|
|
|
【原创】破解Quick Screen Recorder
0 f% U6 k! ]5 H+ H【破解作者】 yijun, t- x$ T3 L1 j4 s# V% o
【作者邮箱】 [email protected]* G) f& L! a& K- p: l4 d8 ~) W
【使用工具】 OD,PEID
# Z/ Z. N+ Q# K# ]$ j【破解平台】 WinXP( y) z% k5 `/ F& q
【软件名称】 Quick Screen Recorder
1 B1 o# ]6 I8 {* Q+ k @- v- n2 U8 Z【下载地址】 天空4 e% P$ k) e8 z3 H+ @% {% \: r$ K
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
) M/ @7 d k# z3 ?3 S【软件大小】 540K
) ?. x0 F# N. T5 @【加壳方式】 无
T( K J; I2 J【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
0 ~1 o3 i/ ?) p! v1 r--------------------------------------------------------------------------------
$ L) O( k- ^- W% {3 m. z【破解内容】
- y4 B3 Y0 P8 D0 q! | PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:3 L2 n2 y* L7 C6 q; b2 s# l
00404C69 55 push ebp //在此下断
3 ]$ K @$ D$ F* r7 w1 Z, x00404C6A 56 push esi
2 P+ j% ^2 r, g1 P00404C6B 57 push edi
( ~9 S. |" `: V8 }) e$ g00404C6C 8BE9 mov ebp,ecx
( C5 y6 m8 Y1 v/ t4 w3 p00404C6E 6A 01 push 1# A8 ^# ^8 L; d2 r- l
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
0 z! q' B, g1 r% J* |9 C) U00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
, X( o' K+ F2 q00404C78 8BCF mov ecx,edi
- y* h$ |* s' K; Y/ Z00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码0 K6 d+ k' g0 t$ }; \3 \: @3 e
00404C7F 8BCF mov ecx,edi
6 i! i9 E9 C$ E) E u3 j00404C81 E8 A73E0200 call qsr.00428B2D& a1 O) H& S/ N. e2 Q
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
& F' f# G3 q9 T/ P& X$ ^* R& O, D* z00404C89 8BCE mov ecx,esi6 e5 g$ h4 J7 K# F; S, {/ Y4 l! k' X- U
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
& W E, W' n! d4 N00404C90 8BCE mov ecx,esi
: |0 G: x3 ]; C; x% y00404C92 E8 963E0200 call qsr.00428B2D
7 V+ N1 Y. L3 K; Q+ a1 m/ N8 |00404C97 8B06 mov eax,dword ptr ds:[esi]
+ t. S. x; ~. k b6 n1 Q, L00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
7 O4 k/ U5 U/ q) x00404C9D 7D 26 jge short qsr.00404CC5& }2 u* I5 c0 t4 I( U& M2 s
00404C9F 6A 40 push 40
) Q" c2 z+ T) A- M9 n! t00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
' f( d. D& q" u/ J" Z" M2 r& f00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
# g8 J6 F3 Z5 u5 }00404CAB 8BCD mov ecx,ebp
& T4 G% f u$ H% G! E00404CAD E8 C3840200 call qsr.0042D175/ X2 r' X& {3 ^. S6 j- c) Y
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]* u6 |/ \& f5 k
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx5 y. `" F9 n3 y- N; Z b4 F
00404CBD 5F pop edi
9 e& g) J9 T' d. s* f5 ~00404CBE 5E pop esi( ~$ w2 k/ m4 o- h
00404CBF 5D pop ebp% Z5 X' z" p" L' {0 G6 `
00404CC0 5B pop ebx
! P1 s0 d5 C& U& b, o% R N9 p00404CC1 83C4 18 add esp,18
1 U Q7 g' i, c- d; j# q$ G00404CC4 C3 retn/ r. ]+ w5 n" p5 s8 {5 r
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]* C/ ]- R, {: x& q
00404CC8 84C0 test al,al
% Z: X: A1 h5 w1 Q* X% v |00404CCA 0F85 1C010000 jnz qsr.00404DEC( r& q5 u4 N1 [) e1 p) ^6 `* l
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]4 Q( _# S$ W" V# c
00404CD4 E8 87E3FFFF call qsr.00403060& e8 V6 n& h' k1 e+ [& k. v
00404CD9 51 push ecx
4 e3 Y1 o; T- K0 u00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0* V e4 Z |8 l$ u/ [0 t, |
00404CE2 8BCC mov ecx,esp
2 G: Q, u+ w1 W. q; ?' z00404CE4 896424 14 mov dword ptr ss:[esp+14],esp0 ^& _7 N( M+ s5 C3 c. f
00404CE8 56 push esi1 p* u: p$ W' r' }* R' h
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
8 ^- J8 ~1 s7 l% `00404CEE 51 push ecx7 v: O. o- X. {& ^" ~8 k
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
. L5 B6 y, R- G6 U; z$ @00404CF4 8BCC mov ecx,esp
2 Q: V; s: e8 _+ y2 m00404CF6 896424 20 mov dword ptr ss:[esp+20],esp. e* @8 g3 D5 X! d7 ^- l: v5 L- p+ ~# E
00404CFA 57 push edi
* q+ [7 Q+ E6 j# n+ Y V00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
) \5 c2 b. E6 A00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 K' U3 q- i3 d4 }! _5 C% z3 n4 q
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
7 ^9 S, N* {3 g; W9 i- E9 ~00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
! c$ O8 E. ?8 W; H( {4 _+ d00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
/ p7 I- F$ c2 M8 x B) j00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~* _0 r+ |3 t$ c& d5 ^* ]7 p
00404D12 6A 40 push 40
- |$ s5 s! g' x* t0 _00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"$ J+ U$ N: E3 p' v8 i+ v9 H; ?" \
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
/ p! I) ]) }6 }9 M$ f R$ \$ j00404D1E 8BCD mov ecx,ebp
$ g) L* l+ X5 F; c' L/ F00404D20 E8 50840200 call qsr.0042D175
, K0 U: G$ T! a- L00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 L0 x* m5 d' Y' _: C00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1/ M& i- j7 P& m
00404D31 E8 5AE3FFFF call qsr.00403090
4 y9 L3 V" d2 N: [; U X; Q00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]( J) M9 x+ e% r% F' B$ d
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
* [4 r6 N7 ]1 U; U0 L# ]+ e1 r00404D41 5F pop edi
# c9 J4 x8 E1 I7 B2 j$ `5 I00404D42 5E pop esi. L1 F; F% j) L& A/ E6 z% _" L& [
00404D43 5D pop ebp- f* _) R6 q! D
00404D44 5B pop ebx
2 h& {% T" I6 y/ ^0 O00404D45 83C4 18 add esp,18! K8 W' F' t0 w6 W
00404D48 C3 retn/ ?, O# y! \/ n. W& X
********************************************************************************************************************************************************** p# I7 y3 Y2 a' o6 f' F
跟进00404D09处CALL来到:
! C6 r0 o: A* U4 ^8 \/ F004030A0 6A FF push -1 //一路F8下去~~~~ B9 T3 @: K8 z
004030A2 68 C88F4400 push qsr.00448FC8
2 G* [7 g$ g3 r6 }4 H3 n004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]1 }8 q& u5 I; {6 o
004030AD 50 push eax
6 l# }( k9 L: v2 S0 C004030AE 64:8925 0000000>mov dword ptr fs:[0],esp4 K8 Z" R7 s6 b+ Y1 T8 c
004030B5 83EC 24 sub esp,24
9 m2 o+ d8 i8 t, G004030B8 53 push ebx' G6 Q" x$ x; _$ H$ ~! @# M
004030B9 55 push ebp% C6 @9 L# c+ D* @& P' Q2 U
004030BA 56 push esi
" W% _, Y( @9 N, C0 A004030BB 57 push edi
1 f0 P' I: @" u& _( K7 Z004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
7 a4 R7 i2 r" K' p/ ~- Z" _4 S5 ?004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
5 I/ }0 B- x! g5 q004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
" K2 K( D; |+ [004030CD E8 27C40200 call qsr.0042F4F9
4 Z8 \% K2 w- t/ m) |0 Z: Z, Z: c9 V004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]# D! o7 G% x( i( T
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax" S! u; R6 h+ [5 Z* j
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
" R% ~# o2 P& M; ]% u7 u3 K004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
- n" s6 k( { c6 y$ q004030E4 E8 905A0200 call qsr.00428B79. w3 m+ x: h3 M6 ?
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
; Z5 y2 ]4 R. Q" b, z- D% J004030ED E8 3B5A0200 call qsr.00428B2D+ Q: O$ U5 x$ o9 n0 { C
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
0 S. i, y" ~0 U" e004030F6 E8 7E5A0200 call qsr.00428B79; [) _5 g$ D& l( y
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 T' [5 [ ~3 C* g5 t004030FF E8 295A0200 call qsr.00428B2D
2 t& s! E% B7 ]) o. M00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
0 {/ Q3 a" H& b4 k4 t6 x00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
6 y9 D+ w$ w D# y2 q0040310B 83F8 02 cmp eax,2
9 G# X9 R `$ Z0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳5 L$ r/ h1 l5 [/ G' Z4 T ]% i$ N
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]1 M" d2 g9 G: y7 `- a/ c4 f1 u
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18# v1 m; G i+ L% U9 k, }( G# o) i
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳1 a' }: a% h7 H, y' {9 p
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
2 e3 r6 `- ~; r# v: V. L00403126 6A 01 push 1
5 v6 I: |6 B( u! u8 m' A5 E' l00403128 50 push eax6 Z% K! z! h- u+ q U( n: d
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]6 v6 m8 E& l/ v4 V9 d
0040312D E8 C4550200 call qsr.004286F6
% \3 r6 ^% V5 k" a/ A00403132 8B00 mov eax,dword ptr ds:[eax]( _! t7 t! F3 Z1 _1 f8 H, k
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
+ J+ j' `. `+ Q7 `00403138 50 push eax+ L8 {* P( Q3 v; |4 ^) U
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4+ _, a4 L4 ?* D5 P( H7 q
0040313E E8 4D560200 call qsr.00428790
4 F% U- X4 u: e7 d" E- A7 `00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
/ E+ [& f- e M" U! E. [00403147 8BF0 mov esi,eax
: [( g, h/ [# T0 {00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
8 r7 b5 s, w ?* h# V1 N0040314E E8 38C30200 call qsr.0042F48B0 e1 f9 q- x, J0 u3 O0 Q
00403153 8D46 0A lea eax,dword ptr ds:[esi+A] L5 h4 O3 w) W; i7 F7 T9 N" y
00403156 B9 3E000000 mov ecx,3E% G$ D3 k# b1 P9 Q1 f* ~6 Q& q
0040315B 99 cdq; Y) g& q+ J# T$ I1 k" x: U( a
0040315C F7F9 idiv ecx+ C( w1 g, B2 e! F
0040315E 6A 01 push 1: }1 L: L3 ~' f' k! `7 z
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
6 Z6 S* p: }* v9 O0 A0 l00403164 8BF2 mov esi,edx& F! `4 W4 O C8 V& ~" M5 J- L: @: p
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]7 [5 B% t6 t6 c" x
0040316A 52 push edx
2 `8 m, O. D$ b. x' C' ]2 @$ k0040316B E8 0A550200 call qsr.0042867A' Y3 i ?0 T4 n
00403170 8B00 mov eax,dword ptr ds:[eax]
1 O" a$ p5 Y& z1 y& U& J$ n3 v+ J, K& l2 K00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]4 ]) I% q3 p% Q+ q$ D' {
00403176 50 push eax
; m4 c" o6 ~6 E; U2 L9 j* j00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
% r, U* {9 t+ j/ z0040317C E8 0F560200 call qsr.00428790
, y5 o/ F3 ~2 g' M+ I0 A2 i- l00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ K0 |( i1 _9 ^( n e6 D: V& R00403185 8BF8 mov edi,eax2 c. |& E5 f2 z/ U" Z0 h; J/ }* |
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
9 Z2 H( S8 ^1 X, o, a& w& T8 |1 K0040318C E8 FAC20200 call qsr.0042F48B
* P+ V. Q1 }9 d00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
% O$ l0 }/ D; ~) _00403194 B9 3E000000 mov ecx,3E, {0 @0 M; n3 Z' a9 L/ L
00403199 99 cdq
: r+ B$ X4 n' R' R) H6 }0040319A F7F9 idiv ecx" m: l' }* P) S* j
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]/ L. ? ~0 D4 S: G) B3 M
004031A1 894424 28 mov dword ptr ss:[esp+28],eax+ q+ ~% ]4 H) x3 o! V- J0 @3 W
004031A5 8BCA mov ecx,edx
. a* s/ R8 E- ?0 T g5 `8 ~0 C004031A7 894424 24 mov dword ptr ss:[esp+24],eax
2 r3 R% v& j! f: v* @# J8 G004031AB 894424 1C mov dword ptr ss:[esp+1C],eax R. f3 T$ R) I$ \! r
004031AF 894424 18 mov dword ptr ss:[esp+18],eax5 P u" q& c& G4 k: t+ D
004031B3 894424 14 mov dword ptr ss:[esp+14],eax1 ? ~+ p) U( b2 S( `
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
f2 x7 p N2 S) n& h8 U004031BB 8BC1 mov eax,ecx, B! L1 z* z+ M6 B2 M2 X
004031BD BF 0A000000 mov edi,0A9 s7 u8 \) c6 K5 o& A6 C
004031C2 99 cdq
# f$ `$ q3 e2 Y. N004031C3 F7FF idiv edi1 T1 ?1 O3 R. I
004031C5 8BC1 mov eax,ecx0 J1 ^9 a* }/ k8 a
004031C7 B3 0B mov bl,0B
) O* J* g! A" |! k" F004031C9 0FAFC1 imul eax,ecx1 n) T- K! r7 O* a& l9 `7 l% ^
004031CC 8BCF mov ecx,edi8 k7 }! d& @) O* d
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl( `" U5 g& ]' i# }8 M) u, l
004031D2 52 push edx: K# w$ ]( T2 b5 h
004031D3 99 cdq
9 m; \% G, [8 w# p# Z004031D4 F7F9 idiv ecx
& M) s9 Z- q3 @# t( |1 |/ o004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8], ]0 f4 s1 t8 t" z
004031DD 2BC6 sub eax,esi* k6 } x& c1 c* F) N2 X6 G
004031DF 52 push edx9 d2 l; A" ?& E* O9 ?7 A: \0 m, d1 L
004031E0 99 cdq3 q9 y7 o7 u! e( [6 B
004031E1 F7F9 idiv ecx: E" f( \% y- f0 p9 n, U! t5 M
004031E3 8BC6 mov eax,esi
% B$ a( w! b$ d( v/ h% c004031E5 52 push edx
, H# r, T' @ F/ u% D8 v- w1 x, m004031E6 99 cdq
8 c/ q5 }8 {4 L# B5 d% G% S004031E7 F7F9 idiv ecx6 ]7 O/ [! S3 j! Z- K: F
004031E9 52 push edx3 P; r, }" |' |
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]# E) q9 u1 g0 J- t& W6 Z
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
, Q- X/ ~8 c6 L6 e! ~2 o6 y004031F3 52 push edx: `$ w; i/ l( b6 B) F$ W `
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
" `: t$ J8 o. T, N" M) B004031F9 83C4 18 add esp,185 q5 b$ X1 S+ o$ @. W
004031FC 6A 04 push 43 w$ R: X8 b3 P0 D
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]& @6 f& p% k% F( P3 `
00403202 6A 00 push 0! {) {" L# v" }6 P; ]) {4 S
00403204 50 push eax
9 Q2 L4 B+ L! F* ?00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) v7 }/ \, a+ w! ?1 ?: l0 l
00403209 E8 D6530200 call qsr.004285E4% n. w' d& C4 z
0040320E 50 push eax8 J4 Q @: C" B2 s% c7 |3 V! s: B
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]" _- H4 {$ q- d8 A' m# P
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
# a/ ~% c7 ]* q# p5 H a00403218 E8 A7C30200 call qsr.0042F5C4# U; X& ?& v1 D" H7 a: i- `6 z
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
& r! C: n& W |7 [4 M00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
1 X7 f4 x H( N8 J9 G00403225 E8 61C20200 call qsr.0042F48B, b2 }5 b. Q8 r) b( K; D9 ]
0040322A 6A 04 push 4
! P6 G4 K5 b3 c8 x {0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]# G' j$ y( L0 B; m2 |, @ q
00403230 6A 05 push 5
" p, b1 S( Q1 ~2 H* a00403232 51 push ecx
v* D" E+ b" \5 |00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
7 ~: V) m m( a% u% U2 M+ c6 \+ O00403237 E8 A8530200 call qsr.004285E4
% J6 T1 b( q9 ^0040323C 50 push eax0 h8 U+ Y# \! n) Q1 w' c& o2 J
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]$ q6 c6 y( g6 }9 B2 n
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
& F3 A+ A/ t( [7 |( l8 L6 c/ A( r00403246 E8 79C30200 call qsr.0042F5C4! o, H# |" Y# M) p
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ k/ f0 L4 m* o0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
* F) h; `, j `. o, h00403253 E8 33C20200 call qsr.0042F48B
% }/ J+ j, Q p4 _/ t0 H00403258 6A 04 push 4( S0 d( @9 U1 X3 Q* M' w
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]2 J9 ~! }# D, I9 ? c5 D
0040325E 57 push edi) E3 h) W8 r. C, U8 k% u
0040325F 52 push edx
9 `* h* |- s2 Q l& y00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ D3 @" B( E( e- b00403264 E8 7B530200 call qsr.004285E4, I6 y! ]5 d7 _+ S0 n
00403269 50 push eax! ]" B; x4 D4 z" G' L/ y9 K
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
% P% i$ i' y! G! `) A$ |- u- Y0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
' L7 c8 M9 H5 o1 `" t* t7 \/ {, \00403273 E8 4CC30200 call qsr.0042F5C40 y" p4 E3 T: D% N$ @4 h7 a
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
' v f; r- l" e! B9 i0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
2 Z6 g* e( v+ _! w* P8 s2 ?00403280 E8 06C20200 call qsr.0042F48B$ a1 p$ [' M- ^. s. W# v
00403285 6A 04 push 4
4 q1 q+ j$ [6 ~00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]4 k- t# Z" q4 l% q% v' s8 `4 p
0040328B 6A 0F push 0F) i0 W/ j( u: p% H, g! n
0040328D 50 push eax, [# e9 i+ w _0 |7 T
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]0 ?+ S3 `$ ]: | k* V
00403292 E8 4D530200 call qsr.004285E4
& k* q) _- k" f00403297 50 push eax
9 [2 w% Q0 n8 k) n00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, l k# R) z$ ]0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
. R; ^, \, P, w j3 t004032A1 E8 1EC30200 call qsr.0042F5C42 X6 a0 M% P* m* M o( c6 s |8 r
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
& [6 }! t$ s5 w% p004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl$ d9 }9 g% _0 C) v! T$ a5 ]7 Z
004032AE E8 D8C10200 call qsr.0042F48B1 o# K0 i7 O) [
004032B3 6A 04 push 4
: X7 q5 Q* F$ G0 `* g E004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
3 w2 Y6 O) G" E+ E. Z004032B9 6A 14 push 14
- M. T, C# v# o Q2 a" V& w004032BB 51 push ecx0 v; |) r7 M) A1 T
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]! o, Y* w. K p: ^' {3 ~4 ]2 v9 N
004032C0 E8 1F530200 call qsr.004285E4& \$ |, {* H' ~# r- A+ x
004032C5 50 push eax
5 u f' l7 C$ n+ m+ x7 L+ `* _004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) B1 A0 R9 Z: y6 r5 Z
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10, t9 V7 F! ?4 I* k$ q3 V
004032CF E8 F0C20200 call qsr.0042F5C4
1 d( r7 J+ V3 g' d( ~: ?004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% y% D3 [$ d+ l) j, f' n
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
" s7 r/ P5 j R. a7 W# y004032DC E8 AAC10200 call qsr.0042F48B3 ~0 p! R* d3 |' K
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
( o# ~" s: h8 S* z: j/ ^1 A0 q004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX( n* z! _1 P% j7 s; k9 a1 q
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL% F" V5 q( m' n0 {) Z$ d& U% C' I
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL. `% ]2 R- R, q/ t
004032ED 8ACA mov cl,dl ; DL送CL
; k5 h5 {3 O% p- S a! y004032EF 3AD3 cmp dl,bl ; DL和BL比较
+ ?" A% V2 w& h004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)" i; p! k0 ^6 w/ ]$ n0 m
004032F3 84C9 test cl,cl! y; W; P y i- j" `! M! E3 B& B
004032F5 74 16 je short qsr.0040330D+ E, E$ S7 F! h$ c+ c: d
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
2 S' o2 ?; R# h& g$ }0 M004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
6 Q5 {9 B0 c: y7 v, G004032FD 8ACA mov cl,dl
. D0 E+ r7 J) X( ~004032FF 3AD3 cmp dl,bl ; DL和BL比较
: [# d8 T# q& |3 u$ I00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)' {6 J( G9 } v9 ^+ V3 X/ {4 K
00403303 83C0 02 add eax,2 ; EAX加2
9 `- j: H: V. J0 M$ i5 w' `$ {00403306 83C6 02 add esi,2 ; ESI加2
# h3 ~4 b; m4 D: w$ }00403309 84C9 test cl,cl2 p& }! c, T$ A6 I4 n/ b( I
0040330B ^ 75 DC jnz short qsr.004032E9/ e& q) @6 o6 P; p1 Q
0040330D 33C0 xor eax,eax7 N) t& f1 \5 ~0 U! g9 F
0040330F EB 05 jmp short qsr.00403316- p8 G* L( z5 X7 O2 B
00403311 1BC0 sbb eax,eax: Q+ y# R* n- u7 z1 X
00403313 83D8 FF sbb eax,-1) [" P$ U' X0 v. B3 e) R
00403316 85C0 test eax,eax
) g' d! Y( I1 |* I& A4 Y+ ], \00403318 74 0E je short qsr.00403328
- L6 D5 I2 q) e v9 w0 i. T0 _0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A# d) @9 ^7 L# k4 {5 h. P# N
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]$ f0 ?9 F* U0 f+ K/ r/ _" T
00403323 E9 F0000000 jmp qsr.004034184 d' q& V; `8 i$ @2 m# E- {. v
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
. x h e; Q$ G0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
n- a' _! q1 o00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]) t& [7 a, G7 e! ~5 V3 b
00403333 50 push eax
; t- G* Y# \- G4 n+ ^00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
/ W# u& h; L/ _00403339 50 push eax
$ V& y+ r& b% @2 B$ ^) }& j4 v0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
y& `* O0 R4 a) @# L8 Z6 u0 ]0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
- Y. |6 B- T, T* e' v# p' M% R/ `00403343 83C4 04 add esp,48 Y* F A1 W5 s" f+ E
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
( g. v1 o& r. j00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]: ?& e7 U9 m1 C9 W
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]( v+ r0 J2 y, w" X2 k
0040334F 50 push eax
4 ?9 ?, ~3 \' e' ?00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX. x: M; H8 |% [2 P6 x
00403355 50 push eax: n7 C6 M9 V" p' Y
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
6 @, V f( f# l; [0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX9 S; f2 X! p" k8 T6 e- k/ L
0040335F 83C4 04 add esp,4; H6 x% a" Z7 t
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI; J1 b5 W; x. ^$ e c
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]# B* Q9 e: U1 Y0 ?; E
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
2 o& {, v7 H' q" P6 t0040336B 50 push eax( H$ j. o, S' [/ v6 _+ c; K
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
9 f! H6 G+ M, A00403371 50 push eax( C0 @2 r$ B6 {( M; n- o k9 |* h" w
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
# X T& W5 H2 o7 w7 `, V3 O; v9 V8 }00403377 8BD8 mov ebx,eax ; EAX送EBX. U( w+ R. I7 h4 Q5 g
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
/ P% g' I$ P# f- E0040337D 83C4 04 add esp,47 i' W! z& D) L" t3 m K
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]$ b- i. X, i6 E+ N/ L
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]7 C4 p, k% T+ d& o' s
00403387 50 push eax
1 ]# F# S6 I! u2 a0 h0 Y00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX& c4 N; ]" `% g g1 ~- ?
0040338D 50 push eax
; I) |5 F- n' u: I- [2 z/ B/ G9 a0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
- y% M" l8 Y' N3 f4 b& _$ w' H00403393 83C4 04 add esp,4
# `% S' d7 s! u( `00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 A& S( h0 j( L* @% U( ~
0040339A 8BE8 mov ebp,eax ; EAX送EBP4 } g# C2 ~. ~. C. b1 u* X# [
0040339C 6A FF push -17 ^& X4 Q# t9 k5 |8 M9 m
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX0 |! d+ P9 ^/ l* J) c* S3 _6 k
004033A3 6A FF push -1% Z* `6 r) T$ R- e# w, f7 |
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX2 b' ?, e- P& z( v# g
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
/ ~, y0 c5 @& R, y004033AE 6A FF push -1
& v. U* Y" Q8 u3 S004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX: r, c# c6 G% k* {2 o4 p' Z9 N9 u
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX0 k- Q3 s3 \, X8 r, T
004033B9 6A FF push -1# j( e& A b/ G/ K& d+ a1 z
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX! M- I* ?6 m/ v. e" w
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
, r: w: Z/ L/ y6 D2 T S N004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX7 ]* B) w: H: x+ f0 H! l
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
, s6 U1 C1 _" a1 j0 E1 D! j004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX5 ^/ k* r( [) _- m: h! W
004033D7 D1E0 shl eax,1 ; EAX左移1位
6 x# ]7 m3 w% c9 u1 T004033D9 99 cdq ; EAX扩展
$ K9 m8 \% ^5 C004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
3 o5 a, q% |( {& f1 I+ f004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较 @% R9 R! P7 Q7 C0 X. Y+ M0 H$ E
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
+ H# ^! J( z8 H004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
# M7 g% s* a$ q. A- c004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
& z7 A4 p% m5 {; s7 s/ R004033E9 EB 2D jmp short qsr.00403418
* \6 H' W( N0 ^% }004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX4 L5 Y( e9 m& z5 F. P# s
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
' G1 B3 Q! R6 f1 v: J C004033F7 99 cdq ; EBX扩展% h7 q; @# \: N+ v7 J" _# j
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
9 E5 _+ s: w. r) ^ c2 E* e" I* D+ z( b004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
$ p3 Z7 Y- p0 l004033FF 2BC2 sub eax,edx ; EAX减去EDX6 A2 {/ d: R4 v9 d3 v
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]% a9 g! I E; d" G4 J# y/ Y
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX" k0 L4 N4 I* Q4 a4 W8 D
00403409 99 cdq! i: w+ W% J& o% c5 K) n
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
7 ~) K& k& G5 U6 w) Z+ t/ s& G: a" C7 I0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
6 l% O+ C. c3 s# k" h/ R) L, @00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较+ ?$ R- x: _6 m1 G! i
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
5 G6 W4 o, t! f" Y: a2 [) [00403418 E8 6EC00200 call qsr.0042F48B ;
6 @. l3 U' y; p1 D0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]; N, @9 n9 d4 V' B( z
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
) l! s1 j- p7 J00403426 E8 60C00200 call qsr.0042F48B
, X p! O' E9 C2 F* g0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
( a/ [+ A$ A/ Z- K3 B0 v5 l4 i! P0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8: C% s) l0 v$ i
00403434 E8 52C00200 call qsr.0042F48B
% K( E+ l& B1 m& U7 |8 b00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]! `% o* c7 x. a2 r/ ~! a% @( \
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
# ^5 i) Z7 m# c# [ g( i6 _00403442 E8 44C00200 call qsr.0042F48B
5 f# V& _4 P G7 I# P00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]/ Y. l) I1 F% x8 I0 j
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
* F& w) X3 m; Y00403450 E8 36C00200 call qsr.0042F48B% ?2 i' v! g4 T
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
. J; \( d% \$ z: `# X% i3 P# k; R00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
; x; h1 N+ B; N9 V0040345E E8 28C00200 call qsr.0042F48B
) K1 h# x+ m6 B/ ` r! U. @00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
$ ]2 t" S+ b5 b+ ~00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2/ W/ I# e) r G' v w7 {
0040346C E8 1AC00200 call qsr.0042F48B
& a! g: p2 |: `' x# H. [6 l% d" b E00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
2 |" _. B3 h3 U0 K00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],12 _) l7 h, s* `3 j
0040347A E8 0CC00200 call qsr.0042F48B$ M% N6 ?4 a1 S( L% A( d. Z
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]1 t6 E2 }5 o% E8 [7 | z
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
- ]: y. S# W) E! W4 ]$ M00403488 E8 FEBF0200 call qsr.0042F48B
8 f% u+ L$ R! E2 d6 r# y/ o e1 s0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]( P0 L w9 Q9 S3 x6 o
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) U+ e0 e2 n/ v* V& w5 }
00403499 E8 EDBF0200 call qsr.0042F48B
9 h! w7 ^# F; c1 \0040349E 32C0 xor al,al ; AL清04 \0 f+ C" m! `# e' C$ q( \1 c
004034A0 E9 88000000 jmp qsr.0040352D
( \+ K; @) S* e0 @- I004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
4 x9 b& B4 F& V0 a3 W004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) n0 f* \- |+ v' T# M1 v( w! n004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
; v& T. u3 e5 w7 _0 K4 N9 J004034B3 E8 D3BF0200 call qsr.0042F48B
4 R4 Y- ^. A* v$ {( Q7 q$ d004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
4 Q/ w+ ^1 Q* ^3 U0 L5 f. a" O004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
) A1 \4 q$ D ^* y2 ]/ V8 C/ a8 t$ b2 I004034C1 E8 C5BF0200 call qsr.0042F48B
% }* y8 [( C9 m: E/ M004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 T; C" `# M8 e1 e2 |
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7) S; H+ |. m" j$ g( q
004034CF E8 B7BF0200 call qsr.0042F48B
& L& {: S2 i& P0 H! p8 |; _: {8 Y004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
; J! H8 g3 O |& ?7 y/ y4 ^6 v004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6 z7 \) \$ l3 I4 J0 t* i' Y
004034DD E8 A9BF0200 call qsr.0042F48B& B7 J1 s6 F# F% | \
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 }4 t& y0 `% g( B2 N004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
( N+ Z6 {; y. H' P004034EB E8 9BBF0200 call qsr.0042F48B0 b/ l% f% C/ t9 m5 ~$ z
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]- h) h; @9 }/ R1 W' L
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2+ h2 ]2 f* J8 g: ~3 z/ {, e
004034F9 E8 8DBF0200 call qsr.0042F48B
5 E: W5 F7 E/ ~4 p004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]/ V+ e1 Y a M# U) B6 F+ m7 ~6 y
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
+ O( x% B h" e00403507 E8 7FBF0200 call qsr.0042F48B
3 z# V( n' O" V% u ]8 C( K s0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
/ P; e( g! y N: H00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0$ b$ V* t6 J; {9 O+ d
00403515 E8 71BF0200 call qsr.0042F48B9 k2 P' Z( J6 C1 Y7 ~
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
9 f* {$ F* y+ o6 U1 F% N0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1% d: f: \% @/ m1 A7 S
00403526 E8 60BF0200 call qsr.0042F48B
7 H0 `2 ^) P& y# m, B0 L0040352B B0 01 mov al,1
9 m# h, T, f% |3 L0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]/ {; O0 O% g. P
00403531 5F pop edi: {) p6 T& V! b) }5 J) w+ @
00403532 5E pop esi
( `) Z, x; ^2 P3 _5 _00403533 5D pop ebp
+ R: c7 r/ m, A. |8 o4 S3 W00403534 5B pop ebx
6 \/ q, e) \ u6 t* l+ V00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
5 N% b8 G& h- l0040353C 83C4 30 add esp,30
1 U; Y2 y* u6 d8 K0 i/ @2 ?0040353F C2 0800 retn 8
6 ]: }" h) E2 p# P0 [--------------------------------------------------------------------------------
1 s" W: h8 Z, J) q1 u+ \' `! g1 U【破解总结】
/ z! z+ |- ^6 p% @+ d: b+ h 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^3 ]5 I0 H" L& u6 U
用户名:yijun
. T% ~% U( r1 Q, S注册码:4893*7777*3726*7777*0529
+ _+ ]" w A9 a! N+ Z7 t' ~) t# ~--------------------------------------------------------------------------------
# s3 u2 j$ M1 `& K6 a: ?【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡