|
|
|
【原创】破解Quick Screen Recorder
f( ~& _! I5 M( O7 L【破解作者】 yijun Y( S1 O5 M2 J# M; M6 n; q# ^% C
【作者邮箱】 [email protected]
* E- @4 @4 \7 m. L【使用工具】 OD,PEID
5 D: Y4 m1 X7 n【破解平台】 WinXP
/ T, \+ ~% o- b: n, g【软件名称】 Quick Screen Recorder3 s) `, b" t6 G% ~( t
【下载地址】 天空
9 m7 f# R5 S \【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
6 R6 i& {8 l/ y( i【软件大小】 540K4 J; r" \: n2 w6 X+ ]5 g7 a: O
【加壳方式】 无, C9 \# T& A, }! b6 }
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
# a) P7 N$ o4 j# Q6 O" V6 j) L--------------------------------------------------------------------------------
% o4 r | J8 Y/ F/ y; L/ H( P5 t7 H【破解内容】2 n' g0 t6 I, y- ?, g5 b
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
7 S" C# h1 n6 C# G# l00404C69 55 push ebp //在此下断, R+ b& E7 m% b
00404C6A 56 push esi1 B# T# x% Z& X4 \* A- D" h; B. D8 C
00404C6B 57 push edi! `8 v( i3 C: x
00404C6C 8BE9 mov ebp,ecx
# G% W2 X( A2 p& {: d00404C6E 6A 01 push 1 O" A6 @/ ^' c
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
; `/ t0 u+ \1 q0 ~ R) ?3 V8 }- ~00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
: R4 |) ~; @+ c. c& w00404C78 8BCF mov ecx,edi6 _ V4 x' g/ Z
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码5 E! z9 C* b5 n, H* I2 L
00404C7F 8BCF mov ecx,edi W1 I5 G. @% }+ V2 {
00404C81 E8 A73E0200 call qsr.00428B2D
* D( k+ A& C. e4 ]# X5 a/ p00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]1 n9 a7 r" ?6 j# i" ]0 B% k8 d1 p; P" m
00404C89 8BCE mov ecx,esi
( c. U5 g6 f6 K00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
: l& g, ^9 }$ \0 U' i00404C90 8BCE mov ecx,esi
9 l' [. n0 G. b' w6 H9 W) b }7 \00404C92 E8 963E0200 call qsr.00428B2D# Z% x. b2 Y; ?2 l
00404C97 8B06 mov eax,dword ptr ds:[esi]5 \6 T; N* j1 A& P
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2$ T; j5 l* Z- Q4 Y
00404C9D 7D 26 jge short qsr.00404CC5: A3 ?- ?9 ~2 h+ z( G- j6 r) v
00404C9F 6A 40 push 401 x" v- N5 q m3 C# r
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
. k: g) p: G4 O7 { a00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."! g7 X. V0 V4 C, [# X5 u
00404CAB 8BCD mov ecx,ebp
; C: W( _+ k5 N2 w# F9 [00404CAD E8 C3840200 call qsr.0042D175. \9 b% _5 s: `- N& [- q/ l
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]3 b# T6 o, }8 r+ d8 u0 |# A
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx* i+ ]2 s. R+ o V
00404CBD 5F pop edi
& s, l6 [: G8 G9 \) A. Z. Z00404CBE 5E pop esi
* z3 I, z4 L8 D' X* n4 P00404CBF 5D pop ebp
9 q% |; a$ u* M) D00404CC0 5B pop ebx; g6 X l0 l& m9 @# C6 j
00404CC1 83C4 18 add esp,182 h U) h5 y8 n* k4 R' _
00404CC4 C3 retn2 _2 |$ @- Y5 S! b! ]5 q" n
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
8 [, o r+ F9 u* g8 \" X00404CC8 84C0 test al,al0 _( c' _/ v: D) i1 w% W
00404CCA 0F85 1C010000 jnz qsr.00404DEC
+ M0 {6 C% C# c" G1 T00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* [% Z2 F6 W; y/ |; r! _
00404CD4 E8 87E3FFFF call qsr.00403060
) \" ^7 I7 F p: w/ E/ M* U6 W00404CD9 51 push ecx Y Y, z& x! @
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
3 D7 o. Z$ k' d00404CE2 8BCC mov ecx,esp
, m8 |, ]$ a. _3 ~- m00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
2 s9 V7 f% w3 z6 ]) m* N9 m* B00404CE8 56 push esi
7 K3 P- G0 H( ?( B, ]* {" e00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
: U. }' J6 d' c$ A3 a: H# k/ i00404CEE 51 push ecx
& G3 P& T' S. }. p/ _4 \00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
( {3 j* L' A& Q. |) I; Z00404CF4 8BCC mov ecx,esp
( y# ]% O5 |( P3 K6 [0 W00404CF6 896424 20 mov dword ptr ss:[esp+20],esp3 M V @6 T5 _# ~) i7 ]+ r
00404CFA 57 push edi
W' |. q6 [! k1 _5 w6 X00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是01 Q r3 [6 q8 r6 U* R( k
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
4 W2 b* M {2 [0 i$ B4 r2 X, G00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
# N6 T K0 t( p: t00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
6 D* g: A* t% i2 P B00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
' B' c8 v; M9 U+ ^ [$ ]00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~8 t) A& \6 R5 L/ [3 t
00404D12 6A 40 push 40
& s" Q* D) S& J7 _. k00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"0 G5 l# B. g' S# u% R! p6 u' I
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."+ ]# \1 L! r+ d
00404D1E 8BCD mov ecx,ebp9 |2 I: T% Q9 m3 H5 v
00404D20 E8 50840200 call qsr.0042D175: S4 k! k: v3 o! d+ [: K% W% n
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ B. d4 z |$ O8 \# E! B( k* p
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-16 B! ^$ h% V' W' c$ W
00404D31 E8 5AE3FFFF call qsr.00403090! @- q% ]" c7 R7 a3 e# ~( ?
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]" Y7 w3 M6 N, d2 \* F2 j D0 ~6 s$ U* H
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx" M% E {/ e9 ?( @# e
00404D41 5F pop edi% [9 k3 s/ q% R
00404D42 5E pop esi
- X ]+ E i0 w* h00404D43 5D pop ebp3 e) J% ^' A$ e; `! ~& Z3 T
00404D44 5B pop ebx
0 S6 a; ~) c, @* b6 ]- V8 L/ e5 O00404D45 83C4 18 add esp,18
" L& @7 N5 E/ Z8 _00404D48 C3 retn6 u! A+ ^6 W) g$ [- a' U
*********************************************************************************************************************************************************6 ]9 R6 ]. x# `" N/ A5 [! r: S
跟进00404D09处CALL来到:
0 [% D7 A, {1 J- T004030A0 6A FF push -1 //一路F8下去~~~~0 ]+ L# y+ H- k
004030A2 68 C88F4400 push qsr.00448FC8
* J8 ~- H! Z: t004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]) B4 x( h" M9 l( n
004030AD 50 push eax
! c# X" F: M; U+ k; G5 a8 p& E004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
n _, m4 Z3 i) v: t004030B5 83EC 24 sub esp,24
" A" W. d$ b" ?0 q6 _* Y8 U( O( W004030B8 53 push ebx& b0 ?* E/ W) _1 U5 ^8 a0 ?& C
004030B9 55 push ebp
1 P2 f$ ~6 i6 @" z/ O p004030BA 56 push esi
# R! e) v. D$ x8 J% M8 y004030BB 57 push edi' |( F3 ?$ n$ s- h
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890") M9 w2 a1 N! b' z4 u+ Y* a b7 t% Z+ m
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]; d1 n( A6 ]$ ]7 K) |% h$ |
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1# _+ ?& b7 d' F) D# Y* e7 R9 d
004030CD E8 27C40200 call qsr.0042F4F91 i* z* [" s9 {# Y0 m* \5 j, R
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
# H" I; |% O3 M0 J% `4 O1 g. M( T004030D7 894424 2C mov dword ptr ss:[esp+2C],eax) _: a F2 d/ ~ S6 Y8 v& Z: [$ e
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
$ ~3 ~( A: q- z J004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
! `% |1 c5 u; o2 b* K+ I7 B004030E4 E8 905A0200 call qsr.00428B79
& I6 K% Q9 w1 Y' }004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]7 W5 G7 ]2 q5 M3 _+ I6 Z
004030ED E8 3B5A0200 call qsr.00428B2D2 X& _0 [" z" m8 N/ _" K, j0 Z/ k
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]; n9 ]% j7 j/ b% o4 ^' m% ?
004030F6 E8 7E5A0200 call qsr.00428B79
1 d6 y) o, J$ }) X004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
7 c, M/ N1 [. z# f" H004030FF E8 295A0200 call qsr.00428B2D
8 L9 s; h. Y: J7 t00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
( c( z$ p* H) A( g( s00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
% T( w- u. @& J' I+ H& a, F0040310B 83F8 02 cmp eax,2
0 U) t, n, Z1 c1 `' N% R9 B: D% { }' D0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
- P1 r# m5 c: ]00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
$ J! k1 k. T5 J) r% Y; `00403118 837A F8 18 cmp dword ptr ds:[edx-8],18+ v7 Q# i- n" t$ q5 N9 c
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
. L& L+ I5 R" Q4 E: k& \9 Y% w* ?00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]; ?) U+ ]7 S0 P
00403126 6A 01 push 1
( V% P5 E0 ^4 X0 q7 Z00403128 50 push eax
D% x( o4 j! p7 `, F00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
/ G5 O7 r9 c( A/ q; ]0040312D E8 C4550200 call qsr.004286F6/ R0 r+ v6 a# W( u6 W$ z7 A
00403132 8B00 mov eax,dword ptr ds:[eax]
% `7 ]0 ^* L D00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]5 U9 \+ r# s, j; {* G$ O+ q& q
00403138 50 push eax
, @' M8 A. O0 _1 P, \# l2 [00403139 C64424 40 04 mov byte ptr ss:[esp+40],47 E- d" G& s% Z, ]2 d
0040313E E8 4D560200 call qsr.00428790
0 g' ?! m6 S `; ?, q; _00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' l* J, a) W7 }8 j5 M3 x- g
00403147 8BF0 mov esi,eax7 K! V; q4 u; e
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
0 m7 E5 }/ o+ ]& b0040314E E8 38C30200 call qsr.0042F48B1 ~/ z( i7 J" l0 o" M
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
' S, I* q2 ]" e+ U$ c9 q00403156 B9 3E000000 mov ecx,3E! C8 p) o2 ~' e. _
0040315B 99 cdq
3 ?- E# i6 H5 y4 F" k. `7 j: `0040315C F7F9 idiv ecx
+ h2 [/ S/ O5 x% e0040315E 6A 01 push 19 ~* q6 d9 w8 z) J
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C], [& c. _: ?. n. |
00403164 8BF2 mov esi,edx
. v+ m4 k; I$ }, M" Z00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]/ i. j6 ?# H( o, f8 \. a
0040316A 52 push edx
9 L$ O& A0 ?$ d0040316B E8 0A550200 call qsr.0042867A
4 u2 J' t, ~" X& v7 R. z8 |00403170 8B00 mov eax,dword ptr ds:[eax]' {2 Q- [" i$ b. I
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ x: v3 A8 L3 [/ v3 v* T+ R: F00403176 50 push eax
3 g0 t3 F0 z# ]00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
, O) v% J+ B( `0040317C E8 0F560200 call qsr.00428790 p' c1 l$ j" l0 z
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]1 w* C, H( J0 y% Y' U& k0 @
00403185 8BF8 mov edi,eax, m! g( | h; |; w7 a
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
/ K% b; w' J" d! b6 ]2 z0040318C E8 FAC20200 call qsr.0042F48B
2 ?1 f' j- D1 ]00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
; D/ S2 {/ X6 v6 p00403194 B9 3E000000 mov ecx,3E- K. [7 Y; Q4 G2 @3 X
00403199 99 cdq7 |% q, N, a$ R$ F8 n6 S
0040319A F7F9 idiv ecx
f& w% M* n! @1 C; ^5 ~5 d0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
# E/ U/ x; s1 g- I. Q004031A1 894424 28 mov dword ptr ss:[esp+28],eax
' w9 N: H4 W3 d' }( N004031A5 8BCA mov ecx,edx
7 [, y9 ^& i) t& F, z$ s4 y, X. P004031A7 894424 24 mov dword ptr ss:[esp+24],eax1 u+ W# h+ v0 r1 `
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
4 f* ~1 l" n/ g+ \' a004031AF 894424 18 mov dword ptr ss:[esp+18],eax
5 B5 g3 w1 N( Q3 M4 f( c+ w004031B3 894424 14 mov dword ptr ss:[esp+14],eax1 X- l7 d, K( \, N: W
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
; u' @! J# ~ k- c" a2 f, ?004031BB 8BC1 mov eax,ecx2 Q3 g, O4 O! I& O, c: p
004031BD BF 0A000000 mov edi,0A$ `# M: \7 o+ N' z" a2 x: A
004031C2 99 cdq( `5 r. z. m6 K2 \
004031C3 F7FF idiv edi
0 T, ?# l. ^5 M+ J, @004031C5 8BC1 mov eax,ecx# _: s8 ?) }$ A1 }
004031C7 B3 0B mov bl,0B
9 z' S) k: a& o( B004031C9 0FAFC1 imul eax,ecx
% [! o; Q3 y# c0 u4 r( L004031CC 8BCF mov ecx,edi
' x4 p+ h1 g2 i- \: P( }: ]004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl2 g) @; ]! j: e' S# W. n) p+ P
004031D2 52 push edx
3 K! r9 o% w4 i. s% r; `004031D3 99 cdq
. |7 I6 T: ?' Q$ ^: }+ ^004031D4 F7F9 idiv ecx2 N0 S/ X6 J" a3 c# |8 S' g! j
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
5 i2 |. W0 Z& E7 J( m$ C004031DD 2BC6 sub eax,esi7 T$ a% H( a1 S; `
004031DF 52 push edx! ]5 A( D# R% D7 t
004031E0 99 cdq
- B" s6 ?2 F& t% k004031E1 F7F9 idiv ecx
0 \8 k0 Y" U6 w$ P3 Y" B4 g004031E3 8BC6 mov eax,esi7 ^7 B1 Y7 R2 m K3 H
004031E5 52 push edx5 k9 G: w u0 A! g( q
004031E6 99 cdq2 k! a4 E& w6 {; j6 l
004031E7 F7F9 idiv ecx8 ]: ]; V3 D) d, T
004031E9 52 push edx1 f. ?2 N* \0 q* m
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
$ y6 Y0 z8 U6 r5 |004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
4 e& \) s; c! C# @7 I8 C- ^* U004031F3 52 push edx% ]! Y6 p3 |% o) y# w$ v1 n0 o& |
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
, w T$ B+ h; y# W& @( }004031F9 83C4 18 add esp,18
: ?$ r+ g. `4 H% _9 H' Q! C3 S! l004031FC 6A 04 push 4
/ G' l; f. q4 l$ S1 j$ G& |004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
1 r! y3 Z# ~4 u7 {$ Y- C2 q% F00403202 6A 00 push 0
- r# t# {' \; G- Z/ c00403204 50 push eax
" ]/ L) I1 L# Y3 u00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) Q9 m& ~/ E7 F6 P U7 D* I
00403209 E8 D6530200 call qsr.004285E4* u: E* ?! q3 T/ q: b0 d
0040320E 50 push eax) p# I1 A4 t+ A4 d+ |' v7 H5 C
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]- k+ A- {4 |, A$ o4 ^
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C. V9 [+ }1 y) R; a% I
00403218 E8 A7C30200 call qsr.0042F5C4$ k. z; _' v- ^6 z4 B9 c
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( c1 d2 z+ v" h0 w1 D* O7 p. z00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
+ r* r5 C! X. C* M/ s% u00403225 E8 61C20200 call qsr.0042F48B
% I | }0 ]" h H0040322A 6A 04 push 4
% c0 r5 k3 |8 ^ O0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
& D' e, K; Y! ^4 o# J00403230 6A 05 push 5! D. ?7 ~% D. I' ^# T
00403232 51 push ecx
7 l+ f$ H" s; Y00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 W" u/ i) w/ v- g ^% T7 ?
00403237 E8 A8530200 call qsr.004285E4 z- P* R) C9 V( v7 L, Z
0040323C 50 push eax0 `$ _# Q" w6 v' i5 I5 a' Y& Q2 L; k8 ?
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" p) h0 `: N! |7 n9 p00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
( u' w3 G* ~, m# G7 K" S- y6 Q00403246 E8 79C30200 call qsr.0042F5C4
' D8 y5 y0 m7 H. F0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 {9 K3 j! s6 U8 r! `
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl: v/ `# k5 w3 R" ?) ^0 w
00403253 E8 33C20200 call qsr.0042F48B5 B& b1 ]/ y' L( \: b- _
00403258 6A 04 push 4+ @8 p1 R8 }- D
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
( O' |- {- b; n* `$ ~! C2 l' r0 f0040325E 57 push edi$ }6 w' l: k+ F) g9 v' J
0040325F 52 push edx
1 c6 \' l) ?. W h5 [4 v! Z00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
) L& W/ w$ t4 d3 j6 B; {! v00403264 E8 7B530200 call qsr.004285E46 Z( [6 D1 }& n0 b% s/ b+ Q7 _
00403269 50 push eax3 m |2 Y) F; T- R k$ v
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
2 j; ?2 \& z9 f" W, B' _; L4 m0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
( J- M6 N' x$ P0 t9 @00403273 E8 4CC30200 call qsr.0042F5C4' ~- [6 [ o5 F5 H
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
0 d i) v1 j; z1 y0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
! z) X- C5 P7 ~# g2 D00403280 E8 06C20200 call qsr.0042F48B
6 m- f. E4 U$ K% k. ?0 ?1 D00403285 6A 04 push 4+ q' e! l: n- v) f& @7 y7 A
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]( B) \& R( ], t4 H4 G5 v! i* t
0040328B 6A 0F push 0F/ K7 W: S) E' I8 M: y' V; F/ M+ U5 F
0040328D 50 push eax) G$ ^* G( q( p# ~8 S: `' l
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& ?, |: ^. [2 p6 L9 B/ Y00403292 E8 4D530200 call qsr.004285E4) W. i. Y' i9 p0 z# {) q5 S
00403297 50 push eax
) s- W2 @- P2 \! l00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
' A) c& X- D+ ?/ O% H" g$ C( r0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F8 }4 h" ]! r% `! i
004032A1 E8 1EC30200 call qsr.0042F5C4- g! |% Q1 x6 x; C
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]" u" _: [ G0 G3 Q% o. O/ z1 H, {& J0 \
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl) M( `! K* t! P" {. ^
004032AE E8 D8C10200 call qsr.0042F48B0 l* P! [' O( R( A2 Q( Z
004032B3 6A 04 push 4 B; G0 ]+ f, Q/ P2 A1 O
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]' T4 e; u! d( F `: R* t
004032B9 6A 14 push 148 K" q+ D9 \: w- o0 i6 x
004032BB 51 push ecx
N0 }% g# ]/ o$ }1 G% l: J8 l004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
: K- C3 X1 T1 L; p3 r004032C0 E8 1F530200 call qsr.004285E4
9 H* C, K/ o5 z, ?004032C5 50 push eax. k# ^5 q: h( Q1 e: r+ I) a/ {( ~
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* n! d- s5 L N" D004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
& f# H: `6 v" u004032CF E8 F0C20200 call qsr.0042F5C4; z7 \3 W, t: M0 }* s t
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]$ f- z/ L5 v+ Z5 F+ l
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
, M u" s9 g4 b" k5 A, F5 |004032DC E8 AAC10200 call qsr.0042F48B/ n! @# F. F4 \% P" Q
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI9 c F4 Z5 L2 v% x. f8 d
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX2 d! q. b1 b: P) ?; [
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL8 Z3 H3 g, A+ W$ ~
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL2 S0 Z2 p4 @, e
004032ED 8ACA mov cl,dl ; DL送CL# S7 ^3 `: k; ], U% y8 ^/ o
004032EF 3AD3 cmp dl,bl ; DL和BL比较
# {2 P) E5 b( S+ l004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)8 z: Y( }- H8 F2 e" q7 D
004032F3 84C9 test cl,cl6 S% e7 h) }0 O8 L8 C
004032F5 74 16 je short qsr.0040330D
# z( Z( L6 @2 z; |+ O$ b004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL9 j- W* I( f T/ `- m3 @
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
6 k/ g+ {' [& u004032FD 8ACA mov cl,dl+ Q/ l) F9 p, Z
004032FF 3AD3 cmp dl,bl ; DL和BL比较+ X. g; R+ @6 R. W9 R
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
- A0 b2 y. e& x+ Q6 o4 U00403303 83C0 02 add eax,2 ; EAX加2 V$ {$ o* Y+ ? _, t9 ]
00403306 83C6 02 add esi,2 ; ESI加2
+ X5 v! M8 T; D# h00403309 84C9 test cl,cl' q, q( D4 ~/ m# R1 V
0040330B ^ 75 DC jnz short qsr.004032E9( g& v7 M( {2 X+ m. {
0040330D 33C0 xor eax,eax6 ?: k" K* E' Z P \1 V( n8 O) @
0040330F EB 05 jmp short qsr.00403316
) \9 d& p5 H+ f2 p, T00403311 1BC0 sbb eax,eax' b8 b6 j6 y/ t9 ~2 {$ p
00403313 83D8 FF sbb eax,-15 G6 G9 n5 w$ o8 Y7 S+ T
00403316 85C0 test eax,eax
4 y& u+ S/ u. m# m2 S00403318 74 0E je short qsr.00403328+ {: _0 S0 {0 e) Z
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
4 G: K. n# |1 T0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]( N6 f3 ]2 \: c; L$ I" H
00403323 E9 F0000000 jmp qsr.00403418
; ?0 g) K4 m7 i: W/ _' G00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX3 X! Y6 L' C! z: M5 ?( M' N1 q
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
6 w! @4 T3 `9 k$ f; a00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]" v7 Y3 m/ B- j1 v# h' h
00403333 50 push eax
& Y8 i# [7 c$ y) V+ r h00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
$ A+ v" u- c1 l% N00403339 50 push eax) B9 R+ j0 Z1 \) V: r0 o
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
' V) S% o8 C6 |1 q1 c6 o0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
4 n$ G+ U+ D; N00403343 83C4 04 add esp,47 V7 o5 M S6 ^( a
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI: D" [8 V) g' H0 E Y3 D/ ]
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
! k( D" Y W( {; w+ }+ Z0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]4 [3 a6 |- i& V( _: l7 S
0040334F 50 push eax
& [1 Y* E1 N+ u {7 ~1 ^" X& Y00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
! w' A3 ^: Z. ]( e0 M! y+ v! v00403355 50 push eax+ o d# i2 ^ U5 i
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX0 B k* U# @ s K1 y
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
* N/ @% d" V9 Z0 Y0040335F 83C4 04 add esp,4
. V: }0 S3 V- L% Q# N00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI( I; c" u b3 Q# j' K; }4 L" s
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]3 G: q8 H! |) s" ` u
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]( l" P M8 B' k
0040336B 50 push eax& a# b; x& r6 X
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
N- Q' c4 r" Y' x9 M. H: x6 r: H00403371 50 push eax
% c6 i S) o% L7 i00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX; D8 @# Y& c* ]
00403377 8BD8 mov ebx,eax ; EAX送EBX1 X1 p8 M M# i( _# ^/ l2 ]
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
a4 e h- K p0 k0040337D 83C4 04 add esp,40 _4 `+ h; R- h2 @
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]+ Z! H8 f& ?" Z+ H
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]8 x+ V) B# q" Q/ T" x
00403387 50 push eax
: h7 ~$ i8 n8 g7 k+ {( [6 @3 K" ]00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
- N0 G5 A0 K9 h/ _0040338D 50 push eax
3 o2 y& O) P7 T3 u0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX: m# o) T4 h) l7 j& N
00403393 83C4 04 add esp,47 C+ ~* p3 t, b$ j7 {8 W2 D
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 G/ ]8 v2 S5 _" _9 V* M0040339A 8BE8 mov ebp,eax ; EAX送EBP& l0 [. h$ o: {7 W9 c
0040339C 6A FF push -1$ L, [9 G/ I+ S/ h* r7 W" W
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
, s- V' D8 E5 p' E( f004033A3 6A FF push -1. c- R/ ~+ I, Y# q+ i
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
& C" |; n1 z6 D) Y8 n; ^004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
- o; O0 `2 [! q, ]" R: Y7 g004033AE 6A FF push -1- F* V- E1 c7 p9 E
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX( j3 B8 P/ e6 f' Q# O* k# ]
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX: o. O7 |* X' _( H) V+ M
004033B9 6A FF push -1
0 [9 @& H& e* \8 J) d004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX8 o( F- b" n* x! i7 v
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX, A8 H; F$ i' [: y! e, {0 j# F
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX$ b! [( z7 \( U( C" o
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
o/ r, @- g& ]004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
0 ]# d5 Z3 B! y* I004033D7 D1E0 shl eax,1 ; EAX左移1位) H# V' k& E5 l1 L
004033D9 99 cdq ; EAX扩展
8 t* P, R2 @. \8 f% C004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中/ g# T- o k/ w" J! C* H: _) p- T
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
n7 ?+ r0 Q: I, e4 L004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
+ h. Y( R) O4 N# m004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A( x$ v0 N, @6 p' y1 g
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10], {7 g2 H4 u6 G& _
004033E9 EB 2D jmp short qsr.004034187 f; e- ^0 N- a. a# R4 |
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX, Y5 y4 L0 m! L g' K4 `
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2+ B2 @0 U# a9 a9 w, l
004033F7 99 cdq ; EBX扩展
# f+ W0 ^ o8 V$ |/ S$ ~004033F8 33C2 xor eax,edx ; EAX和EDX取异或2 s$ [+ U/ X/ d( X
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX' q9 u, j3 M( D/ V( i2 d& b
004033FF 2BC2 sub eax,edx ; EAX减去EDX
5 K) g) Q8 _8 [9 D2 P00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]0 g5 Y2 j/ R* q0 j0 y5 M
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX8 {1 i0 G A8 Q5 z. `4 O, [
00403409 99 cdq
' I, H" D5 c ~$ V b0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
) S) q9 d' P/ s/ C. _4 \, N6 v. v0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX3 c$ d7 g" J$ }, |( d0 D3 q) [
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
8 l1 D* Y- n6 D4 N; Y00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)% R! Q0 j. `& y
00403418 E8 6EC00200 call qsr.0042F48B ; * ~2 {* i6 b& q, C
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ ^2 E5 N, ~* `0 U
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],93 m0 s5 ?1 i. B5 t2 A' j" z ^" |* D
00403426 E8 60C00200 call qsr.0042F48B
. q. f# }9 v( q! y- O4 \0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
. s' v2 ?5 t; ^+ k0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
$ J, T7 d1 e4 M00403434 E8 52C00200 call qsr.0042F48B
# t& f9 u' X: s$ x+ p! n00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]- {" r! d0 A- H) q; E, a N
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
r" E" l* S$ `( A% z* A/ v% B00403442 E8 44C00200 call qsr.0042F48B
3 }" t- `# ^ R00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24], `' P# C0 \- p9 j* ^$ o
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
`) g& Q& v2 [8 G& j8 N00403450 E8 36C00200 call qsr.0042F48B$ s, G7 n. Z3 P" Q
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28] g# ]2 a# n% z! i
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
- M9 a& m& m# h0040345E E8 28C00200 call qsr.0042F48B
+ q* @; X b- j( k6 I00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
9 i) _( l, k0 e9 P! s$ |; p00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
" S0 W2 G0 u; _. W- g9 l0040346C E8 1AC00200 call qsr.0042F48B
, `& }" q1 f$ ?$ s00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]$ k0 y0 j2 ^; l- r1 n( {
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
& N' s) U7 P4 G0 w( r. f0040347A E8 0CC00200 call qsr.0042F48B
9 j8 F" k8 s* u7 z( M# D3 M0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]! N0 |( C2 k9 i, T
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0% h4 Y5 Y1 n4 P; d7 }
00403488 E8 FEBF0200 call qsr.0042F48B5 \4 `. y# U+ S6 H
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]: A) v: _3 J b# L/ B, C. d
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
0 ~, v! k* l3 z& Y( i, r00403499 E8 EDBF0200 call qsr.0042F48B0 X" ?1 C' K W! F$ a% m4 I- @2 U* P
0040349E 32C0 xor al,al ; AL清01 O& U2 I ~% B/ p/ n4 d
004034A0 E9 88000000 jmp qsr.0040352D# }. M) d3 _2 E5 S! I1 _
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~/ x4 N5 Q! ]+ L
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" b* D* B: A2 x1 M
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
( ~; ^/ t7 f. v$ R( Z004034B3 E8 D3BF0200 call qsr.0042F48B
0 v; }7 f" `5 q- P7 J. A6 b7 v004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]# Q0 ?/ n7 N7 k3 d' p; C
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],83 R1 ^: j4 ?. y( T6 u& S
004034C1 E8 C5BF0200 call qsr.0042F48B
8 Q8 z X0 E7 j+ w: @: P004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
% x- g& _! Q" M$ L) q0 ^2 N0 N004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7# Z" P) }. M5 Y
004034CF E8 B7BF0200 call qsr.0042F48B/ j' e6 u t/ m9 e
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
8 C0 l! u% X1 s004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
8 |, T `; J3 s, C" E004034DD E8 A9BF0200 call qsr.0042F48B9 W+ k+ N+ d7 ~! a0 O& g
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
: H2 W f* J" z/ p) ]004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3. |/ C& T- }5 }2 x3 A( r
004034EB E8 9BBF0200 call qsr.0042F48B
0 q% P [' N! j0 w7 S* J" |004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]* H2 h( h6 Z6 [6 b2 D, M8 C# F9 f
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],20 M$ w/ a3 [; {$ G; P
004034F9 E8 8DBF0200 call qsr.0042F48B
3 `% R+ F) v7 @004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
7 {2 o0 t. X* K& e P00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],18 O0 I3 Z. B/ _' A* \# k' B4 V
00403507 E8 7FBF0200 call qsr.0042F48B
Q, S) F8 Z1 \0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]3 i/ u9 x9 M, V
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
8 y8 e5 ?) J- c( c& [8 D' \00403515 E8 71BF0200 call qsr.0042F48B
0 V, u+ j* W2 o( \0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; ?) q) g- F6 \2 K5 O9 Y1 [- x9 O
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1( A Q5 K1 `; ?3 Y+ ?' o7 B$ H0 k
00403526 E8 60BF0200 call qsr.0042F48B) c4 q% C1 L0 Q; ?' M: |
0040352B B0 01 mov al,1! t; T1 g6 `, Y( V. i
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
! D) b- {% x$ j0 b0 q00403531 5F pop edi
2 D0 N2 U- j& l0 U% O5 C6 q00403532 5E pop esi0 Q$ b/ i5 V) s) c& R1 O& N
00403533 5D pop ebp( s1 r8 b+ i$ T& O) F1 U
00403534 5B pop ebx
3 J" U* }: [& ]* s, x00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
7 T6 \ v8 s4 `8 D' y0040353C 83C4 30 add esp,30
- V, y& x9 ]( o7 @0040353F C2 0800 retn 8
5 x! S" [: Q3 P+ A$ w4 Z# o4 z--------------------------------------------------------------------------------2 b# c$ e3 i" x& a
【破解总结】7 C6 F5 i; U6 G& `
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
5 m6 @" Z0 `. X6 H用户名:yijun) Q) z9 C; ]# H& X& X" }) j3 F% u+ `
注册码:4893*7777*3726*7777*0529, k+ r6 U1 U. w4 `" s
--------------------------------------------------------------------------------: b i: E7 v# s6 ]
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡