|
|
|
【原创】破解Quick Screen Recorder
1 v8 r/ H! }! H' \. _' I【破解作者】 yijun
1 v: F# G% [( P( _$ a7 {( `7 I x* l【作者邮箱】 [email protected]
$ D: W; H1 A( d. x5 ?1 K9 l9 h【使用工具】 OD,PEID
( T; a8 M1 @& P. P5 B+ K) f【破解平台】 WinXP: @8 E N! ^, s* D" x
【软件名称】 Quick Screen Recorder
" X& M- O: [* y+ w8 v8 u- z6 W' v【下载地址】 天空+ G( @7 p7 G7 p+ B; T. r3 S( _
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 5 ^+ t) {) l. u1 J
【软件大小】 540K
) X: F/ [" g2 Q i/ m- j- A【加壳方式】 无
$ T4 ?1 ?/ ^ j【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
; {# Q1 E" F4 ]! o7 V9 Y; X* N--------------------------------------------------------------------------------) @! j! o- @! z9 r5 Y
【破解内容】7 k4 Z+ F w; E! D4 K0 g
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
3 Z! \ t( d4 c) }4 z+ V& ~$ L00404C69 55 push ebp //在此下断
! a1 e* s v/ i, i) D00404C6A 56 push esi
9 ~! Y; j2 C( z00404C6B 57 push edi
" e; Z! q( U- B1 X% E& A9 a# ~" R00404C6C 8BE9 mov ebp,ecx
+ j) f* Z; X3 y1 L00404C6E 6A 01 push 1
& E( t' G* h# n) t. R00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
9 x9 n, O. H) D, W00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]6 a/ S1 f: }0 `0 S
00404C78 8BCF mov ecx,edi
7 N' N6 y/ C) {6 A. i00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
1 T& _4 b. }6 p00404C7F 8BCF mov ecx,edi
( x0 g3 ~; {0 v- f# G4 }, s- t00404C81 E8 A73E0200 call qsr.00428B2D; r+ l& G* a& @( v9 `; ~
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
5 R) F ~' B3 u b7 k00404C89 8BCE mov ecx,esi
& c5 E& F' [. P0 q$ d00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX/ C6 B0 B' m3 y2 T
00404C90 8BCE mov ecx,esi! J8 D @) |* d
00404C92 E8 963E0200 call qsr.00428B2D/ x8 ^/ R+ _* G7 G
00404C97 8B06 mov eax,dword ptr ds:[esi]
0 o9 b6 I) k( c/ J00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
! z9 W, q2 j2 V p0 \7 H00404C9D 7D 26 jge short qsr.00404CC5
! W7 z- S+ k1 _/ F- P00404C9F 6A 40 push 40+ P) |: B4 r# z9 }: a9 |0 g
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder". x) k5 t$ ~+ `2 P
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
, n* _+ x2 v1 m1 D3 \00404CAB 8BCD mov ecx,ebp5 q0 H6 U" M: q+ \0 j8 k( }
00404CAD E8 C3840200 call qsr.0042D175
+ c4 C5 X0 w8 j7 r( ]8 w% s5 U00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
" ]* }2 |' Q b9 M7 C00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
% p( b" Y6 X5 J5 d) v00404CBD 5F pop edi
* i) C% V4 C0 p/ w. _ l00404CBE 5E pop esi
0 J: ]( m7 B5 W% ]/ [00404CBF 5D pop ebp
s0 ~' k: Y+ Q00404CC0 5B pop ebx' ]2 X% Z2 x5 M# ~ q
00404CC1 83C4 18 add esp,188 P2 R5 g+ C5 E; K* D% K
00404CC4 C3 retn
; y2 l/ ^- O8 A/ A00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]1 }3 Y0 q: |' W/ X
00404CC8 84C0 test al,al
: a( C# @4 k, Z# N9 e2 w00404CCA 0F85 1C010000 jnz qsr.00404DEC8 {9 M) M. c5 C7 l6 R
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
% i+ x& P' f* ?00404CD4 E8 87E3FFFF call qsr.00403060
P& N1 E$ G3 U00404CD9 51 push ecx
, d6 W# L1 T5 X00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
( o: \/ Y2 z B# B; w3 y+ N00404CE2 8BCC mov ecx,esp+ u* `% n, j! P0 p4 J
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
" R( {6 h; a! W6 ]00404CE8 56 push esi. A2 S/ [" U, L- Q- d/ _" l5 I9 ~
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
5 Z9 Z* {. Z+ _1 T1 R3 U% M% q& X00404CEE 51 push ecx
4 h+ |/ l z, @' f00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1( I4 v- i. E1 k* c
00404CF4 8BCC mov ecx,esp
# S: O3 l- j) i8 A& R! @. ~3 G7 u00404CF6 896424 20 mov dword ptr ss:[esp+20],esp+ @) [6 i3 |# }: ~
00404CFA 57 push edi3 ~0 v0 I, K& m! |! N. B+ N
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
, B8 e M4 M9 K* O" e00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]& p* |" K' g' X6 h
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],06 C5 H1 b% J5 i$ j2 E
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~9 e1 H, u& l( ?
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
0 ~8 w( x8 S9 l& D# Q o$ I5 y% |00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
9 U! S& q6 R( B% L, E8 f# x, b) w00404D12 6A 40 push 40
+ `1 f: d u, \2 {2 N* `' G00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
9 |. C; U) s' b: }* d00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
4 ~0 _ C2 C3 |0 W' U00404D1E 8BCD mov ecx,ebp
: O1 j: Y& f$ i- A" E% ]# B00404D20 E8 50840200 call qsr.0042D175
( Q' X8 y1 \9 Y; i& a00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]: L+ U" Z) b, y
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-12 @; `3 `& c6 l0 C9 x+ {2 v
00404D31 E8 5AE3FFFF call qsr.004030909 c& A* _$ Y1 x% I" F8 P. a
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
, k$ q) X& ^" [$ m1 f00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
5 ~, [( j1 K, U, y$ }( H00404D41 5F pop edi) g) f$ v- @. r5 e( a+ l' @
00404D42 5E pop esi) M, u5 p* D |
00404D43 5D pop ebp
( ~) d$ o" m. F8 y4 O/ Z" [2 V! U00404D44 5B pop ebx
( [3 h! g5 a: x! f6 y00404D45 83C4 18 add esp,18
$ G% i2 q3 ? g8 k00404D48 C3 retn. F- r4 N w+ K( Q
*********************************************************************************************************************************************************
7 w- b% b9 i) m" @& E, e. ^跟进00404D09处CALL来到:8 w! A9 T* k$ x+ h8 U/ B
004030A0 6A FF push -1 //一路F8下去~~~~0 B. F# q; g s" m; H+ a
004030A2 68 C88F4400 push qsr.00448FC8+ J* J1 H( O' z* ?. ~- w I. B2 ?
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0] ]' ^0 w6 B8 \# i# O! a
004030AD 50 push eax
& a W- H9 o" n6 p" I& A$ y! ]; L0 j004030AE 64:8925 0000000>mov dword ptr fs:[0],esp% u9 n8 y" E$ V5 J" ~5 n
004030B5 83EC 24 sub esp,24% x, P5 ?# L7 i
004030B8 53 push ebx" @# D$ g' X9 |
004030B9 55 push ebp
8 j0 O) P5 T# S1 _004030BA 56 push esi# ~5 V& r! W" e0 P. {
004030BB 57 push edi
3 u3 L5 P) K* B/ e& a% G( ^( |2 S004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"! e8 K6 Z9 N( n$ a$ S2 }
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
) q& B% M- m& y. l/ J7 D: b004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1 y! s- }8 M2 ]/ |9 V! v0 i
004030CD E8 27C40200 call qsr.0042F4F9$ U h% Y( A! g
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
* |6 A& G! p9 J0 v8 |2 @9 m- [" h004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
& o1 ?6 O# x$ ^3 q2 Y' E004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]4 ^* _: f. B& p; h# f; c8 Z$ t3 ?
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3% ^5 M5 q4 n& R# }+ O* U. f
004030E4 E8 905A0200 call qsr.00428B794 p: `7 n- W$ D" T
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
# h ^% M/ o# y2 d1 i' E004030ED E8 3B5A0200 call qsr.00428B2D
9 y# r& ~* z2 d6 |3 H004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]5 o5 A7 N/ b; c; S& t5 V
004030F6 E8 7E5A0200 call qsr.00428B792 X8 F Z8 O1 M
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]- z* `" p9 H* {1 @" k& A! Z
004030FF E8 295A0200 call qsr.00428B2D
: j: K( [% Q0 R5 ?+ _6 A00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
4 u: K% m; `, }4 X+ k00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
7 f1 i( k0 j2 J( K/ p7 W" @6 _0040310B 83F8 02 cmp eax,2
4 i2 n# g/ m0 Q" |! T0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
8 p! k% \( J/ w' b: y' B00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
; ]3 a: P3 t+ I- @3 e& o00403118 837A F8 18 cmp dword ptr ds:[edx-8],18, @. x z2 ? }* Y
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳- Q- ]( V5 q9 _- W: z0 k; G
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]9 ^& F2 r# {. m
00403126 6A 01 push 19 U1 L3 r* p% ^/ |3 {" z
00403128 50 push eax
9 q3 B' w9 V# V8 [00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& N* U; e4 R' i6 n0040312D E8 C4550200 call qsr.004286F6' t* A* w) G6 P; ^9 q& |
00403132 8B00 mov eax,dword ptr ds:[eax]4 N4 }! I* B0 P1 ^
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
0 ?: G% S; z& d& I- r00403138 50 push eax" `* P% |8 k/ w3 H
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4; \8 W r2 Z/ ?5 i
0040313E E8 4D560200 call qsr.00428790) b0 M' v6 o$ O6 c. }" @+ r5 {( B
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]+ L% O+ r2 S' J4 w9 S
00403147 8BF0 mov esi,eax
' ]3 c1 Z7 U+ s8 p1 E h00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3/ c6 w2 _4 ]6 H
0040314E E8 38C30200 call qsr.0042F48B
9 F/ X' L9 S% e0 F$ W9 n: k; D- p+ Z) D0 }00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
k! z* y/ _3 E& }: ]7 r" {00403156 B9 3E000000 mov ecx,3E6 Q. H7 y2 t* n w4 U4 j! F' _
0040315B 99 cdq
% ~0 H% e _) Q+ [: L9 K0040315C F7F9 idiv ecx
" B( {* u6 O8 [8 D4 g* ?/ C0040315E 6A 01 push 1
( g: l% h2 S% m" |/ _- C8 b00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
N1 ^: p3 w, K( w5 L7 P* t00403164 8BF2 mov esi,edx3 C t/ s! o) b+ Q5 b0 P, v8 C
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
' C4 {1 r- I8 _( ]0040316A 52 push edx
4 X" c# b; B( T f0040316B E8 0A550200 call qsr.0042867A
' m' ~8 r& _- E X9 v00403170 8B00 mov eax,dword ptr ds:[eax]$ o1 R$ G- b- m3 `
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]- j% H% _/ p* _6 e+ Q
00403176 50 push eax+ E) Z+ I# v' E$ V6 M2 `
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
( d0 f; j( T( q$ C. S4 ^* ?0040317C E8 0F560200 call qsr.00428790
9 V: i4 u% U2 R9 o00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 O& h/ ]+ [1 W9 J1 C
00403185 8BF8 mov edi,eax) t z* T/ N* B
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],30 r1 g: B/ l: A8 F! f! N
0040318C E8 FAC20200 call qsr.0042F48B
1 p, q/ k0 C& g1 V/ t5 O6 N00403191 8D47 0A lea eax,dword ptr ds:[edi+A]' n: \7 s8 |# q: f9 F* S2 b
00403194 B9 3E000000 mov ecx,3E, }. |9 R) t# y: b
00403199 99 cdq; `* y# T4 {- u3 z/ X" ~
0040319A F7F9 idiv ecx( ]: T1 B, K: I+ o) ^4 X' d2 K
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
3 ?, |4 J( ]# H3 i) | Y004031A1 894424 28 mov dword ptr ss:[esp+28],eax
# V: E+ _( f- w6 `+ ]( _004031A5 8BCA mov ecx,edx3 }7 P" I" a2 Q8 e# V, h/ V
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
2 I1 x& ?( Q' I. ]/ c004031AB 894424 1C mov dword ptr ss:[esp+1C],eax5 s V- ~7 ?1 d$ G
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
! O- v" W! r3 j- Z004031B3 894424 14 mov dword ptr ss:[esp+14],eax- Q6 R7 n: ~% G1 h
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
7 d' Q$ `, H7 w* i' u004031BB 8BC1 mov eax,ecx
6 X$ e9 m. ]9 U% W; X004031BD BF 0A000000 mov edi,0A
: t) G# P) r+ B6 m' [004031C2 99 cdq
- K0 @% @: p% s1 K7 c# y) I4 G8 I004031C3 F7FF idiv edi
; [$ G/ H1 M& j' e004031C5 8BC1 mov eax,ecx5 G( V v+ j4 @0 s! ^$ h
004031C7 B3 0B mov bl,0B8 K) c- V/ M6 N+ J b
004031C9 0FAFC1 imul eax,ecx
5 G% v x8 c' u: C- k3 d004031CC 8BCF mov ecx,edi
$ ]) J: e* F4 G: g004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
1 ]) h2 Q. D o8 I3 ^1 L: t# S004031D2 52 push edx
% z4 f2 s( H! I" j004031D3 99 cdq
% S* y' R2 }$ r( N( \3 n004031D4 F7F9 idiv ecx. V5 T! d5 ~# F9 Z3 Y: n
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
6 x8 p4 M, Z4 `. _004031DD 2BC6 sub eax,esi2 ~1 s7 u% m* C6 Q2 ^8 X
004031DF 52 push edx
- f& i, _4 l+ z4 T( S9 ^, D9 e004031E0 99 cdq4 _. T0 \8 @' N) T
004031E1 F7F9 idiv ecx
+ }7 e/ F7 E* m1 l004031E3 8BC6 mov eax,esi& T) H: |7 \) V u y
004031E5 52 push edx- G/ t% ^) }) _8 O2 u5 Z: `+ I
004031E6 99 cdq
/ M' u2 Z6 L; G* k/ j0 ~004031E7 F7F9 idiv ecx0 ~8 p. j$ _6 F
004031E9 52 push edx
8 }: u/ w4 S; _, _1 r& M6 ]004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]! d F8 B' b2 J
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"- e" a, P/ p! _
004031F3 52 push edx- ?6 t" h; r7 H2 G1 J
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893& d/ K) y$ x V( K3 |4 O3 q
004031F9 83C4 18 add esp,18
9 I9 P( |" C' s( H: w" ^004031FC 6A 04 push 4/ U7 F ?% f7 l, `( ^2 B6 X
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
* u: z5 c) R7 N- z00403202 6A 00 push 0
+ m; Q) I+ R- b* h9 |+ f00403204 50 push eax v+ o* Z9 K% l. n- L% M' O
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]' b/ i/ ]/ o1 F
00403209 E8 D6530200 call qsr.004285E4
7 I: i5 Q# a& \0040320E 50 push eax. j/ `( h7 T, O
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
/ k: B. M. e6 t+ e! n5 x3 Y4 W00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
; `3 U2 Z3 D8 ?( w: H$ }5 P00403218 E8 A7C30200 call qsr.0042F5C4
- ]( g l7 g2 y8 W+ n/ D- U0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( B' \* I0 Y0 @2 b/ Z- p00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
1 U* r* C4 r4 w* b; g5 `00403225 E8 61C20200 call qsr.0042F48B
1 E. V! K6 k9 U8 f; h6 E0040322A 6A 04 push 4
. p, \ V: ? _" T! m0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
K5 ~ o+ I& a# g00403230 6A 05 push 5
: s. j3 @/ a$ Y/ N# u00403232 51 push ecx
! X/ F) D% {/ [' X00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]' _) [, X4 T1 n9 i
00403237 E8 A8530200 call qsr.004285E4% X& z5 T+ r! g0 A2 J
0040323C 50 push eax
0 ^; f! N" j# W4 A2 H0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
* ]8 ?% G: g, b9 Q8 g, K. j00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D! b# p( b* g9 |/ b; e6 K H* B
00403246 E8 79C30200 call qsr.0042F5C4* f5 [, N% v- {9 Z/ B" m
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ y; b7 m" j' \" [ i$ v0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
9 t, ]2 O, W% ^# p" b00403253 E8 33C20200 call qsr.0042F48B1 `6 f, }( j. ?4 _, x1 q! [- O
00403258 6A 04 push 4- A9 o: }+ ~9 R4 l9 l& U
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
9 t) h3 q5 z! H4 t- y4 \0040325E 57 push edi
! Q/ c, w& F- n2 o0040325F 52 push edx- \& ~0 x$ c s0 z d1 q
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
, o1 d: N9 k1 S7 U1 W" v! v- o00403264 E8 7B530200 call qsr.004285E4
% U+ A! O9 b( p' N" A' @! L' ]( j00403269 50 push eax
. {2 q4 A, ]& B0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" [; [7 ^. {" L3 F# R0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
4 O4 {9 q) h) `9 f& i) W* w% Q00403273 E8 4CC30200 call qsr.0042F5C4: F% O3 q' d; \
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
- I1 ~4 O. X, T0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
' m4 _9 T5 }5 N! p% \6 M00403280 E8 06C20200 call qsr.0042F48B: o$ Q7 @% P0 X! v. \4 t
00403285 6A 04 push 4
9 s. K3 ?; \% ~& H) ~* v+ K7 r00403287 8D4424 34 lea eax,dword ptr ss:[esp+34] Q4 V- W' M% a
0040328B 6A 0F push 0F
, k- ^1 O) W/ A5 e) C; a0040328D 50 push eax; d1 m% }( D/ s
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 k, d4 X. c9 M0 V00403292 E8 4D530200 call qsr.004285E4
* ~) ^ R: v% E4 Y& t00403297 50 push eax
0 R4 m$ [3 z$ Q2 @2 o( s00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
4 y1 D% q4 F5 `, h, M' y0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F: C+ G; e2 [0 x" Y; x0 i9 A
004032A1 E8 1EC30200 call qsr.0042F5C4, g4 E/ P$ [4 ~6 E# S
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# t' s$ r4 I, P$ g9 T _4 ?- b8 E) I) @. g004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
. T+ i/ d& I x004032AE E8 D8C10200 call qsr.0042F48B
# i. G; ^, M% N+ ]5 W% G+ H! v$ U a004032B3 6A 04 push 4" E& j& k6 i. v2 U9 @: ^
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]$ T( H' m6 V1 l% ?
004032B9 6A 14 push 142 B4 s+ x8 Y" g* p7 n
004032BB 51 push ecx* Q1 u, K% e! g
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50], Y6 c- o' o* M& c6 x
004032C0 E8 1F530200 call qsr.004285E4* z% l* d$ j4 t+ N
004032C5 50 push eax
/ D, _. w$ o" o5 ~004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. {- c7 P; {# y" n' n004032CA C64424 40 10 mov byte ptr ss:[esp+40],10. C3 w- l5 n5 [" s3 n
004032CF E8 F0C20200 call qsr.0042F5C44 _7 ]- T" C$ _$ d; G4 L! N3 A
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
' n/ n) U. A( J3 v004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl! S, b O7 N4 e. Q
004032DC E8 AAC10200 call qsr.0042F48B" f5 Z& I+ b3 `+ C& M5 d; }! {
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI1 W4 ? q6 d/ L, w/ j$ ?: ]5 o# f
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX/ ` g* K: S2 W K. y+ D$ A1 M* g
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
; O o% c- G9 R! K! A% f+ G004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
! ?; Q) f5 V8 y* L: n3 I004032ED 8ACA mov cl,dl ; DL送CL. K1 \! Y. r$ M2 G' H4 S
004032EF 3AD3 cmp dl,bl ; DL和BL比较' y- s4 `: j4 J& O3 y
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
* y6 i: |& Z' A) C9 E/ b004032F3 84C9 test cl,cl
: j: \' K- _3 E" a, j$ c* ^3 k004032F5 74 16 je short qsr.0040330D
$ B7 F# ^: v: n! y0 t# T& h5 X8 P004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL; X5 M' s; }7 k" c* O0 B
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL$ Q+ n( k( ^( x5 [
004032FD 8ACA mov cl,dl
3 K9 s% z2 k% o" e$ Y) O004032FF 3AD3 cmp dl,bl ; DL和BL比较
& j( @' V% |) Q00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
; K$ j7 G8 W/ z3 {! k1 I! @00403303 83C0 02 add eax,2 ; EAX加20 o0 C6 ~! `& i. l. \! H
00403306 83C6 02 add esi,2 ; ESI加2/ A* d9 e1 h3 s7 G f6 r
00403309 84C9 test cl,cl9 w. \9 w3 k Q! P/ R B- f
0040330B ^ 75 DC jnz short qsr.004032E9
- `$ b- I0 W1 G6 w) s s3 v0040330D 33C0 xor eax,eax7 e7 S; W: t% u8 E, R+ ]
0040330F EB 05 jmp short qsr.004033160 b( H; S( X* F! N
00403311 1BC0 sbb eax,eax8 K; ^, _% C8 X% @
00403313 83D8 FF sbb eax,-13 L7 v& M! j/ e9 x
00403316 85C0 test eax,eax' ^6 k8 F& o6 d! G, P5 L q
00403318 74 0E je short qsr.00403328( I/ x- R2 D* W& M j
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
- ?, t7 N7 O4 V4 v! J- |0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
' V& V% ?7 J" s' D- O( r7 [4 \# a00403323 E9 F0000000 jmp qsr.00403418! {# B" C5 ^( u$ r5 _
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX. C" k, |, u! x% `
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. B" P9 J- S+ B& Q U( Q/ Y00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
% z i! o- U8 `7 ]00403333 50 push eax
: R/ I( V- `- I" U6 |# ~! s3 j7 @+ r00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
: `% \' e7 d5 w- g, F00403339 50 push eax
: R5 o# b% G9 ~. C, o/ \' M1 T. ~0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX) n. w7 ~7 k2 i4 f
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
: f: O; Y9 x' ~7 l: c* V" ~00403343 83C4 04 add esp,4. U% k7 W8 n' x' N1 R6 ]' M
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
3 E$ A3 ~ L3 t00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]6 C" A3 X2 P2 r! w' B l
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
/ a4 M5 M N' ?# w& _0040334F 50 push eax
' }( M: [( @; S( v3 c& s( [00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
: v- R7 U) a; b0 p! V00403355 50 push eax" D( n) c0 w! a3 Q7 N1 t
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX# s. V/ U2 P, g9 _: N
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX; U& f5 a/ d+ V1 V+ b' y
0040335F 83C4 04 add esp,4& T" O F8 _! A
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI1 F0 Y) y# d% f2 h, {$ I
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
3 V; C" q$ [, @( h00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]4 P2 b. N$ ?: L" y
0040336B 50 push eax6 e* Z4 S9 ]+ s
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
! B% f# ~* U; L# F' k00403371 50 push eax0 ^- M, u* H9 T4 E; W d% _
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX2 G, Q: l5 j; C
00403377 8BD8 mov ebx,eax ; EAX送EBX
& b0 J/ _' Q4 e" \- x7 G s: J00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX; H1 G* t N7 o! e
0040337D 83C4 04 add esp,4; X; x3 G: l$ U: r9 p1 S9 _
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
5 O) W0 n! U( q4 U: d00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
. S& S2 f( c+ D00403387 50 push eax* K# ^2 j$ f( x6 f) N7 ]4 X. c# r
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
4 B7 x# Y; @1 E5 R! `0040338D 50 push eax
5 d" I1 m9 y2 V6 z# a0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
0 c" z* W4 d0 t3 k; Z; P* V5 z00403393 83C4 04 add esp,4
" a# p7 a& v+ t) a( G0 t00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
+ L, b( }# \5 f* O9 M# I; j0040339A 8BE8 mov ebp,eax ; EAX送EBP
$ v( E$ J: @' o Y/ m0 V u3 j0040339C 6A FF push -1
4 L+ k# c0 m, r" l* W8 j0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
: Z: P0 K. [# d( F" b7 ^004033A3 6A FF push -1/ d y h7 Y1 y" d( I T
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
) l( J5 _7 Z0 x# [# E9 a+ l004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX, i( x7 P8 e' Z; k
004033AE 6A FF push -18 Y& u- q, N# @7 R$ r8 v
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
q! r2 x0 N( Y; D004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX. X- `( D6 t) @, T. F
004033B9 6A FF push -1* ` r% p6 E9 Z
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
, L2 V4 g8 l3 g! {+ o004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX+ G9 O2 L K. u7 N0 R2 \. W9 t% e
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
' E G+ L3 s; u/ a6 D+ M004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
1 z3 v8 W3 [7 D: k+ V' ~004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX# ~* T* h- `+ ?, o( ]) l
004033D7 D1E0 shl eax,1 ; EAX左移1位
4 J3 O4 H+ y6 M, W: t004033D9 99 cdq ; EAX扩展
. s7 F( k; B3 V1 j: M/ g; O: w004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中4 [# _; o$ M' ^4 m6 D0 t5 ]4 G, a2 T
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较9 L5 W: r3 y. r0 b! D
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
; G- U: U) F0 H1 e004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A3 Z2 b: L: Q4 b" D7 t E7 s# h
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 t+ |8 Y* P: v3 f+ X$ {004033E9 EB 2D jmp short qsr.004034180 S. K; F- c) ]# V% ~& |5 p8 K
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
, k" |/ y. h: Y1 _9 k) O004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
/ y: n" O' e9 ~; p004033F7 99 cdq ; EBX扩展; }, a: p" s: k* q( I% u. I, C
004033F8 33C2 xor eax,edx ; EAX和EDX取异或1 J5 l) S" ^9 h+ l5 J- b
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: l4 f6 j+ u6 ?2 X5 F/ E
004033FF 2BC2 sub eax,edx ; EAX减去EDX
$ ]2 Z0 e7 U! }00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C], V4 Y i& }" f. d
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX2 v+ \! K3 I) {4 }
00403409 99 cdq! Y8 `) a2 {# c/ m7 C
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中( O. c4 U7 H, @# X
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
/ S: a( A) E4 g00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较7 @3 N0 {9 b( F
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
Y3 P; F# x. k4 y# J; @( l2 W- q00403418 E8 6EC00200 call qsr.0042F48B ; . e# W. \1 ]; ^: d6 b
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
8 J* `* I: A! i4 m" w; T; a1 \00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
x6 H. A' z8 v2 O }00403426 E8 60C00200 call qsr.0042F48B' V8 w; E! C5 A0 `# i
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
- K" d% ]; I. q6 j: H4 D0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
1 D& q% Q3 T4 f# S3 p8 w00403434 E8 52C00200 call qsr.0042F48B
% m% g( i, ~0 b! ?: y: M00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" { H8 L5 [7 \5 i3 P! W0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
3 Q/ J+ X' R+ I00403442 E8 44C00200 call qsr.0042F48B
9 o3 y! H+ U, B! i00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]+ E+ r/ Q7 Y( \5 t+ s8 O3 `) p
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6* q q" ^# Z5 U! n# C
00403450 E8 36C00200 call qsr.0042F48B1 N! t9 c2 N8 }4 E
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
0 A* c6 R3 O! W X" A, J00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3' h" `; v3 {- g2 n, D1 F/ B) h! k
0040345E E8 28C00200 call qsr.0042F48B
& m/ _6 U0 M: o& t r$ E% X3 E00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]# y8 ^' T( f8 G' ?0 _
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2$ w5 D6 S/ `7 B3 j* c( |
0040346C E8 1AC00200 call qsr.0042F48B: A- a5 W+ Y8 P3 `9 H" D
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
0 Q. ]) z5 A8 B3 n2 ~+ q00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
; n3 i0 n4 b! z- o. C0040347A E8 0CC00200 call qsr.0042F48B0 V) x, l+ m; G) ^' G z
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]9 Z, r; S# G. y7 i% E: q( d
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],08 I' l" A" M$ A
00403488 E8 FEBF0200 call qsr.0042F48B
$ D, ~* D. x B6 F. A v* M& V0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
* R/ ^2 J& U4 D0 }+ S9 ~00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1# ]0 `' C0 S8 T9 d/ H- \
00403499 E8 EDBF0200 call qsr.0042F48B
' L! Z% a9 ?# m3 ?* u# Y. d0040349E 32C0 xor al,al ; AL清03 U0 F ?; P [- U2 F* i1 s% ~
004034A0 E9 88000000 jmp qsr.0040352D/ ~; E& Z6 w" K7 e) q
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~" x$ F* v1 S$ C4 s$ P3 b
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
/ B9 M, O4 R$ Y! d( a6 }004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9+ `; F- J+ A% Y
004034B3 E8 D3BF0200 call qsr.0042F48B0 V% J7 I' M; y; D# m; ]
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
. U! P! d- Q& e004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
+ w0 k1 ?" j: @004034C1 E8 C5BF0200 call qsr.0042F48B% Y9 [$ z# N2 {1 V; k
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
1 J1 e: c1 q/ d7 g, y. ?1 g004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
5 v( t9 V0 k3 ?0 N4 {, T9 F004034CF E8 B7BF0200 call qsr.0042F48B5 g0 I" k5 H+ o- S% C
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]2 @ Y6 @* y( g- x
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
' k& U3 D( J+ q: `. J, V8 ^004034DD E8 A9BF0200 call qsr.0042F48B, f$ R0 W/ j: N# D
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
$ U2 z8 U) ^; R' h! t: X004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],33 O9 x2 `7 N" n. |# S
004034EB E8 9BBF0200 call qsr.0042F48B
$ x0 d5 E' F8 k& ^$ O1 A4 }004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
- X% o9 ]8 v/ U+ v7 {# G004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2/ K1 _& I: z0 F' H- @
004034F9 E8 8DBF0200 call qsr.0042F48B
# }1 H2 f% X9 M0 E$ q& ^, i004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 p+ S" Z9 @8 E4 s) E1 p
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
L0 _) v. _# D5 C00403507 E8 7FBF0200 call qsr.0042F48B" n+ R9 v7 O9 q* i' {
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
3 F- h+ `9 C2 b+ t! [# ^00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
_6 ^. K" D' G+ z4 A E00403515 E8 71BF0200 call qsr.0042F48B
2 H* n5 s: F, H- i- s0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
+ y& M* }, S) j0 m2 d6 q0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
- x& I# ?4 L0 ]; r# e; n) }! Q00403526 E8 60BF0200 call qsr.0042F48B5 b2 e9 y) a. u5 s) I. ~$ m
0040352B B0 01 mov al,18 P) _+ @3 C9 \( s; P
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
' c& e& R; H7 [$ t# _00403531 5F pop edi0 h, u3 w6 m4 k- _" g
00403532 5E pop esi) m6 O! _% y' u# h# ?( n
00403533 5D pop ebp
; G0 e# ~- h$ N% H00403534 5B pop ebx
) j$ D# M# {3 p: d00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
3 r) X6 d/ K3 ^; J0040353C 83C4 30 add esp,308 z1 @/ ?0 g/ y, G7 M
0040353F C2 0800 retn 8
2 t) `- Y' o% Z--------------------------------------------------------------------------------
% f ~" @/ w$ f, y【破解总结】
; n% E4 c @/ b/ B7 ^ |- r 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^ _4 h9 N9 B/ F* n" J' {- D
用户名:yijun, i: M; ~1 [2 U0 `- K u) X! `
注册码:4893*7777*3726*7777*0529
& {5 p% b, E0 n* e7 ?4 F6 [' a--------------------------------------------------------------------------------
/ | a. ?. r0 G1 Z【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡