|
|
|
【原创】破解Quick Screen Recorder
2 h z) o/ ^( u# L: M' \1 f( J1 v【破解作者】 yijun9 Y. c% e- s+ v+ H1 r
【作者邮箱】 [email protected]
# D/ N' @% v1 G8 P: g q# y U2 @' X【使用工具】 OD,PEID
& Z$ T8 j% O0 n' f' h" e) f【破解平台】 WinXP
5 Y9 D5 p( J" {" V/ R+ I z1 r【软件名称】 Quick Screen Recorder
/ w& v$ f% x$ w; B8 s0 m2 j' n【下载地址】 天空
7 n5 Z4 V/ L) B% ~! M" r" l6 @【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. - W- d9 ]5 ^2 z8 u# \ t
【软件大小】 540K
) x# I5 E6 ~3 y5 H【加壳方式】 无
( c: u% e/ C- u e# [$ ]6 n3 B# M; K【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)1 s( c& `8 @& Q5 S: | ?1 z
--------------------------------------------------------------------------------
$ b+ t+ z8 _7 \【破解内容】
4 h8 Y. K+ @! j0 E% e PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:! F5 s h6 g+ p8 L& k
00404C69 55 push ebp //在此下断
& b) Q. ?, T1 o* t7 `00404C6A 56 push esi
# M' D" t; A4 h" E2 l' ~00404C6B 57 push edi
# i! \/ [, l5 q6 l5 x A00404C6C 8BE9 mov ebp,ecx
& j) E/ \! O8 Y7 Q00404C6E 6A 01 push 1. d! l5 S+ b! r+ ]. w, s3 x9 o) H
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
- U) f4 P' e% x00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]4 m5 d* F( Z/ L6 V, v
00404C78 8BCF mov ecx,edi
( K) R1 ^0 c( c4 U00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码& C3 x a" j# a! c
00404C7F 8BCF mov ecx,edi
3 K5 A _, z$ g, R$ z2 I: R00404C81 E8 A73E0200 call qsr.00428B2D
( `" r$ C0 Z" z$ X5 m6 ~5 _00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
! `+ s* W, z3 c' p& ?- T; l0 l00404C89 8BCE mov ecx,esi: o" ]: u. A+ Z% ]6 ]
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
1 y9 h, o; x7 H8 X# y3 P$ H8 l- G0 [, {- C00404C90 8BCE mov ecx,esi3 b/ V2 x/ U$ {& g& D" I( |# P9 E
00404C92 E8 963E0200 call qsr.00428B2D( P+ z: j7 N* W) a2 x
00404C97 8B06 mov eax,dword ptr ds:[esi]
# F) i4 Q1 E, H& a4 ]7 q. c+ r00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
9 U- w* o% T- f00404C9D 7D 26 jge short qsr.00404CC5
% l) R2 E8 S" K3 K/ O00404C9F 6A 40 push 40
) @" h; A' T1 ]: w0 y8 h' a5 Q00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
2 @! P$ Y; ~$ V* Q00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
6 p: I! \+ m$ J) i$ @5 o0 k- K00404CAB 8BCD mov ecx,ebp
% R, F5 Y) U, B( u0 g00404CAD E8 C3840200 call qsr.0042D1754 ?; |# R* X; w) V ~, g
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]+ r: {+ c% p1 k. k) `' g
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
5 c" f! L4 P' v0 a00404CBD 5F pop edi
* B- @: x: M' b R4 y, m00404CBE 5E pop esi* T0 h, v0 q) R% y. M, l% H. Z
00404CBF 5D pop ebp
" V4 ~/ f, y* q7 Y8 C. d00404CC0 5B pop ebx2 a* D5 h p$ p. N! I
00404CC1 83C4 18 add esp,18
4 I0 c$ b9 E6 K! [! b& y' X00404CC4 C3 retn
% y; d" I# V8 h ^2 S+ t4 [00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]5 n# L' O4 q" g m6 t6 }! S
00404CC8 84C0 test al,al9 J" A9 N2 `; {+ w J+ ]% P3 w) k
00404CCA 0F85 1C010000 jnz qsr.00404DEC
- d' c! k1 Q1 W9 i00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]- j& O% h6 ?1 P8 v. M0 w8 ?
00404CD4 E8 87E3FFFF call qsr.00403060* G- `/ g1 L$ r3 s+ \" B
00404CD9 51 push ecx
7 d1 e4 e) b- A00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0+ Y5 y( p F4 h3 ^: O7 A8 i7 v
00404CE2 8BCC mov ecx,esp( C, r8 F$ A7 }- D
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
0 M% Z2 [: l9 {+ z3 ^2 D* ^4 {00404CE8 56 push esi& |+ S* r V2 l) L6 _/ P' x& w
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0; w) L3 l! e+ l
00404CEE 51 push ecx( |6 P+ ?) O; H, A1 j2 ^: Z7 w) ]* a: K. ^/ ?
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1, h8 d3 _ S+ t/ G, Z
00404CF4 8BCC mov ecx,esp( X3 V+ c% ^5 |' @; I
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp5 x) `. U0 c$ J7 R
00404CFA 57 push edi
3 h a7 F! p' j2 ^00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0: n7 |- d+ z/ N! T
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
% j" h2 |4 q7 Y) | F; o: H00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
% O; k4 W4 G* l* O1 h00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
c; u- m" I$ }0 s- o& W8 j00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
% v0 U8 H( l2 P8 J" M* |4 f2 j. X00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
2 u+ Q" c3 ~# h) q( W( ?) `8 e3 h( T00404D12 6A 40 push 40
$ T/ j5 F: @3 ^/ U0 H00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"/ s* V2 M5 g4 ^
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again.": G+ n$ q! p D
00404D1E 8BCD mov ecx,ebp$ \7 E& i- V, R1 O$ f" T
00404D20 E8 50840200 call qsr.0042D1753 B: f$ U X0 m$ H z$ h0 J
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
+ I a* e* d( ~. c* n00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
( ]" x) q& K! v, @2 W00404D31 E8 5AE3FFFF call qsr.004030904 ^7 k& s ?. k4 u
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]8 L* z' T8 ]- U, [' w6 r: f" h
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
6 a3 d: o/ p; H00404D41 5F pop edi
3 F- h2 q; t( F7 ^! Y00404D42 5E pop esi& i! o: p- E b R# C; i) k
00404D43 5D pop ebp
7 p) M2 o0 t; ?: B: E00404D44 5B pop ebx
+ R1 ~7 [/ h& m# _7 X00404D45 83C4 18 add esp,182 Z* r) B4 h$ W, J- e
00404D48 C3 retn
: N3 F- @ h1 a& {3 e*********************************************************************************************************************************************************# X n, ~ v5 \! t8 B
跟进00404D09处CALL来到:
; c% o; M7 v( s2 z& f' h$ U7 B; H004030A0 6A FF push -1 //一路F8下去~~~~/ S+ K: K ~) e# Z# e4 d8 e
004030A2 68 C88F4400 push qsr.00448FC8- ^$ ]# P1 ?- @3 ~
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
+ W# ?, B5 Y# V/ z0 s004030AD 50 push eax- u* v6 F3 |' R
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp+ x7 u9 g4 a. u4 C! c
004030B5 83EC 24 sub esp,24; o1 {1 k6 b/ D. x" i3 g
004030B8 53 push ebx0 [. h1 k0 |, X. z- n
004030B9 55 push ebp9 v) ?5 y. j1 [$ N% X
004030BA 56 push esi' Z, o) P5 U: ^( }/ c: e
004030BB 57 push edi
# D c; o8 I% V3 r7 `/ A& Q- e004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
; N; r0 P; @* i# C004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]& b% b3 j {. u+ v+ N; f5 F' ?0 y' T
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1- E% u. y7 J5 u9 X
004030CD E8 27C40200 call qsr.0042F4F9 _, v8 d" ?+ `4 h ^2 ^
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]+ ~4 ?6 _4 m! L z/ w! x) r+ ~; Z
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax4 n( U* h6 @: i! Y% `
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
6 u$ X$ C$ S+ \' u( `) [9 R7 P004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3; D, I6 ~1 s' |+ j( Y: X" W$ ~
004030E4 E8 905A0200 call qsr.00428B79
0 [( t4 u' X1 z8 B6 O# g004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
8 z# R r( Q* x$ s' B6 `004030ED E8 3B5A0200 call qsr.00428B2D
$ _6 i: X) J- H7 p( C4 E, ]004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ r3 {% z2 E2 H$ ~004030F6 E8 7E5A0200 call qsr.00428B79
$ [0 `/ U) B( z1 R$ J004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
* n4 v, N2 e- W004030FF E8 295A0200 call qsr.00428B2D
8 {1 J+ O# R, ^$ ~) Q00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
4 d: f/ C: C) _4 N3 o7 h00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
4 s" n+ Y. T7 W* R$ J5 ~5 j0040310B 83F8 02 cmp eax,21 E1 M2 r% q! ]$ U
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳% Z4 R7 O6 f3 h; I3 B( Q* y+ G
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
0 P2 `8 l: c% [' I00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
; \3 Z- n$ B; a( I- r4 A: Z0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
) e7 m5 c) y b5 L, A" h00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
5 o2 F: n' k5 C6 Q+ l/ ^# Z- b00403126 6A 01 push 1, r4 f: _$ {2 s7 N+ B- ]$ c
00403128 50 push eax, B- v# c3 L O4 S; \+ t- k$ n
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 U, W& V- Y% w$ k2 k* N7 A7 a0 ^
0040312D E8 C4550200 call qsr.004286F6; G3 R% u$ y' _* |* \1 U7 S P
00403132 8B00 mov eax,dword ptr ds:[eax]
6 V: O" M, x7 e& ] E4 r( X& b; r00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]" }1 e; h/ M1 G0 X9 x7 \
00403138 50 push eax% k/ K. `4 g; p- Q; V( e3 ?; b
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4, N- u; v- r$ Y$ k- y ^. l0 @, z( }
0040313E E8 4D560200 call qsr.004287900 v, a+ S0 C& M% R
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 Y, J6 \& i9 ]& k( B/ s
00403147 8BF0 mov esi,eax
" ]# K9 }0 ~/ y& ~- q00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3! |: K; C' W0 o9 _1 j
0040314E E8 38C30200 call qsr.0042F48B8 E j0 i% T v5 B+ H
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
. o0 v4 m/ d/ t8 v; t00403156 B9 3E000000 mov ecx,3E9 G: k7 O& P9 M
0040315B 99 cdq: o, M& {2 Q2 X' m! N2 l. r$ r
0040315C F7F9 idiv ecx
) i1 t( |, t) I) Q% y0040315E 6A 01 push 10 C \3 \. M( ]" p
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]; @2 v8 h# ?) ?
00403164 8BF2 mov esi,edx* B6 _) I0 O) a5 Z# R; u
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]& K$ p5 C- N; A: A- i
0040316A 52 push edx
9 r) B# X+ R0 w5 V0 O0040316B E8 0A550200 call qsr.0042867A
" p7 p, D0 e3 e; |00403170 8B00 mov eax,dword ptr ds:[eax]
5 F9 c4 O7 l- Y# V00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. ^& ?/ J. ^% n4 _
00403176 50 push eax F+ ^+ ^/ @- M7 ~
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
7 F, L" V6 c# o0 _, }0040317C E8 0F560200 call qsr.00428790
. y3 B3 U5 m0 E" K' W- [00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
& I7 m4 E4 E0 ]/ Z, `# U/ }00403185 8BF8 mov edi,eax
8 k4 D$ P& R0 {5 p9 b% @7 b6 Z00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
0 l2 |/ o/ v6 Y* l5 h0040318C E8 FAC20200 call qsr.0042F48B
! b* h. N+ ?+ q5 j00403191 8D47 0A lea eax,dword ptr ds:[edi+A]. s+ O2 {* w9 N1 N- L
00403194 B9 3E000000 mov ecx,3E
& M3 k* e" K. W00403199 99 cdq/ p7 v5 y7 `2 _6 X
0040319A F7F9 idiv ecx
; k* w/ ~: f$ R q+ `0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
9 D( d5 b: q8 o1 P) k' @+ D: u4 A; c004031A1 894424 28 mov dword ptr ss:[esp+28],eax d% n) }7 V0 n' x$ b* x7 ]
004031A5 8BCA mov ecx,edx
9 q" I- A$ r0 L8 X004031A7 894424 24 mov dword ptr ss:[esp+24],eax" J1 P8 V& _6 S, s9 `
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
# Z" X# J% p! [004031AF 894424 18 mov dword ptr ss:[esp+18],eax
4 p2 S) S# ^# H004031B3 894424 14 mov dword ptr ss:[esp+14],eax
4 i! {. L2 ]4 r0 y, s# A3 ]004031B7 894424 10 mov dword ptr ss:[esp+10],eax
J& K: U7 ~3 I! w0 X; g004031BB 8BC1 mov eax,ecx- Z1 M. o6 U5 s! b" x( I, S ]
004031BD BF 0A000000 mov edi,0A9 R5 R/ l) a! G0 F, y) o
004031C2 99 cdq" U6 V- u" ?& i+ K
004031C3 F7FF idiv edi
& P$ Q; t5 d) A) |* ?004031C5 8BC1 mov eax,ecx+ p) b* _9 E" @; t
004031C7 B3 0B mov bl,0B
! x, b/ ~) v3 K0 Q+ D004031C9 0FAFC1 imul eax,ecx- a) _) b5 }) c% `
004031CC 8BCF mov ecx,edi
% U, a V+ M& A) S3 ]0 J# Y004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl O% c2 B% m) g" Q/ P! y7 t
004031D2 52 push edx% r3 }! u& P2 v( `5 G; g: N& j
004031D3 99 cdq
4 o4 D8 r7 d- @+ u004031D4 F7F9 idiv ecx% h( g! L. w3 C, i
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
) q& {' }- B' Y- p+ e3 b004031DD 2BC6 sub eax,esi& F7 ?( T9 A* T7 A3 ], z8 ~
004031DF 52 push edx( A Z* {0 S2 [4 Q! D2 v# L! s
004031E0 99 cdq
, a0 d ~' d- D- [004031E1 F7F9 idiv ecx
k, N9 O4 g8 _1 @004031E3 8BC6 mov eax,esi
, h: g. p1 P3 R004031E5 52 push edx8 o( H8 f5 p' I
004031E6 99 cdq
& U+ D* n9 l- m. d" q004031E7 F7F9 idiv ecx
7 I( E: z: C; `' H: M- w# k004031E9 52 push edx
& Y7 I! V+ _. G004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
U5 p* I9 j$ H- ^, P' u- T9 j004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"$ N# a( D4 }% I2 \+ Z
004031F3 52 push edx) ?) b& m5 Y) I, R, C7 f$ N
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893; E- T y7 o1 C+ \0 M
004031F9 83C4 18 add esp,18
( M# V" \9 q: t- m9 P9 p! u5 G# ^004031FC 6A 04 push 4
8 U0 V5 g! i# _! K* t004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ M+ k: K; r y; w00403202 6A 00 push 0" g$ J- t( t- ^. c7 v
00403204 50 push eax9 o" x0 Y3 Y9 e- e7 a+ |
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( H0 k2 y5 v2 z2 o' i00403209 E8 D6530200 call qsr.004285E4
. [; `* `8 }# r' \# Q% d0040320E 50 push eax
+ T; N/ l, X9 s# A, u4 {. W0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]: x# X; V% x, c+ l% i
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
" J+ k/ ]0 Y. l7 C4 d7 \/ _* c9 d6 B00403218 E8 A7C30200 call qsr.0042F5C4
5 x: p3 v; P. P( o! q0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
% X+ K3 s' A3 @00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
+ b1 Z5 l0 S C! J: u% \8 t0 Z00403225 E8 61C20200 call qsr.0042F48B/ L' B% u X7 A+ ^6 N
0040322A 6A 04 push 4
( a/ b2 V/ l0 i5 f% O- O0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
5 @) q# y& v Z. j00403230 6A 05 push 51 Q$ G' a, \( I- [. T1 P, V
00403232 51 push ecx
! \' h' \* e8 K& }) T00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 L, @. M- N; [. Q! H# `& G
00403237 E8 A8530200 call qsr.004285E4
2 t6 p$ [0 k& q0040323C 50 push eax
1 y+ V' j% E2 u3 b. A0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 d- Q' p7 m% l/ b% |
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
@0 w% N, ]8 O' [8 M% q" }00403246 E8 79C30200 call qsr.0042F5C4
, T$ P# }9 |! s/ x3 Y; n0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) T" Y) k/ I) G8 Z$ V% g) [5 y0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
+ D! m0 R) {& ^% \9 [00403253 E8 33C20200 call qsr.0042F48B/ T9 N! `' g& g3 P" o
00403258 6A 04 push 4) T0 P! o& r" D* a/ }( e
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]( `9 k! E6 Q& c+ F5 Y4 i
0040325E 57 push edi9 y6 Z+ W/ C7 f3 |
0040325F 52 push edx
1 E% J, N f; L6 x9 G j3 R00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: f) p5 Q( y3 V( Q- e5 G
00403264 E8 7B530200 call qsr.004285E4
, c8 k* I! _, h5 h9 _. V3 [+ S00403269 50 push eax9 @) u' h( b2 z" Z0 e7 P
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
( e/ O9 Q$ ?) z* T" |. B+ V i" W- A0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
* e+ d5 Y1 h' m( t0 t00403273 E8 4CC30200 call qsr.0042F5C4
' N* Z6 K: i* d& q3 U. a00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]; E2 t8 ~2 O% G, x
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl% Q" J2 ^# e# {7 W
00403280 E8 06C20200 call qsr.0042F48B. U9 r' @; G% y2 M3 J
00403285 6A 04 push 4
/ d5 s& f4 U" T; q6 V$ ^00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]+ {- q+ ?4 |6 \& c. Q
0040328B 6A 0F push 0F v$ L5 ~8 g) Z: R
0040328D 50 push eax
/ ^7 A0 |. ^* D; S4 i- K1 w. R- v0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 l# q7 ], U6 [* `' Z ^
00403292 E8 4D530200 call qsr.004285E4
- D. A" M* q/ r+ E! c00403297 50 push eax
" n2 Y" w# M2 b# l& H: s& Z00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18] J' A m( }4 F5 J
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F, E p& \5 d1 c0 [7 _2 ^- @$ Y/ I3 E, `
004032A1 E8 1EC30200 call qsr.0042F5C4
" l+ \6 V% H* q% R6 B% U$ ?9 Z; x004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 ~% w' u- {9 s/ T/ w
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl, u8 O, C0 z( {8 t0 O# X. \" d% n) m
004032AE E8 D8C10200 call qsr.0042F48B9 E3 W8 c& b3 b; y6 V
004032B3 6A 04 push 4
3 ]( A9 c5 I' K# `( D004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]- n2 B! a! @0 u
004032B9 6A 14 push 14$ E3 j/ \+ E* P
004032BB 51 push ecx
1 U \4 t7 K1 r3 |! C: q, {004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
1 V* r! S: ^+ R9 I! u2 D004032C0 E8 1F530200 call qsr.004285E4
; f, G4 {) f' `5 J2 I7 m; R004032C5 50 push eax
x2 }1 q. L* w, y# z& x004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 S0 A; r1 _* X% u6 O# g% L004032CA C64424 40 10 mov byte ptr ss:[esp+40],10 ]5 B; g" z- G6 r1 y
004032CF E8 F0C20200 call qsr.0042F5C4# P# q. m3 e" r
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
; a0 e( R, a+ U$ G$ i0 }004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
$ f' l2 p& z' R5 K004032DC E8 AAC10200 call qsr.0042F48B8 Y' J) {+ O5 s& z7 C' `1 w6 ?
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI" u- u) n7 }0 j
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX7 p# N( n/ I0 X
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL7 O6 {1 s6 b. \ c1 ~3 z
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
6 P; h5 B4 P+ d1 g004032ED 8ACA mov cl,dl ; DL送CL
/ [- M. U' d+ E. o004032EF 3AD3 cmp dl,bl ; DL和BL比较
7 j& R( c0 q( A3 o7 k004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
2 Y' h; B/ m8 l: \6 p4 N0 Z! |004032F3 84C9 test cl,cl
( y. E+ f) x: w+ C) O5 R. y004032F5 74 16 je short qsr.0040330D4 t M& E y; M+ X
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
/ \! s( Q$ x" G: X0 e) j$ F004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL( C9 J. k4 Z3 ?7 I
004032FD 8ACA mov cl,dl* v) r' c& L# V) G6 Q7 h5 n( a& i
004032FF 3AD3 cmp dl,bl ; DL和BL比较+ k5 [* ?- r$ d$ r
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)" O5 F, t) z3 _* n9 n) v$ h
00403303 83C0 02 add eax,2 ; EAX加2
) X% w; ?: t _" I00403306 83C6 02 add esi,2 ; ESI加2$ R6 \. c" b0 n" i9 d& H% D
00403309 84C9 test cl,cl: g* i1 q5 j4 J( U" B# y- Z7 y" E
0040330B ^ 75 DC jnz short qsr.004032E9" z' M- ^+ c: M
0040330D 33C0 xor eax,eax$ O5 U7 N0 C* N) s* N. x9 @
0040330F EB 05 jmp short qsr.00403316
# d7 ?$ r2 r' O3 a% i2 c00403311 1BC0 sbb eax,eax
/ Y p! \' r: ?9 v r/ I$ A& [+ U00403313 83D8 FF sbb eax,-1
5 ?9 r' T* t& p00403316 85C0 test eax,eax& W$ Z* N5 M6 [$ {' L; p1 n
00403318 74 0E je short qsr.00403328
( s. C- x/ C G& P; r0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A3 ]% q* l9 e L; U
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
5 N( C" n* W7 c6 x9 s00403323 E9 F0000000 jmp qsr.00403418
$ U. [- N: E, v0 S8 C' r00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX" k+ G4 o# z! E* I% O& `$ I! N
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
; {' W+ W3 @6 `00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
% e7 Q8 V1 n2 s1 @; p# u& M# h00403333 50 push eax
- d. f6 S& j M/ b9 S00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
: {' E/ d0 W6 b00403339 50 push eax! w3 A% U5 P" u; X3 z" E \
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX% h# h+ W4 Z- v, h0 `
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
6 W$ ~, c. K& C5 T$ }00403343 83C4 04 add esp,4
8 m, g. X) K* s00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
6 n8 y- V* ^. }" ^, I6 Z00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]& b m. m% e \& y0 \
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
. T/ F4 v6 y0 z4 w# B6 J0040334F 50 push eax' X. d& p7 y; H0 w% ?! p
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX% g* R4 B7 p2 l: }; s0 C8 G
00403355 50 push eax
/ V9 j- R$ {2 R2 Z, d00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
: b( L" E4 L' `0 i& J, N o$ j0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX/ t& M. ~# B9 M
0040335F 83C4 04 add esp,4! i" f9 m+ B9 s. x: J3 d" G4 T
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
) n" Y0 J. l5 {# e$ @9 `# l00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
- o5 ~+ B9 I" H00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
& o# ?1 d8 D/ ?2 C" E% c! f0 R( M2 B0040336B 50 push eax
9 `( G( U8 T+ S, T4 P6 u0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
7 |1 H0 I( {" m. Y+ i! r/ r00403371 50 push eax0 d2 P0 u7 ^' P9 i/ s5 d: N
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX6 Y( ? f' q0 J) `/ w a+ G
00403377 8BD8 mov ebx,eax ; EAX送EBX
1 G4 X/ W# ?9 g0 }; s00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
1 X% v* f4 o6 d7 M4 h2 J# ]+ W0040337D 83C4 04 add esp,4
: |# c7 H6 G M8 N00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
2 x- P4 R! n/ C' B$ h9 W00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
. } m7 S6 m; G4 [' ^00403387 50 push eax
+ i! r" M0 [0 D8 e. D+ i00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX1 _4 c$ ]7 L* C; H
0040338D 50 push eax y5 I) W: C" v0 V3 B7 d
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
& e9 R0 D3 ?6 r; T7 O5 U00403393 83C4 04 add esp,4
8 e2 e! \% o1 c: n7 ]00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 ~1 g1 E; u! [0040339A 8BE8 mov ebp,eax ; EAX送EBP% m7 {% n8 D! t1 S
0040339C 6A FF push -1
& T' I: l8 w$ R0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
. O4 w# e e- G# k% n/ X004033A3 6A FF push -1
6 z1 \* K o! I: R004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
4 P' P; Q% a# d3 m004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX5 x( m& G! x1 c
004033AE 6A FF push -1
' f F( o: z/ z T004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
7 B7 I: Y# J1 r( m w4 c. J0 Q004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
& `4 p0 D/ F! N2 C+ q- J: L" E004033B9 6A FF push -1
0 A" h3 k, E+ Z' w3 `% c6 P, | y. ^004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
/ Y5 ]8 L( ^5 p004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX$ m$ q& U) n# I- E- ?1 G, N
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
4 b" J0 P* u) }2 y4 S5 j004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
7 V$ b# p+ C! a: V' y004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
3 ?; L- [8 Q9 P8 S- V* A2 \004033D7 D1E0 shl eax,1 ; EAX左移1位! {" j2 U j- u1 F& a4 Q+ s# J
004033D9 99 cdq ; EAX扩展
/ I# \8 i R( L9 v/ [' v004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中8 ~ q2 `: ^- D& n& b6 x
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
; O, u$ p% f8 D6 [004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
$ F9 X/ R9 [2 o" p) w% b5 C( h004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
+ f$ o9 M, i( {! b: n; Y004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]. y; N" ]$ \/ \( e
004033E9 EB 2D jmp short qsr.00403418( a. f) ~1 _6 g
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX2 u. _" g4 D5 E# C; M" G' e+ P
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
" [; D) X% _, a l: ?9 q* t- O004033F7 99 cdq ; EBX扩展$ w" s/ D* j0 ~4 v5 E, @" U7 z3 h
004033F8 33C2 xor eax,edx ; EAX和EDX取异或: Y3 L0 A8 z: i5 i
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: A+ t; O/ v' g2 @7 g
004033FF 2BC2 sub eax,edx ; EAX减去EDX* q% b& c3 v, l" Q) h2 }
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C] S( Z% u8 { H+ ?- Q' s; T+ ~
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX5 y, V! M6 e. _! r. |8 o% w
00403409 99 cdq. J' S1 s4 q8 R9 G5 A; `- Y
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
! a5 S, y" u0 D& X- u- _% P0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX3 F8 L3 T/ s1 Y& i
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
8 I$ N0 F% M0 F2 d" O p00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
- q$ B% q% g3 n! f) G* s00403418 E8 6EC00200 call qsr.0042F48B ;
- j$ y" @9 o" b0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]0 r r! w0 k, \* O4 ` a9 i
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],99 E8 q; i% `, L- T0 {6 B$ m
00403426 E8 60C00200 call qsr.0042F48B# g, d5 B3 u+ X4 g; l3 E
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" v) x7 }# S7 _) Q& D7 J" z- o4 ^
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
# S0 `3 b3 k/ r; N: }& n00403434 E8 52C00200 call qsr.0042F48B
3 E7 }5 T- W U4 K# | ?; ]: u+ e00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]- D# \( s! H6 [7 ?6 S' c) j& h0 d
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7* f/ G7 }' O1 h! K; V$ `/ {
00403442 E8 44C00200 call qsr.0042F48B
) B% c0 ], Z+ I, a00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
7 R3 r {! b6 C: N7 X9 d1 ~0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
; R1 v: @& s9 f& Z00403450 E8 36C00200 call qsr.0042F48B
Q. ?/ b; b2 [; C7 f00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
# y: h" V5 A: ^3 I00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" |6 c W" }' W0040345E E8 28C00200 call qsr.0042F48B0 m9 ?2 k7 A0 Y7 Y
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
: n0 S$ p5 S5 a6 ~00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2 G& l/ c9 ?0 `( |$ q/ ?
0040346C E8 1AC00200 call qsr.0042F48B
: x4 J. ` X8 K& `# N' _# t4 T00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
8 @% \8 Y( M& ?00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
, D8 _- Y) C$ K4 l( u6 W& e0040347A E8 0CC00200 call qsr.0042F48B0 K) G3 {/ J' u) q
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
! T7 z; S! z3 i/ [6 z$ K00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
* b9 G: ?! L# ~3 v9 v, d i00403488 E8 FEBF0200 call qsr.0042F48B# }# u% C# J, E7 @5 S
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
* t7 B( X- C4 Z) c00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1+ e$ a# u) ]1 d5 k1 ` S5 k
00403499 E8 EDBF0200 call qsr.0042F48B
! j' n5 N$ a9 n5 M$ ^, k5 V0040349E 32C0 xor al,al ; AL清0
& j; b1 h* U$ i* c( P+ D7 k004034A0 E9 88000000 jmp qsr.0040352D
' m7 u' ^: [4 o004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
- |* p: o f* A: C+ E$ D7 O004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]1 b- L- {+ `- X2 E6 k' `
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9 a: S- ?8 D5 e. G5 u
004034B3 E8 D3BF0200 call qsr.0042F48B
4 `! d. [- e8 z' W& N004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
) A; ~8 e* j% ^5 a: y' [" L004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],87 }* S; S5 B! z# U
004034C1 E8 C5BF0200 call qsr.0042F48B
) A" @2 _, Q, R2 v8 L+ d0 o8 k004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]& h! r G) @) w" W
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7: J" Z% i+ L6 |
004034CF E8 B7BF0200 call qsr.0042F48B
$ B# _" f; t; C. }3 p" N Q004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]9 z9 y$ _, _: k8 ]
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6# [1 `1 m7 F9 C/ [1 L
004034DD E8 A9BF0200 call qsr.0042F48B0 y- Q9 J J8 d+ v g) W
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 K5 B" c7 W* Y
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3$ ^! L; c3 B0 a$ o
004034EB E8 9BBF0200 call qsr.0042F48B( B4 c9 A" x+ J: F" }
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
/ h: \; y' Q- K* r004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
) b- Q: \' \9 K( Q) I0 A. d2 m004034F9 E8 8DBF0200 call qsr.0042F48B
2 i1 W, g, S: S$ R9 `7 `; W# O5 S004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]: v) P- N( C. }5 D+ r( z0 w
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],13 ?9 | U/ X( K% g$ a6 q
00403507 E8 7FBF0200 call qsr.0042F48B
3 a2 q$ b$ x& t& m( d* a: G0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]3 y' T1 g( L$ J& d+ g
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0/ s; ~: | r7 k* U+ E% I
00403515 E8 71BF0200 call qsr.0042F48B2 j2 f7 F" s; n" t# E2 D0 t4 B9 b( m
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]( G+ m) I+ l6 Z0 U) Z& M
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1# A+ A, a. C9 k2 w
00403526 E8 60BF0200 call qsr.0042F48B. B0 d3 z! K- n: D
0040352B B0 01 mov al,1; T7 y4 D# X( ?) o" y" |: w: I
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]' ] k7 o( O/ Y; g) j' a
00403531 5F pop edi
) x) Z9 n$ G, o! K% x) y+ B; p00403532 5E pop esi I s6 Q4 U8 J: h3 C8 d; Z1 y) V) f
00403533 5D pop ebp& `4 d# x# ~! d/ D
00403534 5B pop ebx
& ?4 ^) \; L9 W5 o8 r$ ~; ~) b$ L, ^$ N00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
% k: |# z: Q/ F% b+ l0040353C 83C4 30 add esp,30
" p3 N8 ~: O( H, _0 V0040353F C2 0800 retn 8
# p% U* F! Y( w--------------------------------------------------------------------------------
+ n2 \ L0 f- ?+ D' u7 M【破解总结】1 Z, v; d% {' w* o' \) {8 l
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
5 Z9 C% B" `" E' r7 a用户名:yijun
0 l: E' z% S _注册码:4893*7777*3726*7777*0529" `6 C" _7 }/ [3 c' `! I' _% x
--------------------------------------------------------------------------------9 v% u, |5 Z! p, j5 O
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡