|
|
|
【原创】破解Quick Screen Recorder; B7 m1 y$ x/ k+ t
【破解作者】 yijun
( O1 k4 A6 _* e" ]) o4 d【作者邮箱】 [email protected]4 }' S0 t- o* E6 u! q/ e3 z0 H
【使用工具】 OD,PEID
, W6 h" P& F7 ]【破解平台】 WinXP
% j3 Z% C: G/ ]0 @$ u, n【软件名称】 Quick Screen Recorder9 B4 O' ?$ p* [7 \' u
【下载地址】 天空
# O# g- D' Z; u1 m【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
& b1 G4 G V/ X) Y [9 r! h【软件大小】 540K
6 Y9 b7 ]( I9 r* [【加壳方式】 无
# c6 M) U3 e2 y5 R【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)6 M' Z p* n/ P) O
--------------------------------------------------------------------------------$ ?6 ], Q) W: Y! G) X8 g# _: D
【破解内容】7 S& w: m7 C9 c- y& Q4 i' K
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:0 T8 d3 Y. j* L( ] J& x. W* o
00404C69 55 push ebp //在此下断
) Y" t C4 G: S+ Z% O$ e+ r& A d00404C6A 56 push esi2 z6 m9 N6 Q Z0 O7 _
00404C6B 57 push edi( A7 J6 k. g8 f; x! y8 i3 l. X6 f, T( N
00404C6C 8BE9 mov ebp,ecx
) r! I% l7 N5 u) x00404C6E 6A 01 push 16 S# ~# c. x% g' ~6 w" A6 Q% Y( n
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
( `: E; K' t% _/ e6 V& L00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
8 G, D* A, n& i) y9 {: V00404C78 8BCF mov ecx,edi* A2 ?; Q5 W2 p( n0 d2 Y0 i
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
; ?# z2 ~9 V; S( ^. B( h00404C7F 8BCF mov ecx,edi
( S, m) `, G# ^5 {00404C81 E8 A73E0200 call qsr.00428B2D* M) G2 A2 ]2 h# v% d3 l( _
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]* \4 M9 y2 z6 H7 b ~- e
00404C89 8BCE mov ecx,esi
1 ~# u9 ]' ^7 G; s' u f00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX% r+ `$ ]% N( r$ ]
00404C90 8BCE mov ecx,esi
: ^1 E' c! x1 u5 `% L4 M3 e00404C92 E8 963E0200 call qsr.00428B2D6 U0 Z6 ]. t% [2 C
00404C97 8B06 mov eax,dword ptr ds:[esi]2 G# b u( b& h( z
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],21 F4 ]# i) t' a
00404C9D 7D 26 jge short qsr.00404CC5
% f$ b7 M: j3 }1 M, [00404C9F 6A 40 push 40
' P' B" R7 A; V' r2 g00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"( c- e+ U# C. ^! E/ S# x
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."5 |9 j+ z0 Q5 u" A, J
00404CAB 8BCD mov ecx,ebp
7 O/ v4 d$ S, W2 @# h8 H00404CAD E8 C3840200 call qsr.0042D175 o* d% {" c l0 @' t
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
' f: V; ] F9 o# Q2 k- T* j00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
! H1 C2 { Y% Z00404CBD 5F pop edi
) e% o% j* r' W) N' y6 K00404CBE 5E pop esi# e" i8 E( \) E
00404CBF 5D pop ebp
: P& Z0 f, c0 h Q* a& k00404CC0 5B pop ebx
( {. I( |& V3 u00404CC1 83C4 18 add esp,18
( ?4 g) r' @- U( @! i00404CC4 C3 retn
; s! X; T1 g/ ?00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
& y4 w3 N) E2 |1 l" z00404CC8 84C0 test al,al: a+ `) Z1 Y. I. ^7 }
00404CCA 0F85 1C010000 jnz qsr.00404DEC: w( ]( y( o1 P8 W, d: a/ z
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 n- }4 F9 w6 [3 O00404CD4 E8 87E3FFFF call qsr.00403060% w! v' Y) N& i& ]. Q( A. N( S
00404CD9 51 push ecx5 l, E+ e+ D+ r" e; M
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0( f, l( G$ X8 v& ]. N9 W
00404CE2 8BCC mov ecx,esp; x, d) Q; y4 ?+ r
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
3 k8 M, @, U: Y00404CE8 56 push esi
2 u+ B' X, L. P0 d3 \00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0- Q$ K, B0 j. [0 T# y- Y; I
00404CEE 51 push ecx, T8 P2 E5 }5 j/ H: K' M4 n6 v
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
$ ^4 l& h6 N' H5 @' q00404CF4 8BCC mov ecx,esp
! u2 i5 |% T5 L1 J+ z+ Q00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
% ]- i/ _6 Y- p: D( g- H00404CFA 57 push edi
2 G; Q( Z. a9 |0 w1 ?00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
7 K6 z" U( k3 D) J4 C8 Y00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 u+ z% f0 R& k2 Y/ N4 N- W
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0! \ n7 Y& [; p$ A: Z) Q- g2 C$ h
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
7 W$ U/ _, _" ?+ W K/ D00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~$ [/ L' c# K# L* X
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~) t3 J0 r4 x8 Z" i
00404D12 6A 40 push 408 X1 c- m: J& i& ]: j
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
- w. `4 L& A1 @; W) k9 M00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."+ u( J2 a$ |! Z8 V! A5 p) n
00404D1E 8BCD mov ecx,ebp
V8 u7 `* m. \7 x% ?% I00404D20 E8 50840200 call qsr.0042D175
# i) X& @* u2 e( Q% h00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]4 ?6 r" Z: S& O
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
: h6 T& Y. X, G7 A1 b0 Z! t5 \00404D31 E8 5AE3FFFF call qsr.004030907 x; U. k) ?" Q- ^# T
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]3 F! C0 c, e' W3 J( X
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
) U- Y9 T' }' D( O5 l. c$ w00404D41 5F pop edi6 I2 H# D0 ?$ e. U: ^0 Z' w
00404D42 5E pop esi* t7 e$ [; d" ?, D
00404D43 5D pop ebp6 @6 Z7 S* C" b, @2 H8 F/ s
00404D44 5B pop ebx
# c* A% `6 ? t+ ^00404D45 83C4 18 add esp,18$ Z0 S9 j' q' s* G- ~7 H3 ^. L
00404D48 C3 retn+ G: s/ x ?3 N2 T' h7 v! w
*********************************************************************************************************************************************************' |1 u7 l% Z! V+ U- p$ z
跟进00404D09处CALL来到:
% Y6 z: I4 u! E6 Q' g004030A0 6A FF push -1 //一路F8下去~~~~& A/ H4 H U5 ^0 ]
004030A2 68 C88F4400 push qsr.00448FC8
0 \6 F# o ]: T5 w& n004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
$ C# x; f- H' c$ o( f3 [9 o* Q004030AD 50 push eax/ ^5 q5 I7 U, P: k
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
0 e, S; n/ w% Y; I8 g004030B5 83EC 24 sub esp,24, j- o: D5 c% ?
004030B8 53 push ebx
. M* [& a1 E3 I, J. n9 U004030B9 55 push ebp
* t J: m3 e& v: a004030BA 56 push esi0 Z' R* a' }/ A; N. l2 i
004030BB 57 push edi" a$ g: \! ?. b8 X( A9 U/ e1 n2 S
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890". X% {, ^7 e$ S5 Z) ~: Y) J
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]: T3 l& }- X q. ~, m( C+ h
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1, u% ^; h h" b. u1 b% [+ Y
004030CD E8 27C40200 call qsr.0042F4F93 t8 L {- |3 f: ]7 l( H
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
2 Y( I* h5 T( p( q) L004030D7 894424 2C mov dword ptr ss:[esp+2C],eax/ p" [: G4 Y- [6 w, D, ^ o
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]( k. U+ A* Q) A; A3 q3 |
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
# C" u( p9 X4 @% Z- b) t0 i004030E4 E8 905A0200 call qsr.00428B79
* }) m2 E+ s8 Y5 g/ S: ]004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
' G+ m6 `2 j6 N, t8 U. A2 P; D( Q9 ^004030ED E8 3B5A0200 call qsr.00428B2D
. \3 n+ v- z8 \% P004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]# u$ z6 ]$ K4 _4 L, O2 `2 K
004030F6 E8 7E5A0200 call qsr.00428B793 Y0 x9 P. E1 d5 H: b. K2 n
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
" x" `' p) ?0 g004030FF E8 295A0200 call qsr.00428B2D' k$ J5 j6 v% f. N: E7 t
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
$ f0 P: h) p/ J) b00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]& o- ^3 q+ Y6 ?9 Y5 f+ B
0040310B 83F8 02 cmp eax,2
/ P2 r9 P$ @7 L- c( }' Z) ]0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳9 P/ [$ p6 } v# N, b3 u
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
$ s X% G- ~1 K00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
/ t+ O" S8 U# @7 |8 U0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳- A& W; o- I" D5 z! |* B
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]* }! i, j" L! s8 L- D0 e7 ~
00403126 6A 01 push 1# T/ ?4 \- x$ Y
00403128 50 push eax4 |7 l1 M$ h: s2 T
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]! y5 _# Z/ s& y* L
0040312D E8 C4550200 call qsr.004286F6
9 G/ |1 {) t+ A3 c00403132 8B00 mov eax,dword ptr ds:[eax]* s, g5 T( k: J% H: M F n- X! W9 O
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ ?7 V$ n4 f; ?5 v1 N00403138 50 push eax
# r! S* f8 y9 D9 z% K8 B5 s00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
/ F6 i& g, r8 {9 B) m' |% G4 X# K0040313E E8 4D560200 call qsr.00428790) a3 @" r6 h, @ L; c8 E
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& T+ x4 C! ?0 E* p
00403147 8BF0 mov esi,eax
( g" \7 i! D3 \6 K; E' O1 A00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
% L5 r+ X+ P3 w7 b$ Z% u0 R0040314E E8 38C30200 call qsr.0042F48B
]8 J; [! s" Q% Y8 J6 k00403153 8D46 0A lea eax,dword ptr ds:[esi+A]0 B5 {: z( q2 q- [; s% f/ \
00403156 B9 3E000000 mov ecx,3E6 U1 {3 R) L, m
0040315B 99 cdq+ u+ z8 l) o" X; Q4 q( Q( l; n( A
0040315C F7F9 idiv ecx
: b% w5 u* i: r( j. t0040315E 6A 01 push 1+ p; W4 Y1 u6 M, i2 W( [0 L7 N' Q
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
8 s# C: A) Q* d0 E* N00403164 8BF2 mov esi,edx
9 e+ I9 _; O. X; ^( U/ y! s00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
" N; \4 S2 l, c- ^% W9 T! S' Z8 T0040316A 52 push edx) y6 J6 E! J! q5 a4 X. ~
0040316B E8 0A550200 call qsr.0042867A
; }8 g# c- u- N0 B; K1 F00403170 8B00 mov eax,dword ptr ds:[eax]* d( m; C) s9 B. _. E8 p( F- D
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
9 I& x Q8 x E6 {& X% d00403176 50 push eax
: D4 S n! ~# D) C2 C' F& v00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
$ q9 L% i0 X7 Q8 M7 D0040317C E8 0F560200 call qsr.00428790% N! s4 Q+ g- D) E- Z2 K9 W5 g$ i
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 s# G: b- l, _- ^00403185 8BF8 mov edi,eax
( Y3 a" _. E/ r" a00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],35 K2 W1 I% U7 |# p; x" J* h8 M4 P
0040318C E8 FAC20200 call qsr.0042F48B$ k0 f& r1 O; a6 U% H
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]! b7 F+ W' W' c
00403194 B9 3E000000 mov ecx,3E, q0 Q8 n5 S- ]: |1 j# F1 b
00403199 99 cdq$ N6 z" T$ s; a h! ]8 X1 J. x
0040319A F7F9 idiv ecx
. c3 x2 h" ]1 R9 @3 {0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
- A) {, h3 m% w& q* J# r; v$ p6 M004031A1 894424 28 mov dword ptr ss:[esp+28],eax
. {3 h; S/ C( g) m- l" K004031A5 8BCA mov ecx,edx
4 _* w4 f* p, y3 j! ?0 }4 a004031A7 894424 24 mov dword ptr ss:[esp+24],eax
y% m6 a* p r. p k x* k8 v004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
( r& Z% I$ B% u3 F F7 B$ S* h7 F: b004031AF 894424 18 mov dword ptr ss:[esp+18],eax; y! M+ W( L8 O3 x. A- S
004031B3 894424 14 mov dword ptr ss:[esp+14],eax4 c H/ F. o% ~- K; w0 j
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
6 }8 k6 M, q* l004031BB 8BC1 mov eax,ecx$ ~2 `; I) u! E1 G, ~
004031BD BF 0A000000 mov edi,0A$ R. n3 ~4 `+ z. {7 E' V
004031C2 99 cdq
8 \9 E* H' Q/ K, q+ ?4 Z" t004031C3 F7FF idiv edi
' F+ A! F T( p$ G+ R$ H# D004031C5 8BC1 mov eax,ecx
+ r& H+ x; N5 N6 k& O3 J0 l004031C7 B3 0B mov bl,0B$ c9 h3 c5 {: m% j9 t. T
004031C9 0FAFC1 imul eax,ecx
. d; W* I7 t: @& n, n004031CC 8BCF mov ecx,edi. i1 I1 o& h6 C! F4 c+ O1 Q( D/ a
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
5 c) n' e% u+ U9 a004031D2 52 push edx9 {6 j/ ^, e q( f n
004031D3 99 cdq- m4 a" {* z1 T# U9 q" k
004031D4 F7F9 idiv ecx2 v; {7 O. L6 |4 v! b* R K
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
0 D, F( y$ v2 E1 q: X004031DD 2BC6 sub eax,esi
: g. b0 J3 ?4 R) m004031DF 52 push edx
& @. K# y8 X: ?' N h, H004031E0 99 cdq0 l' ]4 }$ c0 _: \' D
004031E1 F7F9 idiv ecx
( L1 O* a, @* D" W7 o/ B004031E3 8BC6 mov eax,esi h2 L9 e( H# ~& r2 l" r: |
004031E5 52 push edx
' X" x, Y+ @& L# b, Q/ }7 t004031E6 99 cdq
4 z/ L- c" \" \+ X* Y004031E7 F7F9 idiv ecx% {* z8 }4 A1 s; Z f
004031E9 52 push edx6 q0 E4 {1 Z9 b; r& B
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]. B/ d: J$ F* e+ W
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d") J2 d5 I! ^' O- K; z
004031F3 52 push edx
% @" t3 e) z9 P$ _' E004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893( x `8 F2 c, t7 u/ ]
004031F9 83C4 18 add esp,18
7 G+ h8 Z+ p( O3 \) e004031FC 6A 04 push 4
3 N: I& ^2 y* K. H) t4 s004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]0 F, ]5 q @7 _" z
00403202 6A 00 push 02 |# L$ T' S4 M
00403204 50 push eax$ Y4 m# J( [% V6 v, } j9 A
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 q- [6 R" @) E7 g% |# Y+ \
00403209 E8 D6530200 call qsr.004285E46 c I+ k( Y% J r; }: s
0040320E 50 push eax9 g9 r+ I: o4 l9 q3 P
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
! |( ?& ?/ ~) m0 \00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
, V- G8 L& `3 i; a( M! Y# l00403218 E8 A7C30200 call qsr.0042F5C4
0 M: k6 e7 e& ~4 l* |4 A [0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
' r) Y s. L9 f( L00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
* g8 E" h$ Q5 }00403225 E8 61C20200 call qsr.0042F48B
2 K( {% o0 j1 i' z, A- [0040322A 6A 04 push 4, T- ~8 t9 ]5 a r0 i7 p
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
; ]: ]1 L; W# e$ m' i# h* N$ T00403230 6A 05 push 5
& \" j& x( H5 s/ S' }, C* o00403232 51 push ecx4 `4 P0 P q. b- k
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
4 X Z4 P0 v* k4 [3 D00403237 E8 A8530200 call qsr.004285E4: |9 O4 ^7 x( Y" A" n) f% {& Y1 F
0040323C 50 push eax& p2 B0 F1 E3 R$ B& i! c9 a
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]/ u/ i, Q6 {* H
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
7 N$ g3 i, ]+ e( c00403246 E8 79C30200 call qsr.0042F5C4
. m( @ X( X( X( d2 ^& D0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) I1 I* O, l: q0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl( A" m" I" s5 Z+ k8 v9 O8 ?- r
00403253 E8 33C20200 call qsr.0042F48B
7 G' D2 e$ l4 `00403258 6A 04 push 4
3 r6 Q4 h# z5 W2 t! \2 F0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]2 U$ _' p2 h# Y( y" U
0040325E 57 push edi
" t6 F6 p) P/ R& H& R# P+ p7 Q0040325F 52 push edx
1 t1 {# w' x' T3 m `1 y* t00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]+ _6 V2 d; ?: D" Z6 E8 D
00403264 E8 7B530200 call qsr.004285E4" S4 W' H: n8 }, n
00403269 50 push eax
( m# J( n1 x) @* ~: x0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]6 m; B! K* U" z. c' C
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
# C( b ]5 ]5 I7 f! e# @00403273 E8 4CC30200 call qsr.0042F5C4
- y- y6 D6 w4 S- f( w00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 Q0 e1 g/ h) t4 y0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
( t, ?3 b! @$ G5 l+ G00403280 E8 06C20200 call qsr.0042F48B
2 H" F5 I: o/ K3 i) ]$ q5 t* d7 ?00403285 6A 04 push 4+ Q' ]( ~5 y' Y8 L- H( M
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
5 f/ w6 Z k* ?* W) `6 w. J0040328B 6A 0F push 0F' ? D6 d( z7 ?
0040328D 50 push eax( U! M% Q' E$ X9 I4 S* x! h9 W
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]% {7 I& J' I3 R4 V8 S& ?
00403292 E8 4D530200 call qsr.004285E4
1 j9 x+ u1 f% K3 D& V5 a. h00403297 50 push eax9 q3 [- C) F8 s# t; l! \
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
( [! V9 h! p( v$ C# h- S) W! K0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
/ A0 N) W+ N& {% u' K8 j004032A1 E8 1EC30200 call qsr.0042F5C4
+ G; c+ i/ V; q2 H8 O004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
+ i: y- ~( q7 c2 U+ W0 Q, d004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
: J' P. c) {# u- l" l# A2 T" [004032AE E8 D8C10200 call qsr.0042F48B4 {) `! @5 i8 B
004032B3 6A 04 push 4, J ]0 A5 _1 J9 P8 F5 \0 B' F. l
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]( A8 l1 b, C/ R6 u6 o
004032B9 6A 14 push 14
: h, d( G4 V' }# y( K" E5 X004032BB 51 push ecx
3 O( T; e* N% y5 o" a004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
5 v* d! D2 F: ?& I D004032C0 E8 1F530200 call qsr.004285E4! x3 X& m U0 [# v5 S% T; j
004032C5 50 push eax
; m; V/ ~, @. _004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) e: R! ?' q6 b- ^6 E' v
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10$ [. @4 O7 z0 K2 O P( b
004032CF E8 F0C20200 call qsr.0042F5C4
9 J+ F2 f& l' p9 A, q% J004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30], J, n8 j% R& i0 k
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
" [ D1 n' Y. I/ ^004032DC E8 AAC10200 call qsr.0042F48B1 d/ t1 n2 D, J. j+ g
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
( g J. s: \ g& W |3 l* \7 a004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX- s. f. n% [2 V3 M2 b/ U6 S+ }6 S9 R
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
! u9 k8 k3 F0 Q5 g004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL# a) A$ z" p0 l$ t+ M, H
004032ED 8ACA mov cl,dl ; DL送CL
) ^4 W* @9 v! B8 J' b& K004032EF 3AD3 cmp dl,bl ; DL和BL比较: y; j) q7 v+ }2 U% d! z7 D) Y
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)6 Y0 ^( u3 {) X6 u9 i
004032F3 84C9 test cl,cl
; F8 U7 w. T- V) H3 }9 q004032F5 74 16 je short qsr.0040330D/ O, J$ c0 \/ d: @% [: n8 [; W: N
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
: S7 r: W: Q% v& u' o0 `$ v004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL. s* c; d/ i# [
004032FD 8ACA mov cl,dl
8 r# R% u+ y Z& p004032FF 3AD3 cmp dl,bl ; DL和BL比较
8 b& \# [1 p/ L6 [1 j, g00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
5 V- m( O4 k" R* R; b# s& Z, c00403303 83C0 02 add eax,2 ; EAX加2/ V* c+ C/ T s" h. U& `, f
00403306 83C6 02 add esi,2 ; ESI加2
/ q/ y0 A3 H0 r# q, `5 k00403309 84C9 test cl,cl
2 D! b; q( {% w/ G3 B% z; }# s0040330B ^ 75 DC jnz short qsr.004032E94 ^, H g& e9 n: U, R6 V
0040330D 33C0 xor eax,eax
! S, ?4 `* c, a" n; [, n0040330F EB 05 jmp short qsr.00403316. E0 r1 c8 u# `
00403311 1BC0 sbb eax,eax) a' q4 [" q7 i3 l7 A3 E; Y+ B
00403313 83D8 FF sbb eax,-1
) I4 U1 ~5 O' R+ T# n00403316 85C0 test eax,eax
- s$ O" q3 n) T- l00403318 74 0E je short qsr.00403328
4 n" G) l( { q0 \2 [* X0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A% f5 q6 }/ h) e/ a. a5 k2 x7 J
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]; s* T0 k0 ~4 W1 ?( f
00403323 E9 F0000000 jmp qsr.00403418
) w& b: M! I. T$ B2 D5 y. S1 o! @00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX: K: a/ |2 m0 L
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: X" Y2 G& q4 N) f" B3 Z' R
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]; B* @; Z- B6 v* \4 a
00403333 50 push eax
$ r, k/ G( f1 k8 I' u00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX% S# ^4 l1 G8 B/ y
00403339 50 push eax
: u. ^! \% A8 w& U0 r0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX. C+ O" E: Z. Y' ?/ Z( T
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX# [ @+ |" Q f; W
00403343 83C4 04 add esp,4* p2 U0 | L/ e3 ^0 k5 X. ]
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI/ J& |$ P$ x x* G
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
, w, L! F# h5 ^0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
5 S4 Y7 t V3 W. P' F0040334F 50 push eax
. W( j G& g3 M1 t1 u00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
: n( b5 |: K9 X) M9 e00403355 50 push eax$ b" P: [7 y5 C2 [; h' S+ @
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
3 u! `. Y7 Z" n/ P4 t( W3 K& t0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
* w1 x2 X9 I7 U. q% X, C0040335F 83C4 04 add esp,4
/ G' b* e: \' d00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
2 K) u$ E+ l& G4 h V00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& E/ N- F! P# y' j) S+ i. P
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]3 g/ d8 M% M, Z8 X, z! D* E2 \3 |- H/ J
0040336B 50 push eax% O' C5 @: a$ q' f0 ]1 ?) D4 d
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX8 {7 i1 T2 N5 G0 Z9 N: y
00403371 50 push eax
: v& m) W, V6 }+ k7 ]8 ?4 a00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX; g3 a' r2 g0 B& v$ F! j
00403377 8BD8 mov ebx,eax ; EAX送EBX
. u: g2 O4 u K7 ^# J6 R00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX# p6 \/ E: K: j4 s! D, x
0040337D 83C4 04 add esp,40 ?0 l2 a- v( }( ^0 e: V) B' C7 ~
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]- Y4 p/ F/ y9 ~ d
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]1 \4 W& ^; z3 X i+ S7 c! X4 o
00403387 50 push eax1 w* t% f, K9 x
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
' q0 b* ]0 d: I% o: r# l0040338D 50 push eax
0 M5 j/ _, t% w% H0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
* W$ s2 Q; u+ y00403393 83C4 04 add esp,4
" P4 H$ _3 G) c' b) n: b! p* I00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
, Z( r, Y2 F: U" t6 x# G# Z) ^7 g0040339A 8BE8 mov ebp,eax ; EAX送EBP$ E2 Z2 H: p9 E7 u; |& B
0040339C 6A FF push -1
: t& w, ^/ J1 a V1 W0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
! {! W" `( Y/ F) H3 m004033A3 6A FF push -1
" q0 ^: C3 [5 ^0 v004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX1 n! \1 w+ _5 g3 S L9 s
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX: A% U. M) W1 [5 C4 x _2 j
004033AE 6A FF push -1
w, [3 P E* F3 r* ^+ s004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
& x# K- m( }# }6 L0 y5 t6 P004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX- _0 ~% N4 f; \' z o$ p# o2 c
004033B9 6A FF push -1
# O7 K; @6 y& j# o004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
, V0 t& |3 m n4 X004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX) E+ O3 N' y2 Q% S5 s' \5 G0 Q
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
) i# ^2 _! v4 d% W5 S; C/ l3 \004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
: A4 L) Y H; p& z; g# x004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX) E/ p& {5 e& g4 U- ?
004033D7 D1E0 shl eax,1 ; EAX左移1位
, y! y' w+ O. |2 h004033D9 99 cdq ; EAX扩展9 K, X, Z- g- T+ D8 g6 V
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中: G/ f l U' l4 Q# ?( V2 \3 Y
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
: \' c3 }$ o3 n; i5 }; C3 O, c004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
3 r+ i2 D/ Q+ b& {0 F0 ^004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
6 T; u# A) Q- R+ M/ E* d004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]* n# `' v) P- z
004033E9 EB 2D jmp short qsr.004034183 m6 Z! N- w3 f, q
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
# r1 T- _1 Q5 Z. P! }004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
' f h, x* k6 A+ r004033F7 99 cdq ; EBX扩展
z# ?! }) @4 ~+ j& O) o! v1 Y9 h004033F8 33C2 xor eax,edx ; EAX和EDX取异或2 `' M6 h2 E; i) p# c& P7 ^
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) E& K5 D2 \6 g) {0 o' C2 Z004033FF 2BC2 sub eax,edx ; EAX减去EDX7 x7 X1 o( Y f$ R {1 L( z
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
5 \& @$ u: U- n" y00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
7 K( u# e3 a `' u" l( i; B8 q) G00403409 99 cdq
$ X- f& z$ x+ U. Y! e M' X* `0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
; u% R& d$ s9 g0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
5 j; `3 S& d% w. Q! p& X/ H! g00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较( F* \/ U5 C$ H/ G: Y1 [
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
% S+ G& D1 R: F$ J- z, _# u00403418 E8 6EC00200 call qsr.0042F48B ; 8 ^8 H4 I6 p* [2 _
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 Q( i" T: ?2 Q1 S* j00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9, J; o# b2 c6 Y% M& C7 g
00403426 E8 60C00200 call qsr.0042F48B( k, Z7 K! y3 h! n1 ~
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 g1 D8 ]0 F* n; {8 R3 x0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
7 a2 y, O. A/ d) w$ ]/ \: M" k00403434 E8 52C00200 call qsr.0042F48B
z& @8 ^- O+ E2 O2 Q7 B2 v7 [00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. W: T: S+ L0 U& p0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
( x* s4 ~$ Q$ `00403442 E8 44C00200 call qsr.0042F48B4 T6 M7 u* U; ?& T
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24], s6 g/ q" a5 b( y% J
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6* ]! s6 J W/ C) M$ z
00403450 E8 36C00200 call qsr.0042F48B
& S. s( x" Z, O6 R/ y; y% @' |, _1 C00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 W5 a! I. b" v; E- s00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],37 l) u4 L7 ~% H! C' `
0040345E E8 28C00200 call qsr.0042F48B5 }* l$ l' }; ~# M- w- F
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
1 M3 Z& e P7 w9 m$ Y00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
5 d$ J7 ]- V6 K B4 N w: R1 I0040346C E8 1AC00200 call qsr.0042F48B
/ t G( m" C3 k. ^00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]9 i! U0 Y1 l2 g: Z/ y* c2 _
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
$ W! s1 W% G& o7 G- U2 n$ q# F; D8 \0040347A E8 0CC00200 call qsr.0042F48B
/ b. ]1 f, r; T3 K0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
' E3 F, f$ A7 k00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],07 O. Y0 Z# X3 I! z# v; L
00403488 E8 FEBF0200 call qsr.0042F48B$ ~; b1 o% l7 E6 H( r
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
~9 C8 u9 O8 k1 A9 ^00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) h& M- z$ p6 R3 W! m5 [+ Z( i# j$ Z
00403499 E8 EDBF0200 call qsr.0042F48B
; K+ t. z8 Q5 ^# f/ T0040349E 32C0 xor al,al ; AL清0
4 D% z7 z; o4 e D( {004034A0 E9 88000000 jmp qsr.0040352D7 G4 P( G l t; T
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~/ T! X9 n' V$ D% H5 f$ B7 [/ {$ @0 a
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]0 ^ _" ~2 D7 i7 G! ?$ J7 d. a
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9( ]( i. a& ^3 E, h! d
004034B3 E8 D3BF0200 call qsr.0042F48B2 L5 B7 L6 \" ~& ]5 l$ F
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]% I5 I8 x3 D5 k" f* w/ O* K
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
7 d/ a* K# I4 `004034C1 E8 C5BF0200 call qsr.0042F48B
9 b2 h9 o' ]' s& o004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
+ R n' Z4 z& d8 F: A9 O004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7+ P# H- q1 P8 A+ a9 t9 c0 a. z
004034CF E8 B7BF0200 call qsr.0042F48B# j8 w+ R# J: Y
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
- t6 w8 i( `* [( d' n2 d004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],63 v' G) k6 ~! `" {; t
004034DD E8 A9BF0200 call qsr.0042F48B
0 | F: ?+ k! I8 w004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
; z2 r3 I# t, e6 p: m004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],31 `/ ^, b! J% A- @
004034EB E8 9BBF0200 call qsr.0042F48B( ?# a6 ]5 D/ s k5 \, |. q
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]8 C0 \% q, _' O0 C% D0 M! l& R5 v
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2% X( s6 L8 |* e
004034F9 E8 8DBF0200 call qsr.0042F48B7 O# e" ?! U; Q1 M! k9 C
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
0 S- C4 _' P0 C2 ~00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
+ Q5 Z. @8 ~$ C$ K" M- C7 F00403507 E8 7FBF0200 call qsr.0042F48B4 L" q: `' n7 L. {& I L
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
& M; f/ T, g- z- Y7 {00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],08 `. T! @/ r" o U
00403515 E8 71BF0200 call qsr.0042F48B' \( _8 r \" h6 P
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
6 l. d. ~/ _, G: \" P% u0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1/ t* k0 ^' N6 } |# f! b" A) H
00403526 E8 60BF0200 call qsr.0042F48B
9 A; i2 r: w; f/ B* W; @8 ]$ {4 J1 \' h0040352B B0 01 mov al,1
* h% S: Y4 ]6 x! w8 C0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
& T& R) L" m$ }4 y2 V( ^00403531 5F pop edi( b7 Y$ C9 |1 x: w' s6 h3 k* s. I. @
00403532 5E pop esi
4 x; O; B- q4 J; _# `# c1 O& u00403533 5D pop ebp
$ t4 ^5 }9 }# r: I5 }00403534 5B pop ebx# J3 ^+ M& t- b, A, u8 |1 k1 Z
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
- u7 ] h' n6 i0040353C 83C4 30 add esp,30 A; V; ?8 S6 w
0040353F C2 0800 retn 8
# R8 m% D. b0 z3 s/ p. I, x- K--------------------------------------------------------------------------------2 F; s& ^8 I2 T3 F6 U* _' G# e
【破解总结】* \/ V0 i3 g% ^! Z3 s
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^: Z) V1 F o) c2 ^( c! T
用户名:yijun( i6 z- q: s& T5 q
注册码:4893*7777*3726*7777*0529% F: h. W# {7 Z4 {7 m- d
--------------------------------------------------------------------------------. z6 V# A' m0 t+ O+ ^, P0 a" m
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡