|
|
|
【原创】破解Quick Screen Recorder# N7 O* X( K$ d+ {0 s: T
【破解作者】 yijun9 C8 Q" s+ h* b! {
【作者邮箱】 [email protected]
/ G- \! {5 F: U1 Y3 ^【使用工具】 OD,PEID
4 i2 n7 R& c4 G3 n【破解平台】 WinXP, S8 N2 L2 F6 f( T
【软件名称】 Quick Screen Recorder* b- _2 O4 G9 M9 V% }9 H6 V
【下载地址】 天空3 j4 O% \$ L- W! r3 e: N/ r
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
7 C, d* M5 u. f2 ~【软件大小】 540K
( d$ O) [ x& g* X% C【加壳方式】 无. x. c& ], L s5 _& M9 n
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
- w3 A# u6 C) v& L1 N--------------------------------------------------------------------------------0 V5 U* v# O- F
【破解内容】
, Z) Z' s: ~7 K# y$ Z PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:: i' i( D) e8 c. T4 n; u& \- O6 @
00404C69 55 push ebp //在此下断( h7 X: O0 J' o7 D6 b9 N( i
00404C6A 56 push esi) m; P( q1 O& O4 g2 \/ f6 d
00404C6B 57 push edi
+ h1 g4 V9 u: \ A5 i6 {. [! O00404C6C 8BE9 mov ebp,ecx
5 H( W- @; @0 i+ ?/ z00404C6E 6A 01 push 1
3 N p" r. |2 H00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名8 v% p; k" M( d% r+ t/ S
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]" c/ u% V. G, f9 `* f
00404C78 8BCF mov ecx,edi
1 ]9 ^4 y' R: `. [& x, M- \00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码" W+ Q1 S! ?) v) M9 q; Q7 N! U
00404C7F 8BCF mov ecx,edi* K0 Z9 @5 @; H9 Q! f' U# \$ J
00404C81 E8 A73E0200 call qsr.00428B2D
1 w5 K4 S9 C" f( z6 r. L# N00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]- C5 ?) z8 ^' l3 U+ w$ K
00404C89 8BCE mov ecx,esi
1 v' T: j1 Z) b7 I* W" c7 N00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX- p8 ^$ U1 r' G1 q0 X! S+ y* l
00404C90 8BCE mov ecx,esi
, Y; A0 _. U: j- R00404C92 E8 963E0200 call qsr.00428B2D
1 f1 y! r/ z3 W/ C6 X4 m [1 R1 I00404C97 8B06 mov eax,dword ptr ds:[esi]
& W9 d# G7 p% D* X( p6 M) B' [00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2 _; k% |3 c0 d3 ?
00404C9D 7D 26 jge short qsr.00404CC5
8 e0 `1 C1 v7 S6 G- K% z00404C9F 6A 40 push 40 U: `9 O# n! w$ y) Z. u9 f2 f$ m, w6 i
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder", B% Z1 o, k) U+ S( s: Y5 b6 i7 p+ {
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
' t) [1 b V! S5 S6 {& b; b00404CAB 8BCD mov ecx,ebp
9 c+ B8 ^% o6 e8 E00404CAD E8 C3840200 call qsr.0042D175
( O' G4 E+ v& c3 r" d00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]1 y) n3 D% n6 V1 b9 _, n4 o
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
0 W: g- ^, m/ T( ~# H00404CBD 5F pop edi
3 C" p+ u$ `2 v, I00404CBE 5E pop esi
* _3 m s9 ^5 w4 ^$ R00404CBF 5D pop ebp: C' m9 g! g/ V4 _; t$ w3 G/ n
00404CC0 5B pop ebx
} H" e( \) }00404CC1 83C4 18 add esp,18
y" W+ {( p: I8 D00404CC4 C3 retn. u) j" L+ `3 ^9 p9 `
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
4 ~) u7 c/ b. }4 X @9 M00404CC8 84C0 test al,al
' h# K' e# w1 p+ Z7 m00404CCA 0F85 1C010000 jnz qsr.00404DEC0 q# P$ a. ^: t4 H" y% ~
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
- l: i3 f9 C8 M6 _; Q! E+ W) h00404CD4 E8 87E3FFFF call qsr.00403060* a: S: `" R2 N5 E! K2 I
00404CD9 51 push ecx
( A* E8 X2 n) b00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
$ G* V. } D/ J! o' Z2 h' H- Y" X00404CE2 8BCC mov ecx,esp: s. r y8 P0 F. `0 s3 J
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
& o+ }* E ?& Y: { V: \8 @% G00404CE8 56 push esi0 w. N0 t, {5 o: E. e
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是08 g: A' z( O1 i3 ?6 ~) L, V
00404CEE 51 push ecx+ g- `! X3 }+ p
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
2 z& S1 q1 c. e9 H8 K00404CF4 8BCC mov ecx,esp
$ d' }5 n/ n' [0 I00404CF6 896424 20 mov dword ptr ss:[esp+20],esp6 J; d! o$ L6 {: e- p( f3 K( f
00404CFA 57 push edi
% c# E q/ O/ p7 g+ y8 U00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0/ b1 S" ^. K1 }
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 v% y2 h" K6 N' d! F/ l z! Z8 G
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
1 ?( X1 ~; @) T00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
- _8 m$ l8 T" `00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~7 O& x: O1 \5 ?! m2 H
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
1 \* q* ]. h4 L8 q7 p. }00404D12 6A 40 push 40) n0 X/ Z1 w" M9 Q
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"( O( J8 L3 H" Y7 J% Q6 u5 I: a$ V9 q
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."- t2 T* s& l: C6 n
00404D1E 8BCD mov ecx,ebp Q; {% H4 v$ o D1 `+ h# R
00404D20 E8 50840200 call qsr.0042D175# i0 m! Q& Y3 \ w
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 [/ B) Q+ b$ Y5 B, f
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1. e" T! F6 M& A9 F( o( b9 q
00404D31 E8 5AE3FFFF call qsr.00403090
& x2 Q" p( K" L- e00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
3 V- X. Z: Y1 i' L3 v3 E00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx+ U8 p0 ?/ E! O
00404D41 5F pop edi
+ q9 J$ {0 [, h1 X6 h3 |9 \00404D42 5E pop esi0 r0 {- Z, [$ s: K# t/ `6 d
00404D43 5D pop ebp1 k! R, r" [- q# H' {( [
00404D44 5B pop ebx
L; {2 _. ?4 d t+ q" r7 m! F00404D45 83C4 18 add esp,18
$ A: t; ^1 u8 ^+ z k00404D48 C3 retn# m$ w4 @/ G- j0 H
*********************************************************************************************************************************************************- K0 [2 q% R/ ^
跟进00404D09处CALL来到:7 e% ?* S) y. p
004030A0 6A FF push -1 //一路F8下去~~~~
7 m% A2 K$ a5 }004030A2 68 C88F4400 push qsr.00448FC8
$ j! k' i1 G- A& _7 s; q& K004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
; p, c$ M, |6 F9 b4 Y" u e004030AD 50 push eax
$ M% ?5 p+ W L/ F9 A4 s W004030AE 64:8925 0000000>mov dword ptr fs:[0],esp7 J) o+ s* m6 {- W- J( l! k# C* i
004030B5 83EC 24 sub esp,24
! C0 @ y. I1 y3 f9 v6 m8 G! B004030B8 53 push ebx
. b6 {3 t5 T' ^% s7 Z ?2 D% T8 X004030B9 55 push ebp
3 p6 M- _) L3 c( q004030BA 56 push esi @3 M4 x$ D- u" L* O( P
004030BB 57 push edi
5 Q( {# O1 n# C9 ?! o+ y6 J% D004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
# z/ m$ _& }5 m5 ?* i/ Y/ d5 Y004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
( t/ z/ Z3 t0 v4 b' f: `004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
5 O1 k ]9 m- |# v6 L2 k004030CD E8 27C40200 call qsr.0042F4F9
! s/ q- E, ]" x5 j* K: V004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]: h! V' K1 ]1 ~8 B
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax* `3 `& ~( A" p# i2 \
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 W) e& W' B. A( g& L$ S/ s004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
% e5 y1 {( p; q' D7 s) R# F0 R! V004030E4 E8 905A0200 call qsr.00428B79
+ @4 ^8 J! H& e. s2 v004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
" _ {; P8 O5 |. L {& |004030ED E8 3B5A0200 call qsr.00428B2D
4 ~% D1 V9 X# G+ L004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
2 `9 |" T6 T$ c1 g% O/ g, o004030F6 E8 7E5A0200 call qsr.00428B79
$ O( k2 Y, l$ d8 a004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
2 G3 O/ O2 ~9 e) Y* l. {004030FF E8 295A0200 call qsr.00428B2D
% r8 I8 N2 \- X, ~4 s* E00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]' Y+ E" w; o; N7 @* `
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]" O3 ~8 [9 v. q y' f* L" n' @
0040310B 83F8 02 cmp eax,21 ]5 u1 l7 d4 n; o* F* k
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
4 m* ?6 e' S/ Y) p) J# ^8 E# O00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]2 s0 p% N5 d5 u5 \+ \
00403118 837A F8 18 cmp dword ptr ds:[edx-8],180 i" g2 Z. V# V! Y! T" c
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳/ Q* Y; W; P( K' m2 M1 J- O" h0 v
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
& k$ Q6 {) |' z* d6 z0 r# W7 Z00403126 6A 01 push 1: B% o" Z. f7 s. g! Q
00403128 50 push eax7 z+ L' O$ G" O% s
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]- v3 r7 \" b. c
0040312D E8 C4550200 call qsr.004286F6
% B# m- I5 r5 B# I& z8 n2 p00403132 8B00 mov eax,dword ptr ds:[eax]4 B3 U8 ^& w1 T9 P
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
5 L! D$ @. n4 b% e4 J. @- m00403138 50 push eax- Q1 A1 i+ C# W6 p, D1 S8 |6 I2 D
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
3 L a" j' Y% v9 |6 E+ {6 t8 h0040313E E8 4D560200 call qsr.004287903 \- c) t5 C' i% o4 d: r, T
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]9 i/ }" n/ Q# E
00403147 8BF0 mov esi,eax/ t$ s5 ~7 `$ R+ g+ U
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3, J3 Z3 u7 {, z. O
0040314E E8 38C30200 call qsr.0042F48B5 x+ _+ `. v, Q: f6 b
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]& J3 j' Y& {3 E3 Y2 k
00403156 B9 3E000000 mov ecx,3E$ `/ u5 i$ _) ~! d* V
0040315B 99 cdq
% G( ~" q& Q n! G0040315C F7F9 idiv ecx
$ U. V+ `, U* F1 Z, q0040315E 6A 01 push 1
2 i X- J1 ?+ y0 B00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
. h8 {0 O" @5 z* x00403164 8BF2 mov esi,edx
. o- g& _# N8 R3 Q l00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
4 J/ ?4 C2 D. x5 Q# p0040316A 52 push edx4 |( w* `& r+ m
0040316B E8 0A550200 call qsr.0042867A
. ~2 L1 o* l5 p% j4 V1 Y8 T7 }7 }00403170 8B00 mov eax,dword ptr ds:[eax]+ l7 {/ |/ W. X2 @7 D7 u6 P1 N& o
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
5 v, u2 T: C7 a( j: F' {00403176 50 push eax
" b& `8 a+ }. G$ C, \7 G$ X00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
; ~' j8 I$ {3 t/ u0040317C E8 0F560200 call qsr.00428790
2 T/ l( j' Y; O% W2 S+ D00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 k+ ^, i) }( l$ H' B2 ?8 d! n00403185 8BF8 mov edi,eax
, n3 |( D: W/ _. A0 Z3 P5 i+ _00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
; m# y2 {+ a, o9 X3 l% m: z# e+ n4 a' }0040318C E8 FAC20200 call qsr.0042F48B8 c! I P' O7 N' O0 B$ \
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
8 b% I" j' p- `! N00403194 B9 3E000000 mov ecx,3E
5 _+ s; C/ Z1 o00403199 99 cdq
& F- A f1 o5 }0040319A F7F9 idiv ecx1 d* W( u( t/ X- {2 l" o: G
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
% Q. X2 r& z% r5 r2 M- E: m" R004031A1 894424 28 mov dword ptr ss:[esp+28],eax
. W7 U6 n% i& Q- {5 |8 f004031A5 8BCA mov ecx,edx( v( i$ ]$ M4 u: d$ H( C( P, e
004031A7 894424 24 mov dword ptr ss:[esp+24],eax7 _& ^ q3 V: k$ U) I
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax9 Q$ p; ~5 z Y
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
, L& [6 W0 y! v$ [8 d6 x/ a004031B3 894424 14 mov dword ptr ss:[esp+14],eax
& `1 X% d* u1 q& u; c! x, w+ C004031B7 894424 10 mov dword ptr ss:[esp+10],eax
/ W" u" t- _ ]3 D004031BB 8BC1 mov eax,ecx9 Y2 Y K) x' ]5 E2 l
004031BD BF 0A000000 mov edi,0A; ~2 `( N& J2 D, B* g0 z8 \
004031C2 99 cdq9 o9 `; O4 |9 W9 m: H/ ?
004031C3 F7FF idiv edi
% [- [ W& i+ a1 h004031C5 8BC1 mov eax,ecx
- ~8 W5 O) `2 S$ z# ?' v/ t! s* W004031C7 B3 0B mov bl,0B
2 ~2 |' C! ?, m7 f004031C9 0FAFC1 imul eax,ecx
9 f* f+ [' k0 |; D, j; F# R004031CC 8BCF mov ecx,edi
8 C& p F: T7 O& Y* J5 N004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
) g P9 o( o, p/ R: d004031D2 52 push edx
0 u9 R" `# @1 }! l+ d004031D3 99 cdq
) N Q {$ k/ Z9 n0 M& L* g004031D4 F7F9 idiv ecx
; o) r, s9 }3 ^. A+ F( i004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]* I2 z# {4 W/ @; `3 |
004031DD 2BC6 sub eax,esi6 ]# Y4 O! R0 A2 j a! N2 ?
004031DF 52 push edx
; ]% E; K8 ~8 \) ^004031E0 99 cdq
4 v" _5 I$ `- o0 N8 _& Q* A004031E1 F7F9 idiv ecx5 Q; D Z& W. q; v4 X7 B' J
004031E3 8BC6 mov eax,esi3 `, \, C5 X1 p
004031E5 52 push edx' [ m! B( o/ p$ |
004031E6 99 cdq8 U8 i) ?/ ?) r) s
004031E7 F7F9 idiv ecx5 S$ V; k/ w K
004031E9 52 push edx5 A8 j! w$ }7 r. a% v4 W
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]* K0 @8 a. o: d3 e( p; K1 s
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"' g) Z. n, U% R4 `8 j8 t6 F
004031F3 52 push edx
+ y0 f' @- x; u8 i$ X004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893! M+ P a1 g L* M
004031F9 83C4 18 add esp,18
y! Q" y L- d) l+ B004031FC 6A 04 push 4
2 Q' x6 F4 s* J2 E9 Z9 T004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]3 e) V% W3 `9 B+ V: g& w
00403202 6A 00 push 0
+ I; f% U0 d1 K1 t6 E5 G1 V! h00403204 50 push eax
4 N6 G# t C/ \6 V o) z- e( G; M$ u$ M00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 b# S, f6 a% R/ t- L
00403209 E8 D6530200 call qsr.004285E4
7 ^2 D: R& {+ \0040320E 50 push eax
" }9 ~9 K# B8 e, B% }# s; d4 X- _3 h8 u1 \0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28] B. C: T$ [6 K& G
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
/ R) W9 g- ^/ [9 ~, J$ p) h T00403218 E8 A7C30200 call qsr.0042F5C4
% z# c3 Q. w7 _5 [- d) _0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 F5 V+ z/ ]6 |5 a' \00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
" r0 y1 N1 |" H/ W& ^# ?00403225 E8 61C20200 call qsr.0042F48B+ L) O. z+ i: J1 N: r2 ~
0040322A 6A 04 push 4
: t! |/ D% B8 r& f0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]$ G* c' j* Z$ ]) G) ~% U8 Q7 H$ h
00403230 6A 05 push 5' n. y1 {9 R. `
00403232 51 push ecx
3 y( ?2 u+ F. p6 ~00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) W& P# ^. o% P
00403237 E8 A8530200 call qsr.004285E4
- G Q& c0 X6 P1 z$ E. E0040323C 50 push eax
& [1 X5 _2 \6 U7 w0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
8 g9 g; t: Q9 J c8 j, ?4 y00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
( K' ` h/ c; G3 r; q" e+ _& S00403246 E8 79C30200 call qsr.0042F5C4
* a) }/ h p0 X" F/ u; n- Z( `0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]; \# l8 j- U( W
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
4 e; K9 m; a/ Y2 i. o$ e7 s: a00403253 E8 33C20200 call qsr.0042F48B4 S2 X: ~! Q0 G3 W" n
00403258 6A 04 push 4
4 r' {" `' c1 B: F% g4 }7 F/ o0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]* a4 q" P0 d$ o$ L1 O+ O
0040325E 57 push edi2 a# f3 x( L% J: E- |4 N4 I
0040325F 52 push edx
. i% u0 `1 K4 S# I4 y00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& [" ~' y1 S2 Q1 Q. R+ J" ]% C00403264 E8 7B530200 call qsr.004285E4
5 ~" W* F3 q- h3 k& b2 k00403269 50 push eax3 {2 ~8 x$ X9 a) e
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. p3 |. o2 U3 R/ z" j0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
# u) w& m4 L0 P& l3 p00403273 E8 4CC30200 call qsr.0042F5C4
" d: z! C+ t4 \: Y9 u2 k00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( ~- R' |! Q0 R& Y3 }2 u0 S0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl0 |2 w& k+ ~: i. Y, q3 F* k
00403280 E8 06C20200 call qsr.0042F48B! }( F; p9 F; z$ b
00403285 6A 04 push 4
: r3 N, G1 H P5 b% ^: i. d00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
% W& \# {6 ?" h4 P0040328B 6A 0F push 0F. J; J( A/ c: Z# |0 d7 M' F2 W
0040328D 50 push eax4 l u# l) |% i2 I4 o
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ B2 o' u4 C' }) y3 ~00403292 E8 4D530200 call qsr.004285E4
! p, s+ V- A m8 M6 f! g& V00403297 50 push eax
3 S: H# G; ?; z! W5 Z7 @5 `00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]# F4 Y/ `; X0 `/ D
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
% d3 Y1 Y' m1 |) V6 |004032A1 E8 1EC30200 call qsr.0042F5C45 V, {% k! e5 l x* _( K2 q/ K
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]- B( w/ r1 n l2 z1 t
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl7 V: C+ \5 \9 g7 g4 C9 m& c) d
004032AE E8 D8C10200 call qsr.0042F48B
: v K3 V& V2 x: e004032B3 6A 04 push 4
3 S+ ^) ^. ] K8 @004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
8 `1 b* z f% V1 T- @. y- N: J8 b004032B9 6A 14 push 149 t7 A6 J+ G& o/ c
004032BB 51 push ecx+ Y. n& C7 G" S7 [2 i3 V0 U
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]; z, h5 c z# a
004032C0 E8 1F530200 call qsr.004285E43 A( ~. {( s, M8 {( `, y
004032C5 50 push eax
+ ^- j% |' Y+ }004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
8 F9 U1 q4 j( b8 }) W% ?4 \% [004032CA C64424 40 10 mov byte ptr ss:[esp+40],10; J2 L; c& E: k& o6 _, H4 k$ r
004032CF E8 F0C20200 call qsr.0042F5C4
0 O" `. ?4 [" W8 |7 r. u) @004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 ]. p6 Z4 a! X& c* ~004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl- N; e% N# H; S5 X
004032DC E8 AAC10200 call qsr.0042F48B# I$ M; a( W; B4 { ~
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
D) p. \% ?: g' r' b& |0 e004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX" s" u$ X5 B8 ~8 Y G8 w* w$ d
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
# e# n' H$ ^8 d004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL* Y! b5 Q- ?2 ] }# x
004032ED 8ACA mov cl,dl ; DL送CL
' n& O0 t+ `- m& Q7 w004032EF 3AD3 cmp dl,bl ; DL和BL比较
( v% g6 T) X8 x A' E0 y2 J004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
, X$ S# [- a0 R004032F3 84C9 test cl,cl5 E7 u5 ~( c0 t
004032F5 74 16 je short qsr.0040330D
1 N, b, l8 j/ N6 }0 Q004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
/ D5 _/ C. L' Y. f/ S004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
! N$ q1 y& ]' ^) h+ T, Q m004032FD 8ACA mov cl,dl
4 ~, I4 H8 Z8 u5 ^004032FF 3AD3 cmp dl,bl ; DL和BL比较
. p/ P% q% h0 P7 U7 V; f7 L00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
5 B( y+ t. _1 G0 v" i00403303 83C0 02 add eax,2 ; EAX加2
2 ^' R4 B- s( B00403306 83C6 02 add esi,2 ; ESI加2
9 B7 {8 O' S" E+ z+ Z9 t" A00403309 84C9 test cl,cl: T: U% `2 Z2 X5 x
0040330B ^ 75 DC jnz short qsr.004032E9
9 Q, k2 a* Z6 d, P3 h y8 D0040330D 33C0 xor eax,eax
9 Q W3 ?) b3 K M& i0040330F EB 05 jmp short qsr.004033163 {4 v' @" a" H2 H+ d( q N* g
00403311 1BC0 sbb eax,eax+ f) ^4 F S5 f; z
00403313 83D8 FF sbb eax,-1
9 |7 [: E7 S: }! m0 M0 ]( U$ J3 o: O00403316 85C0 test eax,eax
; ^! `, \: b) c/ k4 u4 w00403318 74 0E je short qsr.004033284 a ~5 `, q4 x; R0 n/ R
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A$ O9 t0 b; B; D5 Z
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]2 K `5 l w' v7 a! s& V1 z
00403323 E9 F0000000 jmp qsr.00403418. t! \! k; T: M$ C
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
+ w' Q% t& E1 [7 ]; k# X) J" |5 c7 {0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* `! O5 p9 C' r1 k( |
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]3 _- @) U8 X4 B- M/ V
00403333 50 push eax
" D! J5 c4 A" j# U& t( X8 G00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX; C3 g+ [. D0 c9 T
00403339 50 push eax
; p, |) G: U, {4 _0 A0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX! d4 r0 ?5 E) N- o
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX1 L% J) E7 Z" X1 \4 ?3 b* C
00403343 83C4 04 add esp,44 M4 q# P1 O4 G
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
8 @& u/ ]+ f! w Z0 X# Y& }00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
: {6 ^0 n. e8 J) J9 G7 P0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
' ~3 ]8 F$ K+ P' e& f- N0040334F 50 push eax, S3 w/ W7 J; }) x
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX$ a& w1 c2 J+ w3 d
00403355 50 push eax( g$ f9 t7 W, A6 K
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX- o+ M/ f! M u2 D
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX. m4 a) K4 O* O' }
0040335F 83C4 04 add esp,4! C6 V% ^8 i$ E5 D7 m2 |0 Q
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI# s) Z l$ P! b) c" M
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. B& B# \+ n+ x3 ?3 o) c1 o3 l( _ ~
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]+ U9 L* Q( |3 I
0040336B 50 push eax b% q, o' W8 \' @+ k; H c
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
! I% K' P3 G3 [' D7 l: f. ^00403371 50 push eax, y6 s: T* U9 E( n/ |
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX: l# \, F0 y3 I- Y& C
00403377 8BD8 mov ebx,eax ; EAX送EBX9 W" E" Y- J- Y" Q" ?2 T
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
7 \3 s6 Y' Y5 G, x% k3 u0040337D 83C4 04 add esp,4
' f3 l1 ]5 \+ G @& M: e- p$ ~00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]& f, V- O8 m, G$ t% q
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8] N$ g- A4 v0 t' F& W& _9 g" _' _5 L
00403387 50 push eax9 @$ R: M+ B- W& X% z0 n! n
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
$ M- o/ c) V, X* M0040338D 50 push eax5 [8 m+ t3 T6 Q! {3 R
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
/ z' o6 N6 J6 d6 B00403393 83C4 04 add esp,4
9 W! l. F1 @) E1 T00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ v4 ]5 u q# `0040339A 8BE8 mov ebp,eax ; EAX送EBP4 u: }4 B; `: m- n
0040339C 6A FF push -1& e5 \7 i2 w: l* B/ \7 V5 h( v" C
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
, U- J" W# l- n4 Y/ O004033A3 6A FF push -1
% N: ?9 X+ |/ Z1 m( L- e004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
* l. J+ {7 e0 F* f+ u004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
. Q( `$ b, n F, _/ ^6 {6 ?, S004033AE 6A FF push -12 Y V) H+ G6 c F
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX+ O; ]3 T9 S( }$ n* T- F
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX4 J( O- X Y# k* F- k( k& ], U
004033B9 6A FF push -1
$ n4 I' W" E* y [8 ?0 L004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX4 Q, d- s+ P G8 V
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
/ q( f$ s/ [* W% M1 Y; {, _" ~004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX4 S: m/ T5 Y- X5 d" r. s7 O+ _+ ~
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX# q {2 q- r+ ]6 K
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
4 r/ x, t' ~8 l4 w8 I/ v" d004033D7 D1E0 shl eax,1 ; EAX左移1位
3 X- J2 n) A1 y+ s1 T7 l004033D9 99 cdq ; EAX扩展
* L( j; c Z t% [004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
/ _6 T# V- v+ r2 n: @. _- F Y$ ~004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
+ j$ [3 d. x o% ?2 w! W& H004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
a4 c2 |" @, z! S004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
2 T: i' d. F$ Q. ] Q004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
+ y+ M" a7 N6 u) U @- T, m004033E9 EB 2D jmp short qsr.00403418
6 U5 h+ u0 S% r, D004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX, Z0 G4 a0 | g |/ c" o$ f+ t8 V; O
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E29 p& z* ~7 I3 L2 H+ B2 H
004033F7 99 cdq ; EBX扩展5 v9 s- Y. X. d: d% l: O# X+ Z
004033F8 33C2 xor eax,edx ; EAX和EDX取异或: m* }$ W& _! Y/ L4 Y8 V7 W
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX. c8 C. q8 c/ p, b! V- V
004033FF 2BC2 sub eax,edx ; EAX减去EDX
. J. T- M0 C' y# \& |$ `. H00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]5 O. v4 P, z% o4 J2 ]2 O! k
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX0 U" K, O) _5 S' _( R
00403409 99 cdq
5 z: [' W4 x/ D+ w7 c4 ?0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中4 f) \8 u, V- ?8 T: C
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
9 v- ^ |. }5 O2 {00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
5 K; l8 s. O/ D E00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)' p; T& G' g% n
00403418 E8 6EC00200 call qsr.0042F48B ;
+ e8 g" ?' T$ V: w: \3 l- a6 z0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( L8 c; a) L' N6 u, @( o) @) M' ]00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9 h2 o/ _0 @$ S2 R- q5 t5 q( `/ r. n
00403426 E8 60C00200 call qsr.0042F48B
7 o5 A' w- C5 g& p' h0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
" }. B, K7 H( ]. o0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8# H' A* s8 s: i9 I1 B2 ]
00403434 E8 52C00200 call qsr.0042F48B
" D; m) Z2 ? e+ `9 A00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 c# _/ H" N5 g7 ?
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7) g! T" s, ~+ F2 p6 v
00403442 E8 44C00200 call qsr.0042F48B5 Q0 _/ K, \" Q6 ?! k8 M* E& u$ e
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
7 Q2 U$ i6 `, P, c# E5 G3 h0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],68 R: G& v* k$ y& s
00403450 E8 36C00200 call qsr.0042F48B
9 v4 H" m) v- l- \7 j00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28], e: `5 m9 d0 [7 ? Q
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],33 m: w0 ]4 X0 {" o4 t( D2 b
0040345E E8 28C00200 call qsr.0042F48B
/ X( ~5 \8 ^# a* u: E6 r: Z00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
" Q0 b. @; |$ z; k. z# l00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
1 m, k5 e+ D' i, H' q0040346C E8 1AC00200 call qsr.0042F48B
4 H1 C0 \/ |6 f7 P7 z00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
& L" g9 \) a d; m. {00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
' k5 o0 D8 m5 F1 L5 X6 J# _0040347A E8 0CC00200 call qsr.0042F48B
" w9 w+ |1 @. Q! q0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]7 Z6 K, _0 b( J9 W0 Z! l9 ^: y
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0) D0 ?6 K' s; i8 f s+ N
00403488 E8 FEBF0200 call qsr.0042F48B
' ~4 h4 m! y, b0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]# c Y1 D; E8 v$ |2 ^! q
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1% t) R* x# [4 u: T; W; p
00403499 E8 EDBF0200 call qsr.0042F48B
4 x4 H) ^) i" V& n3 I9 H0040349E 32C0 xor al,al ; AL清0! _6 T$ g2 d/ Q# P4 h. ^9 H+ }# c
004034A0 E9 88000000 jmp qsr.0040352D
$ ~2 z$ [) S0 p. k4 H; S- _% B004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~0 a# a' k$ r3 d9 Q& ?) n* O3 c
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 ]" t5 b7 z$ [/ u004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
* x0 i0 `) z. U1 F' U/ K004034B3 E8 D3BF0200 call qsr.0042F48B+ y; a4 w. T% Y8 x; S. _5 P
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 }9 \8 B0 F; h+ |4 F004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8, g( N0 I# k7 ]% [) r
004034C1 E8 C5BF0200 call qsr.0042F48B
* G9 t/ x% D+ Y1 J" Q004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]( r' N3 G% v) ?. E# d: O7 r& h
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
& K: ?6 w2 U8 P! r6 ^' m- L1 f004034CF E8 B7BF0200 call qsr.0042F48B
: l7 J% \, _, n004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
) y9 r" X' i& y- j004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
5 R1 D' k- }" F1 F0 X4 b004034DD E8 A9BF0200 call qsr.0042F48B4 w' s, t0 h7 w l1 i* [; m0 J
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]- W7 u: }! f: ~1 b( w
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3& z# ^ ]+ m; ]8 N. y+ a/ P
004034EB E8 9BBF0200 call qsr.0042F48B
% _: b$ x( v. k' Y0 o004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]1 |2 r# m+ }1 G8 f8 E' v
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],20 K" K/ K! _6 e3 L) R9 \0 }
004034F9 E8 8DBF0200 call qsr.0042F48B" W5 `0 h' E3 U/ {6 J3 l. x
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
7 u/ M$ B x. F0 m* d& _1 X00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
7 k, X O, k5 Z1 y% W) |0 X/ D. E00403507 E8 7FBF0200 call qsr.0042F48B4 P$ N; n7 K& Y
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
8 S+ Q9 y/ M. r @( D00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],01 b4 O9 a0 O7 D: v" R
00403515 E8 71BF0200 call qsr.0042F48B6 \3 x5 [, b1 P D7 t& k! E4 }
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]% Y/ o5 u/ I4 W
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) {( a4 {: j4 `" }' e8 C$ f- n( o
00403526 E8 60BF0200 call qsr.0042F48B
5 a8 g) o( v. m1 R8 a' N0040352B B0 01 mov al,1
6 a+ D, [5 o8 n- w0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]7 n4 c9 e, T1 N
00403531 5F pop edi y7 F2 _1 L. E" q8 D* |+ y
00403532 5E pop esi
' I! @% }& q% x7 r00403533 5D pop ebp7 r) d1 |6 ] F# ]! p
00403534 5B pop ebx
5 w! _ E3 q2 `. Z. ^, [00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
3 a5 E# X7 c6 W! U0040353C 83C4 30 add esp,30
! o# a F! _% T% J4 c0040353F C2 0800 retn 8, A$ _7 a! m, K
--------------------------------------------------------------------------------
. k4 u/ y7 k, X. y" o% g: u! |【破解总结】
! n/ M- l: b* x 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^9 c3 Q- C9 K5 F1 k9 h8 q
用户名:yijun
5 x# y) P9 }% I8 J注册码:4893*7777*3726*7777*0529* C" D7 p1 T# f+ e
--------------------------------------------------------------------------------
+ r" y* {) E0 k( A5 V2 X【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡