|
|
|
【原创】破解Quick Screen Recorder( u: \% N2 V4 x7 }* X. T, W
【破解作者】 yijun( q6 t( M x+ q
【作者邮箱】 [email protected]
0 L# m% B, ~9 v" Q$ N【使用工具】 OD,PEID, j- m# J& C' p. j a0 B1 E% k5 B
【破解平台】 WinXP5 A1 U; W1 J: N2 c
【软件名称】 Quick Screen Recorder
O7 i( U- h& m/ i* I. O7 H' D+ s0 G【下载地址】 天空
4 D7 n" ^4 U, B% H- @【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. - o9 i, p- K1 @/ q, { F2 B
【软件大小】 540K) A: c) t1 e# W% U, m# b; g
【加壳方式】 无
; B2 m9 g% G: F9 R【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)2 D/ |; X( V) D8 {3 D5 q" Y, G
-------------------------------------------------------------------------------- ?# s# j2 p6 k9 f, T0 q" W
【破解内容】3 S& X3 `6 @& A* d5 e- u
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
- Y2 }5 s4 i( w7 B" P00404C69 55 push ebp //在此下断
4 N# Q+ ]" w; f6 V5 I7 z00404C6A 56 push esi
. ]& T6 ]1 n! C- U00404C6B 57 push edi
; S$ H) {$ a4 @7 s7 w00404C6C 8BE9 mov ebp,ecx) |( n# k) }5 T8 x z$ N! P- p
00404C6E 6A 01 push 1' Y1 `. P, b; M# g7 \
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名+ m) ^! g4 p4 L; W
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]3 d8 ^) i! Y9 ]( s
00404C78 8BCF mov ecx,edi$ v" Z6 z" O3 P4 |4 |
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码$ S6 }, l! @/ b7 ]% }: A
00404C7F 8BCF mov ecx,edi
: q, ~' x: Y8 {8 n* N8 `8 |4 l00404C81 E8 A73E0200 call qsr.00428B2D
- Z* ]6 d7 K& r$ j# X* w+ @) F00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
$ ?! m: s, s/ U, y9 B; D00404C89 8BCE mov ecx,esi- b5 z& B5 {& C
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX3 G" a: F1 E( n( D/ l* ~4 B
00404C90 8BCE mov ecx,esi
8 r/ O9 q( k7 q3 ?3 }9 c+ R, C00404C92 E8 963E0200 call qsr.00428B2D
9 {$ w8 I1 b% S s3 d00404C97 8B06 mov eax,dword ptr ds:[esi]
/ B( X* h/ T S00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2* P4 d/ g# Z* {5 @5 q/ M
00404C9D 7D 26 jge short qsr.00404CC5( i; [: R2 U) L5 O7 ?9 b
00404C9F 6A 40 push 401 v) t; F. ~" ]0 \/ q
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
& o0 t$ m4 k( V9 a00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
' J. P5 `( N) A2 p8 n: W00404CAB 8BCD mov ecx,ebp( p2 P( @4 A( i: M6 [1 `
00404CAD E8 C3840200 call qsr.0042D175
+ Q P# }6 f/ K00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]1 |' o& V: w' X
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx: P" T* X$ F* x( F6 `
00404CBD 5F pop edi
Q3 R# R+ S7 T00404CBE 5E pop esi
1 F. v8 N H0 W4 t$ d9 V00404CBF 5D pop ebp+ @# |/ E3 N7 y( J3 ?
00404CC0 5B pop ebx- q" c* ?1 A5 K' ^0 I& n
00404CC1 83C4 18 add esp,18' R% v9 U$ u; N/ B9 _) L0 m; R$ s
00404CC4 C3 retn
: y& Y+ B5 Z6 I# \, N, ~00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
/ ]) o+ p4 M+ t7 p; V9 Y" t# ?00404CC8 84C0 test al,al
: Y0 t( c( b2 g% |3 p0 N00404CCA 0F85 1C010000 jnz qsr.00404DEC
- k! D @( }/ t% ^00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
2 J5 M- _' z% e00404CD4 E8 87E3FFFF call qsr.00403060
+ K7 z3 L& V e* c- c- \( [) i00404CD9 51 push ecx
- X- c, V) o: f! H00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
/ e5 O \ g6 k) m4 {* f& x @00404CE2 8BCC mov ecx,esp
0 Q `1 S; b: e" G' R, q$ r00404CE4 896424 14 mov dword ptr ss:[esp+14],esp( ]4 N5 X9 ]0 l5 \' r. U
00404CE8 56 push esi5 Z% c2 n& \6 M: x3 h
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是02 N& X3 ]! T3 Z' r' a/ ]
00404CEE 51 push ecx
% g" F2 J: W2 R" e9 }00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],12 L7 E* t3 R7 l+ L
00404CF4 8BCC mov ecx,esp
$ w% j, [5 n9 p1 P* [00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
U1 k- B, [4 i6 H9 H' N C00404CFA 57 push edi* h2 W$ y! S- E$ y, J& X2 ?7 ~8 P0 g
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
6 n7 y8 b5 U" K) ~4 |, J" V00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C], e, f' b1 U' y& H4 ^
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0$ b! X' `9 q5 y$ s8 ~8 I0 O7 a
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
W$ E, i) A* [& V, {00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~: h3 p! z$ `# D3 F; S' B2 C) V* @
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~: V% R. M/ W+ I2 [2 B
00404D12 6A 40 push 40; f4 K1 Z5 @) i
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
$ r- W( r% q$ w00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."5 E0 G# N! k4 o. c
00404D1E 8BCD mov ecx,ebp) x1 v7 [ n e8 X8 W
00404D20 E8 50840200 call qsr.0042D175
2 b( [8 t$ f. w) P; W6 u8 R00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. h4 [. r( p+ h& c6 R" r$ h* e
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1; u& w6 V2 C0 x4 a) b
00404D31 E8 5AE3FFFF call qsr.00403090
$ Z5 X: F9 r4 N" g7 W3 N; X00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]) ~5 w8 G0 F& Q# @7 }
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
|" U5 b7 H: O$ g00404D41 5F pop edi
0 a) g% o1 H8 G- L& L& d( {9 w00404D42 5E pop esi
. u0 q1 M4 p1 H6 X% e! s00404D43 5D pop ebp- t% t7 u a- ]- n# |
00404D44 5B pop ebx
0 m6 H3 l1 }4 A' \* E00404D45 83C4 18 add esp,189 u1 r1 p* B0 H: _5 U
00404D48 C3 retn
! O) m$ R, {9 p H2 Y8 ~*********************************************************************************************************************************************************8 U! J2 \) G. g* [
跟进00404D09处CALL来到:2 [7 V3 A3 m: U" _7 U) G+ k9 }
004030A0 6A FF push -1 //一路F8下去~~~~: M! M7 J% b1 T: S
004030A2 68 C88F4400 push qsr.00448FC8
* t; f, b/ I& ?4 _# I7 b004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]3 p$ q6 T$ P8 ~6 x6 s0 `8 [
004030AD 50 push eax
" f, p3 b. n, w9 M6 m9 b004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
$ C4 ^/ U8 l7 C0 r4 [4 J! v, Y! L: p5 a004030B5 83EC 24 sub esp,243 r7 f m/ L& d2 _; |5 P$ I; X7 f
004030B8 53 push ebx
3 g D2 G, R: @5 G1 z004030B9 55 push ebp% H6 p/ u4 U* ?+ s
004030BA 56 push esi
& k# V9 X& Q% t3 R; s: ~" ?# U004030BB 57 push edi
* Y {3 c2 O/ c6 L% Z004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
, X# a) w& B, b( z9 P* }7 d' X4 L004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]1 n4 j; e5 t8 m$ N
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
1 l o( l; M p2 W% D004030CD E8 27C40200 call qsr.0042F4F9
a5 Z$ L4 k( b: ]6 m+ ?* V004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]# }' ~! ?5 w' [) @, x/ ~
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax$ D! a8 h0 g2 Y& U$ }. [- @$ n
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]* X V) \" N' F* l) Q
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
- o r% K, _+ G. k7 N9 w004030E4 E8 905A0200 call qsr.00428B79
/ [/ r+ [# i. K( Q) P# x+ |004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
6 K% `! D/ i) Z5 p& P004030ED E8 3B5A0200 call qsr.00428B2D
2 M8 | {3 B1 Z; ~ q1 o$ N004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]1 E6 t# y3 z3 b! f
004030F6 E8 7E5A0200 call qsr.00428B79
8 P( Q! f @* M* b' _- `004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
* y" u; W- i9 z/ K: X4 x004030FF E8 295A0200 call qsr.00428B2D0 i& Q1 {) g: G+ g9 \
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
) b6 L" l! U; B$ m, x& H00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]+ s* ^" D: a; r
0040310B 83F8 02 cmp eax,2
3 U1 y; o( V, f3 Z+ e' V2 G% V0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳; o8 Y( x9 h. l3 w: M3 e ~: D
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]( e' d; w3 O7 h. w
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18# S' p- o C2 e9 P' q; o# \1 J4 |
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
4 ^" g& @: s4 l6 K7 H' `00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
, I8 C7 l J r* w/ s0 j+ f3 @00403126 6A 01 push 1
: I; V& Z, M4 J+ v) r4 F# g00403128 50 push eax
8 k1 u( c! r+ t* h' x00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50] R3 r0 o- o/ v- |* e: ~: c
0040312D E8 C4550200 call qsr.004286F6& N0 f& M) a e5 G" y
00403132 8B00 mov eax,dword ptr ds:[eax]
6 L& L6 a$ R: i6 ^/ P+ k00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]" x* m& i! |+ k. Y
00403138 50 push eax
) d5 y0 ` e! E% H/ ]* C00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
m" q+ m" i5 e+ ~# Q- H0040313E E8 4D560200 call qsr.00428790
0 j0 c4 G; Q' o, m+ I3 m! }00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 u* K5 C/ s+ e% {' e00403147 8BF0 mov esi,eax& B- n, t" r" \% Z' @
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
2 ?1 `' E" |. Z# |1 i# U9 b0040314E E8 38C30200 call qsr.0042F48B
0 {$ `/ H, r7 e0 b6 ^) ^# w/ A# G00403153 8D46 0A lea eax,dword ptr ds:[esi+A]* `! K0 g- Q7 K& n& |5 J |* [
00403156 B9 3E000000 mov ecx,3E
9 w8 i* Y. L; ~: Y" j2 `9 |0040315B 99 cdq0 }. R7 K! @' s' B
0040315C F7F9 idiv ecx
' [$ l1 a f+ d0040315E 6A 01 push 1
0 k5 Y; q& E8 D j2 f3 S# ?00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]4 c* G( V% q! v6 E, W, J* W4 D
00403164 8BF2 mov esi,edx4 E3 i# l' Z. K1 u" j. W
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
- h8 Y& r4 m% i4 |* |/ w9 V6 l' [0040316A 52 push edx# d7 r/ {; a# D+ t9 `
0040316B E8 0A550200 call qsr.0042867A
9 Y$ q% F- s3 E; `! Q00403170 8B00 mov eax,dword ptr ds:[eax]% t6 J- _* B/ n$ _) r) Y' m# h& i7 S
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ R8 M1 U3 b* p1 `; R00403176 50 push eax
9 U* _ Z4 k( h00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
8 w G% K; S! B3 O" u1 r8 t5 f: Q/ v5 q0040317C E8 0F560200 call qsr.00428790
1 K( o q1 w6 l" `8 r3 @- t8 K2 h3 T00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
9 \4 L( O7 u. b9 `3 N3 D$ c00403185 8BF8 mov edi,eax
/ r0 k3 [) U# q6 v( Y00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3! `! n' _5 S4 _1 J! U: Y( g
0040318C E8 FAC20200 call qsr.0042F48B
( ~! @. T4 X1 f) `/ j) p00403191 8D47 0A lea eax,dword ptr ds:[edi+A]' y- {3 R; w$ |% S0 Q. w
00403194 B9 3E000000 mov ecx,3E
: r4 f) Q- s; o& m. l, L00403199 99 cdq
* o& \) H" j1 d6 c% y0040319A F7F9 idiv ecx+ b' Z$ X u% B1 ^8 C+ v" O, x
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
8 A0 U+ I- Z! K7 R* O. b/ X004031A1 894424 28 mov dword ptr ss:[esp+28],eax
' N F& D) c3 C$ ~. e0 S5 ?& i004031A5 8BCA mov ecx,edx& H" H+ G3 d5 F6 H$ y, S
004031A7 894424 24 mov dword ptr ss:[esp+24],eax/ [. f, n$ f8 U8 d6 x4 [; b
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax8 ~; C# v5 {! M( A3 `! |6 R3 f
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
- A4 }# G4 ?9 b: e" I004031B3 894424 14 mov dword ptr ss:[esp+14],eax
- C4 a" }$ n+ i: ~7 r; z" O004031B7 894424 10 mov dword ptr ss:[esp+10],eax
4 v% f3 }: O: F3 ~: T. c9 z004031BB 8BC1 mov eax,ecx. u' L+ v, l) A9 R# R: y( `2 v
004031BD BF 0A000000 mov edi,0A' w! p% e& O( {& ?
004031C2 99 cdq
. L% N* P! n; z I/ ?/ O' O2 Q004031C3 F7FF idiv edi
- H* U: [3 E3 J, e4 f8 Y004031C5 8BC1 mov eax,ecx
5 @: E1 E) O/ k9 x004031C7 B3 0B mov bl,0B6 H$ D; K% h A" }: w; s
004031C9 0FAFC1 imul eax,ecx
/ v. G/ M3 e& M1 s v004031CC 8BCF mov ecx,edi- \$ D6 n6 c& o2 N, q; u! ^9 U
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
" U H3 k, f" ^1 v004031D2 52 push edx
0 ?! _5 j& X6 L# s004031D3 99 cdq
0 ~4 h- _; t5 J: q004031D4 F7F9 idiv ecx: Q# K% E( N" H6 K' d! w4 [7 _
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
. D. u* P2 |" J: S2 B004031DD 2BC6 sub eax,esi0 k5 t1 p3 _0 R" g6 U
004031DF 52 push edx# F1 n B4 F: ?4 D- K: Y' |
004031E0 99 cdq9 O. c* c Z9 z5 ]: e5 w
004031E1 F7F9 idiv ecx- L2 Y# w9 s: y/ k9 F
004031E3 8BC6 mov eax,esi, p9 q" X7 c6 z) a9 y
004031E5 52 push edx
* w2 B/ i6 C( l, Q% }) {& J004031E6 99 cdq
3 H0 v* U' s- e004031E7 F7F9 idiv ecx6 Z9 C; X8 z3 C$ q
004031E9 52 push edx; ~7 x7 z0 U# ^3 L0 H
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]3 \+ z# B; O n+ p8 |! I
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"* S( L! r( r. o& O$ s; E
004031F3 52 push edx: ~ P8 }% W, z' x& N
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
+ ? e p# b* |/ C. e0 ?004031F9 83C4 18 add esp,18* Q2 f" j+ Q0 |1 o( W8 b
004031FC 6A 04 push 4
+ J8 O% V6 h* i004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ Y+ D# I4 c8 }+ y4 k8 D. e1 J00403202 6A 00 push 02 p% `# U9 | B" U p1 H
00403204 50 push eax8 o8 P( f9 M1 k5 \' J9 i1 s
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50] V, \. f7 R: ?* C5 B; \" i
00403209 E8 D6530200 call qsr.004285E4
( ~' J1 c+ z7 P. H0040320E 50 push eax
2 h4 A" j1 T/ Y" o3 G' w9 U5 Z0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 @6 {: {3 y" S4 z00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
7 ]# |+ x0 D" V2 e+ q- j4 l00403218 E8 A7C30200 call qsr.0042F5C4
6 U+ ?# F5 m8 u* ^0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
; l6 V D3 \ a00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
; T" `$ j& W' k6 ~. h$ W- g00403225 E8 61C20200 call qsr.0042F48B
2 ], f. p/ _& u" F0040322A 6A 04 push 40 m* P. p2 I! a7 t/ n; q2 d4 i
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]" V1 c, u- o' `: F% Q
00403230 6A 05 push 5
; S, M8 X" k" f3 w00403232 51 push ecx; J) R7 J v1 h
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]$ U$ f( ]0 j( [; s1 a
00403237 E8 A8530200 call qsr.004285E45 k* {) E' k* g" p) h
0040323C 50 push eax7 R: y( \5 U C* G" O' v( P
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" A, C+ `4 f3 G! E d s( y8 H; Y00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
3 a+ ^7 D3 A- H/ j0 Y+ [00403246 E8 79C30200 call qsr.0042F5C4
* L8 f4 w, X: ^5 ^' u0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 Q T. D! i/ i* d' M8 R
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
8 p! c; _# B& r+ j# @ Y1 j; ~, u00403253 E8 33C20200 call qsr.0042F48B
* X: Z% F8 K6 B5 N00403258 6A 04 push 4
2 l3 ?1 H# U1 o1 @0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]6 u7 V t [2 H( A6 y
0040325E 57 push edi
. U: i% o$ l; g4 M) j; t! @0040325F 52 push edx3 W) ^ R& u- ~; f; [- h/ g
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) L8 k) ]" |% u5 w
00403264 E8 7B530200 call qsr.004285E4& o6 H9 h6 I* c+ N
00403269 50 push eax4 K/ i, s7 N/ y, a
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
7 @- r" w4 U4 |, c0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E8 M2 M6 i5 U' y* K- W2 N1 ^; {* h
00403273 E8 4CC30200 call qsr.0042F5C4
; P* L6 K8 X1 q! q- |00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 b9 \$ p( c8 U) g4 u0 i0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl6 h7 {6 w7 m8 s3 @, ?
00403280 E8 06C20200 call qsr.0042F48B
8 o1 h& Y* F! `00403285 6A 04 push 4+ o- v/ f: P4 w: W9 ]7 ?) p
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
" r0 n5 [2 i! D: k9 _0040328B 6A 0F push 0F7 i3 Y( E, B6 y3 {1 [# W: y! |
0040328D 50 push eax$ Y2 c7 |+ r. H
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]6 N. d( k9 h6 W; o% V0 s
00403292 E8 4D530200 call qsr.004285E47 k' O8 f2 X7 D/ t m3 f: h" f
00403297 50 push eax
/ H* X1 z: R0 f00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]) q2 Q. w) y% U+ J1 A' K
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
, O: R; Y9 @, G( c2 x' C( r004032A1 E8 1EC30200 call qsr.0042F5C4, A+ S; N* c, G( A, h; U
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]1 K4 Q& ]* {8 T) P: ~
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
- d# d* [% T5 C% j004032AE E8 D8C10200 call qsr.0042F48B' B7 c; ^- k: q+ t5 ~0 T, {- r) q4 ?
004032B3 6A 04 push 4
1 k Q5 O5 u# V* e0 T/ l# y. L' F004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]; V& X4 v# Z: _0 p
004032B9 6A 14 push 14) K3 }+ E: j# m1 n3 ~
004032BB 51 push ecx; ]/ R. s/ K' ~. ]
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]5 j2 O0 J0 D% V% U
004032C0 E8 1F530200 call qsr.004285E42 ~6 a) U0 ~' N& Y
004032C5 50 push eax, J' Q9 |9 l6 Q/ d" K
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]3 }* _- ^' e) F
004032CA C64424 40 10 mov byte ptr ss:[esp+40],100 J" V f; X1 L& W5 {; W# t
004032CF E8 F0C20200 call qsr.0042F5C4 _0 Y/ b7 G$ e4 d
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
. S7 y0 G( D9 t3 _' R( H2 [004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
1 D; D0 n, o; |, R5 g- `: }004032DC E8 AAC10200 call qsr.0042F48B) E& M& h7 t( }' T4 D3 L
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI4 O; b$ U5 [# n7 ~0 y6 e
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
$ C3 M. r4 f3 z- E004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL4 o3 d& C" E* O( f
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
% F% L' C' m, {4 U M7 C004032ED 8ACA mov cl,dl ; DL送CL# l( M1 n5 a/ b/ x D5 g2 `9 s/ c
004032EF 3AD3 cmp dl,bl ; DL和BL比较
7 i9 Y% w. i3 A4 |' z004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
/ c1 ^& N" c! x. b% n004032F3 84C9 test cl,cl: P, O5 R" `* i6 D" W7 ^
004032F5 74 16 je short qsr.0040330D
. v! I1 S5 H- Q7 l8 O/ E004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL$ e: l1 J4 u: V) j: c; ^' c. @
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL3 Y" [2 H8 m7 q, h
004032FD 8ACA mov cl,dl
8 p9 N( N, @. x5 v004032FF 3AD3 cmp dl,bl ; DL和BL比较
# w7 [" E3 J: W( m: w" y4 j00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)# `& G8 [; Q9 O t# Y: H/ y
00403303 83C0 02 add eax,2 ; EAX加25 X. m5 w8 Z6 y2 p
00403306 83C6 02 add esi,2 ; ESI加2
5 P9 G1 V, b7 u00403309 84C9 test cl,cl
$ K+ ~+ R' F& Z: y e0040330B ^ 75 DC jnz short qsr.004032E9. i' s6 }& R! \9 X
0040330D 33C0 xor eax,eax
# B. q2 ], j6 Q1 @ ]0040330F EB 05 jmp short qsr.00403316
3 X5 ^: e5 N9 @- S3 I00403311 1BC0 sbb eax,eax
3 w7 X7 z. P# n1 N1 y1 v/ W00403313 83D8 FF sbb eax,-1
" _ w, o. |( W8 K$ D- o00403316 85C0 test eax,eax
* R4 }9 _/ T& v; v2 c- v3 ?00403318 74 0E je short qsr.00403328: k9 V ?* j( ?8 b# G. {
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A" q' a* z0 \+ y* l. ^/ v
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
' Q! x6 m! P; }* O3 G, W00403323 E9 F0000000 jmp qsr.00403418
' g4 a- l; f7 l5 S% m00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX# E) w# E _. h. D0 P; ]# I, O
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
( U, L& r1 }$ c1 E00403330 8B40 F8 mov eax,dword ptr ds:[eax-8] n0 }9 \, e% c: K
00403333 50 push eax4 D$ p: q2 C! l% n/ V2 x! H: `
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX3 I1 z' Z! S% _# ~+ H& o
00403339 50 push eax
9 f% F) h0 @9 ^9 T t0 V0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX5 t* P# I& h' W" Y1 r8 x
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
5 v; W2 B# M5 U$ Q; [00403343 83C4 04 add esp,4
, `3 h1 }: v' [3 O00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
6 K3 E! b! l' r5 q# }! m00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]8 d" t. L% P6 y8 R- O% c' g Q
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
b; D3 N I8 u5 H5 \0040334F 50 push eax8 o; a, _( y' |9 O6 V: c+ L
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX0 H) u, m5 D; `3 n% }" @- G
00403355 50 push eax- `& N7 \! G& I/ A' D+ i% p
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX% p+ q6 [% S% E8 F* r
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
' k" y( U3 t( @- Q, R/ K0040335F 83C4 04 add esp,4
8 A- D. U) {7 @) h1 A3 s2 t00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI5 g* c4 r8 H3 \+ Q6 N- r4 K- o
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
/ m$ I( @$ P/ e2 o! k6 I g00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
! L9 ?. {- B8 T) W6 p$ u0040336B 50 push eax1 V( ]. Z/ j; |! [
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX. f6 j1 L3 X+ {% Q7 `: V( O, }
00403371 50 push eax! G- I$ C% Z+ L/ A- p
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX! G4 w: H8 r4 M5 T4 Z. d- V
00403377 8BD8 mov ebx,eax ; EAX送EBX
0 X1 l) U8 ^1 A; p7 V4 C4 H00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
- S& Y% q: H: u- H! E0040337D 83C4 04 add esp,46 e; a! j3 X% p, ]# V
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]: j' d0 c4 F$ G$ G0 g2 H, d7 M
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]3 l& F6 E, J5 x- O% G2 ~
00403387 50 push eax8 p N3 P$ A. H8 C( G
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
" _+ y4 Q& E) q5 ]' |6 Z8 {1 p; @/ K, P0040338D 50 push eax
/ y! y8 C9 Q3 S% {0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX% |( Z2 J3 p. B
00403393 83C4 04 add esp,4; ~* F3 H+ T2 w# W g
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: C) a- J6 s- i% }. K# ^
0040339A 8BE8 mov ebp,eax ; EAX送EBP0 f+ W" E% T' M
0040339C 6A FF push -1
/ ?) s4 U }) @$ `0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX4 e# |7 }6 F5 T- X/ E K5 _. W
004033A3 6A FF push -1
( {, D" }* W) ?' K0 e6 \004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX/ w* u* u' ~% E* h4 e; J- A
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
8 E7 q5 w) ^; A! R& }8 I r |004033AE 6A FF push -16 c. ?/ P* L8 j9 h% \
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX" E% n! J$ W2 m, w+ Z: w
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX! A6 O5 A% J9 ]
004033B9 6A FF push -1
) p4 g! I# h; J+ @$ J) ?% f; s' S004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX3 v$ I" \" @! K* U U) _- w
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
" u. n6 n+ \( c0 J. u004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
: _$ I$ R3 ` A4 ]( T1 S004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX% X X2 |6 I: i: {
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
C/ T1 O& ~( E+ N4 e o004033D7 D1E0 shl eax,1 ; EAX左移1位
+ L8 R# m$ Z- @" l( u m. I! N0 ^004033D9 99 cdq ; EAX扩展7 k8 N$ \9 V3 t N2 u0 Y
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中9 W. b6 V* C6 q- e& A% k& j8 U
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较$ v2 O9 e7 D- M3 H+ D
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)0 g' |4 f8 L8 [% Q3 `/ u! O
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
9 X; J; e- g, X7 r& `: p* @004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]5 N& D6 d9 Q) |# b& |
004033E9 EB 2D jmp short qsr.00403418- V+ T. R0 a* N& l5 P
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
+ K* _% ]# u3 `# w! l004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E23 i$ C0 }5 A2 L. [ S+ P: q0 M W: Z
004033F7 99 cdq ; EBX扩展+ @8 {; k! I% C! o; u" b& U: r
004033F8 33C2 xor eax,edx ; EAX和EDX取异或+ x/ W) u0 \; Z. P/ v% { d( J
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX0 I0 P3 H2 ?9 j" h: m" B3 e: W
004033FF 2BC2 sub eax,edx ; EAX减去EDX
% \1 J) @) ^* }& q; B p( V00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]( {; S9 J7 ~. f: Q
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX; Y+ T8 y/ {5 ^
00403409 99 cdq0 K' F0 h; ]7 _! F# X, P
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中% x7 u% j: A5 [; n
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
2 \8 v# O, A: N$ g5 s0 k00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
5 c" M$ ^: a( ?6 N" g8 I( r! l00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
6 ^, d! O5 q+ q: a5 q6 C# J00403418 E8 6EC00200 call qsr.0042F48B ;
: O5 a9 ?* L8 p2 @0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" e! Y4 h* K: k, Y00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
; `# R2 y: l/ Y# V# H _00403426 E8 60C00200 call qsr.0042F48B
# E$ D$ U5 l/ L0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" `! F. e: g. a- O0 q9 L7 |
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
% |# ~7 B# H* H4 m3 N+ u00403434 E8 52C00200 call qsr.0042F48B
X+ f( s4 x% v3 @9 Y00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
: L+ n7 E" L' [* D6 p4 p: U5 O0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
4 F5 z2 g- N, X. y. H00403442 E8 44C00200 call qsr.0042F48B4 ]) C6 y/ I$ e
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
1 G& x0 U, f& F1 g0 o0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
% @# r8 h- ~, F2 y8 B00403450 E8 36C00200 call qsr.0042F48B0 a8 |5 D' o. E# V8 V
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
1 g! x/ `5 ~7 J' [- n00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3$ A: R5 P) X J( J0 U
0040345E E8 28C00200 call qsr.0042F48B
& I ?* N& c; b00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]! e7 f3 c8 x4 t# f" m0 ]- H2 Y; |- `
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
' { W5 ]2 C$ L' V; M0040346C E8 1AC00200 call qsr.0042F48B( e$ `% i3 ?# n& L" m
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
+ e- s) U* O. T8 M00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
& P* i$ q- j- Y- j: v2 E* g0040347A E8 0CC00200 call qsr.0042F48B' B, `$ U( W g: W! M" a! x `
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]! s9 O: J3 h: e. Q3 v
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
( h& m9 W" ^8 e; S+ {00403488 E8 FEBF0200 call qsr.0042F48B
0 H" [. Q% l! T0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]9 y) T$ N# B0 A! R
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-12 U3 L4 s4 Q+ U2 e
00403499 E8 EDBF0200 call qsr.0042F48B
4 G. ^: a- {: a0040349E 32C0 xor al,al ; AL清0$ U$ K$ o( ]% G* U0 V
004034A0 E9 88000000 jmp qsr.0040352D) W' a- m9 @* @1 @+ h$ v/ Z
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
, E, Q- w" P& N/ i" Z$ a004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
' G, f: P4 d8 \* D004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
4 h; B0 ~0 ?7 _004034B3 E8 D3BF0200 call qsr.0042F48B& F' ]- F( P. L8 Q
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
& A l# C. v" H' B/ k: y3 A! }/ E004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
- c* K* l+ E6 _2 Z! \2 B004034C1 E8 C5BF0200 call qsr.0042F48B
$ t& e* s' o0 I; Z# S1 [# ~004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
* r) }! x, k, z. j$ S004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
# m3 G6 H8 h2 r6 ^* n9 e& O8 S004034CF E8 B7BF0200 call qsr.0042F48B7 h% {: Q. G2 n1 Z. O
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]1 m/ O1 A. R7 \# l; q# E% O# o
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
& |' ?% i8 i' _+ J004034DD E8 A9BF0200 call qsr.0042F48B
& Q" H1 ^- C Z2 Y: b004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]( V- J2 Q0 H7 `0 O x" i1 i
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
+ F/ W2 W5 i8 O; `( M004034EB E8 9BBF0200 call qsr.0042F48B) e; _, Z7 l* u9 F& W+ U8 ]+ T
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]+ K4 C1 b* J j' ]( g" G. D8 |
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
! _4 D2 o) K( P% A3 j004034F9 E8 8DBF0200 call qsr.0042F48B
, a' \- X+ A T6 u' u3 ~$ W& c004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ R' s' u3 K% o, P00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
4 R( y% ^+ ~& L: V5 Y9 |6 J00403507 E8 7FBF0200 call qsr.0042F48B
' ?- z( P: {* G! X' p0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]; L6 c8 f4 |% w
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
& \$ B, I4 A9 E: H0 @5 I00403515 E8 71BF0200 call qsr.0042F48B/ |" K/ @3 Z& u' H g% k
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
$ R! y& P1 \" ^4 ^# V8 d+ {0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1 B4 j1 \ c7 h9 w
00403526 E8 60BF0200 call qsr.0042F48B
9 Z& _" l: d3 {1 H0040352B B0 01 mov al,11 A' t+ b9 z) {2 b( ^# o) C; O
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
9 w. C4 g! D2 S7 }00403531 5F pop edi) ^# G% P, g H' x
00403532 5E pop esi
; W7 p- O4 W1 u- c, a% p( X: P00403533 5D pop ebp+ Z: C( g1 `' s8 ~6 f( |2 i+ t* ^( h
00403534 5B pop ebx, t7 Y* R& {1 Q. B& d( C" j
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
: {9 y8 X9 R0 P# g) n g0040353C 83C4 30 add esp,30
+ o1 U0 G0 E+ l% T5 G! z9 v% U2 G0040353F C2 0800 retn 8+ v; C. G' J$ D9 X4 S5 `
--------------------------------------------------------------------------------
8 X* L/ ]" ]. o& E【破解总结】
* i+ d# ^3 o. m! F1 j 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^9 J9 s9 S5 g' y3 i* k
用户名:yijun7 U" t K5 l: }
注册码:4893*7777*3726*7777*0529
5 L2 A' u5 X& ]--------------------------------------------------------------------------------
& n" V& Q9 y- ^【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡