g* V b9 b8 \: B6 W
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
% U" w8 s9 B7 `# y00403176 50 push eax. D8 t. @/ _4 c9 ~7 J4 q* t1 ?
00403177 C64424 40 05 mov byte ptr ss:[esp+40],52 J0 U/ v7 h V* y" ]# F" Z5 H
0040317C E8 0F560200 call qsr.00428790
1 L. u3 d' ^- U5 U: w2 }00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& t( H6 L4 O% K2 M) t: K8 W
00403185 8BF8 mov edi,eax. P: S* }5 l* |9 [! h
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3- @- B- Q9 @" D1 b# p; v
0040318C E8 FAC20200 call qsr.0042F48B! Z! t+ B8 K' h1 K- \9 r m5 f
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
0 D6 I: n: ?/ W00403194 B9 3E000000 mov ecx,3E$ \) U$ f! _- x/ Q
00403199 99 cdq
~5 W6 \. I- ~. }; Y0040319A F7F9 idiv ecx
: k u) b" g; b0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]* s- |! {6 m' @2 X- J
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
0 {& N% F' n h; G, }004031A5 8BCA mov ecx,edx' x+ R" y* L0 e2 L D) d! n
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
( n V; w* `+ H7 O004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
5 K$ e: T& Q, K, H3 k6 s- [004031AF 894424 18 mov dword ptr ss:[esp+18],eax, F9 c7 B! }) ?5 a: v |
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
2 g2 j# C$ T& \7 ~" j8 M' m004031B7 894424 10 mov dword ptr ss:[esp+10],eax
; b$ P4 } ?0 ^004031BB 8BC1 mov eax,ecx
6 I7 X% f& H% u& Z* T/ Z004031BD BF 0A000000 mov edi,0A6 R- g4 o8 }0 r m
004031C2 99 cdq
' z& m3 a) K8 i* x0 [( t004031C3 F7FF idiv edi
& e5 r- ?2 }# m2 V, k% `004031C5 8BC1 mov eax,ecx. D( r. M# M6 X* Z: V Z
004031C7 B3 0B mov bl,0B! ~1 s) ?8 d% \' N9 o2 i0 {+ `9 M
004031C9 0FAFC1 imul eax,ecx
& w* Q7 |- Q1 i2 M! b: L4 A004031CC 8BCF mov ecx,edi
/ m; V5 G6 z6 N P004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl( _; F' O4 x* w" U& j
004031D2 52 push edx* `' Z+ Q6 V" o+ F$ M
004031D3 99 cdq
3 I- I/ W$ ]: m$ S+ Q004031D4 F7F9 idiv ecx/ o$ U$ g( Z. X+ x# P) [
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
4 t; a, g7 D7 O% A004031DD 2BC6 sub eax,esi
5 _& C+ l1 r4 b' t, ~3 q004031DF 52 push edx
$ l5 n6 W' y9 U l004031E0 99 cdq6 D( Q% I2 k6 t0 e$ m
004031E1 F7F9 idiv ecx
4 W. l3 l1 f. W004031E3 8BC6 mov eax,esi
: y- V! M3 j! `2 q. W' f7 K004031E5 52 push edx
: \7 @5 _ b' ?7 e004031E6 99 cdq- R/ U/ u0 ] }& d9 E0 F
004031E7 F7F9 idiv ecx( F1 ^ J# p. A% D- b9 l+ S) e
004031E9 52 push edx% R) n0 z0 O1 p1 X) ^( {6 O
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
. D3 Y- w0 [" r; V" {* I004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"1 q# R% N5 \& V) c: p' H5 @0 o* F1 ?
004031F3 52 push edx
6 X* c! u( [% B. `/ K, R' V004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
, \+ g( H7 b2 U; e004031F9 83C4 18 add esp,18
& c) b- \5 q. n% I0 }% w004031FC 6A 04 push 4
3 K7 R* k/ |1 F+ G j( \2 d2 D8 @004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
' {( k3 ^! f. _( V00403202 6A 00 push 0
" ^/ a+ R8 f) `% {- {00403204 50 push eax
+ C+ \' k9 ?& M- _6 o d00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]; l- g% u D \6 |+ w/ G @
00403209 E8 D6530200 call qsr.004285E4' T' U+ m: G6 ^$ o
0040320E 50 push eax( n2 M: n' B- A1 }
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]- R" X- ^& f1 O; \3 d% v
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
! K9 V& U4 A: l/ w7 ~, k00403218 E8 A7C30200 call qsr.0042F5C4
8 V3 p2 T2 [3 ^$ {* r' x/ T* O0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
: K, i1 t: @6 M6 `- V; q6 \00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
3 o5 ?: v* G" s r$ {" C" N4 o" T00403225 E8 61C20200 call qsr.0042F48B
2 X3 Q7 o) q4 \( Y) K( H2 J0040322A 6A 04 push 4. z1 A& n: |6 g: d0 d+ ], G4 Q
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]" O, ~' v% q5 D6 b
00403230 6A 05 push 5; ^* E, t( ~* `- [( _* C
00403232 51 push ecx7 F- G: t+ \! U+ o2 C
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. P( B2 I+ U& u; r4 m& r7 K/ d00403237 E8 A8530200 call qsr.004285E40 ]* f7 a- a& ?0 i" q j n
0040323C 50 push eax8 k! ~$ d3 x; X' ^0 l9 O6 f5 Y
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]7 H0 v& o6 Z* m7 D i4 U8 ]" j
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D% ]) s1 t! y$ r. a7 B
00403246 E8 79C30200 call qsr.0042F5C4
; F1 l6 |! A2 Z% l x" g' m0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 X" h9 W+ m1 S4 _0 L5 o# L+ q9 {9 p0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl" w0 S) S4 D. O- S5 y5 Z
00403253 E8 33C20200 call qsr.0042F48B9 [9 @1 I5 M! V4 Q5 {
00403258 6A 04 push 4
* r A6 S: z P( ~0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
9 c4 [. P n3 i$ M0040325E 57 push edi
" e w' N; B. R' V0040325F 52 push edx) h" m7 k2 x3 b& i- f( ~. d
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( O/ K8 p& y7 o) M7 f4 I' R' N3 H# i00403264 E8 7B530200 call qsr.004285E4- D& Z5 j! L6 ~% z" p6 j* X. s
00403269 50 push eax7 c7 ~) }4 p) q& H* ~
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] w- o3 A+ S; s6 D2 C8 ?
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E" j/ p/ i0 e5 q: k: z& z) i) F
00403273 E8 4CC30200 call qsr.0042F5C4% v n. {2 @& b9 ^+ v" V% `" k
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" n- l: p& i8 X* l; K* U0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
- a% M, Y' k/ o00403280 E8 06C20200 call qsr.0042F48B
5 ]/ k) A5 l( I, ~00403285 6A 04 push 46 V+ d: x- l' v
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34], e7 ?7 l% u' j' U! F; ~, X+ m
0040328B 6A 0F push 0F! d2 m |7 h$ [4 a6 v
0040328D 50 push eax3 ]) Y. a% g# W, m* F8 {
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]- L% H/ i) g3 t. M
00403292 E8 4D530200 call qsr.004285E47 `# ~1 Z8 Z/ [" O% h* m/ T8 l
00403297 50 push eax
+ L% a1 L2 e& |6 r00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ]& ?+ a2 p$ B: r( G" Y: d0 H' N
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F# T5 P% r5 J* q$ N+ X- L0 @* O n+ ^& g9 d
004032A1 E8 1EC30200 call qsr.0042F5C4
- a2 K- Q1 @: p( ?$ V004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ X6 z7 z0 @1 r, J# ~6 a. i004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
% k7 w+ V) M: t004032AE E8 D8C10200 call qsr.0042F48B" \( k! E+ H# }, J
004032B3 6A 04 push 4
; c/ m2 e- ^% A" l004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]/ g( [, q$ T e% m9 g/ [9 g
004032B9 6A 14 push 143 H9 u0 b5 o5 N3 v
004032BB 51 push ecx
. W6 m' U+ b8 o5 _004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 A6 ^! f3 w* t$ @ x. o% a9 p004032C0 E8 1F530200 call qsr.004285E4
) e# ]. k' z8 Q004032C5 50 push eax4 g, r$ q# E7 ^5 a" H
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" u7 r# v8 d6 p" v1 P7 E+ X) N004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
" S, A! U8 j) j) C3 S; c) `004032CF E8 F0C20200 call qsr.0042F5C4( ?- v: X" G6 z6 y- o
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]2 h6 w7 V: I1 n# r
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl) ]2 ?/ X1 z( k4 R! B$ z: W/ v
004032DC E8 AAC10200 call qsr.0042F48B5 `0 [( x- U0 O1 z: r
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
1 C" M q+ q9 w( f" G004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
% T& h7 W1 v+ R004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
7 s9 ^: ]2 c4 C6 ]( ]; p& x1 E( O004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
8 h3 K3 A2 b' D7 h004032ED 8ACA mov cl,dl ; DL送CL
3 \) W) j1 g# ^3 U3 k( R004032EF 3AD3 cmp dl,bl ; DL和BL比较" W8 S0 t; D3 Y9 [% S# V
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)+ @/ y. |' g$ x4 \7 n" F( ?
004032F3 84C9 test cl,cl# i( L/ b& \1 |( H4 S
004032F5 74 16 je short qsr.0040330D
& @# o1 p2 q3 ^* }004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
1 ?! j$ t, A- q* s004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
$ t/ e, B8 \; g$ X004032FD 8ACA mov cl,dl
4 v% `& i U& B, }# R7 |4 Y004032FF 3AD3 cmp dl,bl ; DL和BL比较" n& n4 a4 Y1 W g' Y; F
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
, `5 a% Q7 k* s# _2 i; s. C3 q00403303 83C0 02 add eax,2 ; EAX加2; P/ O+ U/ ~$ S9 f
00403306 83C6 02 add esi,2 ; ESI加2
' u# M4 } W) p% `* C1 }1 S: D00403309 84C9 test cl,cl$ v, B3 k- D$ g2 P- T9 b0 B
0040330B ^ 75 DC jnz short qsr.004032E9
! b( V0 _# h2 w0040330D 33C0 xor eax,eax1 E" ^& U2 m% p: v0 e6 T/ X
0040330F EB 05 jmp short qsr.00403316
+ z" @ ]/ l/ }' @: b( X& p: I00403311 1BC0 sbb eax,eax
5 b+ l$ g2 s, X: V00403313 83D8 FF sbb eax,-11 W2 @, t; d9 U% ` b
00403316 85C0 test eax,eax
7 a2 b8 S3 M! U! f( _/ m00403318 74 0E je short qsr.00403328
, U; I t7 T) ?; m4 F' w" s: D0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A3 f! ~6 G& R; T
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]# y" h6 y' y* X) U- z
00403323 E9 F0000000 jmp qsr.00403418
5 @3 K; e( h' O/ f00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
& Q$ I4 [' N8 R2 Y! A0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) Y2 j% T0 [, W: o4 p8 F9 r
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
5 K( n9 Q2 A6 a# G* W( G( L/ u5 X, r/ g00403333 50 push eax3 ^: I+ h! A# M
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX7 _" T/ m8 @* H+ y5 L0 A
00403339 50 push eax
) m" H) l- [9 P0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX- [6 ] V* n1 V; n" o+ w0 q
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX" J/ U, @. _: ^2 D9 h+ ]
00403343 83C4 04 add esp,4
0 I* s: @9 b" Y+ Q3 y( V00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
: W2 L9 O" [3 z# v7 ?$ [00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
T6 A: ]+ P7 E! ^- l& l0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
- w$ r8 I; ~" \' Y+ J0040334F 50 push eax
% Q: D" s" v: e00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
( J& E4 X) D5 w1 g& A: C7 I5 t00403355 50 push eax
! V0 F7 S. i6 _' a00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
) [7 @& l5 u9 h: s9 a; p0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX6 U* V3 d" n' V1 C/ H
0040335F 83C4 04 add esp,4" [1 w9 Y1 C" {7 n! M& c+ p
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
e0 c2 A* A/ Z2 b6 p" P5 z4 o+ [00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* v% q; [' G3 \
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
2 ?7 Z% y2 A! Z' [( k+ o- {) n0040336B 50 push eax& Q: w6 w; f! m6 x! E' ^8 _" M
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX7 o7 Q0 _% K; w/ e3 U
00403371 50 push eax
( s( K8 `1 G/ G! n, F- W00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
1 b3 @" b9 C& E4 v& a00403377 8BD8 mov ebx,eax ; EAX送EBX
0 @$ }' U4 k/ _0 y0 P00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX# @! h, h3 d/ [) @+ v$ e v
0040337D 83C4 04 add esp,4
4 E9 V2 |* q5 `( \! E00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]9 {5 K$ {& O6 Y1 O& Y1 e
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
8 j, q! O" r% J. X( e00403387 50 push eax ?) F0 C, b# M; {0 P: {- I' Q
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
- h+ V" e: Z9 L$ W; b; ^0040338D 50 push eax
$ Y. \! s2 c+ x, I0 m! G3 l0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
, u+ i( k5 q- S00403393 83C4 04 add esp,4- ^- l& ?# V9 o$ h4 U% J: K
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
3 G2 z( g, f4 L9 ^9 s$ U0040339A 8BE8 mov ebp,eax ; EAX送EBP( Z" Y, `; h5 P
0040339C 6A FF push -1! V& P" X: O* Z5 o( A5 l" k. D" I
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX# s! u8 Z# N% @% P; y
004033A3 6A FF push -1* b# n$ D2 n: J
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
a/ q- j7 k0 P F- ^004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX1 }' I( o8 R/ B# H x
004033AE 6A FF push -1
- N" ?. R) T. [4 {8 L8 B$ a004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
: x1 K* O! |/ E2 t7 S, v% ]7 M! d004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
, j" f5 z. [7 z- Y004033B9 6A FF push -1
% q( J4 |0 u/ \) D$ [004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX A8 r' U$ `" A3 ]! V, P
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX ]) w7 ? T/ N5 h0 f
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
1 E8 S9 p: `5 j$ y7 F% e' y6 G9 y- Q% E004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
( `6 X* }3 X7 C( _004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
1 @4 `0 B* _( L# h004033D7 D1E0 shl eax,1 ; EAX左移1位
! N$ Q$ @* f+ D' X- |! M2 `004033D9 99 cdq ; EAX扩展; g& R4 x' b6 o9 m# g
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中7 b2 ?$ E6 W/ \# h* f; _! S' c
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
0 j6 w- L$ z6 k3 I" ?/ X004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)! ?' F8 S7 G5 a: X
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
. f8 M: j+ H$ M3 d! I004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 r2 w( L. N( M4 M004033E9 EB 2D jmp short qsr.00403418
, H/ p( p) g B8 g4 A004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX0 H+ l: g/ G* C7 P! t* A
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E27 [+ B. h1 S" v
004033F7 99 cdq ; EBX扩展+ G0 e1 Q# C& L2 K0 j3 ~
004033F8 33C2 xor eax,edx ; EAX和EDX取异或* P6 h% Z. o* O7 g% i8 S2 t: ]5 z
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
! V3 G0 e& P2 @4 m004033FF 2BC2 sub eax,edx ; EAX减去EDX
- O- M- Q \! T+ S! T00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
# X0 C! }, Z' K4 D9 A2 o8 S00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX' T+ K9 r/ c2 ]' O# L, B
00403409 99 cdq
6 L9 o2 `( v7 t) H3 ?0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中& c" m. M: r' h/ J- R) N& r# P4 r
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX$ L% |4 c: @$ t6 |$ e4 @
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较- k5 ~; Y& f. K# ~ ^1 a' ^$ x
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
" D: \; @# L) v T7 X ~3 n- D0 d00403418 E8 6EC00200 call qsr.0042F48B ; / I5 \$ p$ m4 ]. k- a
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. s+ Y* B G) P0 u- u1 _/ h0 O00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
3 z$ z; B+ [. k4 J' v00403426 E8 60C00200 call qsr.0042F48B5 F2 r! U+ w' |! E) V4 x
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]% @/ n( y4 l; |1 x2 v! t
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8) B" k0 B. b( }. Z6 H0 d; `7 |' K( `
00403434 E8 52C00200 call qsr.0042F48B
( l) z1 a- J: `! ^( W9 O7 l00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]+ R& \4 t1 L9 j, u% {
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7& t! J$ Q# n; r; `
00403442 E8 44C00200 call qsr.0042F48B! b. c0 R. L' r# }: P
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
, A% b1 ]( ~0 I W1 R1 d0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6' { W$ P/ A( i$ O {
00403450 E8 36C00200 call qsr.0042F48B
4 g/ R* ~% |4 A Q00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]/ ~) ~0 Y8 A5 i0 Y @
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
% v0 }! A, E, n' Z) ]2 Z0040345E E8 28C00200 call qsr.0042F48B9 P, T- k' S$ }) y4 ^$ b( i
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
; p: R5 x# _3 `# {' x1 x9 k- V00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],28 t! r) c! B3 C5 _; s
0040346C E8 1AC00200 call qsr.0042F48B! l. v! [7 [) j* q" I8 n
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]) u$ `' l' |7 n0 t8 J0 ^$ Q
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],14 W. f+ s( `+ T$ T
0040347A E8 0CC00200 call qsr.0042F48B, A! v& P& m, } r3 ?
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
. _" v! G# I9 U: W4 F/ B3 m00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],00 s0 \/ O4 m. b# f
00403488 E8 FEBF0200 call qsr.0042F48B
8 u$ s" I- c; V4 x3 h0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
8 }) V7 B. ?: z* y00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
: R ?2 s: k) f) e; M% ~% @4 j00403499 E8 EDBF0200 call qsr.0042F48B
2 K+ Q, H/ g! d4 d% N' a0040349E 32C0 xor al,al ; AL清0- C$ f, X" a8 J( @ I8 T# Y. h6 m
004034A0 E9 88000000 jmp qsr.0040352D; K( s# Y6 r5 l* u. n o( R: k0 [. c7 V
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
! F" m( A, o' @0 a+ a; L004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
: `' y& M) C8 r4 ]: @0 M0 s004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
n* N2 g. |% W3 t' U- \; F004034B3 E8 D3BF0200 call qsr.0042F48B
: Q% i$ `% X. y, @0 O+ K004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 q4 }. I- W4 w$ b5 N* Y. |004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
" ]. Y9 C6 u) @1 ], d9 j/ _004034C1 E8 C5BF0200 call qsr.0042F48B
3 W& ]( C" O7 |% c004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) K) n, ^ R. T
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],79 ]6 e* X/ T" `* K7 b
004034CF E8 B7BF0200 call qsr.0042F48B( k2 A+ i3 c- `) ^2 D9 c" n8 p8 I
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]' t0 u- F q/ y: S4 b: C
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
7 w% k5 ?( V& ~( [ A) v004034DD E8 A9BF0200 call qsr.0042F48B2 F* a) E$ T4 ~' E4 H# g, i- [6 T
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]+ H; E7 [2 w. w7 i5 b
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3+ A8 i# ]! u- Q2 a
004034EB E8 9BBF0200 call qsr.0042F48B* z7 Y' L% T- O/ n& [
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]7 R/ {7 ?; b% h
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2- H6 l/ Z1 Z! q8 I
004034F9 E8 8DBF0200 call qsr.0042F48B
# z4 T4 X* g5 R5 u004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. {& c3 O# z6 w% K8 Y
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
. E7 {8 j: U% t) ?6 x7 [" d- }00403507 E8 7FBF0200 call qsr.0042F48B
0 Q( h# f0 F0 `% j5 i0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]- |* n# B$ z j4 n+ K
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
! [" x! m# B& N; @/ @7 `00403515 E8 71BF0200 call qsr.0042F48B
5 { o* j" E% P+ g* B$ }+ a; t, A0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]/ |1 N8 O: P4 E' m/ _! I
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
* y: ]# H" M9 t x. m. e00403526 E8 60BF0200 call qsr.0042F48B
# I9 E" O+ _. h, w$ ]$ D0040352B B0 01 mov al,1, t O* [& d, A3 `5 N% j
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
0 \5 f2 ^* U2 h) M. C( _( F' L00403531 5F pop edi, B5 \/ c1 Z0 s/ i, ?3 @- {1 z
00403532 5E pop esi1 Z+ x5 k: p3 L8 Y$ X, ?/ P
00403533 5D pop ebp
' \6 N3 e+ V6 e1 X4 A' ?9 N' x00403534 5B pop ebx
! D5 @8 K6 O' U% l% v; ^, ?4 x$ e- X00403535 64:890D 0000000>mov dword ptr fs:[0],ecx* X9 s* U: A% ?0 G
0040353C 83C4 30 add esp,30
2 e% @8 k9 [" b9 u) \0040353F C2 0800 retn 8
6 A% i9 i/ o7 s% B--------------------------------------------------------------------------------5 k# j7 f* ~+ w. S: r
【破解总结】0 `; m6 a3 R. h. x
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^# I; }. q( m2 i9 M6 \
用户名:yijun
9 o/ P2 v# T B! g注册码:4893*7777*3726*7777*0529
4 i, j" n7 e# G' e--------------------------------------------------------------------------------/ B1 Q! ^. B# L8 a, W7 |
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡