|
|
|
【原创】破解Quick Screen Recorder
: Z. c+ x* b2 e4 O- I. J【破解作者】 yijun
/ v" p+ z% [, \& y3 w【作者邮箱】 [email protected]
; I3 @! t, p" q# {1 H【使用工具】 OD,PEID
: a4 ^5 X( O6 C9 l% ?$ ~9 ~( z5 O【破解平台】 WinXP
5 `, f* q5 A" c: L! ]9 A+ I; n; Z5 G【软件名称】 Quick Screen Recorder$ o4 e/ O. N/ X( p5 F( l
【下载地址】 天空5 j) Z/ q4 ]" v3 M3 F' S" }2 `
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 8 o+ q$ T2 t( l. q1 J! N
【软件大小】 540K
0 g: Y8 a* X; B【加壳方式】 无7 |% q, U6 O% p
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)" S9 U+ Y1 A( n" |1 L8 W
--------------------------------------------------------------------------------( ~1 d/ E; ~% K+ ?+ N
【破解内容】
* G+ q- Q9 V" d0 M2 Z0 t! X) _ PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:! U0 u& Y# `- k5 @
00404C69 55 push ebp //在此下断
$ Q4 \7 n, I# r: C9 E% r6 ]: S00404C6A 56 push esi
3 p: P5 [0 S1 b' ~9 `00404C6B 57 push edi5 u9 I: P; l" z9 d$ h9 x& U5 a
00404C6C 8BE9 mov ebp,ecx
/ q! f: L6 \3 F4 V0 P0 ]" O/ _00404C6E 6A 01 push 1
' Q% u* @& d5 l3 h( S/ R& D6 f# v% b/ [00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名 V0 s6 H5 c) r3 N" _
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
" Q) P- c) f% s. v3 k8 s' \9 G00404C78 8BCF mov ecx,edi
! Y# ]" n8 g+ I$ r' v* S! O00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
3 t5 V2 y) K" ?- k- P- J" D: r00404C7F 8BCF mov ecx,edi o, i8 m/ m1 q8 s7 |' a$ R
00404C81 E8 A73E0200 call qsr.00428B2D" I( ^8 l' d, l2 L; H9 t1 Z" X0 c+ X
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
/ F& k% G) n! J8 k x00404C89 8BCE mov ecx,esi7 W2 m B( s; T% b2 g7 Z' e
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
+ F9 n3 L( D k( V00404C90 8BCE mov ecx,esi5 S1 x. r% k% h' R K. T
00404C92 E8 963E0200 call qsr.00428B2D
5 H. A. I$ H- F) g00404C97 8B06 mov eax,dword ptr ds:[esi]& N7 c5 a1 u# w" J
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],26 M: a) P3 ]6 m# W% W
00404C9D 7D 26 jge short qsr.00404CC5
! }; r5 N) x" ]: k: O2 b+ ?4 u+ B" S! X00404C9F 6A 40 push 40
1 w& Q0 H, B, t( V- j, n% Q00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"4 J! Q0 e% U ?. B, d( L- W3 t
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."5 E9 g- j: b+ Y$ Y
00404CAB 8BCD mov ecx,ebp8 l: F' D, H5 H( ^7 x/ w
00404CAD E8 C3840200 call qsr.0042D175
" l7 H# b. H. V5 t" ?% V00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]% A4 t, G' _( N# D1 @
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx) G- p5 T0 j0 l6 G9 `2 ~+ }
00404CBD 5F pop edi' p! A" f$ [. x0 V, u9 R' b
00404CBE 5E pop esi
- g& x7 [4 V5 X9 ?. m, Q' m00404CBF 5D pop ebp
, {: z+ I7 |3 i6 G00404CC0 5B pop ebx- K J ]& U1 b m# I6 B
00404CC1 83C4 18 add esp,18
# e5 H1 U# {% m3 q5 w% ~6 ?00404CC4 C3 retn
5 j1 L% n) f# c( ]2 T0 P00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]% u: t. F X+ D" m5 o8 _
00404CC8 84C0 test al,al
' {4 x# j% v2 | o# h8 ~: o6 K00404CCA 0F85 1C010000 jnz qsr.00404DEC
" ^* t o4 w" a8 }& c3 z" _00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
9 o- V& |( O) c) h8 [00404CD4 E8 87E3FFFF call qsr.004030601 I# z2 L! l3 n
00404CD9 51 push ecx
Y( b& Q9 M d' p/ [00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0( o* m/ X4 P4 p( n2 t! u
00404CE2 8BCC mov ecx,esp- G6 s- S& B: a {
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp4 ]( [/ L/ s9 v1 {+ E
00404CE8 56 push esi
2 ?" ^: r$ J W00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是04 `9 X! o# {6 ]( Z7 K2 ~
00404CEE 51 push ecx' `* V U+ @+ ?; K% h
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1* x7 F& ~( A, n x8 \
00404CF4 8BCC mov ecx,esp9 T5 D; w" B* S/ w1 s9 k8 ]
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp; q( q9 e2 r* W! a5 {6 u) G7 B
00404CFA 57 push edi- l; L/ `; C" K+ u) N
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
9 T7 ?* `* A6 g9 `0 B+ ]2 D7 y: Y7 }00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
' |; Z$ S& D2 E& M C00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],06 _2 _& q4 J- h) a: E0 A3 _
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~; I. k u! |, |0 d
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
2 e6 H. U+ J% U2 N00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~$ w7 c! t4 I; m6 a! L
00404D12 6A 40 push 40
! F2 ^4 F Z }! I" |/ O; n" c00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"3 g5 `7 T, W) E$ M0 d# c3 ~: b
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."" V: A7 e0 Z% ^% T
00404D1E 8BCD mov ecx,ebp
1 C3 F' i0 z4 u$ L+ l00404D20 E8 50840200 call qsr.0042D175
5 `& K' ~3 x; n4 w- C$ P) r00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
% w9 q( [/ b5 k$ Q* Z00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1: f) S: z: |$ L) k
00404D31 E8 5AE3FFFF call qsr.00403090. ~- { \( S7 A2 O( _
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
: l C# M0 `' i% O1 G00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
0 z# v, n5 W0 w0 y9 J/ T00404D41 5F pop edi/ T+ z& m1 e4 s+ d! m, q
00404D42 5E pop esi
8 e$ L4 Z. R8 x* n; F- `00404D43 5D pop ebp
% h" \: H0 O c K. d* s, J/ C; `+ E$ Z00404D44 5B pop ebx
8 n9 c7 J/ S: w+ F' D6 ]- g% C- W00404D45 83C4 18 add esp,18
M q5 w4 f: O _& M% m00404D48 C3 retn' [- ]) I+ H- W# \9 I' }3 k- r0 E" s
*********************************************************************************************************************************************************' V* N6 L0 a+ X$ [, q% w
跟进00404D09处CALL来到:. j8 B8 l1 _! Y
004030A0 6A FF push -1 //一路F8下去~~~~
; @; o2 ~' t, S& C004030A2 68 C88F4400 push qsr.00448FC8- n0 J/ p3 q x6 b5 x4 q* k/ W
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
1 p7 [5 j D( \" [, L& g1 z004030AD 50 push eax" V# Z& i6 {( H" F; |7 a2 `
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
+ R& z5 A$ w& F9 }" J& C004030B5 83EC 24 sub esp,24
+ U: e" u4 @. @% U/ x: y! _; H004030B8 53 push ebx
- `! [! i4 c6 e2 b7 n004030B9 55 push ebp, O" }+ g. u* |* S1 @
004030BA 56 push esi
% d+ j- \' b3 I/ W004030BB 57 push edi
5 I9 P; M# ]( T# e004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
$ y! Y! B1 O5 |! g' `2 Y" z$ [: M/ l004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]2 t. ]+ t/ s4 Z/ I2 v
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1; R2 V( o+ V6 q$ `4 T; G3 b* E6 h
004030CD E8 27C40200 call qsr.0042F4F9( V6 J# U2 p1 v3 Q5 |& \, V4 w
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]) p5 P, o" {0 U! y1 ?$ k( [) q
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax+ y/ o' S' \* @
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
1 U, T* R4 `7 ?+ C# `004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3) T+ T2 k4 r& I" o( Y7 g5 w
004030E4 E8 905A0200 call qsr.00428B79
1 k" O6 F8 G! S2 u4 B3 H004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]5 u4 h2 ~+ ~- {( Z
004030ED E8 3B5A0200 call qsr.00428B2D
8 B" Q% R! i* e. s9 u/ b! u004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
8 m8 _$ x- W B0 e3 L8 K004030F6 E8 7E5A0200 call qsr.00428B79
) M) C+ S/ v. \- G: W1 u004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]) k/ m7 N& A' B/ H
004030FF E8 295A0200 call qsr.00428B2D; o- [) M- p7 i
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]1 |5 [! d- ?$ j: s0 k* @: @
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]& w0 q, |% w' o& ?) _
0040310B 83F8 02 cmp eax,2; R- N8 V. z" I, n6 }& D
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
- x5 a0 ?5 N+ Z; Y00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
4 ^/ Q |5 x" A6 X+ U" i) d- O00403118 837A F8 18 cmp dword ptr ds:[edx-8],18% t5 q" d9 ?* o, K9 V* @9 N
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
' h6 ~4 F$ J$ S+ F00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
/ v3 r- n% i# B; V, U00403126 6A 01 push 1
9 m! B2 \% ]3 z% J; v00403128 50 push eax8 { w: @- r3 k) i; i7 z
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" u C: L" z2 q0040312D E8 C4550200 call qsr.004286F6
+ G/ Y2 k" m; D) J% q00403132 8B00 mov eax,dword ptr ds:[eax]; v) @' m* W/ T9 R2 U. r7 i1 W2 L
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, M% c+ }/ j. d+ d00403138 50 push eax
* z: {& I' w$ i+ b. x( ?& s7 q; G/ ~8 O00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
, m$ E) [8 A+ \4 M0040313E E8 4D560200 call qsr.004287902 [3 B. `, ~3 ]9 @
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]2 l# f. {7 `& p: T2 h) e
00403147 8BF0 mov esi,eax7 T8 k `4 o1 {8 }" u3 H1 `) {
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3: O2 Q2 o7 e! J$ S; y! a* s7 W% j
0040314E E8 38C30200 call qsr.0042F48B% }, s# w4 ?4 M: X1 \5 h
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
2 U- N6 q9 r$ \6 Z( M3 J5 j00403156 B9 3E000000 mov ecx,3E" a! S; Y8 T+ j2 Q
0040315B 99 cdq- M& Y4 {( I* W- n; D
0040315C F7F9 idiv ecx J! o# y- X/ q/ |& h
0040315E 6A 01 push 1
7 W. A+ {* m% E00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
( R5 F7 X* v: {* l- t00403164 8BF2 mov esi,edx
# d* {& j [ L. p4 }2 Q00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]; F' d7 J k3 B# {* M
0040316A 52 push edx
- O8 _ X& p" b# J" j. t+ m4 k5 j0040316B E8 0A550200 call qsr.0042867A# f. \: O6 o0 E$ N4 ^
00403170 8B00 mov eax,dword ptr ds:[eax]5 I, ^$ [2 ~ v. b% E6 R
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
2 \0 C2 ^) e% O0 a2 E00403176 50 push eax
7 {; M) f& b4 [2 E) r3 k# b00403177 C64424 40 05 mov byte ptr ss:[esp+40],58 r8 i+ _: |! z% D. j; C
0040317C E8 0F560200 call qsr.004287904 H3 L1 l" i( `
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 S4 \+ g2 s- W00403185 8BF8 mov edi,eax
' g% \0 V0 a4 v! R00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
% D# s6 Z+ u$ T0 M" K7 r8 u* B0040318C E8 FAC20200 call qsr.0042F48B
! H( G7 C9 T0 r1 G) C7 @$ Q00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
! T. H0 _' |) C# l00403194 B9 3E000000 mov ecx,3E$ _" J) R O$ A x' P5 s
00403199 99 cdq8 O7 e( d/ N' [
0040319A F7F9 idiv ecx
* L3 W, k% f2 r+ n0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
0 L. r, Z3 f" K1 O) o o004031A1 894424 28 mov dword ptr ss:[esp+28],eax
3 T4 ^: m$ ^- g" D004031A5 8BCA mov ecx,edx6 u, |! x0 ]- X n
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
$ ?/ E: O" m2 p: }; Q004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
, g' G G3 m8 f U2 p004031AF 894424 18 mov dword ptr ss:[esp+18],eax# Z# y+ E4 p* i; |
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
( G' i6 S, _0 |004031B7 894424 10 mov dword ptr ss:[esp+10],eax. Y# O# c+ V4 z) s/ o' F
004031BB 8BC1 mov eax,ecx
9 ?- |# v' f- F; f, g$ s; C+ L* F004031BD BF 0A000000 mov edi,0A
b1 I& Z! y, t# l+ V Z% D004031C2 99 cdq& q& a+ E( D' E( S K. k
004031C3 F7FF idiv edi
1 z2 O4 e# o5 Z3 F$ {/ i004031C5 8BC1 mov eax,ecx
, h- h' J0 I1 x$ _! Q004031C7 B3 0B mov bl,0B
+ w! s, ]/ W) b6 z' c4 g" v004031C9 0FAFC1 imul eax,ecx! L/ a+ `4 {4 T' w* i* M* q
004031CC 8BCF mov ecx,edi
7 p8 }! ^3 R4 _. [2 P" k7 W E' i004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
9 u& H6 d7 p& F6 d004031D2 52 push edx
8 s7 ^3 ?7 Z) n5 l( h5 r3 w004031D3 99 cdq
8 `% \( a8 p7 v4 o8 r5 G004031D4 F7F9 idiv ecx
' _2 T! x- d [& K p$ l004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
% i* a1 X9 T3 _004031DD 2BC6 sub eax,esi
% p, ]$ q& }, v004031DF 52 push edx
' w% P9 }+ n w9 Q8 _: |# y004031E0 99 cdq! Z' k: _9 _9 N3 J) P; c* u
004031E1 F7F9 idiv ecx
/ V, h* w% o6 z$ s6 {5 O004031E3 8BC6 mov eax,esi
4 q0 ]9 K* R9 D004031E5 52 push edx
; i$ Q8 i. N+ n, B7 Z004031E6 99 cdq$ |# Y& k* R8 I b: p( p9 p
004031E7 F7F9 idiv ecx+ B$ C U! {- P4 h* B, p
004031E9 52 push edx
9 o7 Q2 i6 B* G; X0 V- R004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]* |; ]; c3 a5 Y: S
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d", N6 A! ^. e; ]+ w
004031F3 52 push edx
( C; j4 j P, [: _004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48935 k: J6 I9 k# U' _6 Q
004031F9 83C4 18 add esp,18
/ h, `# P0 E& Z004031FC 6A 04 push 4
/ h: s* ?/ C" o004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
3 B% s- Y0 |' \- ]# S, J00403202 6A 00 push 0, W! i) D$ d2 _/ t/ u' z; ?
00403204 50 push eax6 P+ t( ?8 P4 q0 H, m- s- B
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]4 H+ ^$ M. d2 G- ?* M- l6 s* I( ^1 x
00403209 E8 D6530200 call qsr.004285E4. l0 ~; J# ], i9 B+ u/ @
0040320E 50 push eax
) _5 b6 g+ C% O0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
% h2 h9 \0 E- T5 Y- M }00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
' i. z' N% S8 E+ ]3 k3 G/ ?6 b00403218 E8 A7C30200 call qsr.0042F5C4/ p9 J# J K4 |. |9 C7 j8 j
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% G1 a" M5 t1 h) K l5 @. w) s
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl' ]+ C9 e% _: B3 n
00403225 E8 61C20200 call qsr.0042F48B/ U# {( m9 ?/ H" `: M l
0040322A 6A 04 push 40 g% h! m4 K' h- C+ i, {7 j
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34], [3 Q4 Z3 ]" E' J5 u m' r
00403230 6A 05 push 56 D! j p1 w0 w8 e- w. x
00403232 51 push ecx& U, B# K) _! l9 |/ o
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( G7 U7 p7 [; g1 Q- x- F00403237 E8 A8530200 call qsr.004285E4
" _7 V4 B8 D+ ?8 u! @& \& M8 x3 |0040323C 50 push eax) d" L$ E$ ?2 A- O
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]0 Q/ e5 [: L7 n$ Z
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D1 n: G, w) d1 k0 I2 G4 o9 U# a. ?
00403246 E8 79C30200 call qsr.0042F5C4
- g; b. I9 l' n1 J8 C: J. c, |8 \0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
; }4 M: I" O4 m0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl( e& s; I/ ]6 B1 c7 s9 ~
00403253 E8 33C20200 call qsr.0042F48B
3 s* P, T) D0 K+ w& ]00403258 6A 04 push 4' k9 k3 O+ ~+ K5 L
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]( l; I) u. U- \, q- z4 G
0040325E 57 push edi6 q* k: A6 U# W& ~, I
0040325F 52 push edx
) q+ t/ s, Q7 q0 E% p00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 ?1 H. @* V! I G" j00403264 E8 7B530200 call qsr.004285E4
) b. G) s, i3 h0 }; J/ C, O00403269 50 push eax5 J. d* h; d! [
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
, Q8 C! [* B7 y4 ?0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E8 q! i2 Q6 e5 n
00403273 E8 4CC30200 call qsr.0042F5C43 O7 T$ _/ m5 S
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
: e+ B* A+ q5 j+ u0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
9 J& o! Z3 C" o! }# C00403280 E8 06C20200 call qsr.0042F48B
4 V8 K+ w5 i6 ~& F! y/ Y00403285 6A 04 push 4
: d) U: |- R5 |, f2 x00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
8 O( }: e5 C8 s! H$ l' j+ u6 l4 U0040328B 6A 0F push 0F
4 Y& o; {4 j5 u7 ?/ Y0040328D 50 push eax
& e3 x( G4 z) p0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]0 F' W( W+ y3 F6 h5 E8 `
00403292 E8 4D530200 call qsr.004285E4
& \( J, f6 E# }) x; Y+ A00403297 50 push eax
C% \' d) E2 A% L+ H- w1 a00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 _- ~! n6 X* }0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F' {6 V% U5 D, t7 {2 y
004032A1 E8 1EC30200 call qsr.0042F5C43 h; w( E; ]$ {1 e. C! \% [
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& i/ w# a L. o8 e
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl5 m$ v" Q0 D0 @" X! M
004032AE E8 D8C10200 call qsr.0042F48B
- k/ I8 W9 ^" a2 ]+ w5 Q004032B3 6A 04 push 4
7 Z( V4 z# x9 g3 ^004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
% y. _7 g) L# Y) m% U, [004032B9 6A 14 push 14- y3 @$ Q8 N0 n9 r. n$ `
004032BB 51 push ecx$ M6 `* t4 j7 t t! r. a6 \
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 I; n9 _& d- Y, X7 z! S2 h5 J004032C0 E8 1F530200 call qsr.004285E4
+ ~, _% x. {0 s5 G8 K004032C5 50 push eax f9 A) Z- b. X0 q+ n
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]4 I" ~2 U' M7 T8 F1 A
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
1 L6 a. {! d/ B4 m9 }) ~004032CF E8 F0C20200 call qsr.0042F5C4
+ W- a$ I. s4 F. g6 j9 C$ m004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 {- j/ O% X4 K
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl, `; \5 Q6 k( w- n# |* d
004032DC E8 AAC10200 call qsr.0042F48B0 X3 z" ?! I+ B5 @
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
' l1 s; O4 L9 q' k( t2 d5 Z$ d004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX f I& k: e! ]0 Q: [ y
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL9 U& I$ f: h* H
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL4 a8 A- J) k' z# x$ Z, q- P: D( q/ q
004032ED 8ACA mov cl,dl ; DL送CL
3 L8 C s* |' z$ I0 L5 l/ M, a: G004032EF 3AD3 cmp dl,bl ; DL和BL比较
3 w$ Q# Z5 A! b004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)6 }! V% M- s2 P! }$ c6 F
004032F3 84C9 test cl,cl5 t2 H. p; u4 F% {( n# ^" F2 H7 n
004032F5 74 16 je short qsr.0040330D
/ a! l' l6 }2 f) g0 ?, Y9 j004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL" f5 N s* L4 l0 D. c
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL, F' A6 G' \+ G: ~4 j6 h
004032FD 8ACA mov cl,dl
8 w; d. j6 f/ L0 ~, y/ D. c( |; r3 |004032FF 3AD3 cmp dl,bl ; DL和BL比较
+ f/ b0 B" s0 |! U* }# U3 W( U3 h00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
5 G) w$ i: p* L( r& i6 a+ u00403303 83C0 02 add eax,2 ; EAX加2- E1 S" l5 T$ ~
00403306 83C6 02 add esi,2 ; ESI加2. E2 m6 A) Q2 U! w
00403309 84C9 test cl,cl
( c; |* U; t' n/ S# y( L0040330B ^ 75 DC jnz short qsr.004032E9
, |% |; o& @$ R8 A' N0 n& i# o0040330D 33C0 xor eax,eax
, W* g- j/ D: W0040330F EB 05 jmp short qsr.004033165 r4 y4 G" m9 [* j9 y
00403311 1BC0 sbb eax,eax) }3 O/ R" ^5 [- d
00403313 83D8 FF sbb eax,-1
: ~0 p. R+ K% u7 |7 q8 S5 g00403316 85C0 test eax,eax' a2 v4 i1 v, c2 O U" O
00403318 74 0E je short qsr.00403328
. f T: _; S# n+ i0 g- j1 T0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
u% V D( p" L' f0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
) d0 u8 n- X) {00403323 E9 F0000000 jmp qsr.00403418& O( \% f2 m& n0 s
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX ?& _2 w% s% d0 Y3 ~
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
/ r( x3 V" }- [# j00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]& m% r8 u' q; O2 O3 l- D7 c) \+ G
00403333 50 push eax
2 }# X* R, a% P00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
% N( L) k+ S+ U: R2 o+ h00403339 50 push eax8 [! e# s4 O" e+ @* }1 {/ q: q
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
b' V# B+ I' X) A0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX) |4 a, q. N+ p+ X6 `* L
00403343 83C4 04 add esp,4: Q( R. e+ d- a8 ]
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
) C3 X r) D5 W+ L! Y$ q' o- n8 ~+ C00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]0 A& |/ b$ q% d; }$ Y& O
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 l8 }3 Y/ W2 v7 e) A
0040334F 50 push eax- I* s& f& ^/ |1 X
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
7 }0 h {0 i: B) H00403355 50 push eax; \! O" U6 Z1 Z; C
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX2 Q) B" E: M5 Q; }
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
/ }3 ~' i/ T2 d# B v0040335F 83C4 04 add esp,4& |- Q. H2 K: ~: D
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
+ J) _/ [( j, [8 } K0 b. w00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
! @- W& H! E: y5 q1 d9 @4 \00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]" d% M6 s# P: B5 E9 F. F
0040336B 50 push eax) [2 j. q8 _! s$ t
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX7 i. W8 ?5 t% O4 w: ]% p7 I0 P0 D4 G
00403371 50 push eax
) Z' M- W3 a% m# i/ v00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
' ^ j7 `& r$ C; ]0 R0 K00403377 8BD8 mov ebx,eax ; EAX送EBX
$ G j: {5 P2 Z4 n00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX- e( c) _$ R; u {. c8 X
0040337D 83C4 04 add esp,48 O* P# I# z( r. K( c
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10], q- D$ S2 @8 a8 E! y1 V
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]! z' M6 y+ E3 A; X3 P
00403387 50 push eax
, q: ]: T+ w9 G1 F) q+ |( H& ^00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX) H6 H3 t$ M- X0 g. R
0040338D 50 push eax! h* `! K( R/ \( L
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
6 D" b7 F2 Y0 d: f9 c( T0 M00403393 83C4 04 add esp,4
3 C& V) r' W# X/ q00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]6 ]" b' K, g2 I( R% s8 h" ~3 i) a
0040339A 8BE8 mov ebp,eax ; EAX送EBP% k& X: ~# Z8 l: J9 x! K
0040339C 6A FF push -14 y, ^$ C4 k# f9 u! J- w0 |) A
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX) t1 r6 o9 T3 s- d1 y. J
004033A3 6A FF push -1
: x/ X7 z2 ?# l! r# K" |4 x4 q004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX; \5 f5 F+ M* U8 h5 k
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX3 W% @+ E0 x; R0 ^: r: P4 a
004033AE 6A FF push -1
0 W# D% g# e: Q004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX( _3 r1 O9 O. \' ^& o
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
$ S( g! L0 e9 s% @3 U6 E0 t004033B9 6A FF push -1
0 n ]' m( q$ U5 g004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX! q2 x. Z6 L% e+ |$ p% l' q4 t
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
, d( x2 p, r* H2 n, C" X' k# H004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX# i0 Z% T, z8 \$ E0 M% t
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX; M3 V2 c' z g0 \% G$ B
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX4 A' i$ e8 g- \& T) N; d8 u
004033D7 D1E0 shl eax,1 ; EAX左移1位* ]' j1 b5 ?: [- V) [
004033D9 99 cdq ; EAX扩展' W1 ~0 ^1 K+ i; b7 r- d: o
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
- w7 H+ Y/ _' D9 ^+ }004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较 G# f4 H5 {( j- _
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
0 S2 {# B V: w0 k0 X+ p% p+ T004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
# n; l6 J4 @# f004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
- }( v9 _8 R% Q& c; d004033E9 EB 2D jmp short qsr.00403418/ N" }6 ~! h, X' `+ k! Y$ n
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX& h# R/ ]0 u4 g4 [% c1 R
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
9 @7 C1 K& z& q! b' O+ \4 [$ a: e004033F7 99 cdq ; EBX扩展6 x1 Q1 k# z" ~) A0 g. Y
004033F8 33C2 xor eax,edx ; EAX和EDX取异或6 W" D7 D7 Q3 w
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
P9 y4 k7 r) q1 H) e004033FF 2BC2 sub eax,edx ; EAX减去EDX
3 ` L- \. v8 \8 y00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]/ d w E y' f0 \
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX/ J' b5 f8 N/ N J& n& Y4 z# m
00403409 99 cdq
0 H6 K' a& U1 r" d1 ~6 D0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
. u* l6 h) c1 I1 B$ |* Q8 W8 G5 J0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX; V; ]' W t7 e" L# f% W, R
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较, Q6 [# a7 G0 o6 y9 J
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)% G/ W: f# G; S
00403418 E8 6EC00200 call qsr.0042F48B ; 7 {$ i" A' Q3 C: K2 F% ~
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]+ H, X0 u$ A) G+ Q5 u; i) ^- ^2 s
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
7 U1 }1 ^8 I, E0 a2 S4 n' z' X8 _00403426 E8 60C00200 call qsr.0042F48B
1 t( [' n/ E1 [7 ]. R& @0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
& D+ @: }, i# J0 R+ C9 @0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8) T) A8 O: J" i6 Z c" s* {
00403434 E8 52C00200 call qsr.0042F48B
. q& w x! r6 R; h00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
5 G, a3 H) H# y C: V( @# O3 \0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7& D* B6 ?8 I- c6 g
00403442 E8 44C00200 call qsr.0042F48B! ~6 E! j: Y8 A
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]/ w4 \) x0 X* D$ g
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],67 E* s# i* k& C; W5 K2 z$ a
00403450 E8 36C00200 call qsr.0042F48B8 O! v( I0 D" S0 z7 \
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]8 e& A0 p3 G# }7 K1 |( ]
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3' ]7 p9 I% C8 k4 C3 X
0040345E E8 28C00200 call qsr.0042F48B+ |; A6 O4 e+ B5 k' m' Q; B
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]" z' f+ B5 v" j/ u1 ?; |/ A; W
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
0 S9 ~4 [% b- G. r0040346C E8 1AC00200 call qsr.0042F48B
) a, V2 e, q- ^* H; c) `, c00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
3 W0 H5 S1 s* @8 r00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
8 K! u; J8 B2 s- u0040347A E8 0CC00200 call qsr.0042F48B5 h0 p2 i' U7 j- W# P0 q
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
\! ?( k$ o8 C00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
" b, Z- ?' u, T00403488 E8 FEBF0200 call qsr.0042F48B
: i% p8 g0 v8 ^* J2 U9 E% a) [0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: R$ J& s& P, F" m- J00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1* @% z$ P3 P; }$ I% ~6 y* a0 y% V
00403499 E8 EDBF0200 call qsr.0042F48B
; m3 ^7 I8 P3 a1 g& {0040349E 32C0 xor al,al ; AL清0
- x2 \0 L" k& ^* g2 a004034A0 E9 88000000 jmp qsr.0040352D
2 M: d7 W d: ] S6 o$ d$ p2 x6 y004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~+ {3 {5 V' [! j$ }1 c$ Z( a
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
7 v0 K0 ?: h, u$ E- k0 Q. }* g; r004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],99 }8 I; e# t; t* y6 t9 k
004034B3 E8 D3BF0200 call qsr.0042F48B% N4 P, V( G; O' H3 M: d; m( K
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
$ m4 h1 Z3 s( U1 p: A004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8( f4 b' K- F, |8 e
004034C1 E8 C5BF0200 call qsr.0042F48B
) b) \9 K5 w+ L$ _9 [( T004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
2 e( |- p% u: Q3 \004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],71 U6 r$ j0 a, z2 m4 O, L2 \+ J
004034CF E8 B7BF0200 call qsr.0042F48B
8 k; {) W- I( @; b2 ^+ ^6 I/ H2 w004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]. @2 K$ q$ W; J2 n/ g1 P
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
, y1 U/ |) D8 [0 C. c& n9 U004034DD E8 A9BF0200 call qsr.0042F48B7 j( H* D0 Z; ^9 J
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
8 U3 }$ d+ p+ y. h4 Q8 h004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3( e* j$ ?/ x2 f3 h! Z
004034EB E8 9BBF0200 call qsr.0042F48B7 [, L5 B* H8 K; e3 K7 Z8 V' |2 d" m
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
- H& Q$ s" p1 I, B$ W004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
4 f! K5 f5 i. i0 {; S5 ?004034F9 E8 8DBF0200 call qsr.0042F48B; d @2 z% }# {$ c
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
7 y4 q5 {! y9 ]0 \. W) |8 J0 U00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1! _9 ^/ D* ` F5 R A: X+ v& _- K
00403507 E8 7FBF0200 call qsr.0042F48B
: d* u5 G5 m, e0 o0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]0 f) L; w/ `, P9 N% _# a
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],09 \; j+ A) r7 [
00403515 E8 71BF0200 call qsr.0042F48B
% _; J- ~0 m2 W3 {5 }" l0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]/ F) s7 x* C1 a% C7 L
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-17 X8 p/ n d f& Z& m% J( ~
00403526 E8 60BF0200 call qsr.0042F48B8 T+ t8 v! J4 j% w0 Z
0040352B B0 01 mov al,1
8 D) V" J' y5 y* l; Z! Y/ ~0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34] C9 D# R( E: u. `; z5 _
00403531 5F pop edi' ~* ]! Z) i) w/ m
00403532 5E pop esi
7 U8 \0 A: ]" I6 W/ Q5 R00403533 5D pop ebp
! U4 X6 \; l6 F00403534 5B pop ebx+ `& E' G3 M$ D" m- P9 _4 C% T% N5 n
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
# f! p5 c, a% M& s8 r3 _" D0040353C 83C4 30 add esp,30 ]! j4 R& h; ^% M7 W& ~& H
0040353F C2 0800 retn 8% u0 m6 H) ^ [8 D* D2 j. L
--------------------------------------------------------------------------------
; x% u$ j* P/ ?* v【破解总结】
8 {6 j; v& G* w9 @+ s 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^* }0 R. _4 {' C9 K+ j' f/ h2 U
用户名:yijun; D# v+ i+ J7 v3 v5 s
注册码:4893*7777*3726*7777*0529
0 q1 K' J: y# f--------------------------------------------------------------------------------
# g1 K: y0 L7 @ j: R: B( p【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡