|
|
|
【原创】破解Quick Screen Recorder. r* u' f* |8 C# k6 t! d- Q5 ?. P/ l
【破解作者】 yijun( ~$ t B: {+ ~
【作者邮箱】 [email protected]
& [( |5 X/ {* X: }9 Y【使用工具】 OD,PEID
' `$ k% A7 {" x0 [【破解平台】 WinXP0 w5 |2 A' p9 N# y5 h
【软件名称】 Quick Screen Recorder' m# y$ \) S3 M# H; a1 {; {
【下载地址】 天空 O9 G& k0 l. w9 o/ O
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 2 ]6 T) S9 U. L2 J# u! ^' a) G
【软件大小】 540K
7 c3 N3 j- {- L1 X' U【加壳方式】 无
/ [. \$ }! r8 j$ }/ Q& Z【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)* r5 p3 U5 V% C7 s) d
--------------------------------------------------------------------------------" b; ~. d& t3 L+ e
【破解内容】; u; A$ a# s% W% l) x2 M
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
! A# q( V2 B! K: W2 y* y00404C69 55 push ebp //在此下断
6 P0 h8 K: N4 e0 T& C. G3 P00404C6A 56 push esi( g, h6 J0 y8 | Y5 Z6 d R1 y( z2 L4 J
00404C6B 57 push edi, T6 V- m. n. |% V$ E/ O# w* J# b
00404C6C 8BE9 mov ebp,ecx
' b! l) y2 o6 _6 L; n, x00404C6E 6A 01 push 1
! n( V }% x: N/ I A00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名3 }" ?9 o- M: } n& G& z
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]; q! u" l9 F; f1 v# t
00404C78 8BCF mov ecx,edi
1 v8 Z. F: E2 X# C2 M00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码% T3 v3 K& O6 [. r
00404C7F 8BCF mov ecx,edi
5 X1 ] L6 V; m! }' _1 t! E00404C81 E8 A73E0200 call qsr.00428B2D4 w& [$ \7 y! ]
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
- Q" ~" d9 I8 G8 v00404C89 8BCE mov ecx,esi
$ v E2 n& o- ^1 A9 L+ s00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX& v0 b: {. N1 T4 T! r: x
00404C90 8BCE mov ecx,esi
; s0 w% ~! V; c) ~00404C92 E8 963E0200 call qsr.00428B2D
4 X% Y4 I4 b% r4 P! |) q: Z4 j00404C97 8B06 mov eax,dword ptr ds:[esi]) K; @1 e2 @% b1 f7 ~
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],29 }7 k! T [% F, Q3 B' I
00404C9D 7D 26 jge short qsr.00404CC5
# ^, u" f8 t" m7 A" A00404C9F 6A 40 push 40) O; v4 Y4 K! g( q
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder" |4 m5 F( t( V; G+ q/ ?
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
; t; a O1 l. s( P5 p1 J00404CAB 8BCD mov ecx,ebp5 c( Y& V5 J/ v* j
00404CAD E8 C3840200 call qsr.0042D1757 \7 w+ b' S$ a! z% s0 |$ e
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]7 I9 H# q1 ]6 v# @* L
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
9 ]9 g! [8 B: s00404CBD 5F pop edi
0 S* f/ n& L/ S) Z/ e- |0 V00404CBE 5E pop esi
7 x. r" A& f! n& z00404CBF 5D pop ebp: I: A7 e3 K0 b8 A/ n% M: B
00404CC0 5B pop ebx" M- l! V( K! e* H, X
00404CC1 83C4 18 add esp,18
) D4 r8 Y/ a4 L6 ]00404CC4 C3 retn$ |4 m% N; d6 T% ~
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]2 X1 f& \; ?+ W5 c! B5 a
00404CC8 84C0 test al,al( ^0 X& p7 b0 H- d! z
00404CCA 0F85 1C010000 jnz qsr.00404DEC, h8 \* J$ Q b- l2 m
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 p% k& r& t1 ^; b
00404CD4 E8 87E3FFFF call qsr.00403060" S U' }+ o9 Q" n) B
00404CD9 51 push ecx3 |% }7 j, u( b9 a, D! T& e
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
2 j$ C. `& o6 f; R2 h00404CE2 8BCC mov ecx,esp. {7 E' y r) O$ w+ F# ]# X1 J0 D* t
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
; e2 L& g E) |" F8 H9 X1 Q5 L5 \00404CE8 56 push esi
# z# ]- A' K) W4 T# g! D6 q2 A00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
: d `8 D6 |; P/ K/ [1 w00404CEE 51 push ecx6 T9 v$ ~* z: _# S6 ~
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],10 t+ U" c* q& |% t, E* h" u" x( b
00404CF4 8BCC mov ecx,esp, y5 E0 t1 r+ C0 F- U
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
5 b8 Y7 S. w$ O e9 g% p00404CFA 57 push edi1 |4 [+ Y8 B2 I/ G( p9 `; Y+ [
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0% u$ E; b+ w8 j2 b F2 v
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 |9 X' K% T/ l. R
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0! L& H+ s/ o; C% C- h
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~- P# c! V' `! [0 Z9 H2 V0 [
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~! ?- |9 T, \. M4 ]% P# g/ [
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~0 }* N* j: |# [7 S' b8 M5 o
00404D12 6A 40 push 404 z" W7 W2 o2 B/ W" {, H2 T L
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
* z4 J) ?% L( F$ p/ N9 \% |% `00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
5 K5 V# l+ v. r2 E# W00404D1E 8BCD mov ecx,ebp8 B+ |- j* r( E# H4 m8 }7 |) a1 g
00404D20 E8 50840200 call qsr.0042D1755 d* n; P. O5 ^5 I" e! v
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
+ x; f5 a+ H2 W. W A5 j00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-12 Q9 Y) o: ?* r# Q# ~
00404D31 E8 5AE3FFFF call qsr.00403090 z: B) Y Z$ ]% G, c; E
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
) ^9 @: Y% K& @. O, l00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
$ h% N5 E) O$ g' V00404D41 5F pop edi
. @: \( o4 v6 p* w% T, i' T00404D42 5E pop esi# Y+ n3 p& {* A$ A
00404D43 5D pop ebp
6 V% Q; W# _* T8 W' [6 F+ |+ O00404D44 5B pop ebx( N0 n+ t+ R6 b; A; h5 h4 I. ^
00404D45 83C4 18 add esp,18
5 Z+ m- s7 m, ?; H1 `0 j, @00404D48 C3 retn) |& m: n; T- w, M
*********************************************************************************************************************************************************) {! T5 }, v3 [8 C w1 [7 ?. K
跟进00404D09处CALL来到:
# f/ U" }0 `4 l+ |* z004030A0 6A FF push -1 //一路F8下去~~~~# H0 [4 S8 m* R3 X0 N
004030A2 68 C88F4400 push qsr.00448FC8
; E+ r4 t* R a4 Q( l. e4 O/ S; G004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
& O" m2 `0 H6 U1 }004030AD 50 push eax! F$ B8 }% n0 z4 o! Y+ f
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp, p, v2 M! b# _' C% @
004030B5 83EC 24 sub esp,24
% ]0 ~! K9 v$ N `6 P6 L5 m4 t004030B8 53 push ebx
0 u) S! n* a- h+ ?6 T ]0 _004030B9 55 push ebp
, }/ x6 {+ d. K3 u& W1 r$ L004030BA 56 push esi; `, Z7 s' V( \" w( M% U9 V
004030BB 57 push edi7 t/ r8 J/ V5 n/ g7 z& W1 a* r
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
( Q& O/ J' i- v2 l% S004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]& f! X5 P3 K1 L# S$ ?' H4 H
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1: m; Z6 O" V9 b8 p
004030CD E8 27C40200 call qsr.0042F4F9* v$ \/ W9 ]( A$ {) K7 q
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
+ B. x" C( ]6 s# `6 _004030D7 894424 2C mov dword ptr ss:[esp+2C],eax% g' z4 B) Y" x4 Q8 l- z$ z& _
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
) a; }9 s( _4 S# O- T: P004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
4 g6 A' l% k( u( a$ `9 r3 r' m6 j004030E4 E8 905A0200 call qsr.00428B79
# Q) x5 o; Y+ M004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
4 u/ k m' H0 \# c004030ED E8 3B5A0200 call qsr.00428B2D) W0 [' \! S* o/ L
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]0 |5 Y* S; T( V- E5 X7 L8 x! J
004030F6 E8 7E5A0200 call qsr.00428B79
' ^* q- u1 J: b5 q: y004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ x0 l2 {$ T7 m004030FF E8 295A0200 call qsr.00428B2D
5 Y6 c K. _0 G3 j" u% V00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]$ f& G! k+ S3 X) }3 |3 p7 e
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
; Z) ]( @/ \* p0040310B 83F8 02 cmp eax,20 W8 _, B6 x" J8 R0 c. a Y
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳8 J6 E5 e- J) P0 I: k
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]/ p0 v4 s! @! J1 I
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
! t; y" E8 \( ?5 S1 ]6 X6 `( A, I' A1 v0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
) T3 O% V& h, h* {3 m" s00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
R$ y* v( B0 v l: R' e, w00403126 6A 01 push 16 F/ E; I3 K3 Q" K
00403128 50 push eax- i% x& q4 u- ~/ V/ o0 A3 v7 b: u8 n
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 \ r, o) b3 w# h! u+ j8 l5 W
0040312D E8 C4550200 call qsr.004286F6
1 ^! S+ Q* K% y% Y8 Q3 c0 Y+ M. `00403132 8B00 mov eax,dword ptr ds:[eax]
! ~% y! S# R, z5 k' d6 _- R00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
# q% i- @, p7 q% o9 a9 {( z" G" b00403138 50 push eax
! K0 J1 e6 P5 Z' H. y00403139 C64424 40 04 mov byte ptr ss:[esp+40],4( |% f' z" V0 l; j" b. n
0040313E E8 4D560200 call qsr.00428790
0 V* M2 o3 I3 @' a2 |; V# i0 `00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 f2 b# U; V$ O/ H3 O: d, J: e00403147 8BF0 mov esi,eax' C4 v. W$ ]* q
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
5 W* f+ U0 r% C0 }0040314E E8 38C30200 call qsr.0042F48B
9 k T* i2 I! e00403153 8D46 0A lea eax,dword ptr ds:[esi+A]: r4 F8 x+ O( Z5 V0 x0 s
00403156 B9 3E000000 mov ecx,3E
+ y7 S+ `9 N/ O" F% T: G0040315B 99 cdq1 m, }$ H6 F% c) ?# o$ E
0040315C F7F9 idiv ecx
( t, u: c+ J" k* g0 V0040315E 6A 01 push 1
2 q1 F7 Z, a1 d3 H00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]4 ^% Q* d$ ^. s$ o. |1 e4 x l
00403164 8BF2 mov esi,edx
9 H- E W6 B2 g7 g00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
& T3 R5 y* b6 M* W; }5 L8 z6 r0040316A 52 push edx- K" R6 ]. s1 Y- Z5 O% b: K4 j
0040316B E8 0A550200 call qsr.0042867A% S* h+ R1 B& q# \3 H: m
00403170 8B00 mov eax,dword ptr ds:[eax]
$ u& U: {5 h4 O00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]: U, v" h* Y R8 @* m
00403176 50 push eax
5 ~' M( q9 d" V. h, t) Q h00403177 C64424 40 05 mov byte ptr ss:[esp+40],5# f t: J8 u$ w; [" Y
0040317C E8 0F560200 call qsr.00428790
' A# h' m# Q2 Y7 [% I7 o1 _7 c00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' l H- w+ U1 v' k G4 V+ s9 Y
00403185 8BF8 mov edi,eax9 I2 [/ L# J% Y K
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
: k; K" E6 b& C6 o+ R1 `" a- Q4 ^0040318C E8 FAC20200 call qsr.0042F48B
* i( G! E' H6 B7 K00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
& `5 N! c, t+ m8 H4 q. p* C( G00403194 B9 3E000000 mov ecx,3E7 _' ~/ W8 O7 P& y, P" t
00403199 99 cdq
+ m3 O# @* K/ }. L6 A( X0040319A F7F9 idiv ecx9 f: o4 g. C3 m/ v
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]) n% ? g# f+ o* G* ^# `- p8 ^
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
. i8 P, Z7 \) z" B" F1 v004031A5 8BCA mov ecx,edx- p/ C8 @( O1 @4 O0 a7 h
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
5 a8 m: P7 g8 y2 y" m004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
) N8 ? j0 Z: l$ w8 x7 G6 c004031AF 894424 18 mov dword ptr ss:[esp+18],eax
' M% _7 H( h8 {004031B3 894424 14 mov dword ptr ss:[esp+14],eax
+ s! M+ K7 V1 v C004031B7 894424 10 mov dword ptr ss:[esp+10],eax0 ^9 E4 Q( i4 [% M; a. ?, k
004031BB 8BC1 mov eax,ecx' J- S2 u7 k/ R2 Y5 p: Z
004031BD BF 0A000000 mov edi,0A9 M; ^9 a! k7 _5 Y+ n! u. M" N
004031C2 99 cdq- C3 X1 `, W$ I+ ]
004031C3 F7FF idiv edi% y3 |, |. u! o. a! p0 v0 q" C" l
004031C5 8BC1 mov eax,ecx
! h0 q' O y) ~- }+ M004031C7 B3 0B mov bl,0B
+ ]* O1 c' P8 Y004031C9 0FAFC1 imul eax,ecx* Y* B% k' W/ N2 J
004031CC 8BCF mov ecx,edi
4 ^# u2 C5 P. n" Z8 w Z! K004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl/ J0 h Z! I0 y. h0 }4 }( _. F
004031D2 52 push edx
9 |% Q; J# r1 w# D8 U% }004031D3 99 cdq
" K* S* Q4 L. o5 {- h1 D004031D4 F7F9 idiv ecx
3 x: d0 {3 s# Z1 y& c3 x004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
: b2 i! J( u5 s: C! Q( D004031DD 2BC6 sub eax,esi; f- T y( b$ f& j2 C6 j2 x6 f
004031DF 52 push edx
- t$ s, ^; l. ~' G) N2 i) \004031E0 99 cdq( e' \8 V2 S1 r4 B/ s6 H
004031E1 F7F9 idiv ecx5 S( x7 N8 l1 T/ K+ z* p- y
004031E3 8BC6 mov eax,esi
, B) Y- b! o3 _! ] k4 s004031E5 52 push edx
& h a( ~% j2 ^/ J& x7 A3 f004031E6 99 cdq, x6 V/ p( h6 v& O
004031E7 F7F9 idiv ecx. {9 q8 X7 v1 ]7 _) _
004031E9 52 push edx
& i( ?; m+ k# m+ V( f5 Z! p004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
2 @7 x& U! }7 D6 C" J' ~. b% |7 @( K004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
) E5 d, U8 r# x$ W7 A7 k4 s004031F3 52 push edx
# Y! O0 @+ v6 J( ~% }( k- {004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893" i" a4 Z9 u3 \( \" C
004031F9 83C4 18 add esp,18- W1 g# u1 S2 Y( I7 Y5 g- g& w
004031FC 6A 04 push 4- n8 H$ r5 N; v0 K" t8 R7 t: X
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]5 }0 {! z) V2 ], S6 ]0 d
00403202 6A 00 push 0: P; Q: ~" x8 s5 ]
00403204 50 push eax* I) u6 U8 w) `, B
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 y' k5 Z: \4 l: e$ m00403209 E8 D6530200 call qsr.004285E4
0 X+ I& a, W2 u: A' g0040320E 50 push eax) \! H6 V l* x3 H9 X$ y
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]7 L( U$ k' ?; e/ r) K7 ~4 p
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
) t' V0 ^, A6 n+ a) o2 B. [# f00403218 E8 A7C30200 call qsr.0042F5C4
/ w- B( O4 F* }2 u: j, L0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 Y3 T! \9 R* ^00403221 885C24 3C mov byte ptr ss:[esp+3C],bl: X7 D, g$ n/ x- Y% Z4 |8 D
00403225 E8 61C20200 call qsr.0042F48B- q/ u6 U: l% G$ Q6 m
0040322A 6A 04 push 4
( w! T3 G3 E6 A6 S+ [0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]( N% n7 q& k$ b E6 W
00403230 6A 05 push 54 A3 ?4 [" E- p; e
00403232 51 push ecx4 h' [. x: J; [) p( k
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
7 B" A6 b3 }# F00403237 E8 A8530200 call qsr.004285E4
q% m ]% M: l! }8 E6 S+ s0040323C 50 push eax- T2 A. s8 C/ R" U8 R& S
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]8 i* j2 _4 |3 U/ C. y
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
9 a a7 F3 t& z* W$ l4 r( }2 s00403246 E8 79C30200 call qsr.0042F5C4
! H7 [9 p0 b* ~1 y4 D) x' N) _. ~0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: D5 p& }& t! J
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
0 u! c2 T7 q$ U8 r, F8 @( X00403253 E8 33C20200 call qsr.0042F48B
/ j7 B* G2 G/ U8 J00403258 6A 04 push 4
3 `: r. ^: z) H2 l) G7 W9 Q6 Z3 W( S0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
7 [/ o+ C0 U8 g3 C6 O0040325E 57 push edi5 C/ {9 o' {- n( s- l! I
0040325F 52 push edx
+ u: M2 {, v0 c; h# R% B00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]# C/ c2 C% v6 J/ S/ f
00403264 E8 7B530200 call qsr.004285E4
$ P! Z6 @8 ?" a# z% B00403269 50 push eax
) w) Q- `7 E9 Q) n/ s0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ X6 P- _- A+ n* d0 B. m0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E; X' W$ R$ c3 }6 L+ {
00403273 E8 4CC30200 call qsr.0042F5C4
" U: T& A# X6 T3 H! ^1 v8 g3 p00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 e7 U/ p8 u0 r0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
; G( C- m5 p5 i- t2 n2 j0 Q00403280 E8 06C20200 call qsr.0042F48B" u" ~' n. t* s" Y, E, `" \
00403285 6A 04 push 46 `8 Q6 b- S3 A7 d& t* e' p
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
9 \, ~" K$ C' k! O! V0040328B 6A 0F push 0F0 B+ d9 M( R! f& O% \$ B
0040328D 50 push eax
! J7 u7 r$ o3 X5 o* p# `0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]' A9 E4 L0 a- I1 e5 }0 e
00403292 E8 4D530200 call qsr.004285E4
% q* O3 f: |8 y00403297 50 push eax
# U" J. s% B% K* f$ q# ^( A* k2 v00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
/ R( g! ^0 ]0 g' F+ _/ u+ v; R6 K0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F0 S# z4 \+ t F
004032A1 E8 1EC30200 call qsr.0042F5C4
" ^/ E4 Z h: I) v3 I3 S* U004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 Y) z" V% E) M" Y
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl7 ?0 ^7 q' O* p& e+ w/ q
004032AE E8 D8C10200 call qsr.0042F48B1 }. O( e L" J9 g/ b" A+ v( p" R* l
004032B3 6A 04 push 4% z1 C: X: o1 V o. K- v
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
9 l) W% [% _) G* x: d, K0 D4 t004032B9 6A 14 push 14
. R7 _& |% G9 ~004032BB 51 push ecx/ t1 D% `& g0 i/ z. L9 n! ?
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]; L: q* ^6 [" T7 N5 s! G& T
004032C0 E8 1F530200 call qsr.004285E47 W+ A, g% x- Z% c
004032C5 50 push eax
5 p9 I2 P( ^7 C7 I% ^, O004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 `- h# {4 D t v' p
004032CA C64424 40 10 mov byte ptr ss:[esp+40],106 n% s, m7 M: a9 X
004032CF E8 F0C20200 call qsr.0042F5C42 @ i2 d6 e: _( w
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 L; n( l2 N; ]4 q# i* K6 @8 y
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
6 j4 `- m; G0 a5 |! ?3 s004032DC E8 AAC10200 call qsr.0042F48B% m+ ^/ N% C7 p8 R9 q, [0 T
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI( s% b. ]' f3 R% _% ~
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX3 Y( O3 F7 t' D
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
, Z, o$ n& n! U x004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
& o& B. Y2 x5 F% _! v004032ED 8ACA mov cl,dl ; DL送CL2 f! | u! K. C! f6 u+ G, E
004032EF 3AD3 cmp dl,bl ; DL和BL比较
# F& _2 z0 w' H# {& I004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
8 `, N* W; y' U* H: S( j, y$ U* Z5 m$ G004032F3 84C9 test cl,cl3 H* Q2 c6 Z0 Q: Q `
004032F5 74 16 je short qsr.0040330D+ [4 d z9 }, n5 M) C2 _4 J
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
z( K6 v) [: b' T; E6 y5 a) j004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL3 ^2 R' `4 b$ ?- p8 i8 S
004032FD 8ACA mov cl,dl' p0 V. n' T2 u0 o+ t m
004032FF 3AD3 cmp dl,bl ; DL和BL比较
' t" l9 k) D, C1 f, A% _; ~: e00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
4 r: ?3 a5 a7 ]4 l, l2 q00403303 83C0 02 add eax,2 ; EAX加2! d+ K" q" z. R! [1 }
00403306 83C6 02 add esi,2 ; ESI加2
! N! X2 h1 ~/ r# q00403309 84C9 test cl,cl% G( U( y! R8 R: X4 o0 R
0040330B ^ 75 DC jnz short qsr.004032E9
6 T: q, J2 i; h' |) d- w* P0040330D 33C0 xor eax,eax
# J) t b- o( C \) Y* c, _0040330F EB 05 jmp short qsr.00403316% S- U) E4 G/ j
00403311 1BC0 sbb eax,eax
7 r/ b+ ?1 K, C. n% u" ^. r00403313 83D8 FF sbb eax,-19 U- z8 F6 c8 J" J* O2 `* N" Z0 S
00403316 85C0 test eax,eax6 F0 x% V/ d* }
00403318 74 0E je short qsr.00403328
: C4 h: g! a# s6 R/ r0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A7 ^2 n: ^% h0 m) Z2 t, ^# y; L
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
$ e* s! l [' {1 F4 ^; q3 }/ H00403323 E9 F0000000 jmp qsr.00403418
& T+ Y/ t8 O, [- @! i1 s3 Y s5 x$ X00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX N3 h! v+ ^( x- y. K
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 P) x/ W' G6 L. U. R+ i; k- t
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
9 Y( z+ h4 k$ g00403333 50 push eax
% O+ M. |; K2 p0 l00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX5 T- d p- o( }0 m
00403339 50 push eax; {. h {- n }4 C
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX& }& w( {+ K$ d. v5 g
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX7 h3 q9 W9 e1 |
00403343 83C4 04 add esp,4
1 R" B: ?9 h& s2 _1 C% m( K7 ]- u00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI& E1 k3 D) h0 [% k* h0 N. z( w
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]1 V8 j% u/ N5 b
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]$ A# X( J( X+ P+ P0 A3 p; q* m
0040334F 50 push eax
/ G) L. w4 o, Q" ?00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
, j& ?& ~- |; B+ H9 ^00403355 50 push eax
4 G/ k1 H& A6 j; T00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX% z$ ?* i/ C- r- Z6 X
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX- a. E# P& j" [7 B7 n
0040335F 83C4 04 add esp,4
1 h9 ]- u) T, V5 o0 b f% E5 E) t" C. p00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
! W: F9 {, c' w00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
^8 S' u- {, m2 T$ M# S; P3 V00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]4 @3 L& r) T; W& `& P' F/ M8 U
0040336B 50 push eax
3 \; o8 M. a) c0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX% \ q2 ?) g, R) V, p+ J6 _1 N. d
00403371 50 push eax9 F0 Q' H6 S1 k) w
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX$ ~ a' J7 J, L4 f& p, U
00403377 8BD8 mov ebx,eax ; EAX送EBX
" i8 \) G8 U* B/ x6 d0 E% K2 J00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
, b, L# ^# K1 x6 J0040337D 83C4 04 add esp,4: D# l3 k+ C: f ~& g
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]. i' o* L, d3 @& H. G
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
5 g0 r( K d. C @; ^; X/ ^00403387 50 push eax
! n6 l L* n; f: w0 O00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX d1 \) z" A5 a% @- s8 l. t( E5 `
0040338D 50 push eax
- s2 w* `+ p2 a4 c8 m; [0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
+ _* I( x, e+ @4 v( `00403393 83C4 04 add esp,4( q6 n: M- {& `3 M+ d
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ \5 z: K- c( l! I8 P& `$ N0040339A 8BE8 mov ebp,eax ; EAX送EBP
( L% }% E2 I7 S0040339C 6A FF push -10 W9 |* p y: A$ K$ P: \- H
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX( j7 t2 P8 ^8 f% [ O
004033A3 6A FF push -1
: G% \. o6 J6 Q, r. p% u. k# t& ~004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX6 P# i& d5 |: @1 V
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX1 P: \% W) O- c
004033AE 6A FF push -1
7 n9 e( F# ]* V& |% H1 V6 M. M004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX) v9 U2 H- W: \) d5 H5 ]
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
, Z! h4 L/ S' r8 t004033B9 6A FF push -12 S" ]" l+ U' f; `0 Q' Y3 V; D1 g3 c
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX& M' o9 y9 n; k" d( q
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX2 L" L$ |; H: J p0 D
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX: N; @$ y& W7 j3 X4 E4 |
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX8 G% P8 n; i/ s# t) Q1 k# Z
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX9 `# r: F% ^1 \ C) ?- K
004033D7 D1E0 shl eax,1 ; EAX左移1位4 j' m: C$ _" o. N% n
004033D9 99 cdq ; EAX扩展. S( B0 w, S. w% e3 a1 S3 u& K3 \. t; L# L
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中) K: x: y) t( C8 b% D+ w7 B$ Y
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较# x# S" I3 ]+ P% U4 ]
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
/ y! r# W1 e9 r, {7 y004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A& l1 U9 a6 T6 ?3 ]9 D
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]3 M k% i3 f" } r; e
004033E9 EB 2D jmp short qsr.00403418" n2 `) M+ W$ Y0 g0 t
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
6 S& W$ W0 q* M. ?" ^004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E26 Q- |) J8 }8 j) b' {6 U1 |
004033F7 99 cdq ; EBX扩展0 A, @# G- k* _ p
004033F8 33C2 xor eax,edx ; EAX和EDX取异或6 q* h6 e! U( n; z
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
; v3 o: h: p% j2 Y& x/ h004033FF 2BC2 sub eax,edx ; EAX减去EDX7 k( E+ x2 F# ^
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
- z3 Q5 b$ X; o, A' C00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
, {$ N% N2 U( {! j5 s: Q4 [00403409 99 cdq3 l2 A0 Z% S$ a( b3 e" O9 L6 z0 n
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中' t3 A6 T' g& f/ H2 C5 }
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
2 _/ k0 s2 Z8 m; e6 f: u00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
( a2 G6 O. K" D+ I00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)) \; z. p/ B" s* a* R
00403418 E8 6EC00200 call qsr.0042F48B ;
! v1 e! x( h3 r0 c( _2 `0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]# f1 Y# `3 u$ u, j3 N; E- l$ [7 V
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],91 e" Y) S, f) V& v
00403426 E8 60C00200 call qsr.0042F48B. g; O$ Z* ~$ Z
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]$ S% \! x+ e" b- c
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
7 {! k( \) l ~+ e1 V. q8 d E0 B00403434 E8 52C00200 call qsr.0042F48B' J' Z, M. _1 e+ d5 A5 M
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: T* y; Q0 A( F
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7$ T) E& n* `9 s3 P+ r
00403442 E8 44C00200 call qsr.0042F48B7 ]. d2 q5 Q& N" ]+ b
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
N& C' x0 s8 o; Q8 P0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6/ T: m4 Z g. r4 A3 I' a! Y- q
00403450 E8 36C00200 call qsr.0042F48B
* H7 g" r* z" C5 }( C00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
' Y, k0 H- S* a7 J- E00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
+ ` v- s; H' A, }* b9 Z: H0040345E E8 28C00200 call qsr.0042F48B" [' `2 R2 H8 R5 G7 Q
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]: ~5 g0 W6 ]* E& Q, j3 A0 H- n$ d
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],23 W; V5 e! h6 v) B
0040346C E8 1AC00200 call qsr.0042F48B# p3 h& J8 q/ l. {) L' |
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
6 a/ |+ y8 X* r00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
: m' j' L4 j3 Q, u& P0040347A E8 0CC00200 call qsr.0042F48B
' P: N( [! ~4 _8 J* U6 D' V% E7 o0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
3 v5 T% h3 J; g+ Z2 A: Q" T# {00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
5 Z" n' e' T7 O2 r* w! g* B9 b00403488 E8 FEBF0200 call qsr.0042F48B& \. T) N6 _# S+ W* N
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]" A0 G- H( q" I: G, ~2 h
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
2 K# ~) i1 ~- _' Y7 a00403499 E8 EDBF0200 call qsr.0042F48B
- L, [, I- W1 H# l0040349E 32C0 xor al,al ; AL清0
) \2 g, w2 J4 P+ W- G004034A0 E9 88000000 jmp qsr.0040352D. j: N2 V" k1 B+ X7 |
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~" Z- W3 X& [" p9 t2 Y
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]6 U4 K5 T2 Q" O! }$ f# x1 x
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
: z9 _9 h/ M* j' |004034B3 E8 D3BF0200 call qsr.0042F48B
% \: p N0 c8 l h004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]6 ^2 y7 ?/ P! x6 I
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
5 F- v, o. o# f4 o. {3 k004034C1 E8 C5BF0200 call qsr.0042F48B
6 h/ v; q/ u9 S( z004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
8 W; R+ _, c3 {" h004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],73 C% [! o- `* F
004034CF E8 B7BF0200 call qsr.0042F48B$ d- B6 l4 a; Z* }
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
/ T) S" ]; z: l: F& {' \$ n004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
$ Q" f1 S( b4 p ]1 |/ U004034DD E8 A9BF0200 call qsr.0042F48B' A. K$ z1 R d8 e9 E: `& Y6 R
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 r+ i6 n2 X: n+ e0 x. B0 f
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3; w5 j6 R- \. n0 x4 \
004034EB E8 9BBF0200 call qsr.0042F48B4 F( C+ u5 m$ l) L
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]1 C' g! ]( z. k( G
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2+ ]% H' _1 v: K4 n Z: J4 E
004034F9 E8 8DBF0200 call qsr.0042F48B7 m6 L5 R: J$ E- `" F+ |
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20] C* C0 f* V W' S; C, X
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1. y4 G& ?. \* a, N/ S2 w- {
00403507 E8 7FBF0200 call qsr.0042F48B
2 r* |/ q0 V5 `" H0 N* V0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]9 R6 S3 l* V& ^; C" R- r7 E* Q# Q
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
* n4 S+ e( J7 @: m% k- \( u00403515 E8 71BF0200 call qsr.0042F48B$ B0 y- @- l( ?0 Y- c3 o- Y
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]4 I* |- C, G9 v
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
; |8 n% C( \4 z# L00403526 E8 60BF0200 call qsr.0042F48B! h e3 d4 h4 x/ A4 C/ b0 o# j2 v
0040352B B0 01 mov al,1/ S7 b% X- a* M X% U
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34] Q* \ Y" X5 d4 g1 c& g
00403531 5F pop edi
" W$ p$ X! y0 H- h00403532 5E pop esi% G* I6 }4 o. Q7 B8 h
00403533 5D pop ebp% b$ w7 F' f& s( R+ R- K. f3 d
00403534 5B pop ebx
! \5 j0 t, K( @6 u+ z2 g1 a00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
0 o! b8 @6 b. l: U) M0040353C 83C4 30 add esp,30
+ k+ l7 Q- H% B7 k" U/ Z% u" p0040353F C2 0800 retn 8' F. t) M+ l3 y6 \' G
--------------------------------------------------------------------------------
( p/ z. ?% M' i8 g" s【破解总结】
A9 ~( h+ P% K 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
7 o, m# b9 [4 Z: |1 {9 X+ D7 _4 q用户名:yijun
: W* |4 g/ E! t) k8 Z! E P注册码:4893*7777*3726*7777*0529: o! P0 b+ z5 ~% |& J+ l
--------------------------------------------------------------------------------
8 d9 Q, Q$ }: ?& S【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡