|
|
|
【原创】破解Quick Screen Recorder
' S# t$ d& [6 N1 `* z【破解作者】 yijun8 F& v' ~* B+ g9 n
【作者邮箱】 [email protected]0 a8 c) k7 d0 j( ~0 Q- c4 c
【使用工具】 OD,PEID
, @+ \7 f" K% d* A7 I; y; U5 \, f {# d3 L【破解平台】 WinXP6 p- \ c) C6 S9 G G' z$ B5 W+ v1 F# r
【软件名称】 Quick Screen Recorder
: Q# j) O3 S3 r6 `+ A【下载地址】 天空
1 ~% G% F! y0 L# l" z4 R7 ]7 [, f【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
: x4 R5 m( l! O8 F! u9 P& M! }# Q7 }【软件大小】 540K
4 V3 g$ F, N1 H# ]8 g0 ?【加壳方式】 无- e, M- F9 n4 J, L* b. K% W* Q4 \- Z
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)8 _2 Q& Y/ |+ b
--------------------------------------------------------------------------------
6 W8 `; m, Z* m1 m0 u4 d【破解内容】
+ K; r) O4 b& C PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:3 i7 D$ }/ B1 |8 I1 O8 J, Y
00404C69 55 push ebp //在此下断
+ ~9 z8 I( B! w" o( Y0 O k7 `00404C6A 56 push esi
i: b! Z& n5 K8 N00404C6B 57 push edi
6 _! D# I, Z, e% f00404C6C 8BE9 mov ebp,ecx
# [6 d# l. b* L8 J _$ V( h00404C6E 6A 01 push 1- z i$ s8 m3 Q4 s/ L* H& |; ]
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名2 }5 ~7 {/ ^; w+ u
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
6 n, h% b. m4 d* U00404C78 8BCF mov ecx,edi
" Q$ M, D) q9 O0 m0 M1 a00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码# b. o& a+ y. s$ n5 ` \) \" ^
00404C7F 8BCF mov ecx,edi
7 B" e8 _& n1 H% }8 {. K7 ?1 u- g00404C81 E8 A73E0200 call qsr.00428B2D
- z, g) N. j7 f q! W/ t00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
! f$ @& _# b) x. G00404C89 8BCE mov ecx,esi2 i0 V4 q7 W! b1 ~
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
4 S+ l8 u# Y. n- m3 o- d" h00404C90 8BCE mov ecx,esi# B U+ v/ B% x8 | \
00404C92 E8 963E0200 call qsr.00428B2D/ |% r; C- t# p, o+ Q
00404C97 8B06 mov eax,dword ptr ds:[esi]
; J8 c3 F# A1 ?" r00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
4 z! P; }( x0 u$ a) z) }& E0 ]00404C9D 7D 26 jge short qsr.00404CC5
6 ^, X! O- r0 i8 h' e& ]00404C9F 6A 40 push 40
7 x! {' { g1 l3 z2 F, c00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
# j0 b% Y, ~% @2 j" _9 I. @! O00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name.". B; }# k4 H6 C$ U) N
00404CAB 8BCD mov ecx,ebp S; C% @ |4 Q* z. ]3 O
00404CAD E8 C3840200 call qsr.0042D175
0 J; Z; q5 B2 c n9 o( X* M: d00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]( o' t: t4 Z! _
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx% s/ ^% L2 B# u# s W' \4 K% q, ]
00404CBD 5F pop edi
3 ]' _8 ?+ L9 l3 W& w00404CBE 5E pop esi# B H! k% _) v1 q! |4 \7 A! S
00404CBF 5D pop ebp) v# b) j3 Y, J7 q! A
00404CC0 5B pop ebx
% M0 \+ ^2 `9 o) F/ q00404CC1 83C4 18 add esp,182 _" T. ~8 w& A" H- F
00404CC4 C3 retn
4 S8 q2 ?2 [0 L9 o B00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
# N0 O, a# |" Z3 q00404CC8 84C0 test al,al% r9 k2 P ]! c V
00404CCA 0F85 1C010000 jnz qsr.00404DEC* N1 {3 p! d7 t4 x+ c$ P
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 W/ h. D: _3 B3 X
00404CD4 E8 87E3FFFF call qsr.00403060; g3 p+ \& C- ~& e7 _! _ B! n# r
00404CD9 51 push ecx& p7 B3 L) [$ C, Y' n
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
) h. j" C; K( y00404CE2 8BCC mov ecx,esp
2 d( u1 o) z6 s* |1 m# S, x0 i00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
3 f# V# e$ ~# Z- u+ o) E00404CE8 56 push esi. Q1 H4 A o; c. A9 ~
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
# X' J! b* ?+ H1 q9 h# s00404CEE 51 push ecx6 L# R* r. l) v3 Y* \5 w
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],15 a& p! Q+ z; L k9 p; x: i
00404CF4 8BCC mov ecx,esp" p, o$ |/ G1 _3 F8 {& D
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp; s" H9 h$ Q- _# Q+ Q' p: V. K
00404CFA 57 push edi
: \( G8 U* [, g: w- [4 e3 G) G00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
1 m: p( ^8 r& Z2 h00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 Y0 a) B+ o: L& ~ K, W# d, |
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],08 J; F& B4 A( o- a1 G$ j$ _
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
- x7 E' i: w4 F* I) Z/ U00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~' v: A( k7 R+ H2 r& X: A
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
$ f# P1 @# F. F1 @7 L8 M, k; G00404D12 6A 40 push 406 p- J- W; V6 f8 I
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
9 P8 i" G% \% M7 |# f5 x" \, \3 a5 `00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
3 R- y) {5 l* l" ?, h/ K00404D1E 8BCD mov ecx,ebp* V# Y0 b' t$ D) ^, n. [
00404D20 E8 50840200 call qsr.0042D1755 |* v# y2 b8 V' e- x
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. @; F. U( V, O9 D
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1: E2 ~% G6 A/ z7 R& D9 _4 }" g
00404D31 E8 5AE3FFFF call qsr.00403090
. l, H# m8 N! K& j1 a4 Z00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
3 l# m' M* B. W9 R- I8 L2 P00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
9 \& l7 E" Q0 E; F2 g+ P8 s) Q00404D41 5F pop edi$ W, t$ W8 t+ m# m4 a
00404D42 5E pop esi
2 A" ]9 W4 F3 u6 `7 Y00404D43 5D pop ebp+ v G' M! _! ]0 J1 G
00404D44 5B pop ebx! N+ e" S m0 N6 {; ^, O) x8 T& h
00404D45 83C4 18 add esp,18) q0 {5 z" q1 i- I3 k3 ~7 Q7 ]
00404D48 C3 retn
$ I* ]8 m8 W0 S8 w*********************************************************************************************************************************************************1 z8 h4 q! E' I- L2 [# C7 n% Q1 n
跟进00404D09处CALL来到:4 u& p+ P1 D9 @8 }% N. n7 i6 R
004030A0 6A FF push -1 //一路F8下去~~~~9 K# U2 R9 h2 [; C1 ~' t7 d
004030A2 68 C88F4400 push qsr.00448FC8
$ o- N: P% J3 d5 J1 r# N3 G& a004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]6 Q/ S" y( h0 R
004030AD 50 push eax# z" g" x" G3 [" O. Q# ^, i( U
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
' X: L* P3 A- G- E% Q004030B5 83EC 24 sub esp,24
% \/ A. o+ T+ D+ {9 V g004030B8 53 push ebx" R3 s/ @/ X' M% x. ]
004030B9 55 push ebp
5 e' X- H J0 l, F004030BA 56 push esi
% `+ |! F% M3 g004030BB 57 push edi
: a4 T4 c/ b/ j# l2 G7 x& Y004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
1 M. p" }6 p: D4 s; B0 T- b- G6 c004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
. ^. [# l: G) H+ s; X004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1% D- P0 V1 O* g$ P$ p
004030CD E8 27C40200 call qsr.0042F4F9
0 D0 ?: H: i$ v004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]) s* i3 D B8 d2 a
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
* ^2 w+ r& K9 v: K" U @" P5 O0 E004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]7 t6 @8 b/ D! w3 Z" V9 Q3 T* U
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],31 N4 p3 i- ~+ d
004030E4 E8 905A0200 call qsr.00428B79
) q y5 w5 O; p9 E2 Z& Y004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
. T2 d$ W& H) Q, \0 s004030ED E8 3B5A0200 call qsr.00428B2D# K; Y( s3 m# H! y+ m) Q) ~
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
0 ~" W. N3 e2 g. ~+ h( }/ T2 w004030F6 E8 7E5A0200 call qsr.00428B79
0 L( l7 l" l9 D* M! N3 Y004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]6 ^; q( e) z0 H
004030FF E8 295A0200 call qsr.00428B2D
0 u& Y. z2 a3 }8 G00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]9 q! I# F, V+ E( }0 i
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
6 ^* ]1 C3 X; r# |/ H# U0040310B 83F8 02 cmp eax,2
) }1 ?9 d! e) v: _8 X2 l9 D0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
) d! D3 E4 o* w+ T00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]6 T7 `. b3 G& X' Q1 Z3 b
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18: o1 p. I4 C1 a! o% a
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳. f2 T$ |5 @5 l
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]+ E% d! e7 D: H
00403126 6A 01 push 1
, N: ^' F) R V* y! e# F00403128 50 push eax
) D3 j1 B! k8 O2 O; ?00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50], X* R9 n4 c$ N
0040312D E8 C4550200 call qsr.004286F6! N' z" y0 E0 U& q- A
00403132 8B00 mov eax,dword ptr ds:[eax]7 k# e* M) a; D2 f) I
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]) w3 ^- [" q. ~
00403138 50 push eax7 o! Z% H0 U3 a7 i$ H
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
- _" ^5 o: M: p X$ h2 O0040313E E8 4D560200 call qsr.00428790
g* o0 [8 u3 x% v7 \; h8 `00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
0 v5 P; u$ B: _* Z00403147 8BF0 mov esi,eax
" t# Z {) i3 D* x# s, V00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3$ C/ j! b9 k4 X% S/ P
0040314E E8 38C30200 call qsr.0042F48B
- S1 y! n; N) J6 x$ W00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
2 [( G+ }, t) b3 m00403156 B9 3E000000 mov ecx,3E
: I7 ?3 E2 [/ z: f+ c8 I0040315B 99 cdq h/ ^' P: d4 t- v! i7 _% ^
0040315C F7F9 idiv ecx N D0 j1 T) V
0040315E 6A 01 push 1
4 e6 a# B2 l* ]" U" z00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
% y5 ~: ^, v. m! l/ T3 W00403164 8BF2 mov esi,edx3 T1 [% a# Y Y: E, Y4 i' |9 P {- a
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
: Q( }5 G; _: I# u! _6 X0040316A 52 push edx2 Y1 D- P' Z( E9 j+ y t8 A
0040316B E8 0A550200 call qsr.0042867A
3 Q* h0 y. L& U% h: S00403170 8B00 mov eax,dword ptr ds:[eax]4 u/ S2 b# H# ?9 _% j
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
- a' x& ?3 k8 t2 B00403176 50 push eax
9 ?) A, o! q. f* M6 |4 }00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
6 h5 u" h0 Y: ]1 ?0040317C E8 0F560200 call qsr.00428790
0 m; o( S4 S& B+ F. K00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]. R9 R- `" o; ] A; P3 }6 K& c
00403185 8BF8 mov edi,eax
) P; A: L: F7 H: c$ P8 C1 e" Y+ W00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3! O" ^& m& R2 u" r
0040318C E8 FAC20200 call qsr.0042F48B
. u/ _: [, Q: y5 N. I; U" d6 ~00403191 8D47 0A lea eax,dword ptr ds:[edi+A]' I) d. O9 j2 k3 S0 X5 D' \
00403194 B9 3E000000 mov ecx,3E3 Q8 b4 a" }- b* p( B$ u" q/ I
00403199 99 cdq6 J7 p. s# P7 {' A
0040319A F7F9 idiv ecx
. C1 |. C/ ^4 B4 j0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]$ U. a! p% R' x# ]
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
/ \# m, A! D6 h% P4 _4 G. Z: G: ]004031A5 8BCA mov ecx,edx
& n6 T8 }* l$ F004031A7 894424 24 mov dword ptr ss:[esp+24],eax, B1 H( u& ^; O2 {/ h% K
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
- p$ ^7 y0 i' R @ X5 C004031AF 894424 18 mov dword ptr ss:[esp+18],eax7 m. H, S) T. j7 b. q
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
2 O$ l, N+ q& \3 v& P004031B7 894424 10 mov dword ptr ss:[esp+10],eax& q. s5 ~3 V0 N; L* k1 Z" p8 h
004031BB 8BC1 mov eax,ecx
3 b' ?- T$ w1 L' T& p5 a6 V# a004031BD BF 0A000000 mov edi,0A
4 w0 C) h& N5 k004031C2 99 cdq
. y: E0 q2 t8 E6 y' |6 U004031C3 F7FF idiv edi/ `8 P, c; b/ f d0 B
004031C5 8BC1 mov eax,ecx
! X, n" J( B1 m) R9 V1 Z4 Y004031C7 B3 0B mov bl,0B) _* Q# V0 @" e8 S# F1 b# S
004031C9 0FAFC1 imul eax,ecx
& M2 w: t6 v+ B+ T& C( v004031CC 8BCF mov ecx,edi V, k7 N& W- q
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
1 K; a Z; s( e! T6 a004031D2 52 push edx
1 i/ _7 b+ e1 f8 `- b3 s4 k004031D3 99 cdq
6 O: o7 h @2 h% h004031D4 F7F9 idiv ecx5 ], u7 M) a& T6 w3 H, v: @
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
6 H- I# V0 W9 I6 f* H004031DD 2BC6 sub eax,esi+ H1 B( W$ H8 J& }9 C1 e7 p
004031DF 52 push edx( N* @5 K5 h& F$ M4 C
004031E0 99 cdq
, C+ I. v; @. A- @6 D; x& {1 e004031E1 F7F9 idiv ecx# A4 O+ `0 f" _3 e, K7 \9 t! u
004031E3 8BC6 mov eax,esi" |) G+ ], |7 k, M) ~
004031E5 52 push edx0 R! P' x8 v7 U
004031E6 99 cdq
: h8 o) Z& V* g' l) B004031E7 F7F9 idiv ecx
! h1 x7 F& F. j. G3 K ~# |004031E9 52 push edx
( V# \3 v3 c- ]" ~. \. [004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
- } ]- }9 t/ D' x$ d004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
9 d& B4 R3 a% i004031F3 52 push edx
$ S6 j* n% P; U004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
6 f* U% n3 n1 e! D2 Y7 l8 X004031F9 83C4 18 add esp,182 a) P' ?: [4 o+ r8 B9 k0 ?
004031FC 6A 04 push 4
" Q5 {( o) [* {, V3 ~3 o y004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
/ s3 |& p6 ?1 V7 |; g# I5 g7 N00403202 6A 00 push 0# c5 V) \! n$ \- E% S% k' d& g8 ?
00403204 50 push eax
& K4 W6 | D+ T8 n/ Y( v00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
' p% p5 D0 ~6 W6 G00403209 E8 D6530200 call qsr.004285E45 h+ I% v# i8 F
0040320E 50 push eax7 f. O0 a9 |) G7 n4 [
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
: s9 K: Q0 N# q: ?% A8 q/ o) N00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
" z8 l( \2 F6 L+ J* [* k00403218 E8 A7C30200 call qsr.0042F5C4
+ `& u$ Y6 f. y( {9 Z+ m$ o. f1 _0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: r9 f! ?6 Z7 |4 @5 a r" T
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl& f+ f! K) |" ~) S5 T
00403225 E8 61C20200 call qsr.0042F48B
# e; l! b# m$ C2 ]$ D1 e7 y0040322A 6A 04 push 4
0 I8 I/ O6 s3 \ l0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]- M0 k# @" X: G( l# b3 V* x
00403230 6A 05 push 58 K! D ~: S$ ?6 `% ]
00403232 51 push ecx5 w2 n$ R# I3 c
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 X- u1 N. {0 w% O: x00403237 E8 A8530200 call qsr.004285E4
% x1 a$ U6 V2 H& e0040323C 50 push eax
8 }7 d& n! x1 u8 p0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 x& U2 C$ P% r- C' }0 \00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
* ?; I ?) W5 S o- q, o00403246 E8 79C30200 call qsr.0042F5C4* @1 s* o4 y3 @/ y
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" k! M7 p9 g0 C/ Q0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
/ A5 c2 E0 T& K. N( i: O3 U- O00403253 E8 33C20200 call qsr.0042F48B9 ^$ O; K% v3 W2 j
00403258 6A 04 push 4& t& y! L$ B7 `# M) e+ c; t
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
" M5 I3 x4 b: k1 J8 M0040325E 57 push edi
1 y0 N" N) [# T0 c4 U7 C8 Z. M( N0040325F 52 push edx+ [4 P: i' H2 S; M) H
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
: [+ l/ n% A# z J7 h4 }# Y* x00403264 E8 7B530200 call qsr.004285E4
' I* l. T& U, d8 ] W& M00403269 50 push eax! A5 }7 Q4 V8 n7 L; Y
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 F0 O' {! i: w g+ Y+ R
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E& S T; _2 Z" X. Q
00403273 E8 4CC30200 call qsr.0042F5C4' Y+ K& v4 w0 e p3 R* T2 U, D
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 _1 V# y( R, h* e$ S5 _/ p0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl8 J% s( W0 C3 `! C+ C3 [
00403280 E8 06C20200 call qsr.0042F48B
) q. L( K# j9 x8 O1 a00403285 6A 04 push 4; s0 T3 q. x# ~$ R. j6 c* _
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
" l2 g% W0 q) y9 @ o3 V0040328B 6A 0F push 0F0 W# l/ V5 I, H5 E) L
0040328D 50 push eax
|8 I k6 Q* N4 g, d0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ u3 E! K3 |/ n9 @# R
00403292 E8 4D530200 call qsr.004285E4
' J# s3 [* y, h3 v9 t" P& A8 |00403297 50 push eax
& T4 L$ [+ z) p- w& H8 ], V00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]1 l# n2 x; j: H; d
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F. C4 C( c/ _" g! n4 i! ]* M8 y9 [& n
004032A1 E8 1EC30200 call qsr.0042F5C4
* q) L H! b# g2 ^5 v$ n004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
* y9 I# C H: O1 ~004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl% _( f* W9 M, P3 p
004032AE E8 D8C10200 call qsr.0042F48B
! e- o# Z3 q+ R004032B3 6A 04 push 40 O% i2 |6 R) j5 N
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]; t1 u4 t7 b* F- e% K
004032B9 6A 14 push 14; v g( H1 i0 }7 Y; i
004032BB 51 push ecx
S0 X( u4 g+ J m8 X# G004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ J/ [: w) \6 p: v
004032C0 E8 1F530200 call qsr.004285E4
) s) }$ j' q6 w! B- `004032C5 50 push eax: X( \2 L4 S* f4 [& z+ m! J: W
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
7 Y# E0 L- K% W1 t* m( o; P004032CA C64424 40 10 mov byte ptr ss:[esp+40],103 Q; }. \5 Q. V* _, p3 h, m2 f
004032CF E8 F0C20200 call qsr.0042F5C4
* _* L: X, J5 u" U# r) K004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: Z& W h; F: U. Z, r1 k" N, B) {
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
8 g3 q0 x6 M# l9 g- T0 U004032DC E8 AAC10200 call qsr.0042F48B
8 u# [# U5 B' T* y2 l7 d8 y004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
( n6 _: a, S% f1 k004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
* y8 ~2 d$ k: Q( O) C, ^7 }; e5 R004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL+ m6 Y7 V* p: s( g* N$ O/ [
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
1 u' R3 q7 V" j( S3 ]9 x$ Y004032ED 8ACA mov cl,dl ; DL送CL7 o7 W% C: m" w' u5 l
004032EF 3AD3 cmp dl,bl ; DL和BL比较
0 y! U- R, u7 q1 L% Y+ z004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
Z) u; k: y* V1 Z$ X9 D004032F3 84C9 test cl,cl% n: z" i8 P- m# v- a
004032F5 74 16 je short qsr.0040330D
. g# `: ?5 f* r3 h5 I5 C& p' ?004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
( T, E3 F$ r. Q004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
( {& k0 ^, K" B" e* W8 }004032FD 8ACA mov cl,dl: q% F/ D Z+ G2 b
004032FF 3AD3 cmp dl,bl ; DL和BL比较3 I/ T2 d0 y9 I0 d6 g3 m
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
% P: V# t, |; k$ _$ H# d" U( T& `00403303 83C0 02 add eax,2 ; EAX加2$ p: y$ h, X$ `! u
00403306 83C6 02 add esi,2 ; ESI加23 i% s2 e7 q" c% ^4 j) x' x
00403309 84C9 test cl,cl$ _# o7 C @/ H6 ~8 I* I
0040330B ^ 75 DC jnz short qsr.004032E9
% d z) L' u0 r+ d. i7 J0040330D 33C0 xor eax,eax
F1 ?* c! t, D& o: r9 R0040330F EB 05 jmp short qsr.00403316
1 O& E0 c1 w& m( }3 q& O00403311 1BC0 sbb eax,eax/ n2 p, ~ |4 [2 J9 J/ W$ \- z
00403313 83D8 FF sbb eax,-1 c) ]" m; H: O: r( j
00403316 85C0 test eax,eax; T9 |5 k! L) ^9 ~$ `9 E8 c3 X- T2 Q; W
00403318 74 0E je short qsr.00403328* a1 d1 ]# O# {5 ^
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
8 v0 e5 z. t4 y/ x; _0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
/ i' `9 Z2 h: Q2 X# I: n00403323 E9 F0000000 jmp qsr.00403418; W' y0 t$ p$ m7 C" z* X) x
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX# I# c2 K0 _3 M, z4 y7 g! U
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]; W8 ?- T; t1 E' F% F- z
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
' f5 k8 g: T+ Z) d1 @00403333 50 push eax
9 j5 l W! h* Y00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
5 v; ~6 A2 l" |% ]00403339 50 push eax. q7 y- f3 _9 y8 n2 B5 b* n% B6 G; G( Y
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
- U6 _! o4 z' h3 ?0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
% F R% }. e: o( S- Q00403343 83C4 04 add esp,4
I( u. U( ~0 {& o, e' i" Z, j- G00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI, F- l) Y' F% t2 J- A: L1 ?
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]1 S& w+ j6 a- Q! W8 d" p
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
0 N( s. P" s- b. P' ]0040334F 50 push eax: x- `4 w, k: n! N3 [- m u ]# v
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX; w4 f) `7 ? @, t% E( J, q
00403355 50 push eax
) M. n9 V# z' L" A, F00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
( r2 _- z0 F9 V5 w- q* b0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX; O: F" \4 j# n! a4 }8 @1 u
0040335F 83C4 04 add esp,45 u$ g' e9 y1 M) d
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI% ^& J$ ` W* ^' w
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 Z9 T. E9 O- T# n& i
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
! G! m+ ?& F3 ^6 B0040336B 50 push eax
8 w3 D! R! O5 b6 [0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
6 s1 J3 e. e+ w3 d* ^$ q00403371 50 push eax
" X8 A- L k1 K% D. k00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
2 a+ G; w7 ^& N) ^$ k: Z- t00403377 8BD8 mov ebx,eax ; EAX送EBX
+ t5 I, O$ N; r! j+ a; H; u, S00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
" t& ^! S7 v8 }. N$ i0040337D 83C4 04 add esp,4
+ w- z! m$ F: V6 K4 S; l00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
2 i p& D/ G! g% [" [ {# Z6 R00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]3 _4 h$ k% k I" _( u' _# C
00403387 50 push eax1 O S/ D0 ?! Y/ @
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
2 m5 t/ a& C% n% |) l0040338D 50 push eax
6 x+ V; M. c& Z0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
& ^! f7 i! P; x- O- c00403393 83C4 04 add esp,4$ }1 e9 ~: v8 ]" x: m4 a
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
! A8 @; ~: e$ U& s- ?3 @1 V0 ]0040339A 8BE8 mov ebp,eax ; EAX送EBP0 b4 `1 i2 J$ `1 K( ]: b/ E8 _
0040339C 6A FF push -1/ H1 _2 C$ E/ f& D5 T- @
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX; n% l" W: p0 r
004033A3 6A FF push -1
3 L$ t; V7 ]" a004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX/ _' p+ a$ [9 d: U8 [
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
" Q3 P; J4 d+ }* q004033AE 6A FF push -1
, V4 U2 [3 I" B; a9 E; d% ^004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX& X& N! v/ k- @7 K8 U0 d# k( @: y2 T
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
% j. R# @5 g$ u8 f; o% E' N004033B9 6A FF push -1: a" l; h8 v, T& }( L# X: `0 a
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX, }7 n# r* O2 R7 \4 [" A# i1 }
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX" v6 G, ^6 b" `" |7 e4 \+ k' ~- ?
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX# P, N7 t# e/ I
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
0 ^* P6 {2 z9 X0 e5 S004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX, u- [. Y) D0 i; O
004033D7 D1E0 shl eax,1 ; EAX左移1位+ I0 L1 Z5 [ k V6 v3 |; a% j& g
004033D9 99 cdq ; EAX扩展( x, e. ^: R3 _7 Z/ u5 i3 ]
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中/ X( N3 k( j9 S& N% }
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
3 l, P: b+ j4 I9 P) e0 \4 S004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)9 _: r1 ^. e; B0 r, t6 F7 {1 g
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A; h) [5 J% I% A# H( n' m
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
9 q" X8 @8 `0 P5 i3 O+ K004033E9 EB 2D jmp short qsr.00403418. }" R0 i* F0 ?; s6 ^
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX6 B. X8 C9 q1 p ?! o6 a
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2" V" Y0 ]: H* D' }
004033F7 99 cdq ; EBX扩展
. P( {2 l# N- Y0 s* n( K004033F8 33C2 xor eax,edx ; EAX和EDX取异或
3 [8 l E5 i" @004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX' Q, E: L% _$ x/ I$ U
004033FF 2BC2 sub eax,edx ; EAX减去EDX
1 Z4 r5 ^' F6 R' A00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]- p/ T: [7 I8 |9 B0 l; p/ y$ }
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
% [; k, F2 F7 l5 v8 d' v# d1 K00403409 99 cdq
2 o2 b" r1 U- {: E! u( A3 b0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中5 c' a3 |) e0 b3 s
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
3 {. o6 x3 ?6 x" o/ X00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较3 l" L8 k. R* u8 S' Z
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)8 i$ B& j5 C5 C3 B
00403418 E8 6EC00200 call qsr.0042F48B ;
C) y2 [: e8 @0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* }$ e. ?- d; p2 v& F# u3 g0 C7 b# \00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
. V W6 ^& H$ R5 ~' C. b00403426 E8 60C00200 call qsr.0042F48B
: K% f$ w) [1 z0 Y4 a0 U/ M0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 F j! O8 @+ j" f1 T0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],85 P+ _3 P* u, W' e
00403434 E8 52C00200 call qsr.0042F48B: ]8 [- r9 b7 K2 i$ j0 {
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
U* Q& B! _9 K8 S0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
5 L) z( T8 u% h9 G00403442 E8 44C00200 call qsr.0042F48B% A% }/ {0 P: X) y7 V( q: B
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
! X& \( B/ h1 q3 |) ~, s8 V0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
7 r! _6 L# f( v2 l- ]9 d* A+ H00403450 E8 36C00200 call qsr.0042F48B0 Q; |7 I" H9 j& Q( z7 `. I1 ~
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 @) y, M4 U8 Y4 G; z( W. i
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
( s7 ~. {2 G8 `! l4 V, k0040345E E8 28C00200 call qsr.0042F48B& n- W- o$ p6 o7 G% C
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
8 t/ o6 B/ ?1 L0 ?5 x4 Z00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],24 X8 V: g8 q2 @* n! _; u
0040346C E8 1AC00200 call qsr.0042F48B
+ r0 X3 i2 @# M! Y( e K0 @2 z$ I00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
- E n& A, f$ k* S. A6 U8 O, w7 N" q00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1* Q$ W1 T$ v, I( o* B* \3 `* y% s2 Z
0040347A E8 0CC00200 call qsr.0042F48B
+ F* v; G5 k, u+ \8 y& W& u0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
i/ F$ X+ E) b! M! O2 \3 V00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],03 D9 N; Q' b" F5 n9 s5 T$ Z0 g9 U7 ~
00403488 E8 FEBF0200 call qsr.0042F48B
' `% {: r8 `. Y# }+ S' {& n0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
" r( W0 u$ n# C3 J' K00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
' r1 b: F6 a" o& F2 c6 I' j00403499 E8 EDBF0200 call qsr.0042F48B+ a9 \3 a+ W+ t- Y! \2 s' l; E
0040349E 32C0 xor al,al ; AL清0* y, H. ?8 x% h/ P& Y+ N( ~
004034A0 E9 88000000 jmp qsr.0040352D+ t+ f; [" t% v6 S) h" I
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~% B0 Y/ \0 R$ h! e7 ? J
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. B; n8 l. S4 |1 [
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9% Y6 D' B2 S" c1 Q- q' q( ]
004034B3 E8 D3BF0200 call qsr.0042F48B/ P$ ~4 b' X1 c6 V% t( z& @) F
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18] D# b7 R& |2 R& M; |5 M) {
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8, @- R ~( z2 K: l n' I: P
004034C1 E8 C5BF0200 call qsr.0042F48B
# h7 K0 l2 R; ]/ U' s004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
5 z1 |4 p. V |& i' J004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7; k! X' f1 G. r1 @% N4 @
004034CF E8 B7BF0200 call qsr.0042F48B0 m; V; W9 y$ G0 [2 A
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
- u, O/ ]" ^/ y6 f; A* Y9 M3 k) t& l004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],61 d. a% ]5 M' v1 Y
004034DD E8 A9BF0200 call qsr.0042F48B3 {# @' j Z4 e6 W1 M
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
6 f# w0 E" a* D9 ]5 ]004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],37 e6 ]: g1 R8 u) j
004034EB E8 9BBF0200 call qsr.0042F48B
6 A9 m0 e7 N% H1 Y, d" G004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]9 v$ T% m2 v2 y1 V
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2& B; H% A0 L7 d O1 O+ n
004034F9 E8 8DBF0200 call qsr.0042F48B- E7 v/ |& f/ q# }8 J5 k
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
- r; Q3 U; [# c* g2 `' M0 z00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
# ]6 ^% L# j+ o/ w6 r6 C8 {00403507 E8 7FBF0200 call qsr.0042F48B
. w4 ]# E/ {6 l% c. O% u/ M& B0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]4 ^/ K4 l( n R: m
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
8 `8 l0 {) \3 k5 u; e' j5 p( `- K00403515 E8 71BF0200 call qsr.0042F48B" x% L" {! B) Y% G
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
; I0 ], J: X, B. N! G3 M1 J. X0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1* {$ {. v g8 H* Y; h
00403526 E8 60BF0200 call qsr.0042F48B
0 ]' l5 h( z2 O9 D# i! L7 @1 e0040352B B0 01 mov al,14 w& f, i4 `# D7 J8 O
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
% R, H( o3 ~* n3 `1 o/ ?00403531 5F pop edi
4 ?& R. j' X/ |: u00403532 5E pop esi t; |. y$ N1 K6 A ]
00403533 5D pop ebp7 ~- C0 K- `% ]2 r+ ~' e, w3 |
00403534 5B pop ebx# \/ [' L/ V5 J2 ?) ^. Q
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx, M- U1 R: v9 l9 y7 y4 P1 p( @3 H& {
0040353C 83C4 30 add esp,30* B% ~9 r( l7 }6 f$ I
0040353F C2 0800 retn 88 ^1 i. {& i# V1 R3 g% _
--------------------------------------------------------------------------------
' t; ?. z4 P" S( ]1 |6 ?$ |2 z2 V【破解总结】
9 Y. n- P- A3 s8 ` 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
5 n- x6 } b$ Z! o用户名:yijun
; P4 G7 {' J0 c2 ]4 [+ v注册码:4893*7777*3726*7777*0529
$ i& \& T: F* T6 c# \" L* t--------------------------------------------------------------------------------
2 b2 d1 Q+ X0 M/ ? T/ m! Q【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡