|
|
|
【原创】破解Quick Screen Recorder U# l% I* Q0 P: M
【破解作者】 yijun
* z, `8 V: L- G/ I【作者邮箱】 [email protected]
7 x8 j$ ~9 c' N' j# D& _/ ]4 x6 S【使用工具】 OD,PEID
" D2 i$ d2 A0 C) ~【破解平台】 WinXP; `, g) G* T b& \2 w7 C
【软件名称】 Quick Screen Recorder
. n! x1 r9 `% C# A+ m$ e' W' A【下载地址】 天空
- [9 j" ^8 w; |1 M4 m9 R) N& e9 \* |【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. ! a8 X+ k, D% Y" v8 h
【软件大小】 540K( R2 K; @9 M0 w0 M
【加壳方式】 无
/ E$ g8 l* w/ y; \* o+ U4 H【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)2 e d- [3 i. D0 W: u' z
--------------------------------------------------------------------------------
S6 S# e# I R* k v【破解内容】
/ y: o: ^1 T" y2 Z3 h( { PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:) j5 i; G& p6 @4 g \ \& ?
00404C69 55 push ebp //在此下断" L; h3 d0 m+ B, d: L
00404C6A 56 push esi; S, c5 E0 ^$ w" X* }
00404C6B 57 push edi+ {" e2 S& l/ I" L3 A% p
00404C6C 8BE9 mov ebp,ecx
3 n, O* K5 T; V" N1 d00404C6E 6A 01 push 1: R( t2 n' ^8 B
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名7 k- Z4 B0 J) c- T9 z0 k
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
+ _9 X6 @6 `! L9 H00404C78 8BCF mov ecx,edi8 U& s- d7 l/ e* a
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码3 Y5 u- d3 j% A7 [, h9 q
00404C7F 8BCF mov ecx,edi
7 y: [+ C* b: G z$ ^ | o00404C81 E8 A73E0200 call qsr.00428B2D0 B4 B) i4 S% ?9 K7 Q5 o
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]4 p a: s" \' O3 T6 V; X0 C
00404C89 8BCE mov ecx,esi
' z) g7 i1 y% m/ p- n+ V$ U00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
! x, T2 w" p+ O3 ^5 }3 ]% c00404C90 8BCE mov ecx,esi
7 n) d" o8 O$ b00404C92 E8 963E0200 call qsr.00428B2D5 u/ q7 K" s9 i' Y* M
00404C97 8B06 mov eax,dword ptr ds:[esi]
, @! K4 a5 v" M; I3 H" ^$ Z3 t9 F00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
1 q- L ]5 E1 Q4 y; J d+ X* A00404C9D 7D 26 jge short qsr.00404CC5) W* ~1 [8 e" [( l
00404C9F 6A 40 push 40
2 J4 G( Y2 j6 F7 ~00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
9 Q) ~% Q- h w2 L! q& N$ t00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name.", U) c3 w, t0 S1 L! X
00404CAB 8BCD mov ecx,ebp- t$ [+ F+ ]+ ~0 f8 d' T, A
00404CAD E8 C3840200 call qsr.0042D175+ D3 b2 G4 U2 j. v& `6 C! k
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
9 X7 G; i q! T' z( Q& Z. P00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
$ S! l) ]6 k9 _/ L# h3 a* B00404CBD 5F pop edi7 u' K7 s9 p9 P. {2 [
00404CBE 5E pop esi' B1 K7 M1 Z3 c4 ^$ i
00404CBF 5D pop ebp
" U+ r+ M4 O- a- Y, A0 m. p: m00404CC0 5B pop ebx4 N6 T* A) T# @" d8 g
00404CC1 83C4 18 add esp,18
5 }2 n9 c0 m, z) t' b00404CC4 C3 retn2 U8 F% n" C3 D/ C; F9 ` }% s# w6 s
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]% j6 n6 J! i2 D$ t& [5 P6 e6 k J; D
00404CC8 84C0 test al,al6 p/ A B% s, A+ @" ? l
00404CCA 0F85 1C010000 jnz qsr.00404DEC- H G) ]1 X" J$ S5 s( D+ W
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]2 n: }* }0 ]8 b- X: ~8 ^7 K
00404CD4 E8 87E3FFFF call qsr.00403060& Q4 L- M4 r+ N; ?
00404CD9 51 push ecx
5 D) h/ t) ]0 E. n& Z00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
$ |, S% W$ F/ [, `- e00404CE2 8BCC mov ecx,esp1 M4 g& `+ X; k. X" D
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp- C1 K+ D, U0 g: ~1 D. ^3 |
00404CE8 56 push esi
* E$ l2 t; |2 ^) p; u" a" l! X# p00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
, v7 y! K3 K6 ~3 {9 e( a7 b00404CEE 51 push ecx# c, n. K2 U4 Z# A2 `; e9 x
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1- ]* x! M j) ]( Q0 H
00404CF4 8BCC mov ecx,esp, c) [: r _) _/ `! Q' m
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp) a4 c0 z5 Z/ x7 u! }
00404CFA 57 push edi
- E) Y9 A4 F8 q/ T7 f, o00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
4 D# p3 K6 c" O3 ]3 ~( z00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
# S# `5 K$ u6 S9 y00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
/ Q5 Q" z; q' k# \- x- q00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
. Z6 H7 v [7 @( a00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
1 [% f: Z0 _7 D9 k2 t! G( n00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
6 D3 I8 {- i- G8 i, [3 V/ i00404D12 6A 40 push 40
$ p2 G3 g" s. p3 Q( F00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
4 M( m3 ]$ O: f3 I6 S00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."% J0 F0 _* G( p# a0 _
00404D1E 8BCD mov ecx,ebp
1 F" m8 y9 m; S/ z' @00404D20 E8 50840200 call qsr.0042D175% N8 Q- U' W( G& w
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]! r) T" N1 j* A. u! C+ e4 `0 L
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1! E4 l3 h& x7 ^7 m7 a. J& D
00404D31 E8 5AE3FFFF call qsr.00403090
# M2 o8 v. l- g# w) ~, \3 S00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]* I5 n# i4 {/ @# N- S1 v" l
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
) Q& ~4 v! `2 C! [* w: v00404D41 5F pop edi
6 Y7 K& Y9 Q( |9 o& \00404D42 5E pop esi0 p: z0 C" N% q4 F# ^+ }6 J
00404D43 5D pop ebp& Z* I$ @, L& j% S2 i0 G0 f
00404D44 5B pop ebx$ u/ {. D; I( J# q7 G
00404D45 83C4 18 add esp,187 |/ Y6 e' Z" r& g" v7 y! L
00404D48 C3 retn
* M( a1 |4 E' G1 v) {1 C; T, h*********************************************************************************************************************************************************" R6 {) K6 p3 H2 h9 v i
跟进00404D09处CALL来到:
! C/ {5 C3 b9 D( e7 N6 J! X004030A0 6A FF push -1 //一路F8下去~~~~) Q& K+ w& `0 Q1 N
004030A2 68 C88F4400 push qsr.00448FC89 T. J- w) p+ @- Y# h0 o7 ^' W
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
) l0 ]3 _: u6 d004030AD 50 push eax) Z. j2 P+ e) q+ Q$ j1 t6 \8 L7 p* I
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
p. M' c+ |% [: U' F% \004030B5 83EC 24 sub esp,24
5 C4 y( v* s& j& @+ _004030B8 53 push ebx3 V6 |; O- r% B1 `
004030B9 55 push ebp
7 x/ a U/ J- Q& c6 m004030BA 56 push esi/ U- ^$ m8 N+ l, p, o* ?0 y; J( j
004030BB 57 push edi
8 F4 a% a5 G; } W: s9 E$ i004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
: A4 |2 m5 M0 k) v& Q8 c004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]1 V& n4 w$ G2 A. m7 c
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
3 d' r5 W b% i7 _8 q* |004030CD E8 27C40200 call qsr.0042F4F9
7 a' Y' c" {, h" _5 @004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]* t7 p8 Z! u% B4 G
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
5 r; D# k& w: \" ^7 w; i004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48] G1 u- x# a6 N- Y
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
" J s( d5 |7 I: V* F& B004030E4 E8 905A0200 call qsr.00428B79
, ?' {* \- D" W004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
4 }: @: ^/ H! ?' z- ^004030ED E8 3B5A0200 call qsr.00428B2D
2 \% I- |1 B9 B: r7 i/ g004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]9 {9 q- r1 _6 Z2 m% Z! v& Q3 G
004030F6 E8 7E5A0200 call qsr.00428B79" S4 K8 u3 a: n! {
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]( w! U, {9 y* [% f
004030FF E8 295A0200 call qsr.00428B2D8 T0 O8 ?# N! d Q
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
Z5 P* l" p' f% l00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
/ C0 W8 L5 C3 S8 [5 L# J6 l0 y. O0040310B 83F8 02 cmp eax,2
+ T/ E9 J" v0 k0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳" f4 A4 K* C0 y8 N0 F
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]# g6 j2 r# O! U- L6 z6 K0 k
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
8 {' m( H' z" }! S: q e$ T0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳# d6 E) l$ F5 i2 N& R# A5 T& A
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
: {+ V/ R3 u- k+ M" j00403126 6A 01 push 1
1 {% g9 n* s$ z. K! i6 X* X' R00403128 50 push eax$ p, Y8 T4 }7 g3 ? ?
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50] h0 e+ e4 m! l5 W! Y3 i
0040312D E8 C4550200 call qsr.004286F6
' v" m( K; k0 Y3 w& E: ~00403132 8B00 mov eax,dword ptr ds:[eax]
8 H0 K# I$ s4 q" Z5 p0 A# @' j00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]* J# D5 C* M2 Q% L* q) X- j# p0 v
00403138 50 push eax
0 b$ Q, U' P' U00403139 C64424 40 04 mov byte ptr ss:[esp+40],46 ]+ g: W' d$ W) c
0040313E E8 4D560200 call qsr.00428790; d _, y$ ?9 E1 P3 Y0 a4 u" N4 |
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]- B1 f/ x; U0 O3 J$ ~& b- g
00403147 8BF0 mov esi,eax
4 U, g& _% n2 [00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3, d1 U& T+ a3 u
0040314E E8 38C30200 call qsr.0042F48B
! t1 S* U; N5 e9 C00403153 8D46 0A lea eax,dword ptr ds:[esi+A]' w6 S; e+ U/ ?6 `( N5 Q B
00403156 B9 3E000000 mov ecx,3E: `: N% M( I7 ^8 S" M3 b. j% u7 Z9 q
0040315B 99 cdq
M- C& T# G$ [5 }( r, y4 n2 ]0040315C F7F9 idiv ecx+ P; l5 Z8 K* s+ p( c
0040315E 6A 01 push 1$ R' Q2 a' Q" o( L% D: b& T7 k
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]& ]# R5 r1 X P _
00403164 8BF2 mov esi,edx
+ J! g" a O" @" a00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
8 Z0 s: b1 q3 T b0040316A 52 push edx
( y/ a$ M+ h( y2 k* E0040316B E8 0A550200 call qsr.0042867A+ _: k- @+ I( H# z
00403170 8B00 mov eax,dword ptr ds:[eax]! y3 U5 e# j7 X' A: ]
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
' p' p" [% E4 r% k+ U5 g' t00403176 50 push eax
: q- m' V5 j2 b" l) K# G00403177 C64424 40 05 mov byte ptr ss:[esp+40],5! c+ z) ?& n- c( {2 r* V+ a0 c
0040317C E8 0F560200 call qsr.004287901 F2 m% f% \% O& V8 E
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 U* c8 Q( g8 v& V00403185 8BF8 mov edi,eax9 c* B* O0 I& Z! n4 d/ n" c/ u
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
) P' U& k2 [: C* r) z0040318C E8 FAC20200 call qsr.0042F48B
! {+ M4 Z) ?) c1 P. N, t00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
" L9 D8 j* w8 k* e/ U& G00403194 B9 3E000000 mov ecx,3E7 v2 F1 p \1 P: p8 c$ f* t; `
00403199 99 cdq( a4 i, n8 ^. w5 F% F! S- ^0 u
0040319A F7F9 idiv ecx
O3 c2 V T! S6 x0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]- v& @# r, T6 H
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
& J; ~6 t+ i. a9 W& c1 M& A% {/ D004031A5 8BCA mov ecx,edx+ D. E7 R5 c! F+ E1 l; | O( j
004031A7 894424 24 mov dword ptr ss:[esp+24],eax5 @. E. L6 J' g b4 f% A
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax3 r( i$ A, v/ V& Z2 w- O2 L
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
/ h4 N% F/ Y6 e6 d. _004031B3 894424 14 mov dword ptr ss:[esp+14],eax8 N% g6 R h' J' G) T! n5 j
004031B7 894424 10 mov dword ptr ss:[esp+10],eax- B0 x: b8 ~' t6 ^" n: \8 \% ]0 Y+ d, Y, g/ e
004031BB 8BC1 mov eax,ecx5 Q$ e# D/ V6 Q9 d( ?0 }- _# y
004031BD BF 0A000000 mov edi,0A
+ s* C; o: ]$ l; d( \004031C2 99 cdq* v1 j4 I* i! C% Y3 V9 W. p2 i
004031C3 F7FF idiv edi
9 g6 B5 K$ V% j2 \1 ?3 q% u004031C5 8BC1 mov eax,ecx K# I( z0 m6 L3 \1 G2 s$ r
004031C7 B3 0B mov bl,0B9 s# H* h% `8 \' ^
004031C9 0FAFC1 imul eax,ecx
( C2 }3 I! K5 I# y; I004031CC 8BCF mov ecx,edi' O+ H1 a% v4 t
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
1 ?, v% t0 i$ Q: j, i2 s004031D2 52 push edx
! R m/ m8 W* g* I( D: n0 ~/ o% }004031D3 99 cdq
4 ?1 u: @9 c) P! y) _# t004031D4 F7F9 idiv ecx% r) a6 O4 l& k. D
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
4 f0 F! m' D/ x, W5 r& f8 ~004031DD 2BC6 sub eax,esi
1 j' r p" `3 W* c004031DF 52 push edx! C* b# J1 p) ?& w4 W5 V1 ?1 a6 l& y
004031E0 99 cdq7 z' r9 |9 g; p: S
004031E1 F7F9 idiv ecx
4 U: ?% }( i7 s+ s. b004031E3 8BC6 mov eax,esi$ \ w6 D: b4 T5 q3 g
004031E5 52 push edx
# z- u: g U- b" ?& _004031E6 99 cdq5 C! `# [! e6 X3 b+ g8 j- `5 z$ ^( J
004031E7 F7F9 idiv ecx6 @9 |# D6 H) m/ }1 G3 _
004031E9 52 push edx) D+ m) D, K; `1 ~
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
( K( a1 ]. u+ U$ }: l- V/ c1 c004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
4 v3 {# t. E* d3 f004031F3 52 push edx
/ O, a$ o3 w: j004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
; L8 h* O |9 G3 D004031F9 83C4 18 add esp,18
. i# t2 t. S, v0 T/ A004031FC 6A 04 push 49 ^# Z' D( q! J* ?5 O2 O" A; f6 V
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]$ N9 T) D" w7 p
00403202 6A 00 push 0
0 ?' V/ }4 d9 M$ a, g @/ k00403204 50 push eax3 x' [: V6 M% T- T# M
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. U c$ H- J' `% j+ w/ Z00403209 E8 D6530200 call qsr.004285E4( m+ ?8 J- l* p9 F( Y
0040320E 50 push eax" E; z: h: @1 ^8 t! @* h2 q/ |( E
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
* b& I; J; y/ P00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C) k1 o4 u1 R4 o
00403218 E8 A7C30200 call qsr.0042F5C4
; J; z4 d- t& c% I0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( k* j6 A; s' |; `00403221 885C24 3C mov byte ptr ss:[esp+3C],bl9 s0 x; ?6 O4 N% H5 C1 k
00403225 E8 61C20200 call qsr.0042F48B
u! c0 Q# l0 s, u$ J0040322A 6A 04 push 4' R/ i7 ?6 i% Y. p, A2 v$ @
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]9 D5 k7 l0 U; U! K5 G3 P: I
00403230 6A 05 push 52 H; _9 J$ C# ^2 a3 @8 v
00403232 51 push ecx
0 I2 q2 f7 J3 |) o* Z1 K, P G. f. W- l00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]' s! C9 \4 O4 d% a* e' o, x
00403237 E8 A8530200 call qsr.004285E42 V' Q( W& U$ g6 ?0 K" P& I
0040323C 50 push eax2 w5 @* C3 d4 D, Y) A3 U
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, r" O0 `1 O& ~. Y9 N- B1 q0 R00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D0 R0 d5 V5 \# w+ x
00403246 E8 79C30200 call qsr.0042F5C4
) E$ g6 E/ v _3 `; k0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
d2 K K; F2 k4 L. |8 Q* a0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
0 c) J7 F3 f! Y; Y' o3 t00403253 E8 33C20200 call qsr.0042F48B
" n' ^$ P3 g8 e, s# q9 v' m: L00403258 6A 04 push 4
: \7 l8 J2 g' a2 ?. `0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
7 z' V( t+ a# X' }0040325E 57 push edi# W, V2 c9 E0 x8 r) M
0040325F 52 push edx
3 h% \( h q& N( Q00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ {6 a& ~9 _7 G9 A( N7 n
00403264 E8 7B530200 call qsr.004285E4$ v: W6 ~) p/ r& K: o/ |# E; C* O* G) p
00403269 50 push eax# w3 D# A+ V: I c1 r
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]6 _& E6 T) H; }& e' U/ `
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E5 Y2 n& g. m! h: T. \ B
00403273 E8 4CC30200 call qsr.0042F5C44 U' P4 ]& \: C3 p/ J$ u4 p$ h! i+ ]
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
, m5 \: c3 ?2 U# K7 X0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl- m3 |; J7 M- a+ u! a! f9 B0 Q
00403280 E8 06C20200 call qsr.0042F48B) v+ B2 ^$ r6 A# l# R+ u
00403285 6A 04 push 4
5 h' W0 W! G+ K/ C3 n: X8 o2 y00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
8 K$ P; S* Q+ E/ Y2 j! k0040328B 6A 0F push 0F4 P: s" @& u! M4 X- e
0040328D 50 push eax
8 I$ A" g) E+ d/ Z9 w7 |0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]( t$ w# z6 m. E. e* v
00403292 E8 4D530200 call qsr.004285E4
+ o0 n9 v( B0 z3 r00403297 50 push eax5 m3 E/ P4 j# s' F
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]3 i$ l' n' @9 W9 { c
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F, u1 d" s' _! @4 m
004032A1 E8 1EC30200 call qsr.0042F5C4
4 l6 {% Y# V3 ^004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" _% i: o: [" X/ B2 z X004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
0 s: H6 H+ K6 {2 F! q7 G) O004032AE E8 D8C10200 call qsr.0042F48B
4 L6 {& G5 w+ p5 E/ Y5 X004032B3 6A 04 push 4/ i# M9 n- y' B( J: }& i! h) ?, R
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
; B# t8 o3 l5 C/ \! z2 p004032B9 6A 14 push 148 a @! V6 Z: b3 V% f: R
004032BB 51 push ecx
, ~( A6 t5 ^/ ^8 [! \. @004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( Q! h+ Z/ m9 g, _- |' D$ O, r* p/ F004032C0 E8 1F530200 call qsr.004285E4* v- C$ F; V4 G: v
004032C5 50 push eax
) a# W$ ~2 |1 P6 p$ p4 c$ u8 H004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]' a4 p8 ]4 b1 D/ c6 u/ X5 f
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
# A' U. x& N7 A7 W004032CF E8 F0C20200 call qsr.0042F5C42 ^) H3 @# @ ~1 x' y
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( X" Z4 b* {, G2 Y& Q8 q b004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl0 D3 j% Q5 i, Y# C8 p
004032DC E8 AAC10200 call qsr.0042F48B8 E4 |8 M6 B1 _8 i$ e6 Z
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI2 s) \) p7 }# Y0 `! U* @9 ]
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX0 M9 W" J/ I6 d/ X
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL' i+ p7 G/ z0 f$ H$ Z
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL: z( U/ L! {4 w6 \
004032ED 8ACA mov cl,dl ; DL送CL/ z3 J& K& I: Z' u6 n! @7 ]" p
004032EF 3AD3 cmp dl,bl ; DL和BL比较! ^* w& V4 G5 i( W) Y5 z" d: P' o6 ]
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳) P( R+ e0 T/ B* n
004032F3 84C9 test cl,cl I& Z0 h1 g Y: P. I
004032F5 74 16 je short qsr.0040330D* ?$ @8 I7 k! T
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL& T+ v( k1 y' u4 c4 }# f
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
( V$ g9 ^* M* Q9 f4 N004032FD 8ACA mov cl,dl) `' z5 V- x% K0 A
004032FF 3AD3 cmp dl,bl ; DL和BL比较$ q3 n. @8 N# V5 I( q8 t$ [
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
. Y8 J: d! S- _, Z0 o) b00403303 83C0 02 add eax,2 ; EAX加2
* C2 Y9 _$ T4 `: P00403306 83C6 02 add esi,2 ; ESI加2
: z, W- J" c4 d, O* \" _00403309 84C9 test cl,cl- g, F+ f1 k3 C; ]0 I
0040330B ^ 75 DC jnz short qsr.004032E9
, G, P. g5 Q* G7 Z0040330D 33C0 xor eax,eax
, ^' @" t6 o1 k+ `0040330F EB 05 jmp short qsr.00403316( G, R% Z5 `- z5 {6 O- N
00403311 1BC0 sbb eax,eax/ q9 Y4 s3 `( m( H, D' u, P
00403313 83D8 FF sbb eax,-16 l" _ |, q# A, L
00403316 85C0 test eax,eax5 @1 Y- |& y. I
00403318 74 0E je short qsr.00403328
4 p8 }% {- z/ k" n- G; O0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A. { E( C- V2 L" Z
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]8 j! o' P% {$ g- c* q6 X2 a6 Z
00403323 E9 F0000000 jmp qsr.00403418
! }1 v& F0 i4 I& ~00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
! ~. N2 n6 O1 f& W0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 [$ w3 x1 Y6 ^: h, g: N" s0 G
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]: o u, C% X: v
00403333 50 push eax
1 \* s5 y& c( k: I00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX: L" ~( r* c9 q
00403339 50 push eax T* q/ D. c% W& F& \, {
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX4 Q! C$ Y: b5 H* ]
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX; n% {% O0 t- G
00403343 83C4 04 add esp,44 F0 q+ c! {; y4 q2 f2 h. f1 ?; B
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
* @* B! X7 ^6 I& X" @! ~00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
2 P& w- w; c9 g0 Y0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]% l$ m% z- n4 M! d+ ]
0040334F 50 push eax1 P- b' d2 k4 Q6 N$ h1 ]# l1 O
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
$ p! U7 x0 x$ E00403355 50 push eax$ p; R; x! b. P+ R* f) |
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
4 W9 n3 l, s4 ]! c. P) Z* N% ?0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX5 F! x$ ^5 a7 P! G7 V+ X4 X
0040335F 83C4 04 add esp,4- K- t7 V! }# ]) W
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI8 l7 m* y4 k- H% N, M
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 D6 W1 v4 ^: J7 n2 r+ e00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]! W% _& N4 }8 h& N
0040336B 50 push eax7 ]: j4 [- Z: K4 e' u1 l+ Z7 U( w
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX9 U* F; u, P. z+ k9 _ ?
00403371 50 push eax; F# q# d7 A/ I
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
+ ~ V5 M( q( ~: e% J1 V* N00403377 8BD8 mov ebx,eax ; EAX送EBX
( d8 ^! O8 w- u5 g00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
% i0 ?% m; u$ I o5 G0 c0040337D 83C4 04 add esp,4& Y' d: N, @4 O# q' C
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
4 E0 n. I6 n: }* I |2 k) E: M00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
2 M& B6 h& t% U. j6 N, j00403387 50 push eax
; R& s v. q5 A% x* D3 a6 m! e00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX$ z9 W! v2 Y! d# C0 {, `0 ~. \
0040338D 50 push eax
# I, q# Y1 \7 P0 e& q0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX4 M0 o* B! R% J3 s4 g- P" @
00403393 83C4 04 add esp,4. O2 S. ~4 \/ H, c4 r) k6 A) M
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
8 ^; k7 }5 l8 ]0040339A 8BE8 mov ebp,eax ; EAX送EBP
2 V% j$ X7 g+ j( t0040339C 6A FF push -1
/ o' ]" v9 M6 y q6 ^$ {& u) A0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX- Z& y8 I V# b) [. Y5 k3 _
004033A3 6A FF push -14 B) a* L' c7 V: G# }3 b3 h# _
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
; L1 U8 A" k, h004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
2 K2 w! H" n9 u8 B004033AE 6A FF push -1
; p) ^ k- Y1 U; G! {" m4 ^# e: T' C004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
/ q" ^8 F$ {3 X; G; G1 T004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
+ n1 z2 R) a, j3 M; X4 \004033B9 6A FF push -1! d! v5 K9 z; O1 A4 U
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
2 k) t1 C5 y, j2 h& _004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
5 y) e3 D' f5 c3 g004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
' \" Q8 u3 ?4 D' _004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX3 {2 u4 [. y) ?% y7 t9 p
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: |# q! A- c7 z: Z9 r3 d7 _
004033D7 D1E0 shl eax,1 ; EAX左移1位
1 D7 n% V" I8 ^* k004033D9 99 cdq ; EAX扩展/ p9 a$ Q% l. D' D- {8 h+ C
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
5 s0 G- D: }: A' t004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
5 o+ p3 j5 U, s0 r# H" f" ~/ Q( G004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)2 k8 ^6 Z8 Q" H! E4 t/ Z G5 N
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
6 _2 p- t& k7 g& A9 z* S004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
9 j& k9 ` X0 [, N0 d" s004033E9 EB 2D jmp short qsr.004034189 Y% U4 T `% f2 B
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX+ Y" r* ?8 b9 ~8 j8 }5 J8 o& B
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2$ [, f, M5 O: N! {5 a$ m# T- o; o
004033F7 99 cdq ; EBX扩展/ _7 F4 @ j) n) d4 }
004033F8 33C2 xor eax,edx ; EAX和EDX取异或, M& r; ]$ w3 l/ c$ D: {
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX6 K5 v, y; k& n& x5 ^5 D& y! p
004033FF 2BC2 sub eax,edx ; EAX减去EDX5 R( ~+ L/ U) A* f$ z5 L
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
% y9 g4 y1 t9 p$ m00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
+ [1 H# R0 L9 G+ T00403409 99 cdq
7 F# @& L& l+ Y, J7 U5 y% \* A0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
- M" c5 ?+ B. H5 M* y; _! C0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX! o$ C/ O8 k7 a! i T* T A
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
8 Z4 s) F% K2 H, B0 u# d00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
8 ^: o/ q: V2 x) J00403418 E8 6EC00200 call qsr.0042F48B ;
- _! T3 ]( u7 v; j8 `. G0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
5 a; u* o( G! }: `5 p w00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9& ^: y3 z, z6 S: H
00403426 E8 60C00200 call qsr.0042F48B
y5 E& o9 Y5 a+ |: z: C5 j0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
- P$ h- b$ h# C7 D% c# X& G0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],88 A& N* R1 @' z' F) S8 {* J' P; }
00403434 E8 52C00200 call qsr.0042F48B) ~+ t+ H; _6 z' s0 x
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
1 B0 |3 f0 m* n$ z8 f0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
0 X ^, i `: R+ w4 }/ c00403442 E8 44C00200 call qsr.0042F48B( j% v/ {1 k2 C
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
/ M9 r5 \0 a/ \3 ]# Q; }0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
% o. H+ h* n n0 u2 ~. @00403450 E8 36C00200 call qsr.0042F48B/ c% ^4 S# l$ w; u; I9 C+ M+ ~; c/ q
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& P& n" i2 Z4 o; S7 m00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
$ p# K0 n! Q$ ~" J1 ~0040345E E8 28C00200 call qsr.0042F48B
5 e& s3 u" J1 T6 N00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]6 T e2 C, j5 J" |
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
4 x: v* `- d) H5 [& R$ A" y0040346C E8 1AC00200 call qsr.0042F48B; @2 r i6 f2 Q. S& G
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]# l( L* }$ Y0 U2 |/ U( [; Q
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1) C! [4 m' e X, M) U2 V' g
0040347A E8 0CC00200 call qsr.0042F48B7 O7 Q+ {' j7 y4 B' l6 Y
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
, r* n4 C, @6 q v+ M/ e00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
9 v! c7 M: i) s0 V; b00403488 E8 FEBF0200 call qsr.0042F48B( Q; c: h) f- l! |7 K; l
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]8 b. t$ \" R. s0 v; m1 i! W2 x* _1 W9 {$ x
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1/ j6 x7 I% k, t8 A% b
00403499 E8 EDBF0200 call qsr.0042F48B
9 E4 q; l3 s3 \) L6 ~9 r! s0040349E 32C0 xor al,al ; AL清0
0 k3 A7 x: D; \: }4 `; A' T3 S! ]. P( q004034A0 E9 88000000 jmp qsr.0040352D1 {, D, z1 \ H* b* ]
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
+ e* D0 i1 ~. L: g. W7 h8 h) P t004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]2 p' G4 T+ g8 E& b" r2 B
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9$ Z4 T# T; }" g7 ~
004034B3 E8 D3BF0200 call qsr.0042F48B- n6 X# D: u# }. R
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]3 R" q& O7 t, Q8 }: z
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
& w4 n' B4 U4 ]& j7 B2 h, h- \004034C1 E8 C5BF0200 call qsr.0042F48B; _, V! q) a- F" T, e* F7 t# C
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]+ ]+ k' ^! Z* d3 ?, u
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],79 ? ^: g8 }3 I& t, `
004034CF E8 B7BF0200 call qsr.0042F48B
7 T# i+ \: D2 O0 d* Z004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
) ]3 j/ }, {7 x9 L4 [" U# l5 n. T5 @' D004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],64 N4 K L$ D2 i
004034DD E8 A9BF0200 call qsr.0042F48B
4 [, n; A V' |$ T004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
( Z7 i" [: {6 P! @# g2 \" d% q004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3& S* ^: g: V8 y' b' U6 P
004034EB E8 9BBF0200 call qsr.0042F48B
' B$ U L# r0 O" b' H004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]) h4 r& ] J$ j$ n1 o" k
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
8 d5 @+ ^2 d/ c D2 `3 |! }004034F9 E8 8DBF0200 call qsr.0042F48B( o9 N' } B; \; c5 O- U/ d7 ^7 b6 n
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]* R' X3 Y& ^% s& w0 G
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
% U; A7 @/ u9 B% p00403507 E8 7FBF0200 call qsr.0042F48B
3 J0 b4 m4 f! [0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
- s& V4 V! ^6 t5 X& z1 ^00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],09 {! Y0 H q8 @
00403515 E8 71BF0200 call qsr.0042F48B. ~7 W/ ?; v4 P) ]* \$ S$ }
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
" i; m6 T7 U5 W0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
/ {; D" I5 c$ I( r6 x6 u- y' L00403526 E8 60BF0200 call qsr.0042F48B! k/ s2 q9 j" @ M" g. A8 ?- L
0040352B B0 01 mov al,1
z0 q$ K( M/ s+ c2 Y& X0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
9 I( w/ i: K: ]% Z5 ^# G$ X2 l' V B& W1 m00403531 5F pop edi
; v% _/ ?2 R; E9 z, h00403532 5E pop esi. @* q& E2 S) V: A
00403533 5D pop ebp
+ N/ j" k! N$ D8 Y00403534 5B pop ebx
" R8 `" x; [2 n; z4 G8 Z' Q00403535 64:890D 0000000>mov dword ptr fs:[0],ecx8 l% \$ Q, a1 ^5 L+ \
0040353C 83C4 30 add esp,30
! F4 Z l! z: f; k0040353F C2 0800 retn 8( G J' J' M* ?% a) k8 S0 D
--------------------------------------------------------------------------------9 Q/ X0 J1 O8 D
【破解总结】9 a: r0 z6 a, X) m# ~' J; e
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
3 {$ {$ m4 k$ K% [1 E& w+ S6 a: L用户名:yijun+ [& U- B( T8 a8 U$ s2 y4 C/ w, ?
注册码:4893*7777*3726*7777*0529
2 A" _3 r5 D! G8 A; u--------------------------------------------------------------------------------
3 b) H3 E4 \& k3 w- M& s【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡