|
|
|
【原创】破解Quick Screen Recorder$ T. \6 f( F9 q( ?/ W* G
【破解作者】 yijun& G q% a1 y8 i2 B( ~. s$ k
【作者邮箱】 [email protected]8 h% ~5 Q6 E" }+ a$ w7 C
【使用工具】 OD,PEID
* U: L# Q0 J. l【破解平台】 WinXP
- s% g7 Y, R0 _. u: {' y# |0 Z# u【软件名称】 Quick Screen Recorder# j/ y9 L0 b& f5 w% q, v
【下载地址】 天空* ~. O+ {, U( h' c5 u( r
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. & r$ z6 g4 P) Q" f/ X
【软件大小】 540K
' l2 H* ?# P5 ^* x: C0 k! y, j- G* `【加壳方式】 无 V5 n1 ~8 ^- k: ^4 h. x
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)/ b @$ Q9 X0 b! `& H; x/ q. g" C1 }: ~
--------------------------------------------------------------------------------0 R0 w6 c' u: |+ \6 r3 Z3 j
【破解内容】1 T5 k/ Q: x4 D; Y0 U, d" |( {
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:. t$ N& {0 H; p `; n
00404C69 55 push ebp //在此下断
' h1 f% p5 Q; l E00404C6A 56 push esi
1 }; D% m& R* U0 Z00404C6B 57 push edi! Q9 X) \; N" ^+ r5 f
00404C6C 8BE9 mov ebp,ecx7 q; q( w# R9 m; e
00404C6E 6A 01 push 11 A2 ]& H" M8 `" w
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
$ p* G8 [6 v$ V+ r6 p' M! ^00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]/ E( q. F( O$ r. @& U
00404C78 8BCF mov ecx,edi
- x4 B- [* ~" A$ X. s00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
2 \. S( q' t6 n0 X00404C7F 8BCF mov ecx,edi) l% A- d9 r, [" |: F
00404C81 E8 A73E0200 call qsr.00428B2D& ]7 w u7 M9 e. ?/ R
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
# a7 w7 W- |* R8 B1 j00404C89 8BCE mov ecx,esi1 C$ C4 b( t4 R# a( r, g
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX; E( c0 W9 s a
00404C90 8BCE mov ecx,esi
% z) m6 E$ I, I( r00404C92 E8 963E0200 call qsr.00428B2D
9 B. N. ?* C' P00404C97 8B06 mov eax,dword ptr ds:[esi], ?. e5 D) [- _* k
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
d) ]% T- Q1 C% z6 O$ I00404C9D 7D 26 jge short qsr.00404CC5
# L J1 C) Q9 P2 Y4 N7 e7 G7 @% p00404C9F 6A 40 push 400 |; }* L& o, J! ?
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
, J# s' D# h, n6 N. ^/ o# b00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
3 |2 ?" z- u& o; w" _# Z00404CAB 8BCD mov ecx,ebp$ }' @1 [; x1 u8 W$ [
00404CAD E8 C3840200 call qsr.0042D175' T+ V2 N9 Z9 }8 b
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] d X, }6 d& y4 r$ f; w5 E
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
+ R, c% s+ A9 G& O/ g00404CBD 5F pop edi0 D3 X# f2 u+ D! \
00404CBE 5E pop esi9 [5 ~; e6 L3 ~# c/ D8 h
00404CBF 5D pop ebp8 x% U) T5 i; P! N) z4 j+ |4 d
00404CC0 5B pop ebx
: b+ f$ F9 ?" }$ O, D00404CC1 83C4 18 add esp,18 v- u0 @. X& d6 ?' L
00404CC4 C3 retn
3 D, H; z* n+ c0 t3 j8 u# n00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
) @+ M' y6 D# x/ l! o1 ]00404CC8 84C0 test al,al5 R6 t- d- K8 h" L1 j9 e
00404CCA 0F85 1C010000 jnz qsr.00404DEC; G3 C* v2 ?' g9 m- O
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& U1 Z& X3 Y7 l: y8 m9 p) q
00404CD4 E8 87E3FFFF call qsr.00403060
5 i8 M! @& W; u! F6 G0 |00404CD9 51 push ecx
! W9 w* D+ N0 ]/ g00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
3 a4 l$ E% K. _* e8 Z00404CE2 8BCC mov ecx,esp6 R) `8 m3 ]$ L( z9 x
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
2 x7 ~/ u) I% P2 k+ I3 J* g00404CE8 56 push esi* W- B M6 s+ t, P0 N* z
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0# e$ [% A5 {% ^4 p* Z" _' f( z
00404CEE 51 push ecx
- X4 P2 E& x6 N8 M00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1) d( ] p& O" O1 C
00404CF4 8BCC mov ecx,esp! F4 @* g* E2 Q' k+ m+ [
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp+ H! R( T" b* _6 d
00404CFA 57 push edi
, h8 E. ^, y5 u& L- s" |2 f+ r00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
0 r: Z/ Q2 D, ?, E00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
5 |2 W+ [9 F: ?0 V0 s% J- j00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
6 a5 w" { q) n1 U" k( m4 h00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~4 P" K, _+ ^+ j
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
$ q/ {; {, Q5 D00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~, S: a' V9 g$ Y* N
00404D12 6A 40 push 401 X* D% [) m7 E$ E5 m
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder". C! m: _9 _2 b
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
6 v- J! E, A" B# ?1 J, e3 ]8 s00404D1E 8BCD mov ecx,ebp
2 e3 C+ T+ e. F/ p! H00404D20 E8 50840200 call qsr.0042D175
: |% M4 J3 y, Q* g' p00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
3 ]* i$ p m' ]! J& A( o! [: i00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1: ?; Z* W7 {+ x
00404D31 E8 5AE3FFFF call qsr.00403090
( V7 @, J) }% }4 E6 U* f00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]3 c2 K. A6 G B8 @ I
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx5 l4 J" O7 L A* W0 \! h1 H7 {
00404D41 5F pop edi
6 w- D/ Q9 b) V# r% s00404D42 5E pop esi
3 G& T: ]6 W! y4 \# \00404D43 5D pop ebp& @, r- y& v* V& i
00404D44 5B pop ebx
) x/ ]7 b$ L" Y- I# Z2 a0 ?00404D45 83C4 18 add esp,18
" `( n4 {" S) ]8 Q% d' u! w$ {: J00404D48 C3 retn
. R9 M! v$ w5 V" T* ?*********************************************************************************************************************************************************
2 f& c2 r8 J9 L! s4 i p跟进00404D09处CALL来到:3 h9 l- t9 s1 Q$ Z. \( K. o
004030A0 6A FF push -1 //一路F8下去~~~~
+ j# r" Z& E& m2 ~; j004030A2 68 C88F4400 push qsr.00448FC8
) n- H; H: M. z" r, r( [( ~004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
9 Z* s+ w, q1 a @4 Y9 j) x004030AD 50 push eax
0 e8 P: P/ j( K& k7 P7 K2 q2 y004030AE 64:8925 0000000>mov dword ptr fs:[0],esp, s4 |* M- h8 O: ]9 C' B
004030B5 83EC 24 sub esp,24
1 G9 l. ^& U- d6 B: c) t004030B8 53 push ebx
" |# B( R3 E4 v7 Y7 M1 ?# h" M004030B9 55 push ebp
1 ^3 V3 i5 L' z, W+ Y004030BA 56 push esi
6 o0 \' U& ~2 ~( Q+ f004030BB 57 push edi
+ H. ~3 W* A3 ?- b# q- G004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
% Y" ^, F* @$ i5 S! w6 P1 U004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
) n. s, A" o7 `004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
; n$ D. P+ P2 m$ V; F" ]004030CD E8 27C40200 call qsr.0042F4F9. O0 W$ F+ L% u5 S
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
% u' z4 v' N2 H" H8 |004030D7 894424 2C mov dword ptr ss:[esp+2C],eax+ o' U6 I! V1 V, Y7 [
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
8 L+ L: O8 d" u; t004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
" k# r! v2 @/ Z& B: M! h004030E4 E8 905A0200 call qsr.00428B79
: Q4 @7 O2 P1 c$ k- h004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
4 R$ ?: N0 p2 a+ J7 p' |004030ED E8 3B5A0200 call qsr.00428B2D8 m" N1 F9 P* j0 f7 N) R2 Q$ C
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]8 n0 A. P W1 |$ I' a
004030F6 E8 7E5A0200 call qsr.00428B79
, k6 S" l2 [* z% t8 O004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]7 W. X6 q3 n# `7 _7 X$ q/ v0 e7 ?
004030FF E8 295A0200 call qsr.00428B2D
; |+ j; d% `. ^% A00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
* \# h! M9 l# ?0 |% ^0 {* |8 J00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
- O. ^# R3 W# u: D. P0040310B 83F8 02 cmp eax,20 G6 I3 L9 [1 l& N* b3 H
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳/ A$ s% k" `# Q% U% j; J
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
5 i0 \9 z5 }) S, u00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
0 N" D' c) o2 t0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
: A4 Q* V8 p5 q1 a! X$ g00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
1 b8 s* r+ L' W. }& g00403126 6A 01 push 1" A+ K0 c; l; U0 k8 _; r Z( P' M
00403128 50 push eax
( a5 V$ T' G5 f- A) b" g* a00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]0 e5 {3 ` u2 U; V
0040312D E8 C4550200 call qsr.004286F6
* W$ A) R2 s$ Y00403132 8B00 mov eax,dword ptr ds:[eax]: A0 N1 {% H0 f5 \3 e( ^7 A* d
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]1 \5 J7 f, p7 W8 U5 e5 \5 x
00403138 50 push eax
4 c9 O. L7 L2 W. `' B1 V l00403139 C64424 40 04 mov byte ptr ss:[esp+40],4: e, p. u6 z5 `; D
0040313E E8 4D560200 call qsr.00428790
' E; l5 J* p1 [1 V; Q O9 y00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 ]9 A O+ z$ V r6 ?
00403147 8BF0 mov esi,eax: c% ] N9 ]4 A$ b9 m; K' |
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3! x$ I( d3 U6 v* z( _$ M8 Z# b3 M
0040314E E8 38C30200 call qsr.0042F48B0 j) B6 \ ?; B% y: C+ X5 D1 P
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
2 Z2 y! y. w6 K! ~00403156 B9 3E000000 mov ecx,3E
" g* K% W3 p0 o& o0040315B 99 cdq
9 v* w. G( u/ C. ^9 c0040315C F7F9 idiv ecx
) @0 p* f5 r/ c$ k2 V0040315E 6A 01 push 17 K0 h# p& }( q& ?
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]* R" W+ ^5 E4 g) n! K
00403164 8BF2 mov esi,edx
6 b/ O* J+ R( s! A00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]6 O) N" @9 d4 x5 X; i' S
0040316A 52 push edx
+ p2 ?* Z9 y0 `# |1 Q6 O0040316B E8 0A550200 call qsr.0042867A
+ ^+ c6 Q, \3 d, u) K* G+ n00403170 8B00 mov eax,dword ptr ds:[eax]# t. e' y: j/ A; @5 g% S" G
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
T- a% T2 M8 W- Z$ R00403176 50 push eax4 R- g" a+ T, ]5 A& r# b# @
00403177 C64424 40 05 mov byte ptr ss:[esp+40],59 K; I# T0 n3 ?2 I4 l- U
0040317C E8 0F560200 call qsr.00428790
# c+ S/ i0 e$ \1 g. K# q' g; Q00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]# P5 I- k1 `, {9 a* d
00403185 8BF8 mov edi,eax
& i6 \/ w9 p/ E% D6 _4 H00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3$ s2 O' d. E, `4 j' {+ i# ^
0040318C E8 FAC20200 call qsr.0042F48B4 a6 N, O+ w# P/ Q
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]& ?7 L8 d- j4 T
00403194 B9 3E000000 mov ecx,3E# J& N0 D9 w* E |
00403199 99 cdq
+ t2 C) \4 \1 h! u( {2 c2 p0040319A F7F9 idiv ecx9 C& O& }4 |" s/ ]2 M
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
' M7 ]' s J9 n: v004031A1 894424 28 mov dword ptr ss:[esp+28],eax
4 b5 P4 u; u0 H# R5 q' F004031A5 8BCA mov ecx,edx/ i$ s) r" k! N# \
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
7 P, L" R5 ^% u; ]/ P/ ?004031AB 894424 1C mov dword ptr ss:[esp+1C],eax9 n! c" [; I1 D6 o' C+ I0 b/ H
004031AF 894424 18 mov dword ptr ss:[esp+18],eax3 s; _& f0 x. V1 i0 ^8 J
004031B3 894424 14 mov dword ptr ss:[esp+14],eax0 o P2 N- @& u6 W( G" S# t4 e( a, H; V
004031B7 894424 10 mov dword ptr ss:[esp+10],eax0 @" d& m' e! i2 O r) {
004031BB 8BC1 mov eax,ecx
0 I6 R6 g. c$ G% r/ \7 ^004031BD BF 0A000000 mov edi,0A
$ H0 d! D+ \+ D# l# A004031C2 99 cdq2 i' u; Y* B7 l) O: l" f
004031C3 F7FF idiv edi
0 j* U9 e0 \ P6 K004031C5 8BC1 mov eax,ecx
$ @) U- t( O1 h$ a2 _0 I004031C7 B3 0B mov bl,0B
1 y* Y( Y. g( Z0 U) J4 e, N004031C9 0FAFC1 imul eax,ecx
! Y/ r+ w# [) S y8 }) n% D: {! u004031CC 8BCF mov ecx,edi
6 U2 ]5 o1 T7 h+ b& b3 p004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
) c. b7 B" q0 K6 {004031D2 52 push edx
& G) ~/ G* e4 `0 M004031D3 99 cdq B% ~) c3 a) o8 ^7 a9 m2 x
004031D4 F7F9 idiv ecx! O+ G: `9 G+ `
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]. g& U# I( o l4 I& q" ^
004031DD 2BC6 sub eax,esi Q& e8 D: E+ @6 ?% d% f
004031DF 52 push edx
8 k6 M5 A7 A O3 D" [* F004031E0 99 cdq% X9 t) U8 p( J, C3 m$ f+ b+ H; r
004031E1 F7F9 idiv ecx
+ `8 E {+ {) y: H004031E3 8BC6 mov eax,esi
' \# ?9 H# M- J004031E5 52 push edx
1 l( g6 E9 [. { N004031E6 99 cdq
% i- ?# j+ Y, o* P% e6 D. c' p004031E7 F7F9 idiv ecx9 P. M9 K A2 b8 t
004031E9 52 push edx# U Y3 a8 X" q6 |3 H+ r) I- E
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
, `% [5 {! Z: V( {1 v4 R& G004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"* ?9 p& L/ [3 v& i9 z+ L4 n
004031F3 52 push edx
9 c2 G3 Q* U7 Z) j5 _8 |004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893, u0 Q% ^( }- o6 c* ^" M
004031F9 83C4 18 add esp,18
& b) |& R/ S' M9 ^004031FC 6A 04 push 4
" s; V. i2 y. v1 h5 S P004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
6 C! ?# t) q' b% \00403202 6A 00 push 0
! H1 W% J, e1 R0 e! c00403204 50 push eax) h c+ [- C* J8 `4 C g* E
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
: |0 D. Z( _6 k* i4 I% X3 t% o00403209 E8 D6530200 call qsr.004285E4
' ^' x6 @" H( c6 v* N0040320E 50 push eax
/ m; Z7 @) B/ L8 Q; l3 y. P0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
' k# h& x$ n m5 ^4 X, G+ n00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
2 \: h e; i- O9 W% c5 C% d00403218 E8 A7C30200 call qsr.0042F5C4) @. G( l, D, a8 m' v' T
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 p+ |' I8 X* K% H00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
! u& O% ]/ r$ m% o! S& r7 A00403225 E8 61C20200 call qsr.0042F48B" J- z) s- ^1 @1 v2 E
0040322A 6A 04 push 42 r+ c8 z! d4 G* H! s! w, ^* t3 n! K
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
# O: J7 B- Q4 m) C* V% \00403230 6A 05 push 5 `1 @1 K% l6 `& |
00403232 51 push ecx7 A0 N" u1 L( z+ @
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& x9 T* |/ a1 C" H2 Q6 E5 p7 G" b00403237 E8 A8530200 call qsr.004285E4
) G" a4 D7 G' `$ T* f4 [/ w0040323C 50 push eax4 y9 j Y, p Y7 S! Z U
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20], U: p4 A% X* k n& H0 Q' ^( I
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
7 {8 Z) Z9 t6 T* _3 x$ N" k) V$ m' U00403246 E8 79C30200 call qsr.0042F5C4
; U3 p- i( F% W- Y0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) b: Y, ~( A0 f, H, K K8 j- M0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
& Y2 S2 ?0 w# d5 P6 P00403253 E8 33C20200 call qsr.0042F48B! p! K2 y% y+ e7 `- f$ k5 S) |/ z1 A+ U
00403258 6A 04 push 42 ^$ e4 g: p$ n- |' ]& L
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
; b2 H e$ Y$ W2 I' E- Z0040325E 57 push edi
8 |2 w7 N N5 T* x+ m% N& t* D0040325F 52 push edx, b& N8 S+ w1 _& x# [0 f$ l
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
' O7 E) }8 ^) r$ r. i00403264 E8 7B530200 call qsr.004285E4
6 A+ ]/ Q0 T8 O4 G# f2 E. ?0 h00403269 50 push eax% P: C- k% e! h/ n8 u0 m9 _
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
9 A$ h+ ?1 S6 n# g# }. ~0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E) a9 @) ?5 R3 w! x% T- j
00403273 E8 4CC30200 call qsr.0042F5C4- I [ r7 F5 S& a% o# u
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 q" L- x/ t" r9 ]1 j( h0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl# Q& x, q2 b% I/ y V
00403280 E8 06C20200 call qsr.0042F48B
& T ?. t+ ~5 D- z00403285 6A 04 push 4% c" K* |5 |7 t( e( k h
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
! ?8 j( h# ]7 }. [2 \( n0040328B 6A 0F push 0F
8 v: P a% x1 S6 s7 C0040328D 50 push eax
4 N4 F* v% c6 v, M2 q0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]( \) Y- ?- r5 X; U; H
00403292 E8 4D530200 call qsr.004285E4
" ]0 J# y6 v* }4 L: s00403297 50 push eax
$ c% h8 v q, o& t6 X6 i, i! l00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
- z9 W" F+ a# I0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F5 m b' {# c+ U( b0 p: V! K
004032A1 E8 1EC30200 call qsr.0042F5C4# {) d, c! {* h; t. F$ a
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) W% k9 i8 z2 t) S4 B/ u8 m004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl1 ?8 \7 t/ E q* r$ Y4 A* \; R
004032AE E8 D8C10200 call qsr.0042F48B$ }, f3 ~7 E3 c- M/ | I# o
004032B3 6A 04 push 4
9 v$ n- w3 `; Y4 {# ^) { S004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]2 h. d" G4 F+ j; B; L8 \
004032B9 6A 14 push 14
+ k0 ~; e! X5 H: d, x( X) J004032BB 51 push ecx
1 D+ N0 H+ v6 u$ z r004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]& Y. a8 I1 k2 G/ P7 U- B
004032C0 E8 1F530200 call qsr.004285E4
& P* ^0 D9 [) |- F, \4 l, S004032C5 50 push eax" N5 O9 y' c0 Y& e O' V
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]/ c$ j! p, I& ]0 C# u7 Z
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
4 q5 b& c% z( O. H004032CF E8 F0C20200 call qsr.0042F5C43 Z! W2 U! {2 X. L: u% Z7 w
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]9 f" _/ D9 g5 m3 T. H
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl7 Z6 o7 N0 w" q" P# ]
004032DC E8 AAC10200 call qsr.0042F48B5 W5 q+ u# L" C4 I
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI2 x. f. m6 F$ O5 [. ?% O4 a
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
4 A4 n; l7 N1 X# E |4 Z004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
* p1 I. q/ R2 r, @3 m/ o004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL: a6 @$ u* X, b
004032ED 8ACA mov cl,dl ; DL送CL. W6 U d! _* _$ H
004032EF 3AD3 cmp dl,bl ; DL和BL比较. |3 o- g* P( i; a/ o
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)9 r' S- h% J3 Z
004032F3 84C9 test cl,cl
% b9 I, f) q6 _) L/ Y# I/ K1 g004032F5 74 16 je short qsr.0040330D, E$ Z: F+ K- H- ]
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL/ q' ?* ~7 b# F* A2 z+ T
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL* x5 b' x# {2 s4 Q& p- O' K
004032FD 8ACA mov cl,dl
* \( y( p' n! n' h+ z; c004032FF 3AD3 cmp dl,bl ; DL和BL比较
% J8 [$ T" L% z/ Q5 f3 b! E J! o00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
! s& C4 P' l2 z4 `. e, J00403303 83C0 02 add eax,2 ; EAX加2
: U! y# R/ y5 v- ?& b' {00403306 83C6 02 add esi,2 ; ESI加2
1 |+ ~% r8 ? X% V) F00403309 84C9 test cl,cl- ^/ L) y- F- k! {6 [$ w) S# g# P: h
0040330B ^ 75 DC jnz short qsr.004032E9. @( L% y p" u4 U
0040330D 33C0 xor eax,eax
- g F5 `2 p; Z: M6 S2 g1 t0040330F EB 05 jmp short qsr.00403316
& \0 e0 K0 Y7 X3 V) ?' y: e00403311 1BC0 sbb eax,eax, d+ Y* F. F) n6 v$ v, g/ c
00403313 83D8 FF sbb eax,-1
) h2 o; @- B- Y4 k: x3 k00403316 85C0 test eax,eax( j8 A, K" s2 m9 u: O& y
00403318 74 0E je short qsr.00403328( d* Y5 Y: i1 Z" M+ s& K/ U, P7 v
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A# p" o6 L9 N; m# }' L v( Q
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 A$ H0 g) _5 J7 ^* T, u; j& J00403323 E9 F0000000 jmp qsr.00403418
$ }3 E& b3 r" D+ y4 T00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX2 W- S1 F) c0 ~6 {
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 p+ t1 L" c: g2 w' k( Z
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
: ~- G. T/ R5 s! F, G% f00403333 50 push eax6 r; o2 k3 C. ]6 y
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX( |* c+ w- P2 p. t8 G: ?
00403339 50 push eax
+ K _4 H4 J# w) n0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX4 j. I: k4 ^& C+ r+ Z1 W. c
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX! a1 }3 a; e5 D/ f
00403343 83C4 04 add esp,4
3 ~ g/ y9 S) o; y" K1 @00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
( M2 a3 y% Q Q/ ~00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]4 ?! y) [. j. V# a6 J
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
; l# m- A! m" S4 w; e, v) x0040334F 50 push eax
" g+ f& y1 U; g3 `; F" S/ m00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX* u6 H+ ~. d8 n- I; S
00403355 50 push eax
! j( g6 e9 U7 p2 }( B9 r* r00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX6 k c# z; d7 u' X4 g
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
" v ^( t" x! W: j0040335F 83C4 04 add esp,4
3 s+ _+ T' x( e: ^2 i: {8 {00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
2 v+ x4 F3 v* z' h8 G00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" E; x3 M: I! z* I9 z$ @' [' U3 J4 M00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
' z7 h' M: ?% y( O& u8 g" _# x0040336B 50 push eax
. @, v$ C+ D# t! [4 j. i0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
5 C" g/ B7 ]5 H/ r8 Z: }00403371 50 push eax
, b6 v( k ^" \" I! ?: K00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
; y* l/ L7 K$ S8 E- c: [00403377 8BD8 mov ebx,eax ; EAX送EBX
4 B; }4 w% p4 Y00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX& C" r( |4 L: {; B: r, ]8 ?. s u \
0040337D 83C4 04 add esp,4
1 V/ @8 ]/ R" ~! E h) M00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
! B/ J( X4 w" f00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
) X' b/ n3 i3 h7 D4 m00403387 50 push eax: a3 _, u1 M) J3 @0 E+ K8 i/ O% `
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX7 X; Y8 [3 g, d5 S9 z
0040338D 50 push eax
7 v" f5 @7 z, c. s0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX+ L0 }; Z$ t. J5 }. C. ~
00403393 83C4 04 add esp,4
% n' ~0 ~! S) K$ k00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* l8 P; Y) q T# ?% b9 t
0040339A 8BE8 mov ebp,eax ; EAX送EBP3 j3 |3 U) w+ y% {* M1 |
0040339C 6A FF push -1
$ Q3 F! ]7 b z( U- ^; T0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
/ b* A8 b; a5 J& y004033A3 6A FF push -1
- s. ]1 U1 `$ z2 M, U004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX, x( {) e$ _! ~1 L9 h& E
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX% Y- J& }; Y2 H/ H8 `' G( e8 e
004033AE 6A FF push -1* T- ]* d# Y, P/ \% C' n
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
& P& ?. _: j6 C7 G& X004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX) e4 ]6 q/ y' K* K
004033B9 6A FF push -1
, s9 f0 o) N$ C0 s& g4 E* O/ m004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
4 v% m& q: i' J7 K004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
' G1 e; N/ U6 F; s. X! x004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
" H7 A6 S+ E0 `0 P+ s004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX( C8 U& k5 f5 s( U3 i+ Q
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
1 e5 N, h, Z9 _: r004033D7 D1E0 shl eax,1 ; EAX左移1位
9 ]! f7 G- j. q! l7 v: g2 `004033D9 99 cdq ; EAX扩展
6 G8 j8 d% s' S) c6 ^004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
, m: Z' d. e. _ Y9 i004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
7 T8 s! \5 E$ e; x0 Y004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)9 K8 k, {9 B7 R* O: ], g0 |7 [
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
, y% z2 J: T2 w2 h004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
/ V9 d* O9 o! [8 m; B9 @9 _) D5 d$ A2 ?004033E9 EB 2D jmp short qsr.00403418
5 ~7 g( I j& H! e( j004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX: ?4 m( N- K. j. D2 S/ S
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
! H! Y6 N u. b- t6 m! L( Y004033F7 99 cdq ; EBX扩展
3 H2 A0 y7 `4 Y7 A D! Y( i" H004033F8 33C2 xor eax,edx ; EAX和EDX取异或 P5 b' Q8 l' x8 Q2 Q- G
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
5 U( B' u5 N @" w( i1 ]004033FF 2BC2 sub eax,edx ; EAX减去EDX2 {6 b# j/ v4 u j- c
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
' l4 _8 y# R0 |- J: {; x* r% a6 B00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
* N( ~8 i2 A- f7 I: y q0 N00403409 99 cdq, i$ \! e+ E' t$ n- I
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
/ v4 t) U3 Q$ O9 J( f! J" N0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
/ ]% v% O0 I6 b7 W00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
' \9 G- p) w. v7 G! z7 }00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
) z/ a" e8 N9 [1 l8 l' [+ x00403418 E8 6EC00200 call qsr.0042F48B ; . n! A4 A6 N3 o* S' u5 T- y
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. w4 T5 s; f1 G00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
; r( ~& b3 ^/ ~* q' f9 \* b00403426 E8 60C00200 call qsr.0042F48B
( K0 k6 }$ Y' D" x& A4 u* }0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
Z9 k1 n, ^8 ~' }9 }0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
0 m/ V4 @' n: a00403434 E8 52C00200 call qsr.0042F48B7 h8 O' P0 v$ r
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 V% S6 t6 l4 |: ?& V
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],76 y- j8 D3 e3 Q8 \
00403442 E8 44C00200 call qsr.0042F48B# ?# H; Z# {* o9 |8 `, {# I
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
* W8 g/ H5 P& X/ g! V z6 K" b3 u0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],61 `0 ]/ z# |1 p v* v# d
00403450 E8 36C00200 call qsr.0042F48B# E N0 ?) z* h! ?& M; P
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28] Y& [. x: G" C+ d/ b% c) [
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3- v$ `1 C3 b# c) o* y9 Q
0040345E E8 28C00200 call qsr.0042F48B: [: n y/ n0 \& m$ n+ ~0 ]6 ?# q- r
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]: S3 ^ a' M3 t$ }
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
) R1 b+ l0 c* o$ W5 P& O5 Z0040346C E8 1AC00200 call qsr.0042F48B
8 e6 @2 ?# j) e00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
: @: W3 z% ~& f00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],13 n6 U, J: R* i, k
0040347A E8 0CC00200 call qsr.0042F48B9 N9 w) K! u7 B6 O4 z
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]" x$ ]. B+ v8 d$ k
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],06 r: ]! L3 i( f8 N6 D; h
00403488 E8 FEBF0200 call qsr.0042F48B, G1 `: V O3 S! W
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
) I2 h& j& F j0 B00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
# a$ B' C6 z2 O' w c00403499 E8 EDBF0200 call qsr.0042F48B
7 w. g, q1 r. V. r: I! N2 c. l B0040349E 32C0 xor al,al ; AL清0% L, G( c7 A* @! T+ |+ S, @+ o
004034A0 E9 88000000 jmp qsr.0040352D7 e; D# j# ]# g, M- z1 L
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~" u4 Y* ^( {4 y% f9 B, @7 \
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 I# b9 ]* t- }3 {004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],90 J7 ?8 X4 G+ i; l# H3 }
004034B3 E8 D3BF0200 call qsr.0042F48B
( k' t4 l: w( w( P3 d! Z" V! K004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]( U# R7 `( `, g5 h6 { a% k' K
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8' {; e" M F' P. S- l. X
004034C1 E8 C5BF0200 call qsr.0042F48B: O" h, [* s3 i5 j
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" [; u' r& P; w! }) ~004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],70 }% I7 {& o6 X2 R# V8 j \
004034CF E8 B7BF0200 call qsr.0042F48B: [. p& n6 ?, Z7 f9 H ?/ B/ X$ _6 ?
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]7 t* z0 z3 M" B
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6- ?( S u. b9 T& [, _
004034DD E8 A9BF0200 call qsr.0042F48B6 T* N' B o/ W6 p- J( [
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
- \& B( Z. i' I+ J9 L+ Q004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
2 L$ a. j' q2 O3 [$ s3 F; `. T004034EB E8 9BBF0200 call qsr.0042F48B. C$ z& M- l; e: U( J
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]9 K% M2 ]# s) }' M. Z; f, v8 X
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
9 z8 v; O B' c& v4 g004034F9 E8 8DBF0200 call qsr.0042F48B1 J- g3 |% R# H$ ?
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
7 l, w/ y/ O/ \) n, M! R Z00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],16 x& p: p5 @7 G1 F& n
00403507 E8 7FBF0200 call qsr.0042F48B3 ]! ~" i7 x: L# q) ?% S
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]6 v3 f5 U! n" y0 b$ v" Q
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
7 _6 L% j2 r8 \ J; r& z# a6 r- f00403515 E8 71BF0200 call qsr.0042F48B
$ \; A$ m/ L k v& V. y. H+ r0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
* f' _/ u- I/ {9 H' P0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
8 G% d' ?% \6 D00403526 E8 60BF0200 call qsr.0042F48B8 ]" m% s5 ^8 F, }- K1 Q
0040352B B0 01 mov al,1
. Z8 g6 |* e( R& l0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]2 Z: H- s( U0 G T, G' b& O7 X' E
00403531 5F pop edi
7 Y) Q" P v0 W7 C00403532 5E pop esi0 N- h. S9 `; ]+ i0 I/ i
00403533 5D pop ebp/ N+ ]/ Y4 p2 H6 E8 D& z/ s
00403534 5B pop ebx
$ M0 ]4 i# L3 W9 |" i+ e( }1 K00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
. D+ ]9 w+ R1 N0040353C 83C4 30 add esp,30
3 K% S* ]' ~5 J( r0040353F C2 0800 retn 8
2 C% K7 R+ y! G--------------------------------------------------------------------------------' ~; U8 X y# Q# V/ @
【破解总结】
1 c) s' v1 V# w 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
6 p3 z8 Y& {" E7 K, S- Q: B. A用户名:yijun
1 h X0 r+ p( ]+ N9 c1 ^注册码:4893*7777*3726*7777*05293 S6 o9 O3 S" _6 i0 j" A0 |
--------------------------------------------------------------------------------. K" c0 R. T3 ?; V( h
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡