|
|
|
【原创】破解Quick Screen Recorder
' S2 }1 L; z" n) i/ F【破解作者】 yijun
. I: J- J1 @! \6 K3 W4 ]& A5 g【作者邮箱】 [email protected]; J8 t$ T- ?( l2 `/ {8 c! c" ^7 I
【使用工具】 OD,PEID
5 C8 r3 c* c! M" H【破解平台】 WinXP
# _# X5 b* m( @【软件名称】 Quick Screen Recorder
% F9 @# B0 i% X& k) e【下载地址】 天空
/ z* F# M8 A( s6 k) @【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 1 `, G/ o9 k! g: c s# @( t
【软件大小】 540K
f$ i, w% [$ {! N& g+ Y【加壳方式】 无
8 X3 w6 u5 d3 G& E, W: }【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
( H5 }8 V! O' p--------------------------------------------------------------------------------
# e! \( [6 B. }% p I+ w) t {【破解内容】+ l0 s F/ X7 B, M9 X
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:8 {9 q/ X3 |% R# g1 b
00404C69 55 push ebp //在此下断
: i- W! Z2 e3 `. ~, `& |, y) R% C7 r00404C6A 56 push esi
4 A _5 |% D4 D3 U" ]) [. M00404C6B 57 push edi& {/ `, _8 \' Z. }( _- N7 A" H& z! L
00404C6C 8BE9 mov ebp,ecx, ?: p6 p1 r) `
00404C6E 6A 01 push 17 W% ^; e$ P v; t+ _6 s
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名6 k+ x* f6 A1 I' m& U
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
4 O; [ s- W" k6 z4 D- l00404C78 8BCF mov ecx,edi
8 S* ]- R4 r! k X6 Q- z% ~9 N00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码0 O! n7 G8 E% c, A2 }$ ~, ]0 H
00404C7F 8BCF mov ecx,edi
; s: F" U2 D5 t! a4 j3 j$ R/ z1 f+ e00404C81 E8 A73E0200 call qsr.00428B2D
# `1 Q/ G* \1 l2 o00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
" U8 B9 [0 y! ^+ N' n) g: v4 f3 E0 n00404C89 8BCE mov ecx,esi4 l% Z$ w, Q, e) B' Y
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX: f- s" d% j8 A" d
00404C90 8BCE mov ecx,esi
; ^0 `6 L: w% A, b% o1 d4 K/ i00404C92 E8 963E0200 call qsr.00428B2D' Z4 {& ~, }9 U1 i* H# P, u
00404C97 8B06 mov eax,dword ptr ds:[esi]
% {8 ]& J( N) L- K. W00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2$ C5 d" f; g3 `1 m
00404C9D 7D 26 jge short qsr.00404CC5
0 o1 a5 L: s# |00404C9F 6A 40 push 40$ Z6 F: o5 \7 a/ k
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder". l9 ^! O+ f% |: c& |
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."4 h3 W Q7 b% H8 H& m/ D0 Z
00404CAB 8BCD mov ecx,ebp0 S# R' S* s2 ~/ g6 v1 }- A. i
00404CAD E8 C3840200 call qsr.0042D1752 M2 r8 O3 o# R W
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]# y8 u y; Z- l O$ C
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
1 z7 V8 f( h& [4 _% F" C00404CBD 5F pop edi
: O. l3 y& f; \6 Y V& N00404CBE 5E pop esi
, Q f b7 r% e; a0 j00404CBF 5D pop ebp& I/ I& ~6 t q4 E. Q6 E( K
00404CC0 5B pop ebx
# A8 H q$ N3 O5 U) G00404CC1 83C4 18 add esp,187 X" d% A }! J0 ]8 d
00404CC4 C3 retn
; G4 G$ k2 N$ l# }9 g5 A00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]! G* c4 M& U4 l8 Z- M& T$ m
00404CC8 84C0 test al,al
# K' [! s& F* C6 b$ ~00404CCA 0F85 1C010000 jnz qsr.00404DEC
7 k; C' U# y$ l, m$ J00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 n, S+ }% D/ [6 k* c" e00404CD4 E8 87E3FFFF call qsr.00403060# {' \- w0 ` S" J
00404CD9 51 push ecx) o! q8 L* \- D
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
w; D3 K! o9 |! P+ M9 @1 {7 M1 L8 T00404CE2 8BCC mov ecx,esp
, y l- v; A2 U+ C& r; @00404CE4 896424 14 mov dword ptr ss:[esp+14],esp8 W8 `, J- b" c7 B
00404CE8 56 push esi6 _4 J! {/ @9 X! x' Q- H
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0. S+ T# N2 G; u: u1 p
00404CEE 51 push ecx
2 C4 y2 F# f2 I9 |4 o00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],14 }% q k, j- p7 B! }6 e
00404CF4 8BCC mov ecx,esp
/ _ x+ \) @: a6 e4 h+ z/ o00404CF6 896424 20 mov dword ptr ss:[esp+20],esp$ \6 J% \- F& ~& t) C
00404CFA 57 push edi
% B# c( k0 o/ E00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
1 K% y& ~% L1 I, }00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 |3 a- R4 J7 c8 B% ^' I
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
, c |$ o" ]: E0 l% i9 y( ^00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
3 f0 l5 Q7 ?9 V$ ?' x" }& P00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~ M" g0 i6 q: `5 `, {2 f
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
8 g6 E2 p# I8 \2 ~0 }- ^00404D12 6A 40 push 40
' ~4 @/ I. ?$ p00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"' h( o8 e' X, \
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."! |4 H% r8 R0 E1 V6 m
00404D1E 8BCD mov ecx,ebp9 N" Q; k9 d% w/ e
00404D20 E8 50840200 call qsr.0042D175
8 c3 d% E8 S4 p, @. u00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* C+ j: N8 Y' s
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-12 T* H3 H" Z* d2 @) A4 |- F
00404D31 E8 5AE3FFFF call qsr.004030906 r3 p$ ^# }- l/ p+ F7 T' P! i2 `
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]: b; v, G" L, |
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
- h9 m( Q9 k8 o. A00404D41 5F pop edi
$ Z. b7 y* x1 G$ E, c* X/ D, p00404D42 5E pop esi
+ N- y6 A* t' k1 R0 d( e3 x00404D43 5D pop ebp
7 h$ j$ a4 a" U8 _8 T: V00404D44 5B pop ebx' l, Y+ k5 J, B0 H) v1 X7 p0 l* E
00404D45 83C4 18 add esp,18
& e8 J& O0 v/ L' o, U% L00404D48 C3 retn
5 H: q+ E/ V# b: _. i' n5 _4 e1 h Z*********************************************************************************************************************************************************+ H5 p8 p5 O7 ~
跟进00404D09处CALL来到:
, ^: a8 E3 |/ g0 z3 B7 Y3 h004030A0 6A FF push -1 //一路F8下去~~~~
3 b" K! m3 w( d6 Y: d+ q+ h; A3 o004030A2 68 C88F4400 push qsr.00448FC8
3 ~! B; V; T4 B$ |, _% z004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
0 B X: Y* g/ I' ]9 ?, N004030AD 50 push eax4 k' u) z$ U- m! r/ k+ v2 _
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
0 V5 x( i' {- i3 D1 \& K! H- B/ Q004030B5 83EC 24 sub esp,24/ M& [' t Z1 P# E M* }
004030B8 53 push ebx
$ k7 y6 u( S3 H* E+ @004030B9 55 push ebp
8 R4 U# S- h- g0 X8 @7 l004030BA 56 push esi) q E# N i$ ?+ Q# I8 E0 U' G2 ~& b
004030BB 57 push edi6 U) W& U% ~( L2 Y6 k+ o* p
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"& o# _( c+ K K, h6 ^8 M
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
5 d. ]5 |! r- H6 [7 k% s! P) o004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1$ x ]; w9 L" \
004030CD E8 27C40200 call qsr.0042F4F92 g9 ~6 Z- ~8 R7 l
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
; ~+ o: j9 W G, Z* [004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
( w( ]5 m; t2 T; d004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: g5 I) h, w1 Q) {, e# V. p004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
: W. [ s" T/ X004030E4 E8 905A0200 call qsr.00428B79) J# W0 L K' r/ C( s
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]2 U! [3 C6 m9 n/ w0 Z
004030ED E8 3B5A0200 call qsr.00428B2D
8 R5 }2 Z' g! d& j+ C6 h n: @2 p3 ?004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]& o6 n* l) _" N1 o
004030F6 E8 7E5A0200 call qsr.00428B79" a- q) J; i: y5 V% c- h* B
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]% f5 X: q a: y; r; M5 ~8 }
004030FF E8 295A0200 call qsr.00428B2D: Q9 ?9 d1 v0 K9 W' b. M( d M. l
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]) \3 Y% J( I1 z, B
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
$ C) |- |- s' ^9 ]+ E0040310B 83F8 02 cmp eax,2
_0 f5 E$ \; d5 W, Z7 b7 C0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
( s) D" s2 v! G8 ~! b y5 P! k00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
( K1 j. K, H5 q7 c9 z: i00403118 837A F8 18 cmp dword ptr ds:[edx-8],18( |0 {8 D. q: |: R# m
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
9 g+ u9 N2 i4 w: }7 ]00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]* m, g, h6 g1 B7 g( x
00403126 6A 01 push 16 }$ p7 j, x4 z, l, B! }# l( b( ?
00403128 50 push eax
6 E- L4 e% ]2 a7 O U; u00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]5 X* g. h6 C8 S! {2 U1 h
0040312D E8 C4550200 call qsr.004286F6
( y; F8 x5 _3 D- Q00403132 8B00 mov eax,dword ptr ds:[eax]
8 `2 `) T8 b7 H. @1 o9 [+ |: ]" |; [00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]/ p' m1 o$ o7 ]# r, k6 x. p
00403138 50 push eax
9 i: J7 Z u/ Q4 |: N* v00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
$ \$ k; r' P( X* w/ [8 \% Y: J0040313E E8 4D560200 call qsr.00428790/ l3 S3 I5 j2 m ^2 n1 V
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30] C8 q4 v/ d$ P5 l; B
00403147 8BF0 mov esi,eax0 V, J/ j4 f. [0 ~+ A
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3( Q" G# m! M% D7 m2 M- N: `
0040314E E8 38C30200 call qsr.0042F48B
7 z" @; p4 d& S. C6 |/ M00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
2 E' L, ~5 e0 V( o00403156 B9 3E000000 mov ecx,3E
; n6 W, ^: ?6 J( l, p* u0040315B 99 cdq' X: u) n7 ]4 ^
0040315C F7F9 idiv ecx
+ P1 s. Z* s$ @- K6 @0040315E 6A 01 push 1
, Q. @4 O- I: ~4 x00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]3 l! ~, o" M2 H5 S+ ` S2 q( S
00403164 8BF2 mov esi,edx
' R/ C% s; Q0 t00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]$ Y$ G1 D o; Z( A2 ?. c# t# n! E1 y
0040316A 52 push edx
( ^& D6 N! k6 J: w7 k0040316B E8 0A550200 call qsr.0042867A8 V" D) N0 Q, Z0 z, }
00403170 8B00 mov eax,dword ptr ds:[eax]6 F! c N* K* [% E
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
* w& R, Z! W8 D* r+ [+ M0 [ l% d00403176 50 push eax8 N6 |- Q+ p2 |$ x0 c
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
- O$ U4 e4 [9 \( c0040317C E8 0F560200 call qsr.004287904 X4 ~* p3 H/ O2 v5 v) a2 ?
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 J% b! x# [9 K# V* G" [2 N00403185 8BF8 mov edi,eax- Z1 @; n. b1 v/ ^0 t: V, J* `- g
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],37 C. \+ a6 | O0 Y0 j
0040318C E8 FAC20200 call qsr.0042F48B7 w$ C5 n0 l1 C
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
' C' e( m" u4 y7 _00403194 B9 3E000000 mov ecx,3E
8 E* [! _6 I: V g5 i% V00403199 99 cdq
8 W9 t' F8 z2 v# z1 M0040319A F7F9 idiv ecx
3 r1 u) i5 ?, j2 m0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
. M* v5 j2 }7 a/ K6 c004031A1 894424 28 mov dword ptr ss:[esp+28],eax+ E8 T+ J) Z7 a2 [* u1 q
004031A5 8BCA mov ecx,edx
6 C4 m J* @8 D- {004031A7 894424 24 mov dword ptr ss:[esp+24],eax
3 q- P, s. ~/ }. x004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
1 W* M. o8 P9 o" t004031AF 894424 18 mov dword ptr ss:[esp+18],eax! R9 Q; h" Z: y/ R6 o0 W
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
4 j* V4 P! r& S6 ^004031B7 894424 10 mov dword ptr ss:[esp+10],eax
! ?( [" U1 m' C5 w$ c! j004031BB 8BC1 mov eax,ecx' p0 K! q9 ^& r! j8 v6 S4 g4 {
004031BD BF 0A000000 mov edi,0A
4 W' _) ?5 n" u0 T, P0 G004031C2 99 cdq j- F7 ^( s# s: }' |
004031C3 F7FF idiv edi: B! B5 W& u% |8 d4 N+ J0 ?
004031C5 8BC1 mov eax,ecx! i! Z! ^6 g3 m) c6 H0 C+ N
004031C7 B3 0B mov bl,0B
+ O, D) |8 L* @: l2 F: A, a004031C9 0FAFC1 imul eax,ecx
* G4 r5 {2 q0 ~. ^2 F004031CC 8BCF mov ecx,edi @2 F( t u: v! M. S
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl' q) P9 s5 y* q- x/ h5 ]: k
004031D2 52 push edx
# r7 B1 v1 r& a S0 q* f7 u004031D3 99 cdq7 P/ R5 {7 S9 z
004031D4 F7F9 idiv ecx
9 m4 S8 f) u' q; P$ i# z3 e; z! ~004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8] f& t# \9 \/ Y F+ x
004031DD 2BC6 sub eax,esi
7 l2 y3 \% o* b7 s9 [1 z, M; V004031DF 52 push edx3 Q D& z; s- `& ]5 `+ J O& G
004031E0 99 cdq% x% j) t1 ?3 s9 E: Z
004031E1 F7F9 idiv ecx% t8 z) J! E9 {' B- K
004031E3 8BC6 mov eax,esi1 w0 j: F0 H# }2 |. n% J" \+ `
004031E5 52 push edx* |- O- u$ Y8 x; s" M( K" y
004031E6 99 cdq1 S2 R2 p' C) [
004031E7 F7F9 idiv ecx
: ]) R4 ? B3 j$ O3 \. z004031E9 52 push edx) x) i4 N" `" z/ a9 ?
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
$ ? o- R) X5 y004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"% X3 z$ ?$ u3 [) x. H M
004031F3 52 push edx( K' q% L- D9 O4 S5 m
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893/ |' D2 l* O) H# `
004031F9 83C4 18 add esp,182 G* Y) D& ]- D/ B J- x
004031FC 6A 04 push 4
1 [6 J Y% l/ I4 w Z$ o3 G004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]0 M$ b: O) ?& H% a" z' _ z" m
00403202 6A 00 push 09 K3 Q }0 R! n4 E1 O: R
00403204 50 push eax
2 w R/ Y. @& V1 b& |00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
$ r4 V1 c# Q4 D- [$ u00403209 E8 D6530200 call qsr.004285E4& q- E3 Z" B* p/ R6 s \
0040320E 50 push eax& m a4 Q! Z- o W+ G7 h7 t# J1 T
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]! P! T) j6 m6 L. |. S$ c7 A
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C4 Y2 I [5 |) ~' B; O# b7 T* _/ B9 J+ Q
00403218 E8 A7C30200 call qsr.0042F5C4
/ u; A" @3 u' d* E. X0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 \+ p9 i" \3 g& A0 a
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
8 L# J9 { }6 T' |2 M00403225 E8 61C20200 call qsr.0042F48B
: i# e" u. E# S# E3 j1 h8 T/ C0040322A 6A 04 push 4& A4 | ?& D' ^/ x& ?3 d
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
4 u% m, ?' a6 I! V& V1 R5 ?00403230 6A 05 push 5
9 m2 [+ z, J0 h1 @" ]; ]00403232 51 push ecx
- ^- |9 h2 b1 v( [, L) d00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
1 n0 g3 ]/ q9 J# W# }/ E/ k00403237 E8 A8530200 call qsr.004285E4" Q2 P. G+ d; h4 I+ f: u
0040323C 50 push eax9 I- k q' n: n0 ^8 \5 X
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]) H7 F: k4 _# r0 V
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
4 a$ l" {8 c U. ]- B7 x00403246 E8 79C30200 call qsr.0042F5C4) Z6 R; G: G) Y. w3 |) A
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) H- l+ z ?" i- m0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl/ q& b7 p6 v5 c% f1 w- O# i# Q. }- p. [
00403253 E8 33C20200 call qsr.0042F48B: I8 L& z$ q. O- w- D. Y4 ^+ {
00403258 6A 04 push 48 G" b( I5 i' W
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]* }) g( b d4 L
0040325E 57 push edi
0 j9 W \/ I l6 J6 G! {6 S, H0040325F 52 push edx/ @7 I+ y$ I$ M/ J- @( s
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) O3 o! _, U* v* R
00403264 E8 7B530200 call qsr.004285E4& p) D% z5 Y0 h6 c
00403269 50 push eax
P' ~6 z* P* H+ o0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
8 o9 J+ O$ f* S: ^0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E% N( {/ G: I" J5 o
00403273 E8 4CC30200 call qsr.0042F5C4
* v+ Y* w! p- N5 T t00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# J7 U8 d2 V, V2 L+ P) k0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl! \% [' D* n8 ?# x9 x
00403280 E8 06C20200 call qsr.0042F48B
" I' K6 ^8 |! n$ j# G00403285 6A 04 push 4
0 T$ L* ^9 r/ \9 g5 g, D, U00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]" Z4 R9 b8 I4 \9 s* S7 ]+ u' [
0040328B 6A 0F push 0F0 z g. a O6 x& G q4 i
0040328D 50 push eax# x9 r7 p- W2 k; K, n$ A( ]
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 v8 j" \# o' s/ I
00403292 E8 4D530200 call qsr.004285E4
0 o2 t6 N- ?. f00403297 50 push eax
, {8 ^3 W% z+ x* |) M" `8 Z5 H" }00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
9 f' S7 V6 G( t8 s0 R0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
) x) Y; e/ L ]5 W$ V. p R+ p e004032A1 E8 1EC30200 call qsr.0042F5C4. d- {9 y C* ~* A7 b0 R7 [$ t
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
/ o/ f/ Y" [. _- Z. e004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
3 N4 K6 j. S' |6 y. X$ Y- m004032AE E8 D8C10200 call qsr.0042F48B, d {6 E4 b' H# j$ r
004032B3 6A 04 push 4
( Q ?4 Z+ _7 p$ @+ }) I0 W004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]6 \; ?+ B" R6 S. [ Y
004032B9 6A 14 push 146 [) G4 A" `% `( {, s, w6 O( C
004032BB 51 push ecx
; r( v, G3 J" [* m, L9 M004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ e$ A ?( _! E( }# C004032C0 E8 1F530200 call qsr.004285E4+ S: D+ y+ t/ j9 Z2 `. ^
004032C5 50 push eax
2 J5 l! J; H# b. z1 F$ M004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]7 Q, R9 H! w" [3 _0 o
004032CA C64424 40 10 mov byte ptr ss:[esp+40],100 w' D: h! Y& K
004032CF E8 F0C20200 call qsr.0042F5C44 \' r/ p6 V! q9 W7 t2 |
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 M2 x4 _( y$ J7 m1 [; j! z& D+ f
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
. A! _5 f% R% N5 _ @004032DC E8 AAC10200 call qsr.0042F48B
* I7 V1 ~5 k, g3 |# |2 ]# M: d004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
1 M# J. H8 x" A004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
* [8 V; b2 ^6 p& M. s004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
: H3 d9 W/ f8 S/ q6 K004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
$ C6 Q" K7 P/ R( w/ f# G004032ED 8ACA mov cl,dl ; DL送CL7 x. B% a2 i2 r: `6 r0 Y0 C& J8 D
004032EF 3AD3 cmp dl,bl ; DL和BL比较
- r3 O6 ?3 {- s' B; S004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
7 a) [3 P+ P- s. B. Y/ t004032F3 84C9 test cl,cl, l) W9 ? m/ l- X0 k- }; _
004032F5 74 16 je short qsr.0040330D
3 Y8 b, v2 M6 ?- O1 e004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL. C% N3 q- M* f: p9 u' f6 p
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL: W1 R$ T- [/ L: W l
004032FD 8ACA mov cl,dl/ P# O, W% e G3 e6 b6 T
004032FF 3AD3 cmp dl,bl ; DL和BL比较
2 K: |/ K O) R+ x% r( d- d$ W0 [00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
- d8 O& c! b% s6 \& G; }+ k& j00403303 83C0 02 add eax,2 ; EAX加2
% V/ I/ W; j, Z6 j }* l3 R00403306 83C6 02 add esi,2 ; ESI加2
& k7 C$ B+ W6 P* r$ L% b) ?00403309 84C9 test cl,cl! a9 L0 k9 f$ d& K+ J
0040330B ^ 75 DC jnz short qsr.004032E97 L# C* F) ]# d" n8 A. D+ F0 a
0040330D 33C0 xor eax,eax$ W5 J% j D9 u( O& |# [2 Z+ U2 V
0040330F EB 05 jmp short qsr.00403316
7 l! f6 E5 T4 d00403311 1BC0 sbb eax,eax
7 h" V; A- _& B) a00403313 83D8 FF sbb eax,-1( C- E4 O5 ?4 b8 h4 f" ~
00403316 85C0 test eax,eax
1 j! N( K) C! h F- l00403318 74 0E je short qsr.00403328
% E* z, _. a( P3 @0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A7 o1 d% L4 L# N# q0 \
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]) |7 h3 d$ ~6 T# {0 c- X7 h* w
00403323 E9 F0000000 jmp qsr.004034189 ~4 O) e% X1 }* G% `8 K
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
6 Y6 [* H ]. B) A0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]( b% G9 x( ~% _& @7 _4 K! B
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]: S5 L3 M6 v7 g' w3 T) V! _4 ]% F
00403333 50 push eax
9 }6 q6 V, ~! @0 Q: C00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
' o1 [8 N% \/ W1 v" C00403339 50 push eax: a+ x3 G% X6 {8 o R+ l8 m' r- P
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX7 }# ~ \8 ` x* V
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX' l3 E. D$ e8 Z
00403343 83C4 04 add esp,4
2 a7 U p! ^+ l" m4 w6 q3 X9 h7 F00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
2 j0 t# g" u4 b. c" N3 V00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
* H3 q9 [* ^1 B0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
) C' r% i' m! ^$ ^0040334F 50 push eax
{3 X6 H+ Q# X2 a$ u! R00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
# f9 \8 U0 _: R/ Z8 _00403355 50 push eax
M8 U$ u* Z4 W8 e# i& a5 d00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
; `( B( K, n% y' ~/ S4 ~; A0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
1 ~5 x2 M# {3 c. }3 a0040335F 83C4 04 add esp,4
* c8 u% O0 ^/ O2 | h00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
' N& V) p% B7 e' z, @ O' J. U00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]; E1 K1 e1 p3 N
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]. Y7 \3 t7 `& i& ?9 S$ |# U/ b
0040336B 50 push eax
+ w7 b _9 X: t2 U# d& _0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX$ H$ {4 M! `' @4 P' U
00403371 50 push eax. f5 X3 l" B& _6 N- t/ F+ w
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
8 V& p- |. A3 Y+ }00403377 8BD8 mov ebx,eax ; EAX送EBX" y& Q1 ]) x% Z: k' }
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
' Z9 c$ v6 J* X8 `) a- U0040337D 83C4 04 add esp,4
: F$ W+ X/ V% f k! m1 C8 e* Y( q00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
9 t' U2 J. m4 [. `6 D9 I5 j6 V00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
6 @) Z! v- I+ y00403387 50 push eax
: E1 B4 m$ K! p: W% P# q3 S00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX I8 [1 f K# e
0040338D 50 push eax
r4 L2 ]) N/ v; c$ l0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX: ^7 _' l$ u q8 U" |
00403393 83C4 04 add esp,4
- ]9 N( G8 `' N! [- J, L+ v) k00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) @4 P0 F) S, T$ I4 M8 f
0040339A 8BE8 mov ebp,eax ; EAX送EBP
2 D9 O# ~ R0 a. N5 @3 N0040339C 6A FF push -10 w: w/ z8 J; G4 Q$ v0 l
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX# M/ m" J2 a0 D$ A- x/ w
004033A3 6A FF push -11 B0 j1 Y/ E" a" O5 x, X
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
) e, |- b# a1 F+ T' e% R004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
% m) k: v' O, S' K6 s3 s004033AE 6A FF push -1
% ]$ j. x( \9 `8 j5 p004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
* i X% Z! k0 t1 e004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX# a% n. d* V; `# z0 |& F
004033B9 6A FF push -1+ ]4 R# c' v; S
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
' |+ y; p' N3 W7 U8 p( n- }- N004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX& W1 U" H2 e1 h8 x
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
. V$ T5 y! j/ _# t2 b9 ?4 S5 y x004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX- S9 V9 R" |5 I8 e8 d
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX; z8 R/ v6 p% A* f& T# W
004033D7 D1E0 shl eax,1 ; EAX左移1位9 [( @' e1 q7 S: ~; }6 s4 x
004033D9 99 cdq ; EAX扩展( @+ `" E" P: m0 T$ ^% X7 a `
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中' H. @6 w) k$ K9 x6 y
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较9 p8 ]! A7 R6 r5 H
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
3 [ x( i: Q" [' u% h# q004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
; [- D% t3 K r5 i/ E- b2 j/ o004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
# r/ s: q4 B8 g) v# \4 ? O004033E9 EB 2D jmp short qsr.00403418) G) E, _9 Y9 E- U
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX: U) J+ U& I4 F
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2) l" a7 O* e0 ~
004033F7 99 cdq ; EBX扩展' W( {. s( x; Z" \+ ~ i2 N
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
3 C3 L. b! t5 Y+ d. ?( Z004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: @: y2 E1 @2 t6 i& ~( p0 g5 z
004033FF 2BC2 sub eax,edx ; EAX减去EDX+ c. ?: A' {4 w A
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]9 Z/ n* v* C" K [' C2 k
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX& y: I2 W! E1 T M" _/ Z8 k! D
00403409 99 cdq
+ V( p9 l9 x9 k0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
' y/ _0 I5 s/ G2 F8 y8 [& h) f0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX1 `9 r* d6 S; {6 C
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较5 ?+ [) y( D0 X/ e- U% b9 f2 S" x
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
/ [2 g' F: p* y0 O- `; j/ o00403418 E8 6EC00200 call qsr.0042F48B ;
3 K0 m, R/ j1 b7 \- W) w0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
' K, u. t) [7 H4 _00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9. y. m3 C! v6 W+ d$ o9 Q$ E
00403426 E8 60C00200 call qsr.0042F48B
, y9 y8 W% ^0 j% `% b0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]+ F7 a$ ?2 ~5 b# h9 F5 I
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
" V. E E+ e& O, |1 d* W00403434 E8 52C00200 call qsr.0042F48B
& `0 @ I4 t4 ~! U& k$ W1 H00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
7 c G4 X- U% S" R3 c$ i3 B0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
6 ?% X, N8 G3 N5 |3 b# L8 O' Q00403442 E8 44C00200 call qsr.0042F48B: }3 J/ y' e' v4 {' D% z
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]% ~( ~- U3 Q" p/ i
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
4 l: t: F( w) S: |$ ]0 A3 b00403450 E8 36C00200 call qsr.0042F48B
# ^0 Q, n1 x5 e4 w+ W! O0 b00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28], Y6 `( x& [! H2 ^1 Z0 z; O
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3/ J. A& ^. y4 d6 J# G. H
0040345E E8 28C00200 call qsr.0042F48B
: d. `1 ~' \3 p" p0 ^; t00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
, N, G" P4 D3 y) ~& t00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
0 ?7 O- `" ~* C, u0040346C E8 1AC00200 call qsr.0042F48B
& D! D3 S7 P `" |00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
N( [) P6 m% Q00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1 s i& f7 B, a7 A8 D" k
0040347A E8 0CC00200 call qsr.0042F48B( H G7 Q, _" v# w- P
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
! ~3 J$ ?' K2 k6 r' \3 F00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0( X2 S1 B6 G5 S3 b- u
00403488 E8 FEBF0200 call qsr.0042F48B
- O1 T$ l& A. S0 X0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
+ a9 e4 h0 b) M' R7 d' a00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
! Q6 R3 q. K1 p. g00403499 E8 EDBF0200 call qsr.0042F48B. a7 V7 `3 I; k
0040349E 32C0 xor al,al ; AL清02 b5 @6 {$ B+ @$ r
004034A0 E9 88000000 jmp qsr.0040352D
3 o4 E; O6 a/ ^! O+ Q+ }004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
( G. u6 Z7 j( {, }! b! t004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* s# Z9 Y1 i& Y7 L% p
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9( ~1 ~* L K. s4 g
004034B3 E8 D3BF0200 call qsr.0042F48B" l w1 R4 t$ d$ l
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]$ ]- {& Y" X( @5 {/ v9 j! N1 y% d
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
9 }: U' m, X- t' ]004034C1 E8 C5BF0200 call qsr.0042F48B0 M8 k$ J# U5 u" d; u
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
4 E0 }1 ^' P5 j8 }: e& @004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
& c/ l2 H4 m& l1 j8 p& d) X004034CF E8 B7BF0200 call qsr.0042F48B% t0 A7 i4 M) U/ w" d" }( \ N
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
+ P; J( U9 p& U3 o1 J8 T0 }5 o004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6( {0 Y$ ^* `# ~" J+ j. D
004034DD E8 A9BF0200 call qsr.0042F48B; Z& q7 A. ?' k) e. A2 I
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
- ~5 t* m9 L$ k( w9 d004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3% u* J, K2 P g: A n( T: E7 s" A: ^
004034EB E8 9BBF0200 call qsr.0042F48B" n; F" ^9 U# b; T0 F R3 L) ^! i
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]6 a' ^ _8 [' L% q5 w! a
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],27 `7 U' f' z% i& [
004034F9 E8 8DBF0200 call qsr.0042F48B8 J l5 M& b/ Z8 U, [# {
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 t! f3 n; M* G7 z" Y2 i00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
1 m% @/ x$ j5 X! q8 R00403507 E8 7FBF0200 call qsr.0042F48B
- ?! a8 E: C5 n0 Q& C0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
2 C& O1 ` H+ F8 L, f0 b00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
- E% V* a0 w) O00403515 E8 71BF0200 call qsr.0042F48B
/ \% q) P8 w' T( f, w; e: y s0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
3 B% s. f9 a# W% L+ \; q* s0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1. {- s) }& E2 P6 w2 `8 A
00403526 E8 60BF0200 call qsr.0042F48B
1 z; {1 e" \0 r0040352B B0 01 mov al,1
3 j$ ]+ ?+ c( H+ w1 T7 S% T5 R0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
7 s" K% B- _) ^$ C& S! C0 T00403531 5F pop edi2 m( \9 E1 n2 U- S
00403532 5E pop esi
, D! }$ ]3 `+ v4 w) o1 X+ N$ C00403533 5D pop ebp) g6 g6 i3 U6 M* H# P& R, l5 b
00403534 5B pop ebx
2 B2 P! T- X# I0 s& }/ W/ R00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
4 v3 o$ M$ X1 A0040353C 83C4 30 add esp,30
+ s+ D8 i. R2 [) J6 T) T" I, O) A0040353F C2 0800 retn 81 m& u8 }6 s `
--------------------------------------------------------------------------------
! f, e7 z+ \3 W% |【破解总结】1 Y$ L- \ r4 ]4 ~3 [7 a
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^. B" Q9 E+ J' V$ [4 |
用户名:yijun* |" P8 z0 E. ~1 ~3 L% k1 ? U
注册码:4893*7777*3726*7777*05296 t$ ?) a5 t3 }7 J7 t3 H
--------------------------------------------------------------------------------- k4 G7 B. U! S* r% w
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡