|
|
|
【原创】破解Quick Screen Recorder
7 }4 f! h4 b# [; D) Q/ j5 T7 K* L【破解作者】 yijun4 i, e( b- E9 t" m$ Q' T
【作者邮箱】 [email protected]3 O" e0 X/ w) B/ `* c7 i6 z& M: M6 }
【使用工具】 OD,PEID
' u, D* Z3 h* c u8 I【破解平台】 WinXP
3 l) R* ~* A8 L" B【软件名称】 Quick Screen Recorder8 ]9 F; \' {, Z' _: y* v
【下载地址】 天空* S6 [4 w! @# F3 t7 q+ q
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
; t+ g4 f- X' N9 j【软件大小】 540K
1 W8 L) b9 s! h' W6 p. }【加壳方式】 无
; ^) }" ~3 @, p. D【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)/ o) Q- }# `7 A* C y& L1 j
--------------------------------------------------------------------------------3 g) @" b3 _1 F G
【破解内容】
) x! X# j* d! j9 E/ a* { PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
; A4 ]& c4 {3 h5 {* z9 [00404C69 55 push ebp //在此下断, m( }) Z. t$ @
00404C6A 56 push esi7 S* e" @ _2 ^+ |# o
00404C6B 57 push edi2 M! R+ l7 s0 _
00404C6C 8BE9 mov ebp,ecx
/ |+ T0 n0 F$ i! T0 ]00404C6E 6A 01 push 1
8 M/ ~2 C+ ?: `% f& R& `7 Q6 _2 Q00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
0 h" N& ]9 }5 b; Q- s00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]/ c2 }- C0 |1 u
00404C78 8BCF mov ecx,edi- r& V1 `0 K+ G8 K" C
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码7 B. a8 K$ `8 a, g! ^+ M5 z
00404C7F 8BCF mov ecx,edi
% j! A! L; B( u1 ]; g v' O# R# y00404C81 E8 A73E0200 call qsr.00428B2D
$ ?4 g" `0 l& R3 H00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
% B& ^7 v. f5 f) s) A00404C89 8BCE mov ecx,esi
- r8 s% [0 Q# j. M% E00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX% V0 q E5 b9 E
00404C90 8BCE mov ecx,esi
) u% n1 q/ o! ?& S' t00404C92 E8 963E0200 call qsr.00428B2D
* Z! L) j: h. c3 V( z. _00404C97 8B06 mov eax,dword ptr ds:[esi]$ w5 U; w2 J3 C% P# b2 N
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
/ ?, l/ c0 u; s! r00404C9D 7D 26 jge short qsr.00404CC5. ~% |% e, z2 \% U9 Q1 S0 M
00404C9F 6A 40 push 40; S* R6 z. o* q) h
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
8 f6 r) l3 P9 `% {9 O- h00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."4 D9 q& r. C4 t7 b2 L
00404CAB 8BCD mov ecx,ebp
# Q4 w) j0 D d) R* Y00404CAD E8 C3840200 call qsr.0042D175
" y8 C0 k4 l: E9 d+ }7 a. K00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
: f- M% q+ q; Z8 c3 g00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx0 @6 O0 ^3 l, x0 z0 W: v
00404CBD 5F pop edi0 K7 p' P( \4 ^0 o1 y
00404CBE 5E pop esi
: P& ]: v# G, e' P ?00404CBF 5D pop ebp
* i6 A4 o# p+ g- x( H) }+ T00404CC0 5B pop ebx: V, K+ A9 U t0 p+ ?' u/ g
00404CC1 83C4 18 add esp,18
& o6 a. u8 r9 j- b00404CC4 C3 retn, C# t D" i7 C1 L9 h
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
! o$ z2 t' K C; ? W$ Q9 ?00404CC8 84C0 test al,al
; f2 i% A4 v9 b; b. k00404CCA 0F85 1C010000 jnz qsr.00404DEC" E1 v/ r: t% g% ?
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]6 w* Y. u* |$ o; @0 y/ V! A8 R
00404CD4 E8 87E3FFFF call qsr.004030600 H- J( U) N9 I& n
00404CD9 51 push ecx* {5 B) I! o2 S& L* W5 c4 U, u
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
" N7 J8 m! Y6 B3 L: |00404CE2 8BCC mov ecx,esp
" H) \1 o# {% _ m7 |2 f; n: T/ a00404CE4 896424 14 mov dword ptr ss:[esp+14],esp7 }, i+ d6 Z. b* v
00404CE8 56 push esi: Z* b, T+ l: t4 w3 ^. I% M
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
* i8 X% q! ~0 H: L00404CEE 51 push ecx5 C0 h' M, `: N2 e2 v& t
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1/ t4 F3 F+ u7 `: N9 n$ f/ w) z
00404CF4 8BCC mov ecx,esp
' f6 P- [. }* [6 a& [: ?# c) O6 V00404CF6 896424 20 mov dword ptr ss:[esp+20],esp. s% ]1 ]6 o% S9 n$ |) ~6 C
00404CFA 57 push edi
2 F$ @6 I6 u; Y00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
, K- C/ u) d+ v0 L00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]4 [6 u% B8 f% d ~2 K) Z. u
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0+ E% T; A0 o7 x# A. q
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
7 p% O0 X! _& s- ?9 P00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
9 @) Q5 B5 \8 c5 O$ ~00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
& H5 M" c, R7 {5 D4 B00404D12 6A 40 push 40( Q! L' m" k+ N. o( I# c
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
7 J0 ?5 m" `3 O" ?& _00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."! d6 F$ L/ T* w2 i
00404D1E 8BCD mov ecx,ebp1 q7 M8 e5 a! o* u- s* H# C4 d. |& p
00404D20 E8 50840200 call qsr.0042D1759 o o: F' O7 D* w K1 b8 a
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
& U$ V4 v8 p! }# `1 c& f4 ?) O3 {00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
6 u" | r: z* g9 ^/ P00404D31 E8 5AE3FFFF call qsr.00403090% C0 M; E9 E" T
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]. V9 v- ?4 ~" G' V' z
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
0 K& m4 P# p' I: l+ m00404D41 5F pop edi
7 N2 Z( ^: K$ z00404D42 5E pop esi. ?, c m( v$ f. ~ j; o" Y8 r- H9 z
00404D43 5D pop ebp
* ]8 L3 {; E* x" g M00404D44 5B pop ebx9 v0 V( Z+ i# B+ ~5 E4 e
00404D45 83C4 18 add esp,18
- d) a8 s( d% x7 o3 ]00404D48 C3 retn
+ K3 r' l' h- G5 J*********************************************************************************************************************************************************
: |& P+ b- U5 g跟进00404D09处CALL来到:
3 {4 i6 q1 R5 K5 J$ }, F004030A0 6A FF push -1 //一路F8下去~~~~) q" B- g' ]! }' ]8 ^/ c- W
004030A2 68 C88F4400 push qsr.00448FC8
' p+ E! i. R% F3 k, i& e! g3 V004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]) k( n$ R9 K" m
004030AD 50 push eax: ?+ O, Q; u. F$ {
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
' r$ g( E4 U! d& h5 \" i004030B5 83EC 24 sub esp,24. n$ ?8 p" C h0 k
004030B8 53 push ebx
' x% S j" E/ u2 J$ j+ ]$ ]% j004030B9 55 push ebp
" ]6 }3 `6 P. B* F, e V, u004030BA 56 push esi' N% X" U- x! E) ?# W0 Q) ?
004030BB 57 push edi
! H- q5 d( B7 ~) P. k# G& t004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"/ D8 k( L9 z) H, K. i d/ W& V2 u9 r
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
8 E& ~ t m8 H+ d7 Y004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1" T$ r, o! G$ M: i1 S9 {
004030CD E8 27C40200 call qsr.0042F4F93 q6 k0 k+ E( k
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438], w* K7 @/ ]# T. `' a3 `
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax& \* J' V$ B) I a" P" \/ c
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]! R5 p' @# p5 a: r$ Y
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
" [) Z1 L1 r' r3 E" [004030E4 E8 905A0200 call qsr.00428B793 N9 c2 I( s/ D d
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]* U& N7 w- _4 {* I2 I \) q
004030ED E8 3B5A0200 call qsr.00428B2D
, ^. W( X9 N) B7 V* s004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
8 Y) h/ I; S) X) D P/ v# E004030F6 E8 7E5A0200 call qsr.00428B79
/ ?* R1 k) E8 a, r004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]5 e3 S3 [* u" J
004030FF E8 295A0200 call qsr.00428B2D ?) Z" Q, R8 M& B" b; |
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]' q: e j2 g/ _0 Q4 W
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
0 F' b, N" S9 Y0040310B 83F8 02 cmp eax,2
* @2 h4 }5 g& S7 S7 v ~; a& q0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
! g H/ a2 k% ~! m; @6 o/ C. z2 \00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]: t5 H8 h! n7 `- V, Q' T
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18( A8 V9 p; D) h
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
3 [% E$ ]6 m/ b# k7 h00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]0 U, ~& F W5 a9 g
00403126 6A 01 push 1
! g7 G/ G; }' H' _! U# N j3 b00403128 50 push eax# A& x" r) _) S3 V" V: n
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ [# J4 \5 Z: X" o0040312D E8 C4550200 call qsr.004286F6
& }! K: z* S+ h# W00403132 8B00 mov eax,dword ptr ds:[eax]: N+ }% S# v$ O- S! ], h
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]& n& G T8 a* H$ A2 W, a# K
00403138 50 push eax1 Z# d" h7 j5 O
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
8 a/ v2 g- O8 h0040313E E8 4D560200 call qsr.00428790
; j+ {: Q5 ]( f5 d00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]4 }" ^: w h, x4 e* K1 u
00403147 8BF0 mov esi,eax
/ h0 W( a* l' i00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" {+ g# K3 {2 |+ J0040314E E8 38C30200 call qsr.0042F48B1 u9 c( Y' Y; W$ E
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]4 z1 B; f4 S. l
00403156 B9 3E000000 mov ecx,3E% E6 |" K3 u3 d7 x: P
0040315B 99 cdq
: n9 O3 T# E1 o8 Y. ^0040315C F7F9 idiv ecx
! y) ?9 I3 T8 [0040315E 6A 01 push 1. z6 g' m" U3 Z/ V; ?0 V
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]) R7 z# I7 ]& h0 U$ b1 c7 u9 \
00403164 8BF2 mov esi,edx
& p1 b, Q! I4 ]8 j: i00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]; d$ e5 v1 m8 I4 ]) j0 @
0040316A 52 push edx0 X& D0 G9 T$ {: X
0040316B E8 0A550200 call qsr.0042867A
% }8 a: h- @4 N/ f00403170 8B00 mov eax,dword ptr ds:[eax]% f, l3 L- {+ B) F: G. a. G2 P
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
v8 k, K& {4 P3 B4 R00403176 50 push eax
# W( r3 h7 Z6 ^- P0 r00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
# s, n$ ]9 F5 T! p9 S1 W' e. q0040317C E8 0F560200 call qsr.00428790" A, g% J2 X8 Q5 s' W' `
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30] _7 l4 e: ?" e. ]& Z3 x; x
00403185 8BF8 mov edi,eax. h3 {% q9 V; b& ?: L. o7 K
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
, Z' a( ~( V) r5 \- J0040318C E8 FAC20200 call qsr.0042F48B5 F0 I+ w9 L3 n! x
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]$ `% k/ N2 {( w9 z
00403194 B9 3E000000 mov ecx,3E& s; P6 o3 Q* V4 v3 H c: a" |
00403199 99 cdq& e9 ?! `8 R. Q# u( T
0040319A F7F9 idiv ecx
; o1 ?2 C; p1 X: F, c0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
" W6 x: e C: V004031A1 894424 28 mov dword ptr ss:[esp+28],eax' l* _/ ~: s k: _* h
004031A5 8BCA mov ecx,edx: K) ~% ?/ i6 W9 v. ~
004031A7 894424 24 mov dword ptr ss:[esp+24],eax: f! @9 s% P4 I Z
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
9 t) {- }- O X4 N* n: Y004031AF 894424 18 mov dword ptr ss:[esp+18],eax" ?" c, b' Y; \$ r
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
m7 i6 z% G* P& N004031B7 894424 10 mov dword ptr ss:[esp+10],eax" g% O$ Q6 G, ^& ?0 i0 @. T
004031BB 8BC1 mov eax,ecx+ |$ x2 b! D) P7 y* B
004031BD BF 0A000000 mov edi,0A7 @6 q: p8 Z- q' s5 z. e1 L
004031C2 99 cdq
2 ~; f* l+ p" |8 l0 N6 Z004031C3 F7FF idiv edi, w7 J6 W/ g3 p3 {. u8 H5 ]
004031C5 8BC1 mov eax,ecx; P. X$ G' x7 ` E; x! L
004031C7 B3 0B mov bl,0B
. M. Z! _8 R$ F& M( h004031C9 0FAFC1 imul eax,ecx
# T/ _" `, J# `2 g4 }6 y1 u& _+ `2 ^004031CC 8BCF mov ecx,edi7 [5 n- Q! u: f8 Y9 T* ?* t8 w
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl3 L8 l' c4 H h( J7 u) N
004031D2 52 push edx6 l/ l$ u' e" \' D, y' p
004031D3 99 cdq
0 f. _9 |/ P6 w9 d( k- l% G V5 n004031D4 F7F9 idiv ecx8 f0 c- p3 `* c7 K7 p2 v0 f3 j
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
' c! d; N0 c: p5 r6 d% D0 Z004031DD 2BC6 sub eax,esi: g# H3 n+ y" o3 J" x$ Y! Y0 Q0 v
004031DF 52 push edx/ X5 \9 Z) h+ L' H% \' Z% I
004031E0 99 cdq
1 i/ P0 \; V' R- m; b. W. h004031E1 F7F9 idiv ecx
" n# k9 h& K& E2 J$ C0 S004031E3 8BC6 mov eax,esi/ }0 I" |1 h# T. f. O& B
004031E5 52 push edx+ N) e3 s! J; g- u
004031E6 99 cdq E; W' ]9 e' {3 _# z& ^
004031E7 F7F9 idiv ecx
: {6 e, D* N& q8 w, {9 I004031E9 52 push edx
% ~, R' ]4 p X* ^5 K t9 B004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]: `. D- O4 o3 V
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"1 _! K, `7 H: X6 P
004031F3 52 push edx
6 |+ K& J2 a2 G) m2 n' L004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893, q7 I- s K2 V4 o* O5 c
004031F9 83C4 18 add esp,18% P" r8 ]8 I, h. Y# Y* \+ ?
004031FC 6A 04 push 4
3 g/ N9 } Y) {) X+ k004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
" Y- C2 f( l% ]5 q00403202 6A 00 push 00 {. ^# ?0 g! a# [; i. h
00403204 50 push eax
6 U- y8 O1 N' Q00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 T9 s8 A0 u8 A" }' A( x
00403209 E8 D6530200 call qsr.004285E4) U8 b$ }; p6 S; p) x
0040320E 50 push eax5 w- k; F) ~+ B0 f! O
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]; l. `4 G+ {, Z4 B5 r3 x+ a
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
8 N7 }9 b" x) @9 l7 y00403218 E8 A7C30200 call qsr.0042F5C4
# b# H# ]. n" |. u4 Y2 R" F$ e0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]8 z4 `8 }+ I |1 e4 h$ j
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
( Z( }( ?) y3 Q00403225 E8 61C20200 call qsr.0042F48B
6 j) ~0 ?) E( h6 S0040322A 6A 04 push 44 {* A7 ?: @- W. H) h
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]4 h9 H; S; \* ]6 O! q5 X) R+ h
00403230 6A 05 push 5( q& n t; a- |1 V3 b( ]( i
00403232 51 push ecx
/ S9 t$ s2 Y$ |5 Z00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
$ Y8 K1 r3 `! D* G# V; ^& q* w4 p8 N5 t00403237 E8 A8530200 call qsr.004285E4
# Y/ I, f; D. O5 x! f. {: t0040323C 50 push eax( K3 g( O( A5 D" U+ h
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]9 k) y* D# s/ y& n
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D: f9 [* v9 T& `1 ^! i7 e0 q( ?) [
00403246 E8 79C30200 call qsr.0042F5C4% @7 z, |9 X/ R B4 J ]
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
8 H! l8 F- i% N J% h( t" }+ V0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl+ m# w4 N3 b+ R9 k
00403253 E8 33C20200 call qsr.0042F48B
D1 P% F- T& T l$ N00403258 6A 04 push 4* x4 D7 u' O; w7 l/ E
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
4 P# [, u3 C- E* n2 u* n' Z4 n0040325E 57 push edi
0 E- _' H1 i7 `5 v2 z8 k0040325F 52 push edx4 a2 I5 H/ R% h
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
/ s# z$ ?* H' z5 E" f4 H$ v7 X6 U00403264 E8 7B530200 call qsr.004285E4
2 E2 c2 l8 H7 _* a* O+ k00403269 50 push eax
4 X' D0 t, o4 T( O; }3 ]2 ]0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 [2 ?) t' h' z; m2 F3 O$ B0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
) w2 d2 U- M1 ]00403273 E8 4CC30200 call qsr.0042F5C44 s) b5 e5 g8 h ]' R6 p
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
, p9 M N5 k0 N0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
0 a2 h8 M" y) b: Y7 n3 ~: ]00403280 E8 06C20200 call qsr.0042F48B6 u- i, k; v O+ r
00403285 6A 04 push 4
/ u! ^, L9 h4 {* m( E3 e T00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
/ ^8 C* _' d' r- ?0040328B 6A 0F push 0F& @; ^# Q3 d/ ^6 q0 f7 G
0040328D 50 push eax
# K6 N0 }$ z" d) t6 u6 C9 ~0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]6 ~) O2 ?0 }8 ?9 d/ b' d
00403292 E8 4D530200 call qsr.004285E4' [: ?$ @ z" L* M K' ?5 V3 |' P* }* h
00403297 50 push eax) O* X W$ c8 k8 ?$ a
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
: U. u6 ?! ?2 ~" z0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F& h- A# S# \2 G- ?. e, b' z; Z
004032A1 E8 1EC30200 call qsr.0042F5C4
/ }5 W# V7 H' k004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 f. N* P& E4 u# ~* C7 V
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
- F6 a4 W5 n/ d# B2 y004032AE E8 D8C10200 call qsr.0042F48B
& m k" T% n! x* q004032B3 6A 04 push 4. P; v: b& j0 P) m+ G
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
2 r2 D8 _4 ?# a0 L" C' N6 ^004032B9 6A 14 push 14' C1 P" g1 ?/ U0 {9 W
004032BB 51 push ecx* A) k) S& K S! L7 B6 Q
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
# s* p9 J, [ m7 F# D! b! \004032C0 E8 1F530200 call qsr.004285E40 [% a' J, \4 t# r% I8 r5 _
004032C5 50 push eax. g) `" @) X$ m" D
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ k0 U t7 |4 x7 ~
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
' h( g6 \3 r3 d004032CF E8 F0C20200 call qsr.0042F5C46 g) @9 ?# @9 P6 S
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 W: H- ~: }9 J
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
4 x% n8 ^$ @ q, O+ ?5 H" `. y004032DC E8 AAC10200 call qsr.0042F48B. _4 U7 h0 Z. ~5 N
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI5 m0 r: J8 N$ ^
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX7 A# L6 b6 E8 E7 p8 v" i
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
* N6 g2 ~$ r- v0 e7 H004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL8 @$ \6 F ?1 P( p: G; a2 Z
004032ED 8ACA mov cl,dl ; DL送CL( _3 ?# L2 w1 a. N/ \
004032EF 3AD3 cmp dl,bl ; DL和BL比较2 [$ M; @7 P1 D
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)9 I1 B; L2 B& A
004032F3 84C9 test cl,cl# s, N6 c: k" z0 d0 L# J. k" X
004032F5 74 16 je short qsr.0040330D" j' B2 h6 `4 V9 B$ @" o8 {7 ~
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
v1 r, f5 a3 o g- o- D$ b% J004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL- p) l$ i$ a. ~" ?. g v
004032FD 8ACA mov cl,dl& r" R4 _+ Y. n* g' G* E7 Y4 i1 _) m
004032FF 3AD3 cmp dl,bl ; DL和BL比较
( R3 A4 b0 j i: z' N6 ] t+ ~00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
2 b/ S/ u+ k4 k; F* d% ^) U/ z+ ~00403303 83C0 02 add eax,2 ; EAX加2
5 y9 u" I4 [9 p# j5 w# A. ?00403306 83C6 02 add esi,2 ; ESI加2
: J3 E" E2 R; ]3 L$ k) O00403309 84C9 test cl,cl! J: H3 I. o% e
0040330B ^ 75 DC jnz short qsr.004032E9
9 V2 o1 w2 c2 F- P% Q0040330D 33C0 xor eax,eax
- F4 X5 F) w6 Q* N+ _& B- [. P4 Q0040330F EB 05 jmp short qsr.00403316
2 Z" b* |9 `1 a0 l00403311 1BC0 sbb eax,eax/ ?4 b" c8 h) ^4 I* }# m# P- K& v
00403313 83D8 FF sbb eax,-1
1 E5 |4 ^9 N) C& Y6 T4 L+ a00403316 85C0 test eax,eax6 x2 |; a: h) w- M: t7 m
00403318 74 0E je short qsr.00403328; @2 s+ J$ v9 Q" W# @0 H
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A1 R, X! r, y+ q3 @3 L
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]5 h1 f0 B( j7 P L" z
00403323 E9 F0000000 jmp qsr.004034189 f8 ?) {/ h- h$ j* `& ~- R
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
$ d2 z" D3 @0 O0 y0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* }& P! y! U1 N3 I$ g
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
! c! b1 S- O+ b00403333 50 push eax
' \( h9 q% Z# D; n0 u% h! r00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX) a' x3 ]/ L' I- ]! l# W! K
00403339 50 push eax/ Z+ o' i" G: D- q L; M
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
% Z) n( Q' O" M0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
6 B( q& O' X1 _ T2 Y00403343 83C4 04 add esp,41 ?) f8 |" y/ g# I) d9 c
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI# @. K9 S8 D2 k$ @ V
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
& _* O% Q; J2 |; u0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
9 n' c" D" d( {# W0040334F 50 push eax8 b$ Z, A4 g" Z9 H8 y
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
& o$ O2 `5 i2 |% Y00403355 50 push eax) F1 @5 s5 r+ ^. m6 D
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX+ t) u! T4 k2 p7 c: O- a. c. ~
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
6 E5 k" a0 @, [0040335F 83C4 04 add esp,4
9 w$ r9 B) l7 a* Y( d3 f" Z00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI# g/ q7 t% I8 I$ `4 M% X
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
6 G: ? n9 \0 @00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
1 q5 C, ?7 Y* [0 w. b0040336B 50 push eax
8 ?+ {6 ^# m7 ~# x" |( x" w0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX; a" u( h% z! S) {) i" R- D) L! G
00403371 50 push eax
& e* x. ]7 O1 a" t5 A00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX" b) `; Z% T* J- K
00403377 8BD8 mov ebx,eax ; EAX送EBX
$ X( g% t0 O# T, c' W00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
8 `3 V: a( S4 { [/ l! }0040337D 83C4 04 add esp,4
" ~$ N0 g# r2 y' p. Z( ]00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]; G5 i6 N, L, l+ T
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
& k) D( ^: e5 {$ N$ u7 S; E/ O00403387 50 push eax
1 }* \( Z/ d5 P. m, L0 {0 v00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX& A) _+ X4 C1 x" w% ^
0040338D 50 push eax
) b2 @" M! o: `1 |$ U0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
# X# [) Y/ S+ \00403393 83C4 04 add esp,4& V* Q5 h4 X% B# @& f+ H& H
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
$ G2 g% I7 {' ^( t0040339A 8BE8 mov ebp,eax ; EAX送EBP% S. o. ^) G5 X: t$ A5 I3 V
0040339C 6A FF push -1' z$ w2 f' s( ~% P0 S3 K
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
8 L, x! c% A+ g004033A3 6A FF push -1# q' {3 n$ I" j, {$ p U
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
+ B) \* f" h8 h004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
1 l- n( }/ S7 ]004033AE 6A FF push -1
, t9 v) W# z- w$ n" c3 l; w9 z004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
4 a, `4 t6 u+ Z004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
8 W5 u; F! V$ H3 \004033B9 6A FF push -1
& G! i0 h0 A. L6 a9 o1 \- B/ D004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX9 R% m; _5 A9 }* C2 |, s6 Q
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX! t: R% X: g" C' ` c
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX e; ?& Y; Y: m
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
4 q& ?, S1 A8 i4 R004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX* S/ @0 z/ l8 L# H( g, |
004033D7 D1E0 shl eax,1 ; EAX左移1位
3 a& f' C- S5 m( {004033D9 99 cdq ; EAX扩展
8 E4 X" I5 E/ r Q e' K5 Q004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中, i% ~+ G7 [* |# M2 ~ _! s
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较 B5 W( C* }: S0 G7 z# q* g4 Y4 z
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)% v/ k5 s( [8 _, R! |* F
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A9 |! s m3 }) F V7 W) c& ~- z$ @5 U
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
! i3 T& c, d+ X# h: A( h0 G5 Y+ Q004033E9 EB 2D jmp short qsr.00403418
! e' ~0 Q m; _3 l9 |/ o' Q004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX6 j1 ?( k& I# \, Q3 m2 K( L! B
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
8 z' V4 Q4 r' T004033F7 99 cdq ; EBX扩展
8 g4 d0 \3 U# u3 M004033F8 33C2 xor eax,edx ; EAX和EDX取异或( b/ `$ Z @9 F' A) P" A
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
/ _7 q9 Z- l }- \# J9 b. H. [- t004033FF 2BC2 sub eax,edx ; EAX减去EDX( @2 F ?8 ]' b" i. w+ [: e1 Y
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
9 k9 M5 t6 H- g3 k& M4 C( {00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
" Z- |7 |) c6 M( _00403409 99 cdq
5 K+ y& `' g2 i" [0 T& ^0 E. B! f0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中3 \& E6 T/ }; V1 q
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX+ D& x& b3 b4 z9 Q
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较$ I& c' c* i, q( u$ o8 T0 v
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)* n+ W% V) ^( F3 L7 I- R
00403418 E8 6EC00200 call qsr.0042F48B ;
( G7 {; i- l8 J& V0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) |4 w8 ]# \2 }* b
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
( U* |8 f3 A/ r: ?% b" O) l00403426 E8 60C00200 call qsr.0042F48B* K8 Z$ L) {) G% M. d8 |9 K4 Z
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]2 X" ?) L. v; a# J7 S2 }
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],87 N# ^7 E, U3 t5 P
00403434 E8 52C00200 call qsr.0042F48B
0 \) D0 X- \9 p" j C7 K$ e# |00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]% G: X2 a) f" {7 E$ H
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],72 v+ ]0 G8 X( B$ H/ y
00403442 E8 44C00200 call qsr.0042F48B+ F$ i" K- E$ f7 m: f7 f8 ?+ X
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]0 V1 Q3 [! u: w# t$ d# [
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
u* t4 x* c0 }0 Y' J3 ?& {00403450 E8 36C00200 call qsr.0042F48B
9 t! m1 R' w1 i6 s' S00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
) S) v0 y0 _* a# X4 \, s00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
8 N6 Z; L% d0 y" ]- P9 t0040345E E8 28C00200 call qsr.0042F48B
/ [4 H2 A U0 ~00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
# G6 s* Z3 b" \ c00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
. }) F% j2 N! L2 Z9 n! N0040346C E8 1AC00200 call qsr.0042F48B
0 r9 V/ r3 S& t8 }& L, h8 [' u8 v5 N1 o00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' P7 i6 m# t& o1 v' b# |; L$ `4 ]) M
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],16 L, w& |9 _/ x7 ~% J# n! f
0040347A E8 0CC00200 call qsr.0042F48B" V6 B2 F c' _1 s' h
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
, P$ S+ q. R6 H00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],05 @, q% {& C' y1 e- Y7 S
00403488 E8 FEBF0200 call qsr.0042F48B: R9 H8 g7 S9 T4 _
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]2 H. @" M& u4 Z/ Y, v5 p
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1/ o u$ ^. m9 h. p9 n W
00403499 E8 EDBF0200 call qsr.0042F48B
4 g& X) m% L/ h# `! s$ E: t+ J7 g& @0040349E 32C0 xor al,al ; AL清0; w9 I$ K3 C. ~% H2 `9 }' C
004034A0 E9 88000000 jmp qsr.0040352D
* N6 L8 F1 J$ I! g+ z; G, Y0 E004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
) D1 g9 e0 ]7 d7 O004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]: ^$ Z) E# H" {' ]! e9 \: ]
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],91 D# K( i _* c6 |+ x& g- L0 x, |
004034B3 E8 D3BF0200 call qsr.0042F48B
& {/ n; n+ D+ Q3 s; h4 y1 Q" c- l004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
8 r8 V) I# m* g1 x004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
; k/ v( T" @) l7 ]5 i% k004034C1 E8 C5BF0200 call qsr.0042F48B
2 Z+ V( B2 Y$ m004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]6 \! Z% w. Q7 w! `# ^2 q: Y4 w
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7( I7 u$ a3 N2 `
004034CF E8 B7BF0200 call qsr.0042F48B# T, j% y0 b' F8 g
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
+ a+ q1 \+ {2 V8 A) x: \& m* l004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
8 g8 b/ N, Q- S+ I$ R6 m004034DD E8 A9BF0200 call qsr.0042F48B
0 @& Q0 n8 ?# H% k; E7 ?* X004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
# a: K& F4 Q4 ^& b# G004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],30 l% ~$ Z% }/ v. ?4 A
004034EB E8 9BBF0200 call qsr.0042F48B6 T. Y4 Q4 Y" `$ w! \
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]! d( V. r# |0 ]+ @$ `9 L" ~
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2/ {% L6 ^0 X/ c. N6 S# e$ h1 ~5 Z
004034F9 E8 8DBF0200 call qsr.0042F48B
) p5 V; `1 }& s7 L7 ]0 q0 c004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' Z1 c1 m' X1 c: U4 f* q, ]$ p
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],19 C0 v+ f6 R4 h+ o$ }) ~
00403507 E8 7FBF0200 call qsr.0042F48B; e3 G$ v9 @0 E: e8 j( P/ B2 b/ M6 n
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]- }! g; f& x# D w
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
+ J+ S. E8 i5 u# g* P00403515 E8 71BF0200 call qsr.0042F48B: Z [7 }' P+ I1 x6 g X7 W
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
$ _7 H8 W% F6 }$ y+ w0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
# m1 V* `& L/ a8 V K% g4 M) T% G00403526 E8 60BF0200 call qsr.0042F48B
- |& Y1 E( \+ G# t0040352B B0 01 mov al,1
) ?+ {: O" |, t' r" ~) a0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
) L+ W$ x, B8 H2 A00403531 5F pop edi
$ F7 A( m, L3 S' V- `00403532 5E pop esi
# q0 G R1 a+ ?! y00403533 5D pop ebp. A4 [$ s0 a$ g) o' I& ]1 Z
00403534 5B pop ebx9 [. b# S( `% Q
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx9 g- r7 s) v- v* A' K5 R6 o4 B
0040353C 83C4 30 add esp,30
" [( ~. s# @' u2 L5 O- K. S% z- i0040353F C2 0800 retn 8
2 D7 l: I o, ]2 o2 z! x# ?--------------------------------------------------------------------------------4 t! s+ E& p& Z" a* G
【破解总结】 g0 ]( C2 P& E% J
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
, c+ I3 A5 ~/ }1 j% N9 A. ?用户名:yijun
0 W7 f- [1 c0 S7 b- u! ~% x注册码:4893*7777*3726*7777*0529
; A& c0 m# V& N0 A, n2 L ~--------------------------------------------------------------------------------
* [' f/ C c! P, j+ G; j【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡