|
|
|
【原创】破解Quick Screen Recorder
9 Y9 s c2 ]% @- O' K! S& X. }, L【破解作者】 yijun
T: N/ m% L& O& c【作者邮箱】 [email protected]! a3 ?7 j% u+ [/ _4 h
【使用工具】 OD,PEID
$ C, K9 Y5 Z$ A: {) f8 j【破解平台】 WinXP5 Q1 f6 A# ?2 ` e
【软件名称】 Quick Screen Recorder7 o, I( s% N0 R, R1 a* ?) k0 a. G
【下载地址】 天空
& `# k. L" m4 Q/ _. L9 O【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
) |3 V# G H7 Z F3 U% E【软件大小】 540K
& Q) W) p+ o' s. A【加壳方式】 无
0 E& z6 J0 { k8 m9 I) o4 t【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)2 a2 Y! @# f3 W$ P$ z& w
--------------------------------------------------------------------------------- f8 A, L# N7 k, q( p: i# A# P
【破解内容】
. l3 c: A2 f, W' Y5 g PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
- C; v0 ^6 A+ {0 ?- ?00404C69 55 push ebp //在此下断
: f% W. L9 ]4 g9 s( @00404C6A 56 push esi c0 Z$ N/ L" A+ n) P3 k! D
00404C6B 57 push edi
9 v% j* ]1 t3 F00404C6C 8BE9 mov ebp,ecx6 ~) Z/ L5 B( b& y8 Q7 O t, h
00404C6E 6A 01 push 1" z' s9 n$ ^! {; y$ W" s- p3 C! d
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名+ s8 s! R1 @& I& X) @
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]' R1 [% a0 F+ q, b9 m
00404C78 8BCF mov ecx,edi
/ g* b& ~0 W& P$ X ?% H00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
j1 j' ~$ x H' T$ S# J% q00404C7F 8BCF mov ecx,edi7 D7 C' p1 Z: e5 \( n$ [
00404C81 E8 A73E0200 call qsr.00428B2D8 {. F) R4 j3 O$ W
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]" R* q2 c2 i: m0 {
00404C89 8BCE mov ecx,esi' }' D; D; w; i; m6 b
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
3 a' r# q' H9 w9 @; ~, _00404C90 8BCE mov ecx,esi
! e- X& Z7 _+ V* b00404C92 E8 963E0200 call qsr.00428B2D
0 A+ v0 I1 b. X J00404C97 8B06 mov eax,dword ptr ds:[esi]7 @ c/ y" e( U4 X+ a
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],20 v4 Y; Z4 k5 j2 b
00404C9D 7D 26 jge short qsr.00404CC5
) k; L( w, B. k1 p) n00404C9F 6A 40 push 40
4 |8 l- \' I5 W" q5 H5 F9 G! j+ G% M00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
E6 h P+ ]( ?00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
) Q& Y: r$ J) N2 }! p6 e00404CAB 8BCD mov ecx,ebp
5 U* l, V) c+ D# f+ o00404CAD E8 C3840200 call qsr.0042D175
3 o- L6 n$ E5 C. s9 _9 z00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]- l& Q7 F+ {" I# O$ G; G
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx1 [/ V0 }2 V& M2 [$ U8 u
00404CBD 5F pop edi+ J6 I8 U& F! d4 w& G$ x
00404CBE 5E pop esi
: t% @: Y2 r3 k! S/ l, y0 f) ?1 s6 X00404CBF 5D pop ebp
; v0 [% @: C: K& S00404CC0 5B pop ebx) D( d- t' R/ x6 {0 M
00404CC1 83C4 18 add esp,18
6 y9 h8 x% f& Y$ y, l* o00404CC4 C3 retn) D+ g! C* F$ O% p3 V+ r# Z# a
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]3 U X% E8 x, [4 X0 W4 z Q
00404CC8 84C0 test al,al, O* P. Y8 s L& \! l& R
00404CCA 0F85 1C010000 jnz qsr.00404DEC
) `2 b# S/ Y4 d& O1 ]00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& [" z9 j) }' |- ^! \
00404CD4 E8 87E3FFFF call qsr.00403060
% G E( @! b; _' F2 Y0 N00404CD9 51 push ecx
* n/ Q: r% o* w9 P5 h) ~$ A& y00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
5 E% {6 `; t* @. h9 X" H$ O00404CE2 8BCC mov ecx,esp
, j& g" u4 s: X) L00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
& y3 `! _2 c0 N* P' ]+ a9 Y00404CE8 56 push esi
* Q. X7 p5 W. d: h: i# w! V# c6 ]5 Z+ X00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
* \" [* p- ^( _; V9 {00404CEE 51 push ecx
0 D% L" r* }5 S3 p1 q: L# A00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],10 o4 L0 D! j* R2 j' r- _( O7 N
00404CF4 8BCC mov ecx,esp6 L* z2 F6 ~' c5 D
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp, K* a+ U. b! {7 |' o/ w
00404CFA 57 push edi. D6 e. B& y! ~- P5 [( s% X
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是02 ^+ Q( a% `4 @+ Y3 `2 P
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" Z! ] _$ w1 R) p7 w00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0) u% M! c+ s4 |% ^
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
& F/ @$ P5 h, j' h6 A h00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
2 s; a& a" z% Y, q3 G5 J00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
- k4 |& e! J+ Y00404D12 6A 40 push 40) a7 d2 O Q+ G! u$ H
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
( @; l7 F1 n: R8 c9 n' ^00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again.", o+ T6 n6 i+ u; k( d
00404D1E 8BCD mov ecx,ebp H4 R: S/ K' y4 S! x
00404D20 E8 50840200 call qsr.0042D175
7 e5 `9 Y, y2 _8 @- R! V4 r00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
3 c9 I1 b" g2 ?, O: ]00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
1 q. J4 E% u+ @9 ?00404D31 E8 5AE3FFFF call qsr.00403090
/ g% V0 b% B7 B# Q6 G00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
7 c3 M9 K8 ?: }7 k00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx8 \* `& T# K- |+ U) B
00404D41 5F pop edi
+ C& D0 W i- A) z& _$ h) ?00404D42 5E pop esi
5 X1 ~" c% S9 G00404D43 5D pop ebp
0 r4 A3 {; l/ L. h% `2 h00404D44 5B pop ebx
$ q |+ h$ h3 [9 t00404D45 83C4 18 add esp,18
* W( V# K% V) T; y8 F( e! m00404D48 C3 retn
2 j+ o- F2 G8 o& h/ S. @*********************************************************************************************************************************************************/ T2 z" x: \" X0 [7 p. @. z
跟进00404D09处CALL来到:
# \9 O. h- ]% T/ Q: [004030A0 6A FF push -1 //一路F8下去~~~~' J: h( S5 E. r
004030A2 68 C88F4400 push qsr.00448FC84 l4 T. g( e" Y# b9 L9 l! A+ B O
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]- `$ h/ V9 ~3 M4 Q$ r1 S5 t
004030AD 50 push eax
# ^1 W4 }' M: T, K9 u9 K* ^, p004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
6 z! \ c) M; n004030B5 83EC 24 sub esp,24
$ v- _1 v3 @$ K% l004030B8 53 push ebx9 Z7 O( q2 Y- ~1 C
004030B9 55 push ebp
; ?0 r' M# W" \9 L2 b004030BA 56 push esi
* g& V6 Y0 G/ k004030BB 57 push edi
, _8 a% t9 H: m8 F( `& \004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
" o' {' f8 d: N9 e; l& G004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
/ C$ a" `. q+ n- \, K& L004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],12 @. m( A% f- {' z0 H+ Y# T2 E
004030CD E8 27C40200 call qsr.0042F4F98 W% I; Q6 `3 k( O* F
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
# x, L2 Y! N; H& C! X/ y004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
) t8 S! m2 v6 k. w+ P004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
% J. \2 N: c! _% H; z, y004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3- c+ q- X4 d3 |* ~; v5 E1 B
004030E4 E8 905A0200 call qsr.00428B79! g( g% v7 Z- `) Z7 s$ D
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]! I% a y {2 g: N v
004030ED E8 3B5A0200 call qsr.00428B2D
, D4 k& _7 c) w0 d: n( V004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
& i5 m' j/ x& ]8 C/ ~: K004030F6 E8 7E5A0200 call qsr.00428B79
& [: n0 F/ E# F( _004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
$ h8 L. Z- z3 F7 u" t# z$ n3 H, R004030FF E8 295A0200 call qsr.00428B2D
6 L8 e- ^8 A s x3 ~" m& J! A5 p00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
5 X2 F V$ r+ G00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]! {" I f6 Q4 c$ z2 b
0040310B 83F8 02 cmp eax,2
) |4 {3 }. d# r9 A: ~3 d0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳2 E% M) h& b& v* r3 a. u
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]- j2 [/ H5 [2 q8 |
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
% u+ g+ `3 S9 b" @: ~% Y: m3 c ^0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
1 o" Z1 r* v; ^. b1 ?5 ?( a00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]' q3 b X( y. U# S: I- J
00403126 6A 01 push 1' w+ D0 U3 x C$ D7 j, d% w' j
00403128 50 push eax9 f2 m0 x0 S. L
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]. x z, o! Y+ Q
0040312D E8 C4550200 call qsr.004286F6/ K( x+ U2 O4 L: |; t2 g8 t* y9 u
00403132 8B00 mov eax,dword ptr ds:[eax]
% M1 Y) E1 c/ Y00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 W) |0 a* _/ x) Z' m00403138 50 push eax ~% R: z) h- `/ l1 x6 j% k
00403139 C64424 40 04 mov byte ptr ss:[esp+40],44 r, C+ E9 x0 |' w$ U* B
0040313E E8 4D560200 call qsr.00428790
4 y8 ^+ Y$ p$ `2 F3 v( B00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' }: C6 T3 K# N, C8 h" T/ x1 B
00403147 8BF0 mov esi,eax
; ^$ g2 d! [7 G0 v+ a9 O" h* x5 R00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
: {* \- y) G! T4 W: F5 p2 e0040314E E8 38C30200 call qsr.0042F48B
5 b7 V& E: ?$ x, F( b00403153 8D46 0A lea eax,dword ptr ds:[esi+A]( L! E z7 T- g0 {$ e. F
00403156 B9 3E000000 mov ecx,3E( H O9 J: q' s
0040315B 99 cdq
+ q( F3 d* O' y4 ?* X4 z0040315C F7F9 idiv ecx5 Y8 e) a9 V$ ~. c* V
0040315E 6A 01 push 1
1 E( j) V, ~: g9 T# n00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
1 L) D* g2 _1 L9 j00403164 8BF2 mov esi,edx
, i3 U! v5 o/ r7 x00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
0 x+ f4 a5 q6 _6 @8 |2 {9 C( p0040316A 52 push edx4 W8 G- A: T. i0 a% S# P6 e
0040316B E8 0A550200 call qsr.0042867A
3 a; s9 I! s; x7 ]/ C" n- ?* [00403170 8B00 mov eax,dword ptr ds:[eax]; G. k8 n3 A( d- Z5 |
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
1 N I5 B1 \" k0 r00403176 50 push eax7 a; r2 k+ f1 n2 O1 ~$ ~5 v9 n: G
00403177 C64424 40 05 mov byte ptr ss:[esp+40],54 J& K/ w0 U: p/ v; ]$ I% W
0040317C E8 0F560200 call qsr.00428790
/ l/ I" M$ r0 Z* ?. u: P' S- I00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& z! t0 M: f! D, N( I( P( I8 P
00403185 8BF8 mov edi,eax2 \: r5 b! v+ m' d
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
N7 |- c0 D. f) V0040318C E8 FAC20200 call qsr.0042F48B4 F. C6 M/ Z4 w$ X0 J/ Q# ^9 S
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
1 g/ Y3 X0 c/ h8 r6 f4 p% b$ m( ^00403194 B9 3E000000 mov ecx,3E
, O6 x) _0 u5 Z8 V2 K5 M( u9 F3 n0 P00403199 99 cdq) X* \8 m4 u S* n0 r5 A
0040319A F7F9 idiv ecx
9 Q5 `5 @$ g& D8 `9 C; S0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]2 } v ]9 y" `9 |$ K. T2 z
004031A1 894424 28 mov dword ptr ss:[esp+28],eax
G: g' c }+ d% c6 O# Y004031A5 8BCA mov ecx,edx
7 @: C, J, H! D; N004031A7 894424 24 mov dword ptr ss:[esp+24],eax) x0 P' m1 y3 [! B6 q
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax, S6 F' u- a8 N1 B
004031AF 894424 18 mov dword ptr ss:[esp+18],eax3 `: A0 \6 s! C3 u# \/ y, d
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
' B/ I3 V' _4 C7 E o# c5 ?4 v004031B7 894424 10 mov dword ptr ss:[esp+10],eax
5 q! I- x0 Q) n. r. Z5 m, u004031BB 8BC1 mov eax,ecx9 s; a3 m& M/ Q0 Z; U5 C
004031BD BF 0A000000 mov edi,0A
1 p3 H a- {/ r( k004031C2 99 cdq
7 _( A, C0 Z: [. ]+ t0 I004031C3 F7FF idiv edi4 `+ z( D% V3 c7 }" E6 b
004031C5 8BC1 mov eax,ecx
; V4 ?% W2 T% a3 D, y1 l1 C; j004031C7 B3 0B mov bl,0B! e* V6 ~+ u0 M2 ~, w+ Q- [8 t
004031C9 0FAFC1 imul eax,ecx
9 i/ c+ J% B1 O004031CC 8BCF mov ecx,edi
6 k' o: n; r' p0 }004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
0 n, a- u7 V; M004031D2 52 push edx7 s# B1 M; G- e- j0 u7 N
004031D3 99 cdq; o, j$ P) W9 ^* v( b6 D+ ~
004031D4 F7F9 idiv ecx
, }; U' J, }# F& j/ Q9 n* n& ^004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
: B* l/ ` ~" |0 u, B004031DD 2BC6 sub eax,esi
% I1 Y" ~8 L* m5 e; v7 o004031DF 52 push edx+ V! Y/ M1 V( J' `/ e i2 G- T
004031E0 99 cdq# O' P# u/ N5 F) u# v! x9 f4 Z* h
004031E1 F7F9 idiv ecx
9 O, a# r+ E( L$ l/ f004031E3 8BC6 mov eax,esi/ V" C2 ~: t4 M/ S
004031E5 52 push edx, K& J; R3 U) j! k
004031E6 99 cdq+ q7 I7 j0 u& A- v2 T7 f6 G
004031E7 F7F9 idiv ecx6 z Y/ G$ e! e' A+ p1 g& e
004031E9 52 push edx( l( b Q4 Q y. S
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]# j1 E, i* ~! u( {$ A7 F
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d", M& _# }4 ~+ N( G/ v" w
004031F3 52 push edx6 C" L! |! `. z# L1 w
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
" r/ F h$ o. }. h$ [& U5 N004031F9 83C4 18 add esp,18 B6 Y( R8 w/ r
004031FC 6A 04 push 4
0 s7 ]4 n. |8 y- W! [8 V004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]# e$ o% `! ~* |' b
00403202 6A 00 push 0/ c, ?8 L4 [/ c- Z6 E, b! W5 z
00403204 50 push eax- P, P# w0 e, [/ Z# Q7 M
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 Z7 L8 d) v& s1 n! C+ z# ~! @00403209 E8 D6530200 call qsr.004285E4
4 b: O3 c; Q0 r0040320E 50 push eax' ?- I, _& ^! j
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
. W% {6 Y3 L7 ` S: ?* G, ?00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
" W+ b( e4 A% M" P5 D4 n9 F00403218 E8 A7C30200 call qsr.0042F5C4
3 L2 H& T: l( S$ [# f; p* f( s% @0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% K/ i- Y2 |4 f+ c }
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl1 O2 s3 { l8 r
00403225 E8 61C20200 call qsr.0042F48B( j Q0 [; s6 c
0040322A 6A 04 push 4' s& c! m. ?4 p) R7 ~9 S
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]# m/ g$ b: a- V
00403230 6A 05 push 5! q& q% M$ K* y' }4 B" ?- m# R
00403232 51 push ecx5 L/ ^" T/ ~" D; s$ ~. e
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
$ ]; b7 {' }9 K+ J5 E00403237 E8 A8530200 call qsr.004285E4" Z3 }5 }( q- {' h9 t. b% S
0040323C 50 push eax
- N) {8 e% Q: m8 R4 r0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]) w4 Z7 t4 a4 h
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
( ~) N# `5 d3 U; e- j00403246 E8 79C30200 call qsr.0042F5C4, b3 Y4 Y9 A# J. l$ t) c
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% E( A {6 I; j- F, |# C' @; m3 p
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl7 X! v; A$ D4 u# A! r
00403253 E8 33C20200 call qsr.0042F48B: e1 C" a, \- b% F
00403258 6A 04 push 4
* K! m6 d0 B; _7 C. ?0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]& u3 v7 P6 a2 N0 K% P
0040325E 57 push edi
2 K; W9 H8 y' r1 n+ x0040325F 52 push edx
2 s2 g5 H9 Z* Z9 g00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
) B- }8 G6 c9 K' w3 l9 M5 h00403264 E8 7B530200 call qsr.004285E4
3 k0 B2 P! v q/ y' b00403269 50 push eax
) }( J" v! p) H8 |0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
4 ?) U3 _1 f0 g/ U0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E8 _ e; \( S- R- v8 t: y
00403273 E8 4CC30200 call qsr.0042F5C4
( j( g8 R2 ]4 h( o: X2 K) {. N) j8 q00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# t- r7 a( N+ x0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
3 T1 D9 u, Y2 C# V00403280 E8 06C20200 call qsr.0042F48B8 \ @$ e9 o% P. E0 W( n b
00403285 6A 04 push 4. P$ \2 z& L2 b& S, X
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
, `# ]7 n L) p+ {, Z4 d$ Y- c0040328B 6A 0F push 0F
$ H; K% X: l5 v% {0040328D 50 push eax
) @- ~: i p, q4 J: x0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
# _! C0 V$ j# v5 s$ q3 f3 A$ p8 p! G0 u00403292 E8 4D530200 call qsr.004285E4
- e0 c9 @$ d" _. |! j6 M2 `% }00403297 50 push eax
4 Y( l. }1 _" V ]0 v00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
; [1 h7 t: A3 D! Y7 |0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F: f' v6 k" N, R, T/ n
004032A1 E8 1EC30200 call qsr.0042F5C4
1 B9 ], o% ~7 A, A004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]8 n; X. O3 E% n0 M
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl+ Q# X; u j+ {: N; ?
004032AE E8 D8C10200 call qsr.0042F48B) ~/ R! E2 c% M& P3 }% u) t
004032B3 6A 04 push 4
# Z+ X. A+ Z' c F" q, N7 P004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
" [+ L& R4 W+ H1 A5 @- s- Q004032B9 6A 14 push 14
7 @3 Q, l( x% W4 U; _$ @' e004032BB 51 push ecx: b( ]- J: K+ E8 j; D3 G' ^& e
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
1 d6 D; h8 J' L5 g- }/ x/ h2 M004032C0 E8 1F530200 call qsr.004285E4
2 N/ \# L, U. e. U6 w/ ]( b5 ^004032C5 50 push eax
% _, y4 X0 G' i1 U/ A' D004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 l1 c5 X1 D. s9 C6 U& S004032CA C64424 40 10 mov byte ptr ss:[esp+40],10# ]1 k/ ]6 P! @" @ ?4 k& O
004032CF E8 F0C20200 call qsr.0042F5C4
0 I2 s1 A# \0 I* {- J( o0 F004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
! f4 s. f3 A& l% v) M004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl4 M1 S3 u' r" X( c) H
004032DC E8 AAC10200 call qsr.0042F48B) x" t+ y. p/ U1 Q2 Y( @7 _
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
+ N4 A3 o; I0 t/ M9 W004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
7 u) n8 c. ]$ Z# {8 @2 k004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL! d1 w) b; g4 F) ^; d
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
+ K. L; M3 o& t4 y p0 Y1 ]004032ED 8ACA mov cl,dl ; DL送CL
4 v$ ~6 X& q, O; f/ L: M3 r004032EF 3AD3 cmp dl,bl ; DL和BL比较
4 i8 ]/ P# P; T! n8 s. N004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
5 O' p! X$ `7 h2 m; H# Z; j, U, k4 ^004032F3 84C9 test cl,cl c- w& m; D4 a& C3 G- C7 k( r+ _
004032F5 74 16 je short qsr.0040330D
9 ~, y: v( N I, ?+ k9 h. X004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
% o0 D% L6 \7 u' `4 E1 F004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
! V$ Y) z; n1 {+ e004032FD 8ACA mov cl,dl
9 ^) R' L8 C+ \004032FF 3AD3 cmp dl,bl ; DL和BL比较
: z, d, l+ T1 B5 S6 A" C2 ~" v8 z+ f00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳); D8 R( R$ e g- I/ |- G. D
00403303 83C0 02 add eax,2 ; EAX加24 n, W6 J; }6 s6 \' {& h" M+ }' T
00403306 83C6 02 add esi,2 ; ESI加2! i* g+ [5 `- N( t+ k* `6 O
00403309 84C9 test cl,cl
8 z( o; m7 y8 Q0040330B ^ 75 DC jnz short qsr.004032E9
# D& b" A: x6 t0040330D 33C0 xor eax,eax5 {6 h/ ?; x4 P& I% ^2 b
0040330F EB 05 jmp short qsr.00403316
# p/ r/ R6 ^: ~6 `00403311 1BC0 sbb eax,eax9 `# {" j- f, }$ r) W9 x! ]' u: b
00403313 83D8 FF sbb eax,-1! C6 w, N. l# L$ n' I& D
00403316 85C0 test eax,eax
+ G# j H, h- j9 B& i6 w00403318 74 0E je short qsr.00403328
g' Q) u) |; X# V) ?5 v7 b0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
9 I0 D, _0 N6 Z2 x) d5 m& ]0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]9 x a7 G* i) F2 S# d4 C
00403323 E9 F0000000 jmp qsr.004034184 I9 K8 R- ]0 t9 e
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX- U; q. P3 u1 Y4 J' N, a
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
: y9 G0 k2 s) d% S- q00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
9 C2 d E0 N0 v$ u& q00403333 50 push eax, T* f( l7 R+ P+ q7 j
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
+ G2 ?" P1 A8 o/ ]00403339 50 push eax! s3 t- U* U. F0 x1 d1 C
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
9 ?3 q* j+ m3 a) i+ @9 S+ B0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX! L- B7 \" U/ N& I0 j
00403343 83C4 04 add esp,4+ C8 q& V. H) f- y. C0 u7 [
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
- O- k8 V% O1 s# j8 [00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]6 [4 R1 ^+ i0 r' T! h
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]' h/ H# n9 N8 r
0040334F 50 push eax( q8 `" C# d$ ?* b7 ?% H# ?7 \
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX I; f3 ~, r0 l. ]9 ?2 y
00403355 50 push eax' P0 V4 {% ~5 A/ N
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX1 E0 u, T$ i- M5 H+ p
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
6 V$ r) Z! @ b: Q2 R0 y0040335F 83C4 04 add esp,4
& I! A- ~: U0 N) X( G00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI1 P% b4 X. T5 o! K/ ?( q. [" I
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
# P4 o4 H# D5 D% I; g8 E00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]1 z8 A* d- x b/ a. o
0040336B 50 push eax
& p# ]# g9 |- g8 A0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX( @4 \6 j& Z# m" [
00403371 50 push eax& M8 _6 y9 C: k3 ~! E
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX- O) Y# l; [! x
00403377 8BD8 mov ebx,eax ; EAX送EBX
& U( Z3 K0 r g- ?$ G5 ~00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
: {9 R1 d+ S4 z+ ^; T0040337D 83C4 04 add esp,4
n% w9 }! n4 N$ h( ?) b% d00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]% Z+ j1 Q% m5 V
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
. o- ?, ?, [3 D! o00403387 50 push eax4 Z' T1 e3 ]5 v$ k
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX* p2 g& j9 W2 b0 G% X) w, M
0040338D 50 push eax
5 s+ ~7 Q2 c* s: x6 V; j( F; j+ F n+ Q0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX9 a0 `& f1 A R* |! H! p V" i/ H
00403393 83C4 04 add esp,4
% v, v! C, x* C* O& J+ [9 [- K00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]# M) q3 Q7 N3 E$ d/ W
0040339A 8BE8 mov ebp,eax ; EAX送EBP
1 ? s1 Z3 r; U* `0 ^. A, H# h# X4 {0040339C 6A FF push -1& @# Z6 z8 Y! O( P2 L9 u
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX6 ^0 i( [ _7 s/ J& Q1 ]# d6 f
004033A3 6A FF push -1
0 L3 d4 a x4 _5 ]* K5 D1 {2 [004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
& K+ ^7 C+ o1 u3 o004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX! F6 h, w$ R- U6 N9 l5 }; ^! B
004033AE 6A FF push -1% k- c! u# W% M- v4 N
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX+ C$ w# ^0 P" x7 X. H0 @, F8 `; c" M
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
( R8 p: @1 F7 G* G) f) j004033B9 6A FF push -1
6 Z7 E# w$ O" C, D004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
* j" B0 u) O6 z# V004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
S0 C: v$ _. B8 `4 @9 u004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX/ |1 r# D& d2 b. @' G2 F1 b
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX9 H; d* M+ p8 O& U
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX& u7 B8 ~( j5 n: @4 g
004033D7 D1E0 shl eax,1 ; EAX左移1位8 b2 a5 h- ]; n, ?* D0 y
004033D9 99 cdq ; EAX扩展' X9 [5 r$ o: d6 x% T7 K/ f
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
- R8 P+ j; g/ i! G6 @004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较8 ^& j( o7 g- C/ W R
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
; J( w$ r) i# {# F. e004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A2 J2 w7 |5 ^! M$ l8 N) E5 e
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
" Z+ B d0 A% a0 T: e+ q" R004033E9 EB 2D jmp short qsr.00403418
I' r5 r9 L; a# I6 m& m004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
D2 k7 z- L" w004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E23 U+ h0 k" M9 N k7 x- r& n7 x
004033F7 99 cdq ; EBX扩展& B! g5 C2 Q- U: y
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
2 Y, g$ \% K! b9 x. Q. \! N004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
( ~# N2 Q, S$ T004033FF 2BC2 sub eax,edx ; EAX减去EDX
9 i6 K- ]6 F! j4 M/ k. L00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]& X9 L7 u& g- {* G0 \/ Y: S2 z
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
% b7 x$ l9 F. f+ y/ n00403409 99 cdq$ L3 e9 e0 R- y7 f7 [' E4 V2 e
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
; v1 p2 C. Y3 N& v6 p3 |: ~0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
# e7 N- z8 Y! H7 h8 c$ G00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
; G; d3 u; \! j/ w. \00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
/ F5 r; q q, V( }9 \- `00403418 E8 6EC00200 call qsr.0042F48B ; $ m7 n$ c* A$ B. [: p
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 y Z) A, ]! N- H& K! j/ \00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9& N5 _' A% F0 x2 B2 \: p9 K
00403426 E8 60C00200 call qsr.0042F48B) E% l4 A0 S$ J2 m
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]4 s. p/ L1 d8 X8 I
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8' u& |0 U2 F5 t
00403434 E8 52C00200 call qsr.0042F48B
' u) @6 D3 f- D. K6 l, P* G, g00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]" p" L' H# M! Z, s* ^ q
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
6 v1 _/ V v u/ T, a, v5 f% O00403442 E8 44C00200 call qsr.0042F48B* R. A6 `+ ^* s1 t; o
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
( R, D1 @* E+ ^+ c) B) d8 m$ `0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6: k9 Z8 g! W E( ~* d1 K/ ^! [, d
00403450 E8 36C00200 call qsr.0042F48B2 i' E0 |7 L; j _* @6 S
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
# P2 ]/ b; K! W S' `; C00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
+ m! g; L. u' N* R0040345E E8 28C00200 call qsr.0042F48B% t# [: y1 D0 P1 P* p" R; j" y
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]: O5 O- x/ E; D" E" e$ G
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
" F. [ Y1 N, H+ p0040346C E8 1AC00200 call qsr.0042F48B8 c; Z% d9 @/ M2 t% Q/ ]
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
! i1 K& i7 R7 d% x! }$ j00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1' \7 g6 o' e+ N- g o
0040347A E8 0CC00200 call qsr.0042F48B
0 a$ f, t& Q3 Q8 X; T- |( S0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
: M% E9 l* Z# s+ P4 |/ p' V+ E00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
1 W4 G: A6 _0 L& [# r00403488 E8 FEBF0200 call qsr.0042F48B
$ h1 m) l! z7 I( Q0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 K. ]# U" d7 c9 z: k( e- Y1 x- i00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-13 [" @ k: v6 C6 w1 Z2 P& k% p
00403499 E8 EDBF0200 call qsr.0042F48B
; Q" d8 X4 ?0 q' E7 W& e0040349E 32C0 xor al,al ; AL清0
8 k: `0 n9 G, c8 C7 [. s3 X5 H004034A0 E9 88000000 jmp qsr.0040352D
1 F" i% h! v' G7 {* D2 [9 y004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
4 r# a9 U, E! s5 j/ {004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
0 Z6 P! u2 e6 T5 h004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
, N2 z: o0 a4 Z& L004034B3 E8 D3BF0200 call qsr.0042F48B( L5 y# ?/ u2 @/ U% |) `3 s; B, z
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
2 Z% Q/ i2 [% M3 ~+ e% ^/ F004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8* {1 ~) c- Q6 i0 s8 u& Y% s
004034C1 E8 C5BF0200 call qsr.0042F48B
* c* P8 {" [9 p004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 B& h+ ~: z6 P; r1 R9 \6 f( X1 H2 r0 a
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],77 {1 j& H7 X! w, f3 I! k
004034CF E8 B7BF0200 call qsr.0042F48B
% K( Y" }. Q! t3 x5 N004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]5 R) z% b: l q$ z, g
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
" S7 N8 @0 K9 f. V5 |004034DD E8 A9BF0200 call qsr.0042F48B
! R0 J/ _! T7 E. L( x3 R! n% {004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
0 V* n. B& a- \# R004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
& Y9 h# r5 |8 L. h# T+ i# O) h004034EB E8 9BBF0200 call qsr.0042F48B* `/ `: ?8 L- R+ i" n
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]. ]4 T; e- Y) ^% K1 B1 n3 q/ [2 T
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
. ^8 s! f1 t$ }8 g: [, g. K) K3 v004034F9 E8 8DBF0200 call qsr.0042F48B6 o% K+ U8 N: w h2 Q& T4 w
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]! w: s0 x. u2 g2 V6 M
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
& E% b' A% Y$ f& N3 y00403507 E8 7FBF0200 call qsr.0042F48B
. n& f1 p* B4 ~3 J$ L( `0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]3 O6 [' y7 a7 {+ @- o* I2 R i0 k
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
$ K0 x1 ~3 V! m/ d00403515 E8 71BF0200 call qsr.0042F48B
1 l1 D! v, q4 I3 p# P0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
" N6 |6 r( e5 W8 m0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
5 o! u5 S9 ?5 T: `/ n00403526 E8 60BF0200 call qsr.0042F48B6 r: l: ]) B# d C% W. A0 ]
0040352B B0 01 mov al,1
& ?# k( m. `( K# V% [0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
5 X: a5 `" u# C00403531 5F pop edi
a0 x v( `5 E. j/ O K00403532 5E pop esi& i$ b2 W# M' _" M% f
00403533 5D pop ebp2 E6 k; v. R4 m6 i
00403534 5B pop ebx2 a' _2 _% A9 z& W: `3 P. d1 d
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx; E7 z5 _$ K P5 |, O
0040353C 83C4 30 add esp,30
' M1 ?& d; X+ Y- S7 ?& F0040353F C2 0800 retn 8
8 E% m4 T7 i* O/ B9 q--------------------------------------------------------------------------------
# N0 L+ I2 h1 ]【破解总结】8 C" l! N" M/ Q% h( i
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^7 x, s1 V8 k! s. E
用户名:yijun: [( z# Y7 @9 X- U8 w+ ^: H" q
注册码:4893*7777*3726*7777*0529$ b; f: o) T2 H
--------------------------------------------------------------------------------
3 d, m0 H; A" q- Z8 B【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡