|
|
|
【原创】破解Quick Screen Recorder
/ m' k* J) T! P; H1 A【破解作者】 yijun
6 U/ K; Q$ G9 O9 W0 {5 i( v* k【作者邮箱】 [email protected]
/ S. H O+ s: Z% l M9 u8 J; ~$ s【使用工具】 OD,PEID
) [ S; M* v$ Z6 h& T【破解平台】 WinXP
! P V1 n+ u+ I% F# J% q【软件名称】 Quick Screen Recorder
q" @ f& n9 S9 R8 }. N【下载地址】 天空% `# B" C& b0 d" d
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
! |6 |7 g( |3 _) A9 J0 }【软件大小】 540K4 b- W+ a# N9 T) d: K- r
【加壳方式】 无
, _2 y1 g; C' H$ s, W【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)5 \) k, j. \' K( y: m
--------------------------------------------------------------------------------( F# a: t6 W* |( V' {
【破解内容】) U+ B* ~+ | }3 @' A$ h$ F
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
2 S2 m! E, B, A$ X* a00404C69 55 push ebp //在此下断7 f s( C: w' r- e- \
00404C6A 56 push esi1 ^1 c# ~! S$ }$ s* ^
00404C6B 57 push edi
8 L0 `$ G' e3 |, x2 i00404C6C 8BE9 mov ebp,ecx. O% Z8 A, _) x5 j/ b/ C* c
00404C6E 6A 01 push 1
2 r# G a* E/ }2 f$ ?2 n00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
* v2 Q8 [( C8 u& w. U1 a. Y' j00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
% o& n5 G% L3 i) R4 E' ?0 f6 [00404C78 8BCF mov ecx,edi
" I! u2 l# w2 M* g5 {00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码& J8 K) ^" s4 i2 B
00404C7F 8BCF mov ecx,edi5 X4 n7 s3 e# r' V0 j$ \ z5 g* x
00404C81 E8 A73E0200 call qsr.00428B2D
; w" P. U' {$ t$ X4 R. J00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
' @1 Z' L# u% r6 @5 c00404C89 8BCE mov ecx,esi
/ h! Q3 K9 S# v) v7 l00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
& l0 q3 q/ q) O, r9 ~; ?00404C90 8BCE mov ecx,esi9 D9 y8 ~6 ?- n) r; a7 h
00404C92 E8 963E0200 call qsr.00428B2D
' ?* n: W! e- }# x0 e00404C97 8B06 mov eax,dword ptr ds:[esi]! r" c& d$ C" T4 a+ f
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
7 M5 ~* ~8 R6 I6 A4 h. j% z1 [00404C9D 7D 26 jge short qsr.00404CC5
. l5 i, H8 L* ^) Y00404C9F 6A 40 push 405 B% J! m9 \* f6 Z
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"( B5 i1 [& t: y& B$ M. M! `! z, _
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."/ D) f7 r4 s- I& i( k5 b
00404CAB 8BCD mov ecx,ebp
' a9 n" C2 r& K3 |2 _" |00404CAD E8 C3840200 call qsr.0042D175! N! j1 j; {* U$ y% j$ ]* [
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
) P6 ~' N- |, A00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx) R- q0 E" r: k: {" X! j
00404CBD 5F pop edi( `* O( j. [7 ^) d. M' p
00404CBE 5E pop esi/ e. A2 h8 z. C% n0 c3 h- ]* B
00404CBF 5D pop ebp
0 M" e$ g$ I0 j' T( W; k& Z00404CC0 5B pop ebx2 p5 p, w4 d; {6 n R
00404CC1 83C4 18 add esp,189 b ~4 Z; b6 \( z: B" g
00404CC4 C3 retn$ _: ]2 v+ N7 |# M) }+ i- C* n
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]3 }2 s. S& Q! k
00404CC8 84C0 test al,al- `: d3 O, _6 \: F* A
00404CCA 0F85 1C010000 jnz qsr.00404DEC
/ U/ g8 J |0 S. v7 W00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. m' K3 O* T W6 Q
00404CD4 E8 87E3FFFF call qsr.00403060
! {6 s- H8 e$ e1 ?, O8 W00404CD9 51 push ecx( c5 T5 ` ^ T3 e( _# G; q
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0/ H! A% O5 I0 S7 \% I
00404CE2 8BCC mov ecx,esp
! ~6 r9 S6 F0 U, I9 b9 }00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
W9 o% S5 r( A k' t( \00404CE8 56 push esi( [9 i8 Q9 R; P& l% f0 b
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
# z: v5 \* }0 t1 k8 p1 A6 Z2 o$ p. ]00404CEE 51 push ecx! P; R1 {0 r5 l. H* V8 y Q; _5 B# l1 o
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
8 C6 F; d4 c0 K/ F B00404CF4 8BCC mov ecx,esp$ o1 C1 ^ S5 p
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
7 J. ^2 C7 c" ?. J/ I! s00404CFA 57 push edi8 I+ i A8 J8 ~$ P2 V8 @8 P
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
6 i3 j0 n5 ]$ J4 W& G00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]" H! ^1 h; \$ {& R3 _0 t' C9 r
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
! _- }4 v% D; G! y+ g; P- a/ F00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
/ P# F% X+ b& U" \- S" F2 e00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
N ^2 }8 h- v1 \( a0 r00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
: B8 }5 n; ?# h9 ?00404D12 6A 40 push 40! }9 R: t6 Y O
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
, }8 h" u: S- J" K7 O7 g3 l00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
% }8 {) R J" L A00404D1E 8BCD mov ecx,ebp
9 ]+ \( A9 r$ D, k00404D20 E8 50840200 call qsr.0042D175
- g I( u g; A7 O00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]3 S4 o8 h6 d1 p6 l
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
; D6 u8 u7 Z- [! n# }" `00404D31 E8 5AE3FFFF call qsr.00403090
g2 d, {) r; [9 j- ~00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
' A, f) W7 { {- x00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
8 y# n7 g1 ]$ }( v' J00404D41 5F pop edi% ?9 z0 ^6 g2 t! N _" T( K+ t/ o
00404D42 5E pop esi
. w0 e7 a! g# g) j6 \00404D43 5D pop ebp
8 k3 i5 E v1 U5 C2 C8 B) I00404D44 5B pop ebx
! F8 W! n* |5 b4 h$ q x00404D45 83C4 18 add esp,18
8 l( Z8 L- V; }* o) m00404D48 C3 retn
: g3 r. q2 c" [1 t# Q*********************************************************************************************************************************************************, b3 i g' O! q# P; M
跟进00404D09处CALL来到:
3 x: _& x$ R1 t* L004030A0 6A FF push -1 //一路F8下去~~~~# O- Y% R( ~1 k5 s
004030A2 68 C88F4400 push qsr.00448FC80 \: E3 c3 _( z+ z3 t
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
$ \0 G" K O1 j$ Y7 b004030AD 50 push eax
; W' X2 y: |1 B, h/ \0 v004030AE 64:8925 0000000>mov dword ptr fs:[0],esp$ W- T5 V# E6 D) b W4 @
004030B5 83EC 24 sub esp,24/ ?3 w/ ~3 M1 e/ \3 A- @
004030B8 53 push ebx
: o, Z. Q( z2 e/ _" V7 A& B4 l. m3 a004030B9 55 push ebp% b6 {$ ?- F, ]" D
004030BA 56 push esi+ Z7 g, l) m* Z; F) z% E7 }
004030BB 57 push edi" L t; f9 J6 @1 U8 l- V* B4 }$ P; s! m
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
% A3 G/ K, ?% V004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
0 g+ O$ k* P1 T/ S/ W+ g004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1- H5 e7 ]9 _& m' x% A- Q' P
004030CD E8 27C40200 call qsr.0042F4F9
- a. J0 @% z. m# T004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438], e1 \0 k# E( Y5 R9 H7 E
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
# W) y, F& W: E9 a1 i1 B+ |004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]2 _. ]" k7 {5 H% z* o
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
! ^4 L+ N# }3 h004030E4 E8 905A0200 call qsr.00428B79
( _0 a! M0 B! A# r9 y! k3 b& p( b004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
5 Y0 Z6 e( k! v) I1 S004030ED E8 3B5A0200 call qsr.00428B2D
: f* v3 v. b3 z0 U0 h& v3 P- m2 ?004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]; ?' I$ y/ }$ B& A: X
004030F6 E8 7E5A0200 call qsr.00428B79& V c. M, q: b" t
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]3 J" ?/ B5 W! A, `2 y
004030FF E8 295A0200 call qsr.00428B2D1 z; L, k' C* `( W4 q) `; {. f
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
( i) x o0 M W' U00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8] X) E- C0 N5 \. t" q- R
0040310B 83F8 02 cmp eax,2
) l* J, K: U# K. j0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
) d4 S4 v7 e6 L- `7 _00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
! x' l! F$ ^9 y9 \. v; K+ k; x/ X; M00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
9 e9 ~: ]5 K& e, z6 I, E& f0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳. o% T) T7 |# u1 K7 }( i; `1 C
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]* R3 D3 j) Q9 s/ i
00403126 6A 01 push 1
( e; W" {6 p: i) H00403128 50 push eax; P' N$ T& w( p
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 k2 T$ E0 j; X t& _: b( p0040312D E8 C4550200 call qsr.004286F6
0 s$ Z0 C3 [" y: f- G00403132 8B00 mov eax,dword ptr ds:[eax], }3 o2 J; k# \) e* \
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. K: y9 B/ U6 N) S4 U0 ^$ D
00403138 50 push eax- m8 m+ q. N) b8 N
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
0 d& F5 Z2 B3 T2 `2 |$ @0040313E E8 4D560200 call qsr.00428790
6 _6 V4 c! t$ B& ^ o00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 |5 ?- ?1 T& s$ k( D2 s( k00403147 8BF0 mov esi,eax
$ ^+ ~2 F& U/ Q& Q00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3% y g$ d. @ ]/ j5 _, b4 J
0040314E E8 38C30200 call qsr.0042F48B K0 {6 @) o+ g W
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]) ^ W6 P- ] c w
00403156 B9 3E000000 mov ecx,3E
% T& |5 w! Q# x( e7 B0040315B 99 cdq
( U& }) {5 L# D2 V0040315C F7F9 idiv ecx" K% l( o& H, g0 z0 r
0040315E 6A 01 push 1
! T% e5 t6 J+ ]00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
5 u+ `) W5 P X1 M& C D* t* d00403164 8BF2 mov esi,edx5 w6 M8 N6 q$ v! N4 O$ b, v: W
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
. I. Q! \: n2 r3 H+ b6 }" g0040316A 52 push edx
- ?; K! z- j8 l3 Y+ C0040316B E8 0A550200 call qsr.0042867A
2 J: X& v, D4 b4 s00403170 8B00 mov eax,dword ptr ds:[eax]
8 }) @) R/ |: A; u5 |00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
. O' v- W2 ?/ p00403176 50 push eax
9 m: i \; ^2 y. f00403177 C64424 40 05 mov byte ptr ss:[esp+40],5; W5 \. U. z5 h9 U! K
0040317C E8 0F560200 call qsr.00428790& ]) }; P, f+ Y/ V
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 }% `% V$ l; O/ R8 G
00403185 8BF8 mov edi,eax5 k! {' [/ ^" o) \$ I
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
$ Q5 ]+ j- h8 R& f( K6 V% i d0040318C E8 FAC20200 call qsr.0042F48B' @) u! A! ]/ A, e/ B$ O6 B
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]7 A$ ~ O4 ?( A( ^- q7 D
00403194 B9 3E000000 mov ecx,3E
7 M* \+ ^+ S, `00403199 99 cdq
; {) v6 `) M {0 T4 K. P9 z0040319A F7F9 idiv ecx
6 d# ~/ R! w& R( U2 k. u+ G0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
7 q, \4 K9 S, c2 H' T004031A1 894424 28 mov dword ptr ss:[esp+28],eax
7 h& n& @0 j5 x6 u$ A004031A5 8BCA mov ecx,edx
5 n( ]% C- ?! q- t' V S5 f1 j004031A7 894424 24 mov dword ptr ss:[esp+24],eax
& q! F# i) o8 `004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
* i! s6 t/ X S0 @# `4 Y/ `004031AF 894424 18 mov dword ptr ss:[esp+18],eax
7 a: X* W$ r0 ]* M: I3 _004031B3 894424 14 mov dword ptr ss:[esp+14],eax7 J8 e5 a6 e+ T, q5 F
004031B7 894424 10 mov dword ptr ss:[esp+10],eax7 g2 N8 ?; T5 P' ~
004031BB 8BC1 mov eax,ecx' l! B7 }/ N& _& u4 p
004031BD BF 0A000000 mov edi,0A
. Z4 V0 f% ?2 m( M- K, }004031C2 99 cdq( V8 E" h8 h: s& K+ l/ H
004031C3 F7FF idiv edi
. l0 P7 X9 _" s% L004031C5 8BC1 mov eax,ecx
: T/ F! r+ t; g4 T$ J004031C7 B3 0B mov bl,0B( X0 c( s, f' y
004031C9 0FAFC1 imul eax,ecx
# O1 c: `) ~! h% n0 U4 h004031CC 8BCF mov ecx,edi( g0 B* u$ y% Z; B5 r [
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl k9 T9 i* I9 Q! ^5 T+ c
004031D2 52 push edx' N& m) J1 x" e- O
004031D3 99 cdq9 [4 j1 s6 E% E, A6 [
004031D4 F7F9 idiv ecx1 [5 Q3 v2 o7 I' P
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
; X) n( {8 {) \' ]' P004031DD 2BC6 sub eax,esi; @0 G7 {8 Q2 z! r/ k
004031DF 52 push edx
' j: b5 R6 a/ L1 Z) o004031E0 99 cdq
* s4 P$ E! p) b/ @: S004031E1 F7F9 idiv ecx4 u+ e) e1 q& {/ M7 A+ ~
004031E3 8BC6 mov eax,esi8 p2 s/ Q0 a* Z7 I. B5 P
004031E5 52 push edx
3 M3 M c9 Z/ w! Y3 j004031E6 99 cdq2 J6 [( E" `: R A* L
004031E7 F7F9 idiv ecx
# s: h2 r2 h4 ^+ P% v% Z004031E9 52 push edx6 O* Y/ O& O; {5 V! |$ a0 |; v
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
* w/ C, s% W$ l* T4 C004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
& o. D9 d. ~2 k1 o+ h% Y004031F3 52 push edx- }/ S$ x$ \$ b2 J% r! [- w
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
! G7 N" L; n& c' l004031F9 83C4 18 add esp,18
4 V4 {' p7 f. G. B5 m k' q" O004031FC 6A 04 push 4
9 |& } h" a u9 E f; r" H# ^/ W004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
$ n% t# f) v$ [0 m4 j- q( ~00403202 6A 00 push 0: O1 L. M' x; j% R$ t
00403204 50 push eax
4 O6 I3 q2 t$ k9 p4 Y" P# `00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) J- {# Q+ j! a( D1 m0 H& @2 g. P
00403209 E8 D6530200 call qsr.004285E4, W9 C) T2 ~) u( d8 l2 o
0040320E 50 push eax
; `5 X$ c2 c2 K- D, e& ~3 _0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]( `0 u' h Z* H$ _6 U7 B, t
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C& @+ H1 s- S! V/ W- A2 d2 H
00403218 E8 A7C30200 call qsr.0042F5C4
( H3 M3 w R u$ J# a# Q0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
- X; F- r5 r0 i1 D00403221 885C24 3C mov byte ptr ss:[esp+3C],bl! E+ f' } A1 S9 t% `; @
00403225 E8 61C20200 call qsr.0042F48B# J( Q" Z; @) j* @! }2 f; W
0040322A 6A 04 push 4
, y+ S/ ]+ R* w, ~& g5 ]+ P9 F0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
1 {6 }$ V) `* N) C00403230 6A 05 push 5
& i( q/ n5 A2 V. [( i/ C- x00403232 51 push ecx
4 ~ z. D2 c7 w1 K1 E5 N00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
5 F6 R; q& U9 q! P2 \+ E5 Q" y00403237 E8 A8530200 call qsr.004285E4, y+ f3 z0 j' g9 ^3 V
0040323C 50 push eax
; l1 D# ~) K( `7 }* e0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
/ |1 H3 G5 S$ e+ p4 y7 W, t& W7 s/ r00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D. G1 s, \+ U0 a
00403246 E8 79C30200 call qsr.0042F5C4
2 j2 p6 l( y% L2 w. c( r+ R0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
! s- c2 R0 X. ?0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
4 O$ D' {; E% W. {) w6 U00403253 E8 33C20200 call qsr.0042F48B
I3 ?. v, Z/ Y# J7 }00403258 6A 04 push 4+ c9 Z0 O8 W' B1 j4 W+ P& R' X
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
. H* K8 s6 U7 _" W/ X0040325E 57 push edi
. p# G5 p: `( _0 O! @5 y0040325F 52 push edx; e ` u/ s) x" D$ E
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& e& `" H1 M3 k. I00403264 E8 7B530200 call qsr.004285E4& J1 J9 g; o5 L5 f/ s
00403269 50 push eax
' g0 O, G6 |8 _' X0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. W& w7 d8 m4 K ]$ l5 {+ ?0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E# }7 B B' S0 P
00403273 E8 4CC30200 call qsr.0042F5C4
! j S. E* x& u2 [5 R4 W00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]- m9 n' }1 N9 S
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
1 o: U1 I8 Y1 v( C! P+ a3 R( L00403280 E8 06C20200 call qsr.0042F48B* b4 K# {9 A; l7 M! h0 e! u) @) F
00403285 6A 04 push 4
) k" \1 v0 ?- v) O% ]" _3 G00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
8 J* C7 U& Y3 R* I. b& C6 f0040328B 6A 0F push 0F ~! l) E6 @( \( x
0040328D 50 push eax* u/ [7 j+ p: D/ ^* k6 E+ f
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ n3 A# a- c* E V. g. q00403292 E8 4D530200 call qsr.004285E4+ N$ T2 ~( @! I
00403297 50 push eax- t, a+ P( |; \; b
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
4 d j5 q0 d, p, _0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
7 `$ K) [, u" G# t6 _004032A1 E8 1EC30200 call qsr.0042F5C4
, u8 ~* m- f5 |004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 A: t% L+ [. ~2 U( I- F004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
9 ~ l' W2 l, d: [5 ^- z004032AE E8 D8C10200 call qsr.0042F48B
3 D; l$ U n5 U# s004032B3 6A 04 push 4
- M) e6 K$ O( z& ~2 d" u004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
. f7 j, g3 C1 r* ~6 [7 Q6 [1 S8 R004032B9 6A 14 push 14
: C5 N) L/ Y3 O: m/ z004032BB 51 push ecx
8 g o- N4 b, _) I" [* ~004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
) K b: S0 `% l2 H+ p+ g004032C0 E8 1F530200 call qsr.004285E4
, I; I2 t4 f \8 g/ U004032C5 50 push eax
! y- O! b+ w D* F) T004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 w3 \ C) a8 g" p9 ~) t C
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
; b! k$ a' B5 W7 M004032CF E8 F0C20200 call qsr.0042F5C4/ x) Y+ ]" t2 L P
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
/ F# O4 D' f8 J5 L0 s004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl3 ^: E$ X1 E6 }7 n/ m! o8 R- U
004032DC E8 AAC10200 call qsr.0042F48B
6 F! s+ d, _5 j: D. r3 H3 ? c. ~004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI9 w6 d" ~, u# X G0 C+ n
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX* k$ U+ M, q% e1 f8 ~. c' J
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL/ a1 C, k' o" |2 q
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL# |/ [! l" G' F" S) H5 a# h
004032ED 8ACA mov cl,dl ; DL送CL; J+ m' F$ D( G) _9 v& b
004032EF 3AD3 cmp dl,bl ; DL和BL比较! K5 {, ?: n) Z% k2 _" h
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
; F' b3 R6 n9 G b, ?: ?6 G004032F3 84C9 test cl,cl
' g; a# P. X6 ]7 G# v004032F5 74 16 je short qsr.0040330D
; ]% P8 Z+ t' ~- |# P004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
' L0 J1 X4 t! q; e4 ?" p' S5 p004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL" H, s9 N% B) G
004032FD 8ACA mov cl,dl
/ e8 D& ^ ^) K8 {, v6 x004032FF 3AD3 cmp dl,bl ; DL和BL比较7 t8 } S: G2 y6 K0 o
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳). e y2 K+ U1 f& Y" |; q
00403303 83C0 02 add eax,2 ; EAX加2; r5 m5 Q1 @) x6 T1 M2 m& N, r
00403306 83C6 02 add esi,2 ; ESI加2
+ b7 u2 V' D5 B L3 h00403309 84C9 test cl,cl. n! F& S5 X' _0 E( H+ d0 I
0040330B ^ 75 DC jnz short qsr.004032E9
7 Y3 n s1 ]7 c" B2 d0040330D 33C0 xor eax,eax
5 E9 [9 [1 g' k6 I0040330F EB 05 jmp short qsr.004033167 d! h2 ~. t) ]
00403311 1BC0 sbb eax,eax
4 E$ C E& j9 @+ V2 x/ H: Q7 i2 M00403313 83D8 FF sbb eax,-1( @2 g$ k& p6 ~6 I5 Q3 y+ d+ H0 `
00403316 85C0 test eax,eax6 p4 O# Z$ n- l7 O
00403318 74 0E je short qsr.00403328* d! L/ P, e N X, B/ i$ ^
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
$ N' R1 ]& l7 J2 \: M6 w" o0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
. u. k) s1 ]9 C3 \# c) z0 ~00403323 E9 F0000000 jmp qsr.00403418
/ Q* s% f, D, v00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX9 Y: L. a( Q7 z
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 t, X' J e0 X3 P# w
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]; d" k7 a1 g$ w& r5 p8 E( W+ D
00403333 50 push eax
: t0 Q! d( j* v- o00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
( R/ S3 T, L% n7 Y) N* W3 x00403339 50 push eax
4 T. _, Y% I9 r9 X. P0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
3 }) F, p6 m7 T0 s0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX2 W% {; n; |" t. A+ `5 B
00403343 83C4 04 add esp,4
+ `6 H g9 n9 F, j/ B# C! w& B00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI) Q* I$ w$ `* k" W, ?
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]3 O1 \- V$ w6 \+ v5 l3 o
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 g& u2 J1 }' r3 p) E" S0040334F 50 push eax' B3 r. c- H4 O+ z# W8 t# B
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX6 v$ h+ A$ \ h i" N. v$ H
00403355 50 push eax
, p3 D4 K' h1 Z+ Q/ Y0 Z" k4 z00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX5 u; O/ j! }/ k B
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
8 |; B5 V2 f5 t, A# a0040335F 83C4 04 add esp,4
2 x+ P2 y( s3 p9 r00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI2 F# V+ v, g, E; P+ Q5 P) o, S# F
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
/ [- x4 h F0 z [% d9 x* j0 e00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
8 B, v# X, I' l i0 m4 C/ D5 f/ ~0040336B 50 push eax
" L, s1 I( g* a- o% c& T0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX! _. l# @" T2 ~9 f
00403371 50 push eax
- w' |7 e6 p& B3 X% w00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
& j u# _% d0 a00403377 8BD8 mov ebx,eax ; EAX送EBX# o; f5 c3 E0 n3 l: H
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
) v: L' N N& M6 @( f- s0040337D 83C4 04 add esp,43 w1 P0 S5 w' _8 Y: y$ Y
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]: o5 H* j! h" Q
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
& I8 r8 |6 `$ V% F+ j00403387 50 push eax4 K' h# s2 X7 S% Q" T. t3 \
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX: Q2 b' x- a# R% _3 C; Y
0040338D 50 push eax4 s* n5 X2 m! o; p A/ P
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX E x$ U3 I/ I/ S8 c+ P
00403393 83C4 04 add esp,4
8 u. j. y \6 l- I/ h y00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]/ k2 X! R- w, ~1 j6 k
0040339A 8BE8 mov ebp,eax ; EAX送EBP' ~: S7 H! K" R% N9 A6 i3 e k. p
0040339C 6A FF push -1
5 Y: P! n3 {. R$ u% ]. }2 R; b4 d0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
% U0 I# ?2 B9 ?4 e004033A3 6A FF push -1" b. b3 p9 M/ N" m/ Y
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX5 S: V9 Y1 ^* m0 W, A0 k
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX/ s1 P# \4 k5 {2 @$ d
004033AE 6A FF push -1
! b5 E$ }5 i9 N k- V004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX+ r$ h- |" C8 C' }3 d- J
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX- F8 s% `- D& f. u4 t/ g Z c
004033B9 6A FF push -1+ J! L$ R+ M+ c0 y) W- p5 O5 @
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
4 i, ~8 Q2 F) a8 y, \) ]3 S004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
% ~4 G% p5 h! k0 h: W# C8 l004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
& d! x% N9 n; a. S* h: m" p8 ?004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX* G! q N# J/ R( h% E
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
+ s2 A9 z3 J; h6 J( a3 O004033D7 D1E0 shl eax,1 ; EAX左移1位
! h% \6 v8 S2 W4 c# \" b% R004033D9 99 cdq ; EAX扩展; d' J# _9 N0 k+ f/ |
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
8 l7 R% d% I# O004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
2 b" A7 i/ D+ N, |" W; u004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳); w3 Q# H( o3 q3 Y* `7 j- X, N
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
$ @. W8 J! h# G1 M! W004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]' J" s$ J6 l$ s5 p7 {5 j$ }
004033E9 EB 2D jmp short qsr.00403418( @" O( ]- s7 y9 e1 f
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX& p5 B" M0 X( W* ^' }/ z+ z% R
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2" Z, f$ a; g2 B0 y& J4 P% \
004033F7 99 cdq ; EBX扩展* }% ~$ ]4 K$ n( z/ M
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
+ `0 R" ~; m& @( @0 P1 f- b( D8 F004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX9 Z) c2 h5 _+ t/ X" m
004033FF 2BC2 sub eax,edx ; EAX减去EDX3 p* W% a$ G$ |
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]/ R7 J7 i: |2 [' L& J: {" ?0 I
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX) J s" t5 P; r! b8 g
00403409 99 cdq
: o4 B/ r/ I7 }# b; f0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
; l0 W' s" X4 c5 a- f( N N0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
5 d) s+ Y4 r5 \. T) R00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较3 \1 X0 }3 J; h& H
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
+ s: `; L6 ?! H' d7 T! v00403418 E8 6EC00200 call qsr.0042F48B ; % E ~/ B8 {. ~$ a* b3 h7 B" S
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" D$ O2 T- I9 [8 c1 c5 k8 @
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
# z3 `% {5 O5 F2 C3 t( q+ i00403426 E8 60C00200 call qsr.0042F48B
) u# \* _' {3 W0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
% N+ B/ ^: E8 g+ f* [0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8& a. P6 w* n2 x6 W
00403434 E8 52C00200 call qsr.0042F48B
- G) P9 b- S2 O00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
, x* Z0 A" a; j0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
# ]) q) z6 \" v2 l# T* F00403442 E8 44C00200 call qsr.0042F48B
$ z+ ?6 {( a- B2 K00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]$ W/ S) v& B1 p3 D: r7 w/ N
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
% `7 p2 }. D$ F- m$ x4 I6 F00403450 E8 36C00200 call qsr.0042F48B/ t4 B" ]3 S% d' R
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 s( @ g+ ]4 @4 W/ b n
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],38 ? l8 d! s" } `8 n+ F: y
0040345E E8 28C00200 call qsr.0042F48B
$ P: r: k% R/ r' f: v! a; d5 \2 p2 j5 e00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]" C7 \0 U1 l" Q( v
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
9 j! {( D* w7 A B* m9 T2 Z0040346C E8 1AC00200 call qsr.0042F48B
+ f% T% K- X0 x5 j9 u00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
; c; E$ x' A- u; r00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
% h+ k; n" ?8 z5 {! l0040347A E8 0CC00200 call qsr.0042F48B
$ ^1 C" n9 B j+ Q4 p0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
8 c! ]# }' q: L8 o2 r00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
8 \" P4 L6 d0 l2 E* T) n( x! t00403488 E8 FEBF0200 call qsr.0042F48B
; x% s8 h6 m& {! z/ }% H$ U! L- C, Q0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]7 _# K0 D& [& S" {
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
5 ^# ?1 w& K& z1 a. ~/ B00403499 E8 EDBF0200 call qsr.0042F48B( a4 M0 r R: }7 i( @
0040349E 32C0 xor al,al ; AL清0$ d( G# d8 M% [0 |" s" w
004034A0 E9 88000000 jmp qsr.0040352D/ o* f& r7 H2 ^, [0 ^
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
0 W$ C- ?7 O; x$ K004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
2 f% v0 T3 ]/ L7 O! ^+ _ n, G004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
' P9 [" R/ J5 f5 C3 G5 @004034B3 E8 D3BF0200 call qsr.0042F48B9 I, u$ r4 a/ @' M, d1 h5 d
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]/ s+ G5 V4 a2 V% M5 g
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
' W1 e( K: c- D" h( F004034C1 E8 C5BF0200 call qsr.0042F48B
6 h3 T& Z! W7 k# m) @4 q4 |004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]( [9 p8 K5 r, M
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
) o0 r, r4 H$ ]( U- s! X3 g, O' _004034CF E8 B7BF0200 call qsr.0042F48B
; R6 q$ l. {" \# r7 n5 K0 c- L6 p004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
( v; t9 P6 C4 K8 t$ p" K/ {( }( G004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
; N8 ~& W: }5 o8 ^' m8 o( D4 a004034DD E8 A9BF0200 call qsr.0042F48B
" ]- {6 m3 H$ @) K, {7 M- Y& Y004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& S) t4 h1 f% B6 ?6 k- b004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
, ]0 J* K4 O' Z, ~004034EB E8 9BBF0200 call qsr.0042F48B0 W; u& w) d9 a
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
/ |+ z0 `: D/ O! z* I8 r8 C004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2- `7 o( q$ j3 [
004034F9 E8 8DBF0200 call qsr.0042F48B( U" W G5 h0 B( Z+ E
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
: l. p9 r: z% `: f. M. o; Z# j00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1& r) A5 S+ k6 q! s7 \
00403507 E8 7FBF0200 call qsr.0042F48B! W, d; }$ O8 L- J$ D
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
( M- y* k: }7 S00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
# X5 P S" Y8 a- O8 N0 D00403515 E8 71BF0200 call qsr.0042F48B
8 h2 G3 c# e" G: N0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 V S$ ]/ C+ Q" a, _1 n0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
; e3 ?$ k; R, \5 W" H00403526 E8 60BF0200 call qsr.0042F48B
4 q+ h2 e+ i3 t; H% ^/ M0040352B B0 01 mov al,1* l; s0 \* R0 n& X% l4 n, k' @$ p
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]0 r4 |' l. o! ^) P* w* d
00403531 5F pop edi
. `& A# Y& P! ~8 v00403532 5E pop esi3 h$ m% t& L% ?) X" x2 o6 z
00403533 5D pop ebp8 n( F4 X& k0 B1 I
00403534 5B pop ebx+ |7 e/ X" b$ O, D6 Y" q! Z
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
/ i7 O/ H; _1 D& V0040353C 83C4 30 add esp,30
3 ?" S3 S$ l6 U( G, g0040353F C2 0800 retn 8
# b R( K8 o1 V$ y. [: W--------------------------------------------------------------------------------
3 n% _; v0 z+ D+ u【破解总结】
$ R7 o6 M& ?1 c$ ` C 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
6 V. C6 i- B/ r# j% I/ U- H, e6 T用户名:yijun3 \, x' w1 P( _7 p
注册码:4893*7777*3726*7777*0529
" J0 M; |% R' h/ A--------------------------------------------------------------------------------
& [6 O+ s9 I% c7 `【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡