|
|
|
【原创】破解Quick Screen Recorder/ m% h& b2 o3 d) h% A' |0 i8 N
【破解作者】 yijun) I P. D& M& i* H. q
【作者邮箱】 [email protected]
1 i# E2 @0 \ E, O【使用工具】 OD,PEID& Z& l7 C5 w1 ]0 h3 i4 F- A' _8 G
【破解平台】 WinXP& _0 d# S( Y/ F$ E( h% {
【软件名称】 Quick Screen Recorder7 o# \1 q7 _* y; g/ p8 e/ @
【下载地址】 天空
( A4 Q( U' F, w! ]) I【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. + k9 D0 E3 N7 f8 W5 \
【软件大小】 540K' E+ H+ K/ @! {7 ?8 `
【加壳方式】 无+ }3 r# `+ m/ `# M1 z' ]7 J
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)! N( q- I8 E/ S5 V) d' Y( I/ F
--------------------------------------------------------------------------------
3 G4 N4 g ]) L+ `1 u q【破解内容】
" T- H0 W/ p' x# e PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:1 a @7 u+ R' C6 f' d
00404C69 55 push ebp //在此下断
; `' ]9 ~( A* y) K) |00404C6A 56 push esi
, h9 k) `9 I5 L00404C6B 57 push edi8 A/ Q" t! u! z
00404C6C 8BE9 mov ebp,ecx) J" v; V# N N+ a3 D' m' h
00404C6E 6A 01 push 1: o3 b5 M O9 E
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
1 [; y6 U9 d* G: I2 ]8 `00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]+ G# L3 p4 r8 V) d' \5 h- A
00404C78 8BCF mov ecx,edi
" t: k, B9 h6 {: W5 X1 r/ B* F: J00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码+ s& i2 D9 _) t( Y- k- d! |0 ~
00404C7F 8BCF mov ecx,edi( T1 ~& b$ c) E7 c4 r
00404C81 E8 A73E0200 call qsr.00428B2D
* `1 I" w9 t( Z1 d7 @00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]1 P6 ~! |2 [: A3 q: p
00404C89 8BCE mov ecx,esi
/ Z x% l: b$ c0 B/ a% @00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
5 M! E3 g4 ~% i- l: \2 }7 T0 J! q00404C90 8BCE mov ecx,esi: K7 l# z p, U1 v# V
00404C92 E8 963E0200 call qsr.00428B2D' P2 I- ]) N, R3 P; Z& Q' u
00404C97 8B06 mov eax,dword ptr ds:[esi]
/ {& ]. C) T9 R1 B' O00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
) |' O" ^0 o& c- P5 P00404C9D 7D 26 jge short qsr.00404CC5
: a9 `9 W3 X# z2 c1 }6 E. G$ d+ @00404C9F 6A 40 push 400 o P& a! q Z7 Z! N% q, U
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
, @) \$ \3 c- }; J# A9 m) A; R00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
- U- Y( ~' D4 C& b, \00404CAB 8BCD mov ecx,ebp
/ [# K/ p# t; J( K5 |00404CAD E8 C3840200 call qsr.0042D175
; K* v7 X/ W, R7 z4 i5 u, Q00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
, s7 [; v3 D$ D00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
; B) v' n1 p& I$ [) x00404CBD 5F pop edi
5 j- \. g2 d V- E" ]; p4 D00404CBE 5E pop esi6 U- P0 V' d3 D2 d7 Y" z/ ?
00404CBF 5D pop ebp
3 i) d# l- T) J7 i* l5 ^' y% @ x# c00404CC0 5B pop ebx1 s8 b4 E0 h O: \1 W! y) U! i/ f
00404CC1 83C4 18 add esp,18! I* I. W! M! t
00404CC4 C3 retn
% E; l7 G& e1 e4 R% _& _00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
8 n. C4 e9 e8 T) Y) o2 B( ~0 J00404CC8 84C0 test al,al
- Y4 b/ W2 x/ q( g4 Z8 U$ }. n# }1 z00404CCA 0F85 1C010000 jnz qsr.00404DEC3 b- g1 }2 B. {% |0 K
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. \% U7 t2 n! d( j% g00404CD4 E8 87E3FFFF call qsr.00403060
! t. J. G% b! K$ T00404CD9 51 push ecx) m6 I5 f6 i) j7 ^ i
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0: k7 e% G7 a, b* z
00404CE2 8BCC mov ecx,esp
# Q$ y: W h' y7 M* `00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
~) ]( ]8 U$ |7 U4 P8 |. D00404CE8 56 push esi0 ]7 b8 |$ i3 ~& b3 G+ D
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
" P$ \& ]) |2 A }00404CEE 51 push ecx5 {! H1 h4 B5 D: g' Q$ i
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1) @' G z- U, u+ s* k5 r$ N
00404CF4 8BCC mov ecx,esp) C# J, b" v$ r, [
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp9 Z4 p( {: l' z: P' s
00404CFA 57 push edi7 ~3 \8 W1 `' K. p
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
7 B9 D/ y! N4 t' Q8 C& @00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
7 b+ q3 T7 p+ T' {0 e' [00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
7 V* ]- Y$ D0 m$ K00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~" B1 o/ `$ r4 }0 `' P+ F
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~% y4 u: t) q/ h, A- i' `
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
3 s1 V: |8 C( M" p, f% V* o3 H00404D12 6A 40 push 40
# K$ P+ n% n! a6 E9 ` N00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"" B; V7 y' p+ X# ^# a8 f F" T
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again." o8 `$ c3 D F& e, b
00404D1E 8BCD mov ecx,ebp
, }8 \5 |9 x) G# ~00404D20 E8 50840200 call qsr.0042D175
' D0 f& J; s _00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
: B9 ~& p& T: X5 g00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
9 U6 I4 A1 @4 c5 I& y) X% |0 S00404D31 E8 5AE3FFFF call qsr.00403090
) o1 B* N% s0 I. @. L9 b00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
( k% f: b' \' D$ {00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx" l }; G* V) r
00404D41 5F pop edi9 j7 C/ u0 j Z5 Y4 T$ L
00404D42 5E pop esi
, b( U$ f% o9 F" t' q0 V5 U, R2 A00404D43 5D pop ebp# S9 p" {: ~0 x& c. b! W# U
00404D44 5B pop ebx
+ L+ G" h" w4 `, T0 M00404D45 83C4 18 add esp,18! G' {/ p: B( G, V
00404D48 C3 retn6 ?' o1 G$ d/ q$ ^* d
*********************************************************************************************************************************************************" ^% U$ R& D8 t, D g
跟进00404D09处CALL来到:8 J3 Q5 r& ?$ k, Y
004030A0 6A FF push -1 //一路F8下去~~~~
, ]) a* [/ P2 [9 w004030A2 68 C88F4400 push qsr.00448FC8
, b4 n: y/ Z5 z" r+ w004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
; m, M- l" |* g& Q6 i004030AD 50 push eax4 l1 G+ l2 {: L. Z. N
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp/ M/ M4 V. R( A/ T3 R- U0 G
004030B5 83EC 24 sub esp,241 d1 _/ u: I- F, x0 ]$ A. e+ S
004030B8 53 push ebx
" k! s/ z- P( N, W$ r004030B9 55 push ebp
8 y) g" c8 b% |" G0 Q* K# `004030BA 56 push esi* c( X+ N& D4 c9 X0 m6 D
004030BB 57 push edi
( R7 I# I$ i0 {$ c! U$ Q004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"1 f+ u: v( c5 q) [4 Y2 M
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
4 _- S' y1 m/ \1 n# ~2 s0 p004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
" P; S& h0 ^9 Z1 V004030CD E8 27C40200 call qsr.0042F4F9* P. ?' N& s9 Q( Q
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
$ W; ~3 G3 M6 S& R+ o! S004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
1 \: z' Q4 `% k% f, g004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]) w0 m* r: }) |# a
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
; ?7 W. d) z: h004030E4 E8 905A0200 call qsr.00428B79% g7 n' V" d' d* a
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
% Y7 v. Y. P$ B' f8 b2 M/ z004030ED E8 3B5A0200 call qsr.00428B2D
9 W3 v) Q' `* c9 n6 E8 o004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
1 B h$ {! D" x4 \( D& g004030F6 E8 7E5A0200 call qsr.00428B79/ E8 ]5 i2 H( }( p! W* _+ h
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
4 I$ @& I7 L' s8 ~004030FF E8 295A0200 call qsr.00428B2D2 q% E. s/ ~8 ~! N# Y1 j1 b
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
* j* y; q o }' h" x00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
2 F* v3 R2 d' Y9 r; z, ?5 V0040310B 83F8 02 cmp eax,2
: j8 Q" l8 F" m0 I& _/ g0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳" X7 m6 Q1 j6 _
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
" O% c/ v& B( U8 ^% [, A6 d- n00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
$ l8 F! ]' Z6 ^7 \7 U0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳- b( q) {- S, u, V
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
/ T& |; d* B; M! m7 P% Y00403126 6A 01 push 19 Q; o0 i% X9 T
00403128 50 push eax
/ O% G* f! |0 u6 u00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! V; K! O+ V W& \/ t0040312D E8 C4550200 call qsr.004286F62 @" X, z+ i& d. B+ K
00403132 8B00 mov eax,dword ptr ds:[eax]
8 o9 P- o% v( G8 v9 K: {* L4 f2 x" v7 d00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
& G3 B4 E# B* h& r4 A00403138 50 push eax) c% x1 J1 s2 X& W# \3 @
00403139 C64424 40 04 mov byte ptr ss:[esp+40],42 u7 A' i) u( V7 u" I4 Z9 W
0040313E E8 4D560200 call qsr.00428790
4 |6 T" ^/ @0 h% Z. C00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
. M& v; a; j- u. x00403147 8BF0 mov esi,eax0 \$ s& O6 z3 J/ J! A
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3: E- ^- X* a# C- @
0040314E E8 38C30200 call qsr.0042F48B
) M1 M& I* C$ ^8 B. F00403153 8D46 0A lea eax,dword ptr ds:[esi+A]/ [# Z( z1 A6 U# U! S) l. u3 o. k
00403156 B9 3E000000 mov ecx,3E
5 N1 j* F8 v/ _: C' f0040315B 99 cdq
. a; R2 D/ _9 g5 w" A. f3 G- u0040315C F7F9 idiv ecx( s2 a* [* x* y5 p3 b9 K5 r
0040315E 6A 01 push 1
, E! L- @; u* h8 N2 ~' }6 c00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]6 ^5 d9 U: w% {' p2 I' T
00403164 8BF2 mov esi,edx, ]: p: {. z$ i' T O4 T5 ?# i
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
6 `+ u; _3 T1 t9 X/ l W0040316A 52 push edx) K8 `2 Q: d4 D$ e
0040316B E8 0A550200 call qsr.0042867A o: b& t8 E, c8 ^ I
00403170 8B00 mov eax,dword ptr ds:[eax]( P* Q A0 J9 W+ b; k) i" q0 p
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]- r2 s ?3 A- A2 x; F/ q2 y
00403176 50 push eax
n& F7 f0 i8 `; ?00403177 C64424 40 05 mov byte ptr ss:[esp+40],5! W' Z: Z9 V' E+ [- y- R5 G
0040317C E8 0F560200 call qsr.00428790" k/ v% a& \+ J0 s8 ^/ A
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 P( s8 U) c4 `% q- g; H- M' W& `- U00403185 8BF8 mov edi,eax
! a7 b/ g8 A( P$ v1 `00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3& e1 a1 [' u( v2 B* f
0040318C E8 FAC20200 call qsr.0042F48B
5 B9 s: ^5 c4 z( i* b00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
7 k: H! ~3 l+ E4 @2 `& \( R y00403194 B9 3E000000 mov ecx,3E+ a* y# N- l; W! L4 w+ g( @8 ]
00403199 99 cdq
6 Y8 W2 d, W3 a! C% \$ _/ Q0040319A F7F9 idiv ecx+ l! u5 q X, N: g( I, z2 ^
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
/ p5 w4 r" ?5 Q% @004031A1 894424 28 mov dword ptr ss:[esp+28],eax
2 O) C( m- }: R4 v004031A5 8BCA mov ecx,edx
. i- T4 q# y( Q0 K% E* d# z004031A7 894424 24 mov dword ptr ss:[esp+24],eax
- z4 k; s& G: `1 u7 W# A004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
5 c( A" J4 H- T, K6 X! t004031AF 894424 18 mov dword ptr ss:[esp+18],eax' B1 R3 @; O) n) D: D# q& \! T
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
, E( H5 Z- u1 Z8 [+ C0 e% n& i004031B7 894424 10 mov dword ptr ss:[esp+10],eax
4 }3 b. G' Y& F% j4 h2 Z$ c7 Y' E" B004031BB 8BC1 mov eax,ecx+ R" G! o2 I7 I$ S" E2 s
004031BD BF 0A000000 mov edi,0A7 F* r! M6 |; b; ?
004031C2 99 cdq& U, y5 x; m2 l1 n
004031C3 F7FF idiv edi! P8 w5 L, [; M$ ^$ E6 y7 O/ s
004031C5 8BC1 mov eax,ecx
7 [8 F: z1 |% ^9 V% L6 h, ]( H& W004031C7 B3 0B mov bl,0B
( n7 [5 d. C* ^ b' Q* ?004031C9 0FAFC1 imul eax,ecx
& l4 [& M: A4 I+ h9 T5 b8 o004031CC 8BCF mov ecx,edi8 n! l" _+ D! d$ P) s0 v1 V
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
; G; ]. n# @% ^004031D2 52 push edx
( M9 B0 b: [; ~% o/ t004031D3 99 cdq4 c/ z: v4 U) H$ w" O
004031D4 F7F9 idiv ecx
7 L; o1 M/ X( v' l* ~004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]; N& _1 Y' X4 |6 ~( @- a4 }1 Z
004031DD 2BC6 sub eax,esi) y# a2 u* b2 E( e3 R
004031DF 52 push edx6 j& b6 G* i6 L" X% x+ v" n/ r
004031E0 99 cdq9 l, C6 W9 W: R0 m$ n2 R+ J
004031E1 F7F9 idiv ecx. a0 [# Y: H' u: W# F/ d# |0 S
004031E3 8BC6 mov eax,esi
+ G H9 U1 L6 t9 }( ]! n004031E5 52 push edx e6 d" o) k3 M( t# r& H
004031E6 99 cdq
" g+ y9 {3 p' d0 ?: A' c' b004031E7 F7F9 idiv ecx
! _& }1 J3 u# ?0 S* E9 e$ n9 e004031E9 52 push edx
& V9 h6 k% {4 E( B/ r0 A- r004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
, V0 _- c+ ?' W+ Q004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"3 {0 T2 L+ h& V0 D7 O& m
004031F3 52 push edx
' v% E/ o0 ^/ D. Y( u$ J/ C004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48931 V- T* f9 v$ P
004031F9 83C4 18 add esp,18
$ K: o8 X& e9 W. H* s- g004031FC 6A 04 push 41 S3 k& p' S( X9 D
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]1 Y6 c( P6 m+ i0 p( ]
00403202 6A 00 push 0 @+ D6 e! L8 ^+ k; `
00403204 50 push eax5 ^+ u+ ]# U d3 O
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]5 _: S# Z$ v5 W+ F- f
00403209 E8 D6530200 call qsr.004285E4
. W, F2 }) I+ a" i/ {0040320E 50 push eax+ c$ N0 n3 Z8 }+ C; u( q
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
; f1 O" B a y" C9 z00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C, V( ~$ J ~( I) M7 T# d9 g* Z; Z$ {
00403218 E8 A7C30200 call qsr.0042F5C49 i) E* L! h; \: s- ~( k; F
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
, C) V; ]- f, ^- |# n( b1 r1 q7 L" _00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
4 Z, P4 l7 Y* ?- _0 o00403225 E8 61C20200 call qsr.0042F48B
0 U- L( U2 s L0040322A 6A 04 push 4 Z2 p3 W8 |( C6 _+ N
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]( O2 [: U! e2 F2 G
00403230 6A 05 push 5% ^- ?& z1 [3 q) z1 l/ R3 x
00403232 51 push ecx, Z4 j) S$ L; u- e
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! F5 n2 ]4 n9 k9 o00403237 E8 A8530200 call qsr.004285E42 h* l. |7 U$ [& m9 H
0040323C 50 push eax
& S$ a1 V( q0 Z5 y0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
3 p5 ]% F& M- W1 D# I1 h00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D# {/ m2 h' T0 ]) Z& M- T
00403246 E8 79C30200 call qsr.0042F5C4- m, ^1 n" x' X( K' n4 D5 o T9 O
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30] `5 b4 R0 O- \9 s! @
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl N3 l( V1 {8 d$ `" j
00403253 E8 33C20200 call qsr.0042F48B x6 ]/ X; R( s# V# Y9 k
00403258 6A 04 push 4/ Q/ f' H! {/ [: O& P: _2 n/ p
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]2 w$ a1 m, l9 A, A: e) g
0040325E 57 push edi
- T( e1 w) q4 }3 n. K9 A3 c6 k0040325F 52 push edx( L9 L) q2 q" \: G% V. ~8 w9 F F D
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]0 ~9 l9 y s4 l$ D5 m0 x
00403264 E8 7B530200 call qsr.004285E4
0 @ H, F' K5 T' O3 z |' h00403269 50 push eax
? v8 `5 T% C0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 x3 e$ Q' j1 {6 d& R: H8 j6 U8 I
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E! l: t- ?' Q1 z, w
00403273 E8 4CC30200 call qsr.0042F5C4
9 Y/ Q0 }6 I# I' G2 A& J u00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
E! L! X3 k" Y/ [% H9 x: j0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
* {% g6 C3 ^# C6 I% b3 m00403280 E8 06C20200 call qsr.0042F48B* Q# k$ e5 ]% k' N7 S
00403285 6A 04 push 4
5 ]8 L+ O0 p/ M# l00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]8 F+ W! g' b: V' M" x* w8 b$ g
0040328B 6A 0F push 0F. b6 D5 H3 K6 q8 W6 H) j
0040328D 50 push eax9 {/ W+ O2 J! Y7 S; h* y
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]. i/ q% @5 Q$ y$ n, l
00403292 E8 4D530200 call qsr.004285E4( B& O' V9 M/ a
00403297 50 push eax* C4 a J( c) E' ~0 V
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
% N1 I8 j# R2 A- X+ J; z8 b, J0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
' l; s8 m: U4 P5 G# k5 f) n004032A1 E8 1EC30200 call qsr.0042F5C4
. ~( w e9 `$ O( P6 ], {004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
$ D* q9 F& R7 O' T! b" J004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
8 ^' p M* X0 w004032AE E8 D8C10200 call qsr.0042F48B# f# ?/ w6 c! E; i. h, N* D
004032B3 6A 04 push 4- C, M1 B$ _6 [. w) Q) g) ]
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]) y& F$ E7 g* V) d+ g% h% @6 C
004032B9 6A 14 push 147 I0 x4 R9 I" S/ Y2 V& {
004032BB 51 push ecx
2 \3 t8 K# Y8 s: @ f( O004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]# T/ A! L/ K2 a/ e& c q& M
004032C0 E8 1F530200 call qsr.004285E47 ?- g5 ]/ c- C- M+ o9 e8 P7 Q" ]/ ?
004032C5 50 push eax
7 s8 W# y3 E6 Q- T) j' m8 V004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
/ w/ I5 l% m' P004032CA C64424 40 10 mov byte ptr ss:[esp+40],10* \% H- G& T$ `7 j
004032CF E8 F0C20200 call qsr.0042F5C4) L& q7 |* F+ n2 x3 q
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 R, ?7 N- R" L7 X% z* g004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
5 E: O" c; \3 O6 s+ r/ _5 \004032DC E8 AAC10200 call qsr.0042F48B3 d# p' b" X* ?0 N7 u
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI8 L3 A; ^& `$ Y7 [. h% }
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX4 @. ?% v2 B. P l( F
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL1 _' e& r0 \( E- i! x
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
- S/ j4 ~- V4 e! d3 M o& O004032ED 8ACA mov cl,dl ; DL送CL. |; d; R7 Q7 K
004032EF 3AD3 cmp dl,bl ; DL和BL比较
- S e, i9 E2 Y% r, n5 m( \2 R2 D004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
4 G7 p4 a! }2 J# P: W+ c004032F3 84C9 test cl,cl+ G5 t; B* r/ r) t) U
004032F5 74 16 je short qsr.0040330D
% a5 B1 t8 d) q6 B& H: |004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
+ a" X* X) _+ F7 h( O* z004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
3 t% }& N4 y2 |. F, N! y1 q004032FD 8ACA mov cl,dl* L, P8 n3 x" h) Z$ l+ ~
004032FF 3AD3 cmp dl,bl ; DL和BL比较- O! A/ n% Z! B. C5 n7 N7 ]
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
$ F/ [5 |7 o: E4 Z00403303 83C0 02 add eax,2 ; EAX加29 i5 B- f8 J8 f, t' b) Q& U: R
00403306 83C6 02 add esi,2 ; ESI加2
/ Q& n( R! V' z00403309 84C9 test cl,cl6 u2 `' |5 r8 V7 T. \2 }
0040330B ^ 75 DC jnz short qsr.004032E9
: V' O, I1 |9 ^5 @, V2 A0040330D 33C0 xor eax,eax
5 H7 E3 B. A. m0040330F EB 05 jmp short qsr.00403316
+ z% C0 d! i) [1 x& ^00403311 1BC0 sbb eax,eax1 B0 k5 i' T4 p; W# d& q
00403313 83D8 FF sbb eax,-1- Z3 U) L5 K$ M$ V9 D% u
00403316 85C0 test eax,eax
! s# A) r* E6 w4 s d& I$ o% y00403318 74 0E je short qsr.00403328
, ~$ S j9 r1 K$ f0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
2 O! N3 ?8 A# C0 ]3 |# D% Q0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]& |: c/ Q, r! U3 s3 j1 ]
00403323 E9 F0000000 jmp qsr.00403418) I" P e4 e# j
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX! @2 x% t* d) {
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]5 q) t6 x, F; t3 a! N
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]: h! Q% [: N9 b$ s; ?" j; A7 {# g% l
00403333 50 push eax
4 |# j5 G6 U4 Y1 f5 ~+ P* A$ g00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
& O; G5 K h7 Y/ R: P00403339 50 push eax+ p Z" b8 Z8 J, b+ K
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
& {9 A+ V" D O* x1 v9 Q0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
- v" ?: ^; G9 O$ b9 S* @00403343 83C4 04 add esp,4
7 t2 g3 i% d& O9 A4 Z00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI7 a, I5 ^- I, {1 {- f
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]* w3 k+ x) x7 j0 W: R
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]$ K9 D. I. h. q- K) A
0040334F 50 push eax+ Y$ N) s/ U7 V. e5 h4 t6 H2 z
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX: p b: h6 d- g6 ~: |1 i
00403355 50 push eax
$ V( x- k5 k4 a9 l00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX( ^! r0 i) U( I8 j- V; H( G
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX1 e; \4 P" L+ V% ?. R) Z
0040335F 83C4 04 add esp,45 V; f: F- ^) x( H/ P* M
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
, i, K$ C+ x, n* H& J$ ]- A00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]4 j Z- |, q; y5 U
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
) M3 y/ |* l: P7 z" `0040336B 50 push eax
% Z) b7 l( m; K) n& p6 X* P- x0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX$ |6 d+ W+ L9 {* n: s
00403371 50 push eax
j' f1 l! h! S3 W, Z5 F00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
( c( | j3 O* F. |& t" _9 B00403377 8BD8 mov ebx,eax ; EAX送EBX& h" k( \6 Q8 \5 b1 }$ [
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX6 z. g2 [9 X8 g2 }4 l6 Y( e
0040337D 83C4 04 add esp,4: k0 n9 B8 Y! n+ Y p( O
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]) }2 ]7 X$ B# B' d
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
0 U6 m( }2 O. {: P00403387 50 push eax
2 T0 l; o& y( c. [, Z4 T9 ^( _00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX& [5 n8 O- V0 y# J8 P- n
0040338D 50 push eax
) Z/ W' \2 p, V6 f: _$ q0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX' V9 {+ x2 h4 F5 J2 Z" `* X
00403393 83C4 04 add esp,47 m: i) q9 t5 s/ M( |9 f1 ^
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) Q( P( ]0 S* D
0040339A 8BE8 mov ebp,eax ; EAX送EBP' R; e" F3 C- }4 r% T3 \0 f% S
0040339C 6A FF push -1
5 N# Q+ E; ^7 O, @' Y1 Q0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX6 p1 k I( j2 b
004033A3 6A FF push -1
5 f/ X2 U+ i; J2 [" {004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX" c1 t7 h, K/ |; Z; P
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
' T v* g( d. t! ]- P004033AE 6A FF push -1
' i5 w; q9 ^+ T% ~6 j004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX) k9 Q6 a2 L( N7 m, O0 v
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX; _4 e; e' H! q, \1 w3 N
004033B9 6A FF push -1! j: |- G( O7 |
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX/ c4 d4 {7 x( O# v
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX$ N7 J6 H) M# S; n6 p7 m3 m
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
" S2 k8 K h! ~: u# e+ L, x( ?004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX% }& r1 J5 r3 I5 ]' ~! y0 j1 N
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX( `- G4 [. y8 ^
004033D7 D1E0 shl eax,1 ; EAX左移1位
' e! t2 C% i2 ] O3 U2 G004033D9 99 cdq ; EAX扩展7 l/ P1 ~; N5 ?8 M- P! b
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中4 H1 u& y9 ?7 f- Z4 |
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较2 T8 d% |7 Q& N' @1 [
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
3 y# D9 ]* r# Q! [ Z004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
, C. u$ k- E) C& s1 G# s004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
|8 o' n" Z2 _; {; C4 I004033E9 EB 2D jmp short qsr.00403418/ T' O9 o7 K5 {" a& |
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
4 r" u0 |6 d& o1 i h004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
4 M C8 S0 Y2 Z I; L" [' r004033F7 99 cdq ; EBX扩展" \- n0 x4 i, J/ t. T
004033F8 33C2 xor eax,edx ; EAX和EDX取异或# l( k4 T# i( Y0 R$ ?
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX9 ?" d9 P0 k. I8 N( ]! w
004033FF 2BC2 sub eax,edx ; EAX减去EDX
7 u1 ?- D* m0 v2 c& E00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]& d0 e$ J, x; [% t4 m% t' B- D9 C' w( W
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX) ^5 e* {/ e. _
00403409 99 cdq2 D2 f1 y! Y0 u4 W+ ]8 ^$ g7 a
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
( P/ l$ }3 Q& v0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX# d1 d6 H/ V. Y! l/ @. L' ]8 j) o# Y
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较$ o1 s8 e' C+ H, \# H4 J. Q' }% v5 i/ F
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
( v6 @; q9 }4 B( ^00403418 E8 6EC00200 call qsr.0042F48B ; 0 i* x+ c: F- x& e# \+ G8 C5 R. u' k- \
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14] L( \5 I6 V8 n4 A
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],92 \' \0 ] z+ F6 F3 y
00403426 E8 60C00200 call qsr.0042F48B& z& Y2 u1 x0 U2 F# Q+ C" I) h3 d- q
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
. e! _3 p: ~# {" X0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8. _$ z" O! T m* ? c0 R
00403434 E8 52C00200 call qsr.0042F48B
; X- D0 I: p5 T) `00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 O5 }) u2 w8 Z' }/ n( m
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
1 u, h9 h+ {; \00403442 E8 44C00200 call qsr.0042F48B
) e, V7 [8 H$ G; i( H00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]8 F" b# d# ^3 B6 T$ V4 i: j
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
) Y* V4 L' A! k+ C/ G5 u% m00403450 E8 36C00200 call qsr.0042F48B7 V/ U6 l/ s* i z( l+ p" b
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 F4 y' {# j# }9 W ~% @, }) Q
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3. p, m9 j1 `4 R) w
0040345E E8 28C00200 call qsr.0042F48B
" e1 D6 m/ l2 ^00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
/ Z( O0 w7 F9 W! M* _00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
" P# Y2 p0 c8 V0040346C E8 1AC00200 call qsr.0042F48B
: ?0 M4 q. Q D; o- ]0 Y, {9 E00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ @+ N) a) P, G( C+ I9 h0 ?00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
: A$ u9 V" D+ ?6 K" p0040347A E8 0CC00200 call qsr.0042F48B8 x6 \+ Y1 v! K3 z$ ~
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]$ H- W# T- Y+ N7 [7 m
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],05 P4 t3 l5 |% O# I* R4 P& {
00403488 E8 FEBF0200 call qsr.0042F48B- h4 Q5 |0 u9 g7 o( S9 v
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]* J1 A& O4 x! C7 J
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
, m6 h. t/ o/ F% k, `00403499 E8 EDBF0200 call qsr.0042F48B6 c K- y, R1 ]* |+ h' U# F
0040349E 32C0 xor al,al ; AL清0
+ y6 n+ N, ?; p2 J9 k9 T) f9 C004034A0 E9 88000000 jmp qsr.0040352D6 R* r! K& b! c: R7 i5 O
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
1 {- R5 N/ x1 ]9 L004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 c" K+ w, p) G3 h3 K* m004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
5 h4 v. z b+ N! k c004034B3 E8 D3BF0200 call qsr.0042F48B& U/ u0 s2 u$ P1 G# Q
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]- v" l8 s2 U8 G6 Z
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
/ f: \, d1 r/ }7 [1 ^( {004034C1 E8 C5BF0200 call qsr.0042F48B
?1 _3 O( p9 j004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: ^/ a8 ~! m2 C" F/ f
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],74 g+ j; d( [" D) a! w5 O
004034CF E8 B7BF0200 call qsr.0042F48B4 Z9 H& U8 Q: y+ m# Y% ]7 ^1 m
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
9 v- Y' ^( l; \004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
* z. V G1 V4 _% u; s d* Q004034DD E8 A9BF0200 call qsr.0042F48B
5 r5 B) j( f& K, P! F* U5 ?004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]0 {9 _( O" f. k. J. D
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3: c, Y: K+ ?% t b6 [1 D) }7 ?; |
004034EB E8 9BBF0200 call qsr.0042F48B
5 h( k8 w4 L( S004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]1 m1 H# t# F# \
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2( z3 D/ M. M* R I4 q
004034F9 E8 8DBF0200 call qsr.0042F48B& i9 J% z! l% K/ k% M! N
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
; u! ~& q4 @$ a: ] `4 g1 U00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1: d* P: Q. g8 L; u9 c
00403507 E8 7FBF0200 call qsr.0042F48B% Q9 H" I/ T( k& t
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
1 |" e* C* i7 w1 T: r0 u00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0+ [! `) S# @4 \; D
00403515 E8 71BF0200 call qsr.0042F48B1 s' w4 l; s a6 ^# U& f9 h
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]5 l& u5 ~+ @: e
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
- y" V$ V( i- {. r00403526 E8 60BF0200 call qsr.0042F48B0 H( H7 J5 Z ?
0040352B B0 01 mov al,1
q! |& Z! m9 J" t3 |" K$ z4 R0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]" b. J' h# O9 K6 o* A, q
00403531 5F pop edi
# q0 H* i9 J% e9 s H00403532 5E pop esi# e7 `# g) s8 c/ t# |. ]' U2 Z5 i
00403533 5D pop ebp( H- |4 S e: b0 k1 @1 f0 j
00403534 5B pop ebx6 F* ]8 e3 P& J" h" [7 }4 j
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx. l* d3 h4 S0 M: V5 H
0040353C 83C4 30 add esp,30
# p' i0 e4 A( y0040353F C2 0800 retn 8
) z1 Y; ~. z8 {$ w! g& Z--------------------------------------------------------------------------------
9 y; W0 J2 h1 s9 h【破解总结】
- x" a" e' N/ j4 [! }* v! ~/ O 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
5 G- n+ x1 U( x8 [/ x用户名:yijun
) U4 M+ Y4 c+ J; N& m, D% I3 T注册码:4893*7777*3726*7777*0529
7 J/ _* P3 v0 ~1 R$ l7 m% L--------------------------------------------------------------------------------
- {# P6 v8 ]- G【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡