|
|
|
【原创】破解Quick Screen Recorder
, Q; p0 c) u+ S【破解作者】 yijun" t! K, c' K' d% a
【作者邮箱】 [email protected]5 S/ |- r& X6 v _ }: `* I
【使用工具】 OD,PEID
, V# h5 N' c" s/ C3 b( ~! V【破解平台】 WinXP4 w7 J# J1 P5 [7 s9 ]3 A% ?
【软件名称】 Quick Screen Recorder
. G# |1 O4 L. e8 C" J【下载地址】 天空& P! _$ r+ D5 h% C
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. $ t; E& Q8 |1 Z' P7 x/ _- H ^) ~5 I
【软件大小】 540K
B/ g! B! w3 T: ~! `: k5 |【加壳方式】 无. P1 P2 Z& C% u8 }+ B: S' ^
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)/ A# m3 T( O1 v
--------------------------------------------------------------------------------
$ M" e# T2 ]+ u6 M! ?$ w【破解内容】' f6 S( e* E+ ]# q4 N; {
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
8 |( x5 r; P M/ l; p2 {00404C69 55 push ebp //在此下断
1 q5 Z5 M- n9 J) g4 D4 F; I00404C6A 56 push esi
* y) `2 K# B- Z/ @00404C6B 57 push edi
$ B2 F$ ~1 V m) E; K4 B7 R, q00404C6C 8BE9 mov ebp,ecx4 H8 x# a* U6 e
00404C6E 6A 01 push 1) Q( P; p5 e9 K4 Q; F
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名7 R O; z4 k. v
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
1 }* M; q" _3 x" F00404C78 8BCF mov ecx,edi
2 Q" f7 ~3 |, F9 t5 y& w2 a! T00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
6 V+ P' K' N6 }6 i00404C7F 8BCF mov ecx,edi; {8 h; @! Z0 Y' U* h
00404C81 E8 A73E0200 call qsr.00428B2D7 W$ f+ _5 k6 E; G
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]- z/ N( W& V7 V
00404C89 8BCE mov ecx,esi s0 W- U4 f4 e U! B; q2 s
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
W& [3 Q/ b: j) Y5 ~00404C90 8BCE mov ecx,esi# X: C& e# P1 s; `
00404C92 E8 963E0200 call qsr.00428B2D' a' D( Q- K4 w! `- `9 i( V" a: F
00404C97 8B06 mov eax,dword ptr ds:[esi]
+ R. F" j0 @1 E' [& a00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
V/ I- v" {2 ]0 Y! ]3 G( m' x* _00404C9D 7D 26 jge short qsr.00404CC5& S3 [* W4 o, |7 b
00404C9F 6A 40 push 40# e# _ l& f1 C, J; ?: x: O) I
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
" J l. Q" [: k4 O00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."0 d W8 N( R- b$ u* o( J8 z, w
00404CAB 8BCD mov ecx,ebp c* j* X+ x' V+ A: z; N9 D
00404CAD E8 C3840200 call qsr.0042D175
% ]( W8 r/ ]: [: x+ Z( A$ N00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]9 Z u) T+ \0 Z2 V5 Y
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
5 A6 o% u% v/ R! v' D00404CBD 5F pop edi; e2 R- ~$ h: t
00404CBE 5E pop esi
2 H7 H. v( T* \. l- i00404CBF 5D pop ebp1 g1 V1 H5 }1 D- b* d* w. u
00404CC0 5B pop ebx
4 O" V. g. ?! }00404CC1 83C4 18 add esp,18
, P3 {& l {2 S* a5 r; I0 _. A00404CC4 C3 retn6 C( |+ T u% v* E
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
* p- {$ y) q/ X1 ]! `00404CC8 84C0 test al,al8 x% K* K$ z+ D. D% Q* |
00404CCA 0F85 1C010000 jnz qsr.00404DEC
$ v7 p! I4 s7 ?/ Z% S2 \1 @00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. e9 n. B) O ~, j: q2 [) M00404CD4 E8 87E3FFFF call qsr.00403060
0 o* O B% T5 z+ C00404CD9 51 push ecx
q" w. H6 z6 V) Q00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
$ e/ j! d# v8 E4 Y& ~7 h/ j00404CE2 8BCC mov ecx,esp
6 a5 U/ W6 R1 q00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
! `, g8 i3 E L! ?$ q8 e+ ~9 A# y00404CE8 56 push esi6 n+ L: L: H6 A* d) x8 b
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0/ M( Q- A# {% l& k, U$ o
00404CEE 51 push ecx
4 ^& f: k# g8 O- t00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
+ Z% |+ u' N/ |: n% G8 w0 O00404CF4 8BCC mov ecx,esp
- J: U' m% e. y% k2 n1 {00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
0 c& G+ Y" N- l9 Y00404CFA 57 push edi
9 b! G- Q6 U ?% H# e; j00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
1 N/ k, W2 s9 k. b00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 E3 ]8 D1 w2 [0 M
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0; Q2 j9 [+ u4 L4 j& K- b/ E$ @
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
( E1 E# o5 U6 G1 m3 |; q% r5 s00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~3 ~" A4 i1 O+ ]# t7 w. U, S
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
& a# i* R2 f2 a! w0 w00404D12 6A 40 push 40, Y" M& l9 v" _% h' ^
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
: ~* u$ g ]- N9 ?5 v+ [00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."4 \5 ]$ o9 G9 ]( [+ y' [
00404D1E 8BCD mov ecx,ebp
. S% B+ \# @9 F9 d" U* j$ Z00404D20 E8 50840200 call qsr.0042D175( v4 ~- z: c( ]7 e
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* [ D1 L- y) l: u& b5 A
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
' a6 p, @; T" [. G. W: O4 u+ [3 l00404D31 E8 5AE3FFFF call qsr.00403090
5 b E. f- O( `& |" r) t" }4 Y" b00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
3 o( v3 z! ^. n; B00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
( l6 v! o7 A( w9 q% R* t00404D41 5F pop edi; P7 H+ a( f, j" G
00404D42 5E pop esi
$ }6 Q5 n& c; J3 C8 l00404D43 5D pop ebp
/ o8 u$ `" a3 M' _# }00404D44 5B pop ebx
9 ~% N% h* B0 G9 T1 X y" B/ C00404D45 83C4 18 add esp,182 ]2 E, O' Y" S; y
00404D48 C3 retn2 U5 t! f* A1 M# N/ P6 W
*********************************************************************************************************************************************************
4 m7 H' z. [/ n# k跟进00404D09处CALL来到:
[# _% i: u7 Z- J' ~- B3 x5 e004030A0 6A FF push -1 //一路F8下去~~~~
* |2 s$ j% d- P; W* w004030A2 68 C88F4400 push qsr.00448FC8& b2 |0 [- l% X' B( H1 U* |4 J& P
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]% P& Z7 _$ c6 \( o: Q6 o4 P' L [
004030AD 50 push eax) U. a p9 O& g6 q3 z
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
* {+ s0 y- h! }- D. g004030B5 83EC 24 sub esp,242 @; x; A9 }& C( s
004030B8 53 push ebx Q: ^/ \: Z0 [: \0 e
004030B9 55 push ebp
1 w' Q+ o+ z9 w9 I, h/ o004030BA 56 push esi# w* f0 o- |9 N& M% H- ?4 k
004030BB 57 push edi
) u1 A; |" z! W0 J004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
1 ]5 p0 P% c N5 v% l7 S004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]0 K) y' f; I& S L1 y
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
4 y8 h/ d: _2 G% F. V4 i, |004030CD E8 27C40200 call qsr.0042F4F9' o3 A1 F5 A! L! s0 S
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
$ Q4 H; |5 W* ~5 O9 c) z- Z4 a004030D7 894424 2C mov dword ptr ss:[esp+2C],eax- w3 ~! f" l* |& j7 }; J3 I1 X T3 }
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
8 n& ?8 W7 T6 y004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
! S2 O: \5 `, n' }& }3 L1 O$ ]004030E4 E8 905A0200 call qsr.00428B793 _9 k% Z0 C! V; _8 Y
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
$ l5 _2 g, p; Z! w! g004030ED E8 3B5A0200 call qsr.00428B2D
+ N n* Q* i* J* O( f$ }$ c, O004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
4 D( O0 }* x5 f) @1 u L004030F6 E8 7E5A0200 call qsr.00428B790 c" o& A' W2 \7 x5 h8 c2 o4 }
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
* q2 v% K9 q& ^, o! M2 I, H3 c! T/ W004030FF E8 295A0200 call qsr.00428B2D
7 x2 k9 k/ ]$ S: y" }5 r00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
! e& c& N# g1 \ L7 h& K" g$ [$ U00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]9 D2 I+ [& A2 f) o" n
0040310B 83F8 02 cmp eax,2
. ^5 d% H2 C7 K4 k: L5 c* j4 V0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
. K# s% D) U* a) I00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
0 {$ J% k C( g8 w% }! g$ u/ p00403118 837A F8 18 cmp dword ptr ds:[edx-8],180 W. n, ], S2 z, o4 @% h/ d
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳. W8 d, R7 \8 ]5 w4 u) q8 z9 K
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30], h* G( R! O/ K
00403126 6A 01 push 12 P r9 v! J* L2 E) A
00403128 50 push eax @1 d, k" L8 y" i3 D& G3 ^
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]5 I$ v5 C$ M2 X
0040312D E8 C4550200 call qsr.004286F6
5 \( j4 N4 L8 G1 \00403132 8B00 mov eax,dword ptr ds:[eax]. d2 \5 r9 F' g9 N, C( `* D
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
3 B8 \) ]6 u8 B+ d+ I3 A5 \00403138 50 push eax
! t6 K8 Y7 T. l( P, m4 [. c; F00403139 C64424 40 04 mov byte ptr ss:[esp+40],44 M' @! F# a& F! V- p
0040313E E8 4D560200 call qsr.00428790+ |3 ~, x6 h3 k1 e8 X/ y8 \/ x% z
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
& Y3 N8 `; [! z& C ?' h4 Y& b00403147 8BF0 mov esi,eax$ i$ I/ o. [/ Q, o
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
/ z8 c9 r- S& ]$ P' g0040314E E8 38C30200 call qsr.0042F48B
. B P o$ m, j) M' g1 U* x00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
4 q3 [$ ]# R! q6 a# X3 a9 M- L00403156 B9 3E000000 mov ecx,3E* z; H; r/ Q% Q `
0040315B 99 cdq3 E, l% X' @& S
0040315C F7F9 idiv ecx
& A9 m% I5 A3 O2 k0040315E 6A 01 push 1& [" G& z( g9 ], i
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
7 N% r$ S+ A6 \0 ~* m5 W' U00403164 8BF2 mov esi,edx8 x8 Q3 M7 H7 c0 H
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34] J! ] C1 O; T- S
0040316A 52 push edx! `/ T1 ?/ n+ f) o
0040316B E8 0A550200 call qsr.0042867A
8 }3 O3 x& j. O- o4 }+ {8 x00403170 8B00 mov eax,dword ptr ds:[eax]
# K9 i: R+ |1 q% A& V00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
! Q/ g1 ]& B; P! r/ s v00403176 50 push eax* ^4 b. [/ i0 v' i. t0 H. u
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5( ^$ R- f" n9 Q; u, q6 ], o
0040317C E8 0F560200 call qsr.00428790 N) c; l7 C$ t8 A6 T( O! D
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
: b5 k% H3 c1 a% t; J00403185 8BF8 mov edi,eax
5 A+ o! ?9 _4 J3 @00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
& U- x, d9 I! n+ K. w* N0040318C E8 FAC20200 call qsr.0042F48B4 O2 R ?6 H+ V6 x/ C( ^
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]# U/ i5 E- c4 E5 W
00403194 B9 3E000000 mov ecx,3E
# X9 }" A' c ?9 [+ F/ q$ M00403199 99 cdq
" D$ _" f% g$ L0 E7 z0040319A F7F9 idiv ecx
7 t2 m2 f6 e; Y! q0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]2 T9 @4 [% s# H6 w/ A
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
+ B+ `; m; v$ i4 c, ^) z004031A5 8BCA mov ecx,edx, b/ z# q2 _& ?( y2 D
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
( {+ A: u- [/ E0 N$ g; M004031AB 894424 1C mov dword ptr ss:[esp+1C],eax7 B+ p% @/ H: E" z! L& F
004031AF 894424 18 mov dword ptr ss:[esp+18],eax+ h/ f0 r Z0 ]
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
. w- M7 t N8 k- L& f; h004031B7 894424 10 mov dword ptr ss:[esp+10],eax
* L1 Q' M' P4 V004031BB 8BC1 mov eax,ecx
% F) ~2 n G+ E; ~; S0 Z* z004031BD BF 0A000000 mov edi,0A
2 W4 A( U2 m: N9 F2 }0 L9 b9 n5 F004031C2 99 cdq* j: k6 U7 t, [* ?7 C r* y2 X
004031C3 F7FF idiv edi8 ~" M2 Q0 ^+ X6 B' F/ L0 D8 x
004031C5 8BC1 mov eax,ecx
6 v0 x- r$ Y n004031C7 B3 0B mov bl,0B; ~4 k* ^) y- l
004031C9 0FAFC1 imul eax,ecx
4 [# Z; |0 Y: J- i$ u* {/ f004031CC 8BCF mov ecx,edi
4 e0 U; f& T* d004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
8 h! x% L4 M+ I; s! N$ b004031D2 52 push edx
( @4 q. t% o% F8 f6 B5 ]2 T004031D3 99 cdq
* t+ V0 P& a" Q$ h. l0 m- V004031D4 F7F9 idiv ecx
& J5 X& R$ O' [004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
1 L: D, ~9 }, a6 K! _004031DD 2BC6 sub eax,esi) C9 i! u8 b, ?9 [7 V, h
004031DF 52 push edx
7 k& o' I1 Q2 Y9 E( C) U% R004031E0 99 cdq
9 a& \- w# A8 D( G) Q9 v004031E1 F7F9 idiv ecx
# L4 d( H! H+ F9 X004031E3 8BC6 mov eax,esi
; K3 y# p6 |9 {' l, _4 e0 T004031E5 52 push edx
- d' r$ n6 u5 H* v& @004031E6 99 cdq: j0 C2 N! N" \ ?4 }4 r
004031E7 F7F9 idiv ecx
2 B; s& T+ n' p! s! E004031E9 52 push edx' Z- \& n0 Y& n
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
6 A/ v* S! |! ]5 D/ a# L004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
0 S) W& M1 ^+ x9 }: g% P004031F3 52 push edx+ S9 P( k* \7 T& y" p, A) K2 Y6 e
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48933 X- U, E( @* U3 H
004031F9 83C4 18 add esp,186 ~2 R+ y. v2 Q( I
004031FC 6A 04 push 4
4 {5 S/ e3 q* M8 `( q004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34], Z/ p T9 ~6 l8 @* Q
00403202 6A 00 push 0. J! y, v I' o( g
00403204 50 push eax
2 X4 c7 d+ |$ c! K. E1 p00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" `& e# w1 i; m7 Q00403209 E8 D6530200 call qsr.004285E4* x1 n5 L% U( C! o+ r2 e( J
0040320E 50 push eax" ^3 ]' O4 z9 S# T
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]! b- y# j6 ^% D3 ?9 f; E
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
& e8 G" E+ B( `* J. E- W, o0 ]00403218 E8 A7C30200 call qsr.0042F5C4
8 a, f m: H/ ]1 K6 c- j5 k9 K0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 e' L3 m% C- J: l) D
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
- i; `* B5 ^% U5 g, s0 W00403225 E8 61C20200 call qsr.0042F48B- @' m6 {! Z( k4 @- ~( q
0040322A 6A 04 push 4
* J4 x1 g- `' B( Y0 q0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]* {( [4 Y9 R: Z; } S5 r& e% N
00403230 6A 05 push 5
5 c/ V2 s7 r" e. v00403232 51 push ecx( l- |, r" z! c' p% u* j$ E% S
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& V4 D# B/ K& ^3 I6 Z Z00403237 E8 A8530200 call qsr.004285E4
! Y" \0 H( V, U" k( u0040323C 50 push eax' {) k' j. ~4 i, K1 W9 r
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]# a( O' i+ r$ l) ^3 g1 [3 }% W
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D, k. U$ ?) f' f+ E$ F; Z6 p# _& p
00403246 E8 79C30200 call qsr.0042F5C4# d5 r7 Y* B, s0 A$ W% X0 ?
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]9 |% Z3 Z6 N8 {6 d- D) p4 N4 [" S
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl7 `/ }& t5 R& }' ]. t8 [% o- z
00403253 E8 33C20200 call qsr.0042F48B
6 C1 t: c- r8 _6 C$ o( H0 q00403258 6A 04 push 42 `# G# Z2 `+ s' K) k
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
' z: c+ a; Z: h' G- V0040325E 57 push edi* O* ^. ^$ j, t$ ~1 L
0040325F 52 push edx7 W3 E5 @$ Y4 y
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]1 f8 ~& t9 N" B- I/ L/ f: ]
00403264 E8 7B530200 call qsr.004285E4+ ~+ x+ p, I- S. N1 Z6 W% }
00403269 50 push eax9 s: U+ `# T9 b& c; B9 I
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 e! o* J5 I4 J- ?1 D4 U0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
2 o% }1 D! z" Q! O5 Q9 d1 r00403273 E8 4CC30200 call qsr.0042F5C47 V- e; _& v4 e1 C% J) g
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ M) S2 M8 E% A0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl3 l9 A: _+ a) m: v! l+ S
00403280 E8 06C20200 call qsr.0042F48B5 I' t% U3 N+ S6 z: @% n) b$ N
00403285 6A 04 push 4
" f% w6 h A+ P) i2 B00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
& Y& a$ a& R6 N! [# ~, X0040328B 6A 0F push 0F
5 G1 K2 Y9 Z9 Q2 | `6 c0040328D 50 push eax
$ q0 l5 g! x: h0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 \7 J4 ^! S2 C: o' y8 v, ]00403292 E8 4D530200 call qsr.004285E4
9 [4 S/ F8 P- m* {# }/ @6 t; S5 U00403297 50 push eax
n; F2 |* O! n% m6 d, r$ | U00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]; [$ Q, ]) i6 U( a. X2 B* A. {
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
6 U3 @5 _1 ^+ g7 e004032A1 E8 1EC30200 call qsr.0042F5C4& e8 J; T3 ]. i% a8 K2 B
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" v& T( ?3 Y/ d4 {: H004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl, p) F% S x7 W) D
004032AE E8 D8C10200 call qsr.0042F48B Z5 G! `4 g( d# Y; I# a
004032B3 6A 04 push 4/ N6 s0 J$ K8 R3 Y5 d/ y: w
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]4 m. ]9 A9 G, y
004032B9 6A 14 push 14' q! U7 _/ {, c: X, _- [3 W7 F
004032BB 51 push ecx6 v* k; K: W' q4 a" \9 ~( `: E
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" U: c' @" U6 j/ c004032C0 E8 1F530200 call qsr.004285E45 ^6 W. A2 |! J
004032C5 50 push eax7 E1 v* ^( q9 L
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. k' h" S, g2 T+ @! A. r3 O
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10& ?+ B1 m8 W- `% g
004032CF E8 F0C20200 call qsr.0042F5C4
7 ~* g: t) T. j004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]! f3 l) \: @3 k( H
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl2 G* E4 E$ g3 d2 b N+ I) E# V
004032DC E8 AAC10200 call qsr.0042F48B6 M: v5 ? r. E& I6 g+ v' [3 k2 h
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
6 S( T; @) ?1 ?3 L! K& i% x& `0 ^, D0 i004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
9 D+ C5 W% Q5 c, [004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL! I7 f8 q. z2 x8 B4 C
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL+ R, g( W& P/ G& \
004032ED 8ACA mov cl,dl ; DL送CL
* y9 U/ r4 q- s8 z004032EF 3AD3 cmp dl,bl ; DL和BL比较) Q: Z& U. _3 Y
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
& Z0 v/ T8 |7 P$ A I004032F3 84C9 test cl,cl
6 G l& x ^# } w0 ~+ z004032F5 74 16 je short qsr.0040330D2 F8 P: @$ S" o+ v" U2 M/ Y7 S
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
* J$ _% h) {7 C7 [004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
5 y$ i9 [% A2 K/ Q. O* K. Z7 [004032FD 8ACA mov cl,dl7 [% H' O! S6 q' n4 j
004032FF 3AD3 cmp dl,bl ; DL和BL比较
: t+ v9 S Q% |; N- b00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)7 n1 X( |6 [! J8 ]
00403303 83C0 02 add eax,2 ; EAX加2
7 \8 p6 C! i( Y00403306 83C6 02 add esi,2 ; ESI加27 E% U7 V' u% T3 e! D, L
00403309 84C9 test cl,cl
U' u! \8 X0 R9 F$ q( ?$ _0040330B ^ 75 DC jnz short qsr.004032E95 x$ x; x1 i7 R
0040330D 33C0 xor eax,eax1 W! S" @# P4 H# ?# u5 Q' I5 |* f
0040330F EB 05 jmp short qsr.00403316
9 a4 `, |) B; i5 r. i. M: a* d00403311 1BC0 sbb eax,eax! b8 M% Q0 I6 i0 K/ s8 b! j: S
00403313 83D8 FF sbb eax,-1
# ~7 T) [3 q( {* `00403316 85C0 test eax,eax' E; l* W3 V2 U1 T
00403318 74 0E je short qsr.00403328
7 C" ~' e9 t6 @ z8 V" G6 G0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A4 F% l( y; A. _7 N4 A$ f% k, |
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]$ L! Y% y6 a4 ]3 v' `- Y7 L: k+ c
00403323 E9 F0000000 jmp qsr.00403418
1 g7 B0 g+ X; r: I. X7 k$ J00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX* x, ~6 C) b0 ^, p; {8 Q: m
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 J K$ `$ d, p* X w
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
o* h9 h" e: e6 Y" i5 R6 y00403333 50 push eax
) |# I% D/ u$ @4 K, g, H00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX9 |( J9 O2 }" n7 V: I
00403339 50 push eax* p+ _, p1 v5 R! N
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX0 F( k6 q9 m+ U7 E8 [* k
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX" l4 J1 ~# f7 k4 v, ]3 u- c4 T# t C/ k
00403343 83C4 04 add esp,4- v; V2 ?7 f* }! y( P# H( p
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI# a6 i w% L1 J G( T( k
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
) ~6 w g7 e& B+ H% d( ^0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
! E, Q5 x3 L+ V9 m) t5 l$ p0040334F 50 push eax$ F. @ p- ?/ U2 |' E2 @! B
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX8 r8 n$ R, x5 i+ H V& v! v6 f
00403355 50 push eax \% |, H) \$ `* \- h/ u
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
/ j; A* n- e6 {0 Q0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
; g% j, ?1 v/ K" Y' _9 |0040335F 83C4 04 add esp,4
9 ?/ O1 d5 B2 o4 }* d2 L0 e5 K$ ?6 G00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI+ a2 Z( l: N$ {) P2 z8 F6 J. t8 w
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
: M7 Z- \! D, Q5 q00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
$ l, n0 v) X: [$ V' y0040336B 50 push eax
0 q! E3 R: C# `$ G& P0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
' V% b' S5 {6 \: i# Z- Q, x% ^" [ i00403371 50 push eax+ A5 z6 z7 N0 _# K$ r. x; w
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
Q4 N3 q0 v) A9 F( N00403377 8BD8 mov ebx,eax ; EAX送EBX8 e( }# U2 J) o- m/ f+ Y2 R
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
9 ?+ z7 x1 s! a! M0040337D 83C4 04 add esp,4
) x0 |( h: N5 ^; J+ d: y00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
2 W+ g1 I; O! G5 _' w% _00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
) G6 V. Q4 u. H [% W. j00403387 50 push eax# w# e6 B! f( z, X1 r3 v
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
) p$ X4 _9 {0 r0 q3 A! {0040338D 50 push eax
. v5 ]) |3 r5 o; m! V0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
7 `8 a& l6 d- c) Q; a n7 u6 _00403393 83C4 04 add esp,49 \1 \6 @* t& y7 w, Y& R( V2 K
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
+ G, n1 @( O! N4 I; ]2 e( G- {4 | F0040339A 8BE8 mov ebp,eax ; EAX送EBP
3 r2 P3 Q; w5 X; S# O0040339C 6A FF push -1) d9 u3 u( A: |' q
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
6 o* i: s6 w C2 w2 |" V; _004033A3 6A FF push -1
6 @% n$ P1 ?4 B004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX+ j6 G" P9 E6 L' g& d
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX' C5 e$ k$ `/ ]! M3 X. A
004033AE 6A FF push -1
. E7 R$ s+ V/ A# {* W/ }$ ]* q004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX6 H( M2 N9 {. R- o8 y' u
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX' K: }+ ~" \4 c
004033B9 6A FF push -1! R* c) H& S: v% M* R
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
2 F7 A X5 W7 Y3 n+ s( _2 o004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX# C! H- {% ?4 @: N- a
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX; h) y6 \' n1 R. {
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
0 M0 u# x n, ?004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
: A2 {& p) j# p" g3 H004033D7 D1E0 shl eax,1 ; EAX左移1位
' Y$ [0 h7 f5 v004033D9 99 cdq ; EAX扩展
% o; D P- e. n/ A004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
5 S) g* G! m- d m0 {+ N004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
9 _. D1 w1 p7 f7 G004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
0 k. u4 f8 J0 O004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
& ~9 s% q) z; h4 p8 B( u0 x/ V, T7 q004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 i# M1 S, I& V5 F- w& {" {% P G004033E9 EB 2D jmp short qsr.004034188 y4 j7 q9 g' l& g0 X
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX5 Q7 P0 H8 a; K8 C$ v
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E20 _% F5 n$ g0 U* u( k
004033F7 99 cdq ; EBX扩展. B+ P- c1 H% j; l, b7 F P8 W
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
8 W0 ]+ _+ ^2 p/ R, x: v004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX) P) R% |5 Z4 C& o4 ?* N4 `0 g" k
004033FF 2BC2 sub eax,edx ; EAX减去EDX0 M0 J4 Z5 {7 P* t$ U) @
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]& y; W' G9 E3 T
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
3 \" p2 Y5 \+ D6 t- G00403409 99 cdq' X) i7 ]+ S( g" X$ I, S5 |9 y2 U
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
9 X% c# r7 U& h4 J" R2 Q- [0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
! q" @5 P9 W6 g00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较* [% r6 M+ ]# C
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)/ ^+ N" F- n8 T j4 E
00403418 E8 6EC00200 call qsr.0042F48B ; : `0 J* Y6 H2 K1 q1 D r! N, k
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. g; k2 S. K/ F# j) G
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
) G4 C2 k( x! q5 v" D8 k5 d00403426 E8 60C00200 call qsr.0042F48B
: N' X! e8 {7 J0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 Y" M" o9 Q b; f; g
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8: N1 D9 r( W f$ y3 Y
00403434 E8 52C00200 call qsr.0042F48B; I: T" I" u( k D8 v+ e; n/ ]
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]. u1 ?3 C3 K6 d( v9 `
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
) B4 l8 P! e' T00403442 E8 44C00200 call qsr.0042F48B8 q w/ O2 Q" B w1 q6 D
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
3 a: X1 J0 X4 U: c2 X0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
& B, N; H, V) S; G k v, C9 E00403450 E8 36C00200 call qsr.0042F48B
/ g9 t5 ]0 `6 q' D! N3 r: u00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
6 ~2 M( _$ j. [% n: P: B; F# [. F5 a00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" P- k6 Z1 S, N- W$ _5 ~3 A/ M2 M0040345E E8 28C00200 call qsr.0042F48B
1 c4 d h+ e, ?, e+ `: k00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
) S6 \% s1 M0 n3 @% t7 ^00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
; J* x# F+ Y, f l' m0040346C E8 1AC00200 call qsr.0042F48B J. W4 [5 z" l" z% a x
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
# d5 N; Z0 w0 U3 ^ o2 d00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
0 n y4 I0 a! b6 |1 `, U8 M0040347A E8 0CC00200 call qsr.0042F48B
- q4 r6 D+ y; _: z& Q ~% m# C0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ ^% A$ w6 C0 Q' P00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
/ { U1 X: B6 O5 L T& @8 z00403488 E8 FEBF0200 call qsr.0042F48B
9 X' ?1 e0 a y& K* i/ `0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
+ M. s* [8 W, L% Z00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1" Y% C& V3 W" z
00403499 E8 EDBF0200 call qsr.0042F48B% t. b9 M& \( V3 F3 R
0040349E 32C0 xor al,al ; AL清0
7 x w4 \7 A6 ]004034A0 E9 88000000 jmp qsr.0040352D3 Q) C$ @: A* W7 A! f4 a& J; j
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~* P- a" q2 o/ d* K' b9 B
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]/ i" Z2 P! m+ `( f1 ]( Q7 Y. V
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],92 z A: T3 [# X; A
004034B3 E8 D3BF0200 call qsr.0042F48B
$ b1 [0 g3 b0 X( \; Z! ~0 W5 U004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" G1 \4 X. ?$ N# d# s" L
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
& n% h; g8 _& v3 i w% G004034C1 E8 C5BF0200 call qsr.0042F48B: |, h8 f3 o9 F: Q4 p; }6 `9 I8 Z) R
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
& b8 ?% w+ \. h" _# o: H0 S% V004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],78 @" e1 j2 P7 k; w( b
004034CF E8 B7BF0200 call qsr.0042F48B& z, w/ v1 W, e- [5 y
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
% G" \3 i& a' Q( E/ V8 o' {004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6 v- i0 b k( c; T* J! i9 h
004034DD E8 A9BF0200 call qsr.0042F48B
, a: r# U# O2 D004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
* x0 i9 w H- s; ?004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
8 @0 s% Z3 J' Z/ L |- r7 O004034EB E8 9BBF0200 call qsr.0042F48B, [3 e# F0 \- r2 [0 q. z: y9 z+ W: _( Z
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]! E0 `% I! M) ~0 Y* L: g8 V
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
( |8 H, f( P; u: Y+ }& @004034F9 E8 8DBF0200 call qsr.0042F48B
+ {8 Y/ F' e, u7 e5 ?% D004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" o, u' j$ H( v/ a7 ~00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],12 D+ ~0 c! D* U+ O, O' G, x. z
00403507 E8 7FBF0200 call qsr.0042F48B
& W. g# C; Q% S2 B o/ C! a0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
! I2 w$ o1 T7 ?1 K00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0 }/ g0 E. L: X% B7 K x' F5 O
00403515 E8 71BF0200 call qsr.0042F48B; U* V$ I/ |( ]8 L( I
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 m0 Q0 \" {/ v1 q2 _0 _0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
* q `- j4 U7 R3 j6 [2 p: `: {4 @4 m00403526 E8 60BF0200 call qsr.0042F48B) X& z4 U6 ?8 D) O" |( l: r/ q2 ^
0040352B B0 01 mov al,1
1 }6 _: n+ S) c( x" h+ \0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
) Z) f& ?1 P8 v8 @* a' g8 X0 o4 S00403531 5F pop edi
8 A# P' y! {6 [/ [00403532 5E pop esi
* ?- x$ D' j: z) W/ i00403533 5D pop ebp! i# x0 V# W& N1 C3 C
00403534 5B pop ebx
! j9 u% e# P( V! c. h/ {1 {/ u00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
4 k/ m+ C) ^+ X& Q( `( i+ h2 H0040353C 83C4 30 add esp,308 l3 y# ~9 ` l* }+ T
0040353F C2 0800 retn 8
/ r; i- _: J( T0 x( {% i& k--------------------------------------------------------------------------------
, o+ i9 }0 G7 @! ~0 X; N8 c& ^【破解总结】8 m/ V/ g4 L0 ^0 h3 Z' H
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^. Z. {( m: x/ G- \1 B
用户名:yijun/ |, x. a' o% R" F! \! v6 J+ V. s
注册码:4893*7777*3726*7777*0529
7 n: ^( Y* X( Q; l--------------------------------------------------------------------------------
1 x+ g1 m2 m9 l: f0 ^* a& m【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡