|
|
|
【原创】破解Quick Screen Recorder
: W: {9 A6 b# i' ~' R& ~; V" s$ S【破解作者】 yijun* o0 b$ q$ b: U$ B2 F' K
【作者邮箱】 [email protected]+ j3 @: d. z6 X
【使用工具】 OD,PEID. _7 F9 K1 p( | b7 d
【破解平台】 WinXP- P6 J1 g3 A) h
【软件名称】 Quick Screen Recorder
0 g7 w, ~+ R, }: d【下载地址】 天空5 I7 u' y& n5 m4 R! l
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. ) W+ m4 R0 P8 w! ^
【软件大小】 540K$ N$ q) u6 d6 t5 Z9 ~2 }4 g" f
【加壳方式】 无6 L+ s& c+ D: h2 K- F
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)5 v1 }8 o7 y( U
--------------------------------------------------------------------------------4 @# A' Z }' \/ P( e
【破解内容】
) I( s8 F1 V+ `3 P5 B PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
, t3 H6 e4 M1 a( l% M00404C69 55 push ebp //在此下断
. k; X- [3 {! t. A0 H, D00404C6A 56 push esi$ Z' r$ |* H% Y# m
00404C6B 57 push edi# I9 Z; g K# W8 ~
00404C6C 8BE9 mov ebp,ecx
& U9 a) _6 T# [00404C6E 6A 01 push 1
( h a7 r# M) @6 j" F00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
' J; B; k0 D& ?/ G00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
$ a9 X1 z$ \0 q* |. \00404C78 8BCF mov ecx,edi" j# k) W, }6 h
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
# D+ W+ h( g* h& D. o. m00404C7F 8BCF mov ecx,edi) r0 ^$ |# s1 D T* x& E5 g
00404C81 E8 A73E0200 call qsr.00428B2D
6 h# ?$ v t( h00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
" R/ ~' Q5 ]2 B8 R" v3 X. P00404C89 8BCE mov ecx,esi3 T# Y' G* W# n$ f/ }# R
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX5 N4 [5 K0 G2 B- Y0 o
00404C90 8BCE mov ecx,esi% d: N: s, F, E
00404C92 E8 963E0200 call qsr.00428B2D
# ~+ D& Q6 g1 W$ V5 v00404C97 8B06 mov eax,dword ptr ds:[esi]0 `- _2 ~& V: T/ ~
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2& K [- v$ `+ ?9 j/ P
00404C9D 7D 26 jge short qsr.00404CC5
7 b& }1 U9 x( b7 C- F5 n' v00404C9F 6A 40 push 40
# Q, M. I6 M7 t/ p00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"1 h, R+ S# F7 a# M, [ K t' W
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name." s! k E+ J2 t- p8 l: F+ c9 \) g
00404CAB 8BCD mov ecx,ebp
) [7 B1 E& }0 Z0 J% T, n7 b00404CAD E8 C3840200 call qsr.0042D175. l: G0 T- x4 u
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
1 A% X$ B" d% n- b' S+ b0 A) \00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
) z: {: ]2 E7 F( _8 z' P: B" c00404CBD 5F pop edi9 G# O) C3 j* q; k' x4 g; F
00404CBE 5E pop esi
3 k y, `6 I+ R( E1 e: J# v1 y) Y00404CBF 5D pop ebp
/ v7 h" F5 D0 m3 l00404CC0 5B pop ebx
3 T4 a9 n$ G# {! M2 p; y# v00404CC1 83C4 18 add esp,18% ]$ G& ^4 B7 h" O; ^3 c9 D; c' T
00404CC4 C3 retn* ^' W8 e1 W0 r% V; W' S
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
+ c+ [+ h3 x, o2 a00404CC8 84C0 test al,al) c3 U9 s; z8 m# W" A
00404CCA 0F85 1C010000 jnz qsr.00404DEC- |2 |& N( {: k9 L, C8 @4 h
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 a0 g6 k* _( g& q5 D" \( P00404CD4 E8 87E3FFFF call qsr.00403060
: {; B' h* e7 D( e4 H00404CD9 51 push ecx
r$ K9 Q1 K, {$ Y# v; [/ g. o00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
$ e* p- U5 v, M1 P' n. R00404CE2 8BCC mov ecx,esp7 q+ p3 H Z ]
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp8 ^/ v3 m( b! w/ v2 P
00404CE8 56 push esi) Q8 P; @, O; v& D/ V, a
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
" r! U: D4 ~) c' Y- @" r4 k00404CEE 51 push ecx8 b: B0 n8 ]# {( [0 g9 |8 y$ t
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1- C, d1 a; O1 }7 ]! \1 P& R" O
00404CF4 8BCC mov ecx,esp* T9 n) G3 I" r0 m. ~! k5 v
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
2 p! R5 C; n) a/ _$ P( m( O00404CFA 57 push edi# n! r1 C5 N5 \- I; g: }5 @3 c
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
# S( a+ h# L9 u: c00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
6 [; |: W. K, p00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
8 l+ H Z( J. t00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
+ u5 a% S7 U# g7 D& s% [3 E; m+ j00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
0 r2 A0 _9 g0 B% m00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~: I9 E5 p% m* s. Q: i3 ?
00404D12 6A 40 push 40
1 M/ A) @% B) c5 ?' f$ l6 y8 n- a00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"6 e% I4 G; D h3 s
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."% w* Z' }/ ^. W; N$ A8 [/ Q" V- J
00404D1E 8BCD mov ecx,ebp
% M6 i7 L& U+ r9 r/ t% r" i" b& w, ?00404D20 E8 50840200 call qsr.0042D1754 m: \% ?6 z. K! F" B: ? p
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
; K! R' H' f: W1 d# k00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
; D8 b: N' g7 c2 ]4 t$ X3 R00404D31 E8 5AE3FFFF call qsr.00403090/ g: [7 b2 b9 S5 z: u$ |$ O5 b! j
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
" e, F- _8 ~' }& _00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
) W8 ^0 p; }- I00404D41 5F pop edi/ H# P) p+ ~& L2 G
00404D42 5E pop esi3 b; V) N5 Q1 R9 ]
00404D43 5D pop ebp
& i/ u/ ]' l5 b% Q& g' H( w00404D44 5B pop ebx7 f/ u5 @! g' ~, [
00404D45 83C4 18 add esp,18- }% T7 P9 c- ]8 s; ~8 x
00404D48 C3 retn
8 Z G- F) s9 G. y) \*********************************************************************************************************************************************************
6 E2 k. Y$ e- b( F3 H9 S. }0 K跟进00404D09处CALL来到:
5 ~) H* p6 w0 s0 }6 {' g004030A0 6A FF push -1 //一路F8下去~~~~8 h! e! Y2 h: m* r# a
004030A2 68 C88F4400 push qsr.00448FC8
! j5 G( ~% N0 Q/ t3 D004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
; a4 j* E( h& `8 P, f7 H004030AD 50 push eax
+ l. N4 f# W4 Q/ ~2 T004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
2 ~/ f. h9 \# ]* v9 U004030B5 83EC 24 sub esp,24
/ A& T6 r3 h# ]& V$ B5 |; ]; ?004030B8 53 push ebx; V9 H8 l1 x7 z7 \. K# D
004030B9 55 push ebp' G, L* |: b/ W4 Z. q$ S
004030BA 56 push esi
; G) L, T7 S6 Y1 ]! g004030BB 57 push edi
! y% d5 V3 ?/ F004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"4 W: R' w; j6 h5 V- L1 P; ^: T
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]5 r3 O8 ~2 M* M' T
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
9 h0 R% P0 J% ]004030CD E8 27C40200 call qsr.0042F4F9
" {0 g! C$ T) Q1 `* W5 M; [9 [004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]$ n3 @& i) ^5 M
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax. j# A, r* }: |+ K
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]+ F* ]# L3 @4 O8 g1 F" L
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],39 P6 N9 [" {) I3 X: j
004030E4 E8 905A0200 call qsr.00428B79# B+ n1 ~; g& p2 j, P3 Z, \$ e
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]4 P* }8 [6 P8 U$ p
004030ED E8 3B5A0200 call qsr.00428B2D
2 `2 j" i6 x7 K& @9 m. B004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
! M4 W( E2 D2 d004030F6 E8 7E5A0200 call qsr.00428B79
9 V% B/ V- O* i) I" j2 x004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
- n, J1 M# |: l ]7 p9 @004030FF E8 295A0200 call qsr.00428B2D2 [1 \ {/ H5 Y0 _3 L
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]% _4 H) q0 v: s
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
3 E% M* h! G2 g9 N9 t& Y0040310B 83F8 02 cmp eax,20 A. w7 c( k8 U% J6 s) i' Q$ L' K
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳2 p0 t' @; h1 @
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]: O1 b4 Q& J+ ^7 V1 E; K" @! y8 t
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
* @; Y; S, }2 J0 {! l0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
# |1 C! ~1 u% K8 e) P00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
- d3 x8 S% v# A+ j. b( ~00403126 6A 01 push 1
' v3 ^7 K* C4 P# V* T# e2 W00403128 50 push eax0 X0 y; W. i# M0 T# y) A
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50], p H: S& t8 d5 Z
0040312D E8 C4550200 call qsr.004286F6
9 x$ _1 l. \* e& Y* e% _5 p% }4 d4 n6 T00403132 8B00 mov eax,dword ptr ds:[eax]
+ T* }& N. o5 L) @. S6 t' F+ v00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
9 L- ?8 x2 J4 Z1 v00403138 50 push eax
, I/ d, ~# D; I00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
^6 s5 j5 \2 @3 g( L! m; T; ?0040313E E8 4D560200 call qsr.00428790
0 L D& R1 e5 A" k2 m8 F, _/ X5 F00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
' B% ~7 P% g: }3 i% I8 p* d! b" A. L/ i00403147 8BF0 mov esi,eax, Q' B5 @3 D2 ~9 R
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
( w$ z- b( W2 a% ]1 A0040314E E8 38C30200 call qsr.0042F48B
1 Q3 K; {. F, z3 Q& D* a00403153 8D46 0A lea eax,dword ptr ds:[esi+A]2 |3 E1 t- M& }6 g! U S% `
00403156 B9 3E000000 mov ecx,3E
/ c% d! ]/ F6 S4 m0040315B 99 cdq
+ z2 a! {0 S& P9 s W0040315C F7F9 idiv ecx
5 h8 O" f, g: Y; }5 ~7 u6 M4 ~0040315E 6A 01 push 1
6 Q x) s- ~( R00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]; w; s; d( r) w7 s v! U
00403164 8BF2 mov esi,edx
6 J: S" b+ D3 }. t8 r9 C00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
' f' i4 J. a% r* \) b0040316A 52 push edx+ M* b8 M1 L$ n" H; H* C
0040316B E8 0A550200 call qsr.0042867A1 ^2 [, H$ M# b2 ~, ]7 v
00403170 8B00 mov eax,dword ptr ds:[eax]
; {) z7 z* z. z& M00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 [0 Y2 u0 |( _( ~. @1 `. P" }00403176 50 push eax
1 o. F. V& A4 p O5 Q/ J* \00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
. b/ r% R. a; ~( F- k0040317C E8 0F560200 call qsr.00428790
7 Z8 J% H- G# x$ n; v00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
' _! W4 ]& }- b3 A! X00403185 8BF8 mov edi,eax' k( p& z7 \) D" r
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3% |: G0 |" r0 U, Q8 k' q
0040318C E8 FAC20200 call qsr.0042F48B! w8 T1 a( x- i/ K3 F
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
6 E" x5 v, a5 d! L I3 n00403194 B9 3E000000 mov ecx,3E
+ n8 [: ]8 t, v. h% ~1 B00403199 99 cdq
- y2 t. n( p7 I# D$ j0040319A F7F9 idiv ecx8 G" t' V6 m' }4 n
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]- f: L& ?8 {* \% @9 W2 k4 V
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
! B$ Z+ A/ ~8 K6 h& b. h7 j004031A5 8BCA mov ecx,edx
4 o1 Y- f8 S# F+ `7 a7 p004031A7 894424 24 mov dword ptr ss:[esp+24],eax: H' K6 V7 `' N# I4 _) ?$ G* V
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax& J4 `4 t: @( u: K$ C J6 `+ l
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
6 E( J* w* A0 i9 k004031B3 894424 14 mov dword ptr ss:[esp+14],eax
- N4 l9 S5 c- v5 B l# d% A004031B7 894424 10 mov dword ptr ss:[esp+10],eax4 c- ~" L5 [/ e# i }7 u4 g
004031BB 8BC1 mov eax,ecx" I. w$ A$ o: y$ a7 }3 W7 M
004031BD BF 0A000000 mov edi,0A- a1 Z. Z/ ]4 z+ D8 H$ j& Y5 u! m
004031C2 99 cdq/ S* R' W# d" f0 }1 }& f, |
004031C3 F7FF idiv edi/ n* Q+ _# y$ T$ x
004031C5 8BC1 mov eax,ecx
( F+ G. k8 I! t' q0 G) J2 ~004031C7 B3 0B mov bl,0B
C' W k [" W+ N% P5 ]% l4 e004031C9 0FAFC1 imul eax,ecx* t+ R6 t* g2 r
004031CC 8BCF mov ecx,edi
' b v/ `% H, _; Q0 u% V5 G% N0 q004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl3 k6 ^; [* v" x6 ?' M4 ]% m! s& Y
004031D2 52 push edx
; n7 N- p- y" J& u+ m& L4 I004031D3 99 cdq
. ]$ [, ]' w6 u! k) |7 p004031D4 F7F9 idiv ecx. @' G! j& z1 P0 K% v
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]* C$ i" x4 }3 x T! |# \" w
004031DD 2BC6 sub eax,esi
4 C9 e" {- L7 O$ `) G0 M6 ?3 b004031DF 52 push edx
+ N( H. I5 X! L% Q4 o004031E0 99 cdq' w- b5 i! |1 @9 m
004031E1 F7F9 idiv ecx
3 o& g; M7 J" ^004031E3 8BC6 mov eax,esi6 L# u2 V7 k' @9 @3 B+ Z& \; a7 m
004031E5 52 push edx$ h3 Z+ n. ?, }
004031E6 99 cdq
$ Z L' W' ^ x( h& _( ?004031E7 F7F9 idiv ecx
: c5 ]# t& L. x6 e1 F, h" }004031E9 52 push edx
6 }- ]. }; }2 d8 r" u$ Q, j004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
! f3 y" L3 }% J5 r& B0 M004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
3 `2 e* J+ i6 {: S004031F3 52 push edx4 q' i# C( @; r# P8 v, I+ N9 c
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893) D; q0 W; D! }; S
004031F9 83C4 18 add esp,189 _' X9 H4 Y/ L+ i4 L. B
004031FC 6A 04 push 4( `. Y# ]4 D# J' a8 ?7 q q" J" r
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]( Q; m- z; e J$ q
00403202 6A 00 push 03 p; W7 Z% p2 D# s5 X# N
00403204 50 push eax0 [2 h$ F" i5 b: W2 E) c: f
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
; B0 I* E% T+ C2 H/ Z- z00403209 E8 D6530200 call qsr.004285E4$ [7 @3 l# @7 z- H! _. H
0040320E 50 push eax
9 J. S* z9 `6 }0 B& B# _0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]3 X$ ?4 v2 L& A5 N
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C- Z% V# I' N. u& S0 d* i ^
00403218 E8 A7C30200 call qsr.0042F5C44 a" k9 \. B: s* T' Q
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 ]3 G# D' r7 Y: a' o0 w00403221 885C24 3C mov byte ptr ss:[esp+3C],bl, L+ K$ [! W }
00403225 E8 61C20200 call qsr.0042F48B, `! I% m- _; W' x$ m1 e) E; D8 |
0040322A 6A 04 push 4
" G& g/ \- e5 Q1 K5 c. N/ k0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]/ m( M" x! x5 C
00403230 6A 05 push 5
. g- b( M0 e- b# z: i00403232 51 push ecx; e. A- Y; e4 c2 L$ X
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
, O6 n. c( d* C4 k, _' S3 p( L00403237 E8 A8530200 call qsr.004285E49 }. D5 F1 K" C" I
0040323C 50 push eax# k% k9 j$ r/ R& Y# x p
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]/ l1 x6 g! B- P- M7 P
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
0 M t6 @- K; \+ e# T+ P00403246 E8 79C30200 call qsr.0042F5C4
( ~+ d& o4 l; A2 j. c0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]) c9 L3 U9 d! ^( J9 T) H
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl7 L3 {" f0 `4 W2 A/ s) H! }
00403253 E8 33C20200 call qsr.0042F48B7 @( |, E" q$ h3 Z% X, e, w
00403258 6A 04 push 4
2 E. x u+ Q; N6 f5 l0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]' ^1 I- S( g8 @9 ?# G
0040325E 57 push edi
& S0 u" m. s8 ^6 q0040325F 52 push edx8 [" b/ @+ I3 r
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 v1 E% P8 J8 R* r00403264 E8 7B530200 call qsr.004285E4
! [- y& _* l1 u6 Q( i5 {00403269 50 push eax6 w0 G+ w0 b+ H' p
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 Q; }* t4 l% x: ?0 x' Z/ r S6 M
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E6 }2 d/ ?' z8 ?) i, R! X
00403273 E8 4CC30200 call qsr.0042F5C4- q- G. E- e: O/ ^: u( j
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]+ G+ R$ D/ ~( u
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl; v0 c& O& W, l; {8 ^0 X9 ]
00403280 E8 06C20200 call qsr.0042F48B: L8 u5 } j' G1 L3 x1 Y
00403285 6A 04 push 4
. q, D" n' y7 X) K00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
1 `7 t, S6 G* ~ i0040328B 6A 0F push 0F5 _9 {; a! s+ \% e+ d
0040328D 50 push eax
" @0 T. r: Y8 Q, D! l' b# C0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 p% W5 a/ ~3 a" c: w9 L! N00403292 E8 4D530200 call qsr.004285E49 f8 |9 b1 D; y# a: }
00403297 50 push eax
0 n8 G" x8 K7 g+ X8 ?00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
* _- h t, J5 U0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
1 l3 X' K) U; h4 L004032A1 E8 1EC30200 call qsr.0042F5C4
- g* L5 z1 [- \0 X% O( {# J004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( u7 A# b: K8 e' w1 O004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
5 L2 L F9 [, p7 v1 v& F1 U004032AE E8 D8C10200 call qsr.0042F48B
; J$ v4 A5 y5 i. ^) c" U004032B3 6A 04 push 4
4 Z- z! v" L* ]004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
W: S% y9 U# Z. ?004032B9 6A 14 push 14$ C5 G' z* q8 W6 G. s6 p
004032BB 51 push ecx
& x0 l+ ]1 X+ Y' Q& Y( a004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 X! g& i/ M- u" H5 Y, J% y9 j% k004032C0 E8 1F530200 call qsr.004285E4: ?/ Y/ M5 d5 w. u/ z/ r, r9 \
004032C5 50 push eax& W* E' p5 Z; y2 N. @& P$ ]
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 ]8 n9 V2 k, ~004032CA C64424 40 10 mov byte ptr ss:[esp+40],108 ^/ n+ p9 J' N' o% V2 J
004032CF E8 F0C20200 call qsr.0042F5C45 W& }4 @& y8 r6 d
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
, E- l. j5 [4 l/ H l1 [" }7 y% |004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl9 T$ O0 h7 D9 @9 H$ L4 x7 j# L
004032DC E8 AAC10200 call qsr.0042F48B1 Z% z4 C" h+ W. v) v! i$ R
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
* A+ y5 h4 ~# y0 B5 c004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX+ j# ^, g r8 x' a% R q- [
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL) g8 x( B0 \6 k2 x9 L0 ?4 z9 n
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
! g/ `1 o2 p! d/ x' N- c- D004032ED 8ACA mov cl,dl ; DL送CL! S1 ]- Y3 W7 B7 W2 u
004032EF 3AD3 cmp dl,bl ; DL和BL比较/ k- c0 S( t5 j) O, {
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)7 B. }$ ~+ `3 l- g7 {
004032F3 84C9 test cl,cl
% V, Q6 _. k5 r004032F5 74 16 je short qsr.0040330D
4 m# T2 a2 Z; b( w9 D! G; e8 d2 P& U004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL5 ^$ O @& P I
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL& A. q3 K0 {& s4 A& T/ m
004032FD 8ACA mov cl,dl4 p" [& p9 }4 N
004032FF 3AD3 cmp dl,bl ; DL和BL比较
; O2 f5 B& C, v3 ]2 b( e00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)2 S* F; a2 s$ ]9 {: |" Z( ^- f' k
00403303 83C0 02 add eax,2 ; EAX加28 X. k0 R$ g4 X1 K- I
00403306 83C6 02 add esi,2 ; ESI加2& }3 `8 p C x& i- f
00403309 84C9 test cl,cl1 }& x' a2 K/ A. Y) }% ~+ b& \
0040330B ^ 75 DC jnz short qsr.004032E9$ Q# d5 i' f. m" \3 }
0040330D 33C0 xor eax,eax
' q# k( O+ g. L/ H$ l. }0040330F EB 05 jmp short qsr.00403316
/ n; ]/ Q C; x00403311 1BC0 sbb eax,eax
/ _- X" y1 K0 i00403313 83D8 FF sbb eax,-1
' w$ b! z ~5 e# h1 \1 w$ }) I00403316 85C0 test eax,eax) l x+ P. u* q+ B# T" @- s# k! z& X
00403318 74 0E je short qsr.00403328
( H, u e/ {. N; _3 J0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
1 _. ^) p4 m9 \' ^" n* k0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
$ L, ?; b/ G% H# D! G! ]00403323 E9 F0000000 jmp qsr.00403418
% M( u2 \3 K. h) k% [& p4 r" T00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
- y1 W# x' C& a$ _- r0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
1 ?% {) h. e) F D00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
g. B5 w3 U2 e9 o2 x! E00403333 50 push eax
$ {! ?2 O( {9 k; u" e2 C4 e00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
2 T6 F6 |; b; e) _5 u00403339 50 push eax
) Z* r, ~+ r4 P6 p9 s$ h9 G( {0 C0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX0 T$ b3 A4 X9 B% {! P
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX+ o- C- X ^) C, Q& l& ]+ {2 V
00403343 83C4 04 add esp,4 d [: a7 K" N, m# U& t
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
2 N3 _+ j; [* A- H# ]( g00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
H b6 @5 x4 o5 r! G1 \- q: |# C0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
" `( x" Y$ A) e8 U. R9 E. l0040334F 50 push eax
' A+ d+ F) G# G7 k00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX/ G7 A# w1 U- {) | i+ P
00403355 50 push eax- D$ {" \, R. r
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
" p1 }; q- Y% ~0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX/ B1 Y9 ^8 j3 R. \+ a( v
0040335F 83C4 04 add esp,4
p1 A6 J/ |3 u% w! K00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
3 y, @; c3 e1 V! M4 v& K00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& f3 R( G% z5 q3 u2 ~% B7 W
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]# O( N2 F# e" ?) K* K: M
0040336B 50 push eax, Y( k$ I$ Q& Y+ U
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX) H0 t7 ]) @: w: o8 S, p
00403371 50 push eax% e7 \4 D1 I# |3 q& l
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
P# [7 R$ D% V6 W00403377 8BD8 mov ebx,eax ; EAX送EBX4 x/ U3 o9 w' X" n0 a3 V
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
6 u2 ?: R2 H* |3 [( f5 F4 a0040337D 83C4 04 add esp,4
1 ?$ Q! }: ^$ Y; J00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]+ m! h/ R& d+ ?) T
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
- I7 j6 n3 `1 \. u6 x, e* @" C2 Z: j/ x00403387 50 push eax6 Q. ^, @# g; ~: x& S) y
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX: s6 ~. o' W! b+ l* e, F
0040338D 50 push eax$ x/ B! E( H0 s" h
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
1 `! U7 n1 H0 L. x3 s0 u9 t5 j! h00403393 83C4 04 add esp,4( k: d3 h( g/ K. }) K5 v! g
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
+ N+ l( N, T2 P6 g: e5 V! P7 r0040339A 8BE8 mov ebp,eax ; EAX送EBP
. x1 l3 e( _0 N: K! Y0040339C 6A FF push -19 c* J, C! `; V& P* i, l
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX6 v" p) ?- ^4 V; o
004033A3 6A FF push -1' g6 F3 b0 Y! [7 ~
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
! M6 Y; y8 j+ c; ?2 V004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
+ s; u0 A4 b6 p z/ H- L004033AE 6A FF push -13 ?; |7 j8 O7 m, W
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
" \* X) F3 B- _6 D004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX1 F1 q: @0 H. E
004033B9 6A FF push -1; C& }; L( [2 L" Z- w* M6 {
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
3 s$ O3 h7 q+ Z004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX8 K- k$ Q W7 q
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX C. z2 `9 {4 n: ?: |/ [
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
1 u$ R( X) l& e4 t I' J004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX P0 O" Z0 f# o7 b" |* s
004033D7 D1E0 shl eax,1 ; EAX左移1位
. z( b% q/ t" `, h004033D9 99 cdq ; EAX扩展1 h) C0 ?. b! U' o2 [% y5 U
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中2 K- n# C# ~; u% ]$ J5 e+ j1 G
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
+ S6 M# y5 ?3 g; d% P1 T004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
: s* B* k/ w" Q& z004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A- y# Q# |* b$ W* k9 t$ q% e
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
- C* H% u# z; q. H+ m" h' I004033E9 EB 2D jmp short qsr.004034187 x5 ~' I4 p8 a, f
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX5 b# R, w! x |/ l6 r7 O# b3 N
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E28 k# G* F, r0 a. d9 Q: ]
004033F7 99 cdq ; EBX扩展0 e9 y4 r5 |+ ]
004033F8 33C2 xor eax,edx ; EAX和EDX取异或; |9 q; H1 v6 t9 f) K* g
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
y4 H, u4 ?/ Y5 N7 Q004033FF 2BC2 sub eax,edx ; EAX减去EDX
+ K( W! `9 X2 e; a2 M) H00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
1 }+ F0 B$ ]7 W7 C9 R00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
0 Y9 D% D4 v) ]& \* o9 m00403409 99 cdq9 D7 u; [. a* h5 O
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中9 T5 {1 A+ C+ u1 A
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
7 i6 R2 ~4 }: c3 }. Z- z00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较. T8 Q- F" A4 Q
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
. _9 T7 Y" q- p2 v6 p8 I. Y00403418 E8 6EC00200 call qsr.0042F48B ;
- C/ H! p2 c: D3 @0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 {. m+ m4 m# c' m, R- P00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9+ n1 _6 K2 x4 Q, b" l5 ^4 i
00403426 E8 60C00200 call qsr.0042F48B/ P. J& v7 X- y( r
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]; e0 K' ` \3 N7 L1 \
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
! Z$ n, G! s* U( D00403434 E8 52C00200 call qsr.0042F48B
% A! Q' h+ Q. Z% ^* |7 f00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
9 p( s. _: R+ d. I" V$ p0 k5 ?0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
7 K6 P& ?8 C- s' u# x' j00403442 E8 44C00200 call qsr.0042F48B# q* \7 Q1 S5 @
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
( {9 e9 s/ Y& ^9 F* ?0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6; @& H: f( F# {3 j
00403450 E8 36C00200 call qsr.0042F48B5 l3 N# a" W5 v3 ?% x" }( d
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
* o7 W9 H( e( Q7 N: |6 c$ C00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
6 t; L1 i! U4 |0040345E E8 28C00200 call qsr.0042F48B
6 ?" k% ?8 S6 R3 k) W00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]4 T( ^3 ?3 A4 \; }, H6 R/ O1 N S
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
$ S( v0 Y! F+ a2 R" \ a0040346C E8 1AC00200 call qsr.0042F48B# c* K$ R1 N, W V1 c% e X
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]$ f/ d( Y+ C8 H) q0 z
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1# E( c/ _ W0 Y
0040347A E8 0CC00200 call qsr.0042F48B$ {. T m @6 H
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]) g( d5 N5 I, m8 {* P N
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
- t |* C( b. j0 k* O' _00403488 E8 FEBF0200 call qsr.0042F48B
% K( K0 k% S1 B; [0 h0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
. J; t4 E/ g# ^/ [' s( z00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1+ R# y2 ~' C# a- |! v
00403499 E8 EDBF0200 call qsr.0042F48B8 Y7 d1 p# l- F O- c
0040349E 32C0 xor al,al ; AL清02 L2 `; K* P' @/ j& o0 J
004034A0 E9 88000000 jmp qsr.0040352D2 y; C: M; t. A. J6 Y
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
5 b/ @7 l; |. \# b8 X) |004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]0 i2 c4 f: n. c P( V+ l1 N
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
3 R7 I$ b+ e( g* o: O004034B3 E8 D3BF0200 call qsr.0042F48B0 J! O" U6 F' j! G$ P, q
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
7 j' k2 X1 ]' v4 q2 b( y004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8: T% _1 q# @5 ~' O* Z2 H$ z
004034C1 E8 C5BF0200 call qsr.0042F48B3 ^' f5 M) j. k
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* U/ ^# e& u. q
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],77 S* y" }7 Z; H# R
004034CF E8 B7BF0200 call qsr.0042F48B, f3 K' @$ W7 q z$ @
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
8 s# S: }$ P- a: Z' C% ]& b004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6) ?2 ~. b1 D8 J4 A$ t: i' R
004034DD E8 A9BF0200 call qsr.0042F48B, h) H7 o$ {! l) G) B1 D
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 v+ I) v9 j5 Q" Z$ k004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],34 H# \: V3 A5 z8 r9 r1 ]+ Q
004034EB E8 9BBF0200 call qsr.0042F48B; Y) M2 x& e7 y7 @2 ~2 d/ j
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C], f( }9 w9 h7 s) ^5 d
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],26 B- n3 X$ g2 S7 U j
004034F9 E8 8DBF0200 call qsr.0042F48B( Y- `) l. f& O, R' S
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
5 l( g: e0 G7 z! M00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1/ B8 u6 t# `, }) K7 [# @0 U
00403507 E8 7FBF0200 call qsr.0042F48B/ {5 ]! s1 X6 A7 J3 l2 [ `5 L
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]5 y Z( P3 G) w V9 N9 a @
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
- f( \2 W$ F: K$ b. \% }4 _00403515 E8 71BF0200 call qsr.0042F48B9 b/ s3 }1 O' v) {; E
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]/ V p2 b/ c8 _% D
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
5 _9 o/ r% j+ D4 l00403526 E8 60BF0200 call qsr.0042F48B2 b* J/ y* l Z1 Q! s5 F! f' H d
0040352B B0 01 mov al,1. ?7 W* S K+ W$ z2 g5 B
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
& D4 B( Y8 P8 f& _; i, L00403531 5F pop edi* }4 @( y4 {$ `# H Y
00403532 5E pop esi
$ u' P- z6 Q5 J# b9 c2 o00403533 5D pop ebp+ }/ o ]( A" q; I/ b
00403534 5B pop ebx
' o$ s. ^: X, E! W4 z* G5 l00403535 64:890D 0000000>mov dword ptr fs:[0],ecx5 w8 E r6 @( f2 t2 c
0040353C 83C4 30 add esp,30
! L5 n' s3 T5 ~4 `0040353F C2 0800 retn 81 Y% }0 f$ \! S$ j
--------------------------------------------------------------------------------
+ g, W) m$ o4 K$ \0 n) P【破解总结】
: T/ p0 o( g$ i1 f 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^. L$ ^" k7 [0 r$ i' r
用户名:yijun' \( w3 Y& L! ]* V; G4 D5 I& h
注册码:4893*7777*3726*7777*0529; |5 L, m! C* u; Q% {
--------------------------------------------------------------------------------) Y: u' C. j8 e/ O
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡