|
|
【原创】破解Quick Screen Recorder
) [$ r( k0 _. X- G8 Z* t& a9 G【破解作者】 yijun
7 b% s5 Y% J& y( Q) ]# x【作者邮箱】 [email protected]
2 F' L6 c0 o- F【使用工具】 OD,PEID
/ R$ Y( }; b+ f& Z; C【破解平台】 WinXP
4 i( }! D* n3 A【软件名称】 Quick Screen Recorder9 ~7 E( W2 t9 ^7 u$ I
【下载地址】 天空. X( f# s( i' ]) W6 k/ N9 r
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
+ |& n; B* t, R【软件大小】 540K9 a2 j# m7 ]9 [' V, h6 G
【加壳方式】 无+ i9 c) {& L2 `& O7 S
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)9 n, u0 c6 _4 i1 v
--------------------------------------------------------------------------------/ ~; r" c; e" `2 M- d
【破解内容】
) S z9 U# i6 D) N s2 ?6 E% S PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:; X( e6 j4 T3 e, S/ a6 g W8 W
00404C69 55 push ebp //在此下断0 |& z. Y ]8 R& P, ^/ V% G: V
00404C6A 56 push esi+ s" e& u4 {0 y% g/ O, V# o
00404C6B 57 push edi* ~6 u% ~# K9 C3 `" ^. Y- n
00404C6C 8BE9 mov ebp,ecx
' G9 W1 O7 T, Q- L( J8 L# x00404C6E 6A 01 push 1
$ S9 p7 Q. Z' V+ v9 ]& v+ P0 I7 V00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
1 a; ?# O. _ I8 \% k4 q! s( P00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
! H* B6 M8 D4 u! ~00404C78 8BCF mov ecx,edi
. H# d) [8 ~' z l1 A00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
: R7 X! x3 _5 u: F00404C7F 8BCF mov ecx,edi
9 B% K# I7 _( S1 _4 r7 f' O3 p00404C81 E8 A73E0200 call qsr.00428B2D. e. Y5 ]7 U& z
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]4 Z, `8 X! c7 l; ?
00404C89 8BCE mov ecx,esi
7 F L/ m. g# l0 O. P) `; i1 t00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
: `1 ?* [% s8 g p6 `, S00404C90 8BCE mov ecx,esi
: F, y& ?4 Q; i9 ^" d% g: T# x5 u00404C92 E8 963E0200 call qsr.00428B2D
; U+ I0 O( F1 F/ P$ v* N3 i00404C97 8B06 mov eax,dword ptr ds:[esi]8 | I0 w5 q0 ^
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2 [( k# c4 N% D6 `0 v8 |7 d
00404C9D 7D 26 jge short qsr.00404CC5
. z0 ]/ N0 V5 Z* e" ^) o" `00404C9F 6A 40 push 40
6 j9 Y7 l% ?9 \& g a7 |00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"3 y9 n4 ?* f3 G
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
% Q* p, A5 V+ A" O7 q' M00404CAB 8BCD mov ecx,ebp/ S' m9 R( q" S) K$ R& L
00404CAD E8 C3840200 call qsr.0042D175
7 k/ e1 X& Q; Z6 H; u00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]' [9 v5 z4 D2 g" @
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx! J9 U7 r4 @* m8 Y% a
00404CBD 5F pop edi
& B, ]5 h, u5 T00404CBE 5E pop esi
) [8 k8 o9 n8 e7 g4 M00404CBF 5D pop ebp3 `( s5 K( n4 t/ `- t( ? e
00404CC0 5B pop ebx) s; J% e0 N2 n% U7 R
00404CC1 83C4 18 add esp,18
1 r4 K1 ^8 {4 k. J! B00404CC4 C3 retn8 K3 b, I( P" A. h8 U
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
3 E. T/ B4 A T% D* ~00404CC8 84C0 test al,al
' ~0 P& F5 a; s7 d' D2 Y; T/ r- F00404CCA 0F85 1C010000 jnz qsr.00404DEC
- [; k/ J+ d$ o4 N9 c$ o% h2 j00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]: j9 H1 b& J; n! {6 I4 h& Y; b' N
00404CD4 E8 87E3FFFF call qsr.004030606 a/ j8 D3 ]' Y) A
00404CD9 51 push ecx8 q2 p' n: B0 ], r8 S0 ]
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0& u6 }( L4 U+ l r
00404CE2 8BCC mov ecx,esp
7 Q- j$ M! ^( L0 w! |00404CE4 896424 14 mov dword ptr ss:[esp+14],esp3 l0 ?6 u4 q1 a$ N" }
00404CE8 56 push esi! u+ y ]" }. u2 \6 |
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
6 P x& k8 k$ D5 \3 P00404CEE 51 push ecx6 M6 g. \8 F: Y8 J8 U/ l# _5 f
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],12 ^. `6 V0 t5 t/ v
00404CF4 8BCC mov ecx,esp
8 N" Z3 D3 T# Y( Z r! ?00404CF6 896424 20 mov dword ptr ss:[esp+20],esp" T$ h; I$ \& c3 G3 l( ]
00404CFA 57 push edi
' Y# H$ d. G- Q7 R3 G" w, w. g& K00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0' f3 p- f3 i/ i1 U0 n. d
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
2 j( v) L. q! m+ S00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0; B. o9 L( Q% }
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~) r+ P7 [( E: T6 m: @4 x* |
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~! I2 O+ t, f3 V& A4 C I `
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~! H- _6 u! x8 z: O
00404D12 6A 40 push 40
F$ d1 m$ Q, T3 ^5 p6 v00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"6 o: h! x1 H- z1 S4 i
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
) {' y# o) o( d L0 Z00404D1E 8BCD mov ecx,ebp
; H# Q4 A$ @ m" a3 [- h* ~9 K2 ~00404D20 E8 50840200 call qsr.0042D175% }5 U; i1 u- y) X$ `
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]; L% f2 l: k- | } K
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1! |$ G$ ` g, C8 e9 @/ I
00404D31 E8 5AE3FFFF call qsr.00403090
7 y8 t8 z- ?) s! r! w! y00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
5 W; ^% X# y+ R' T00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx1 `# ^+ Q% u0 U' K: u
00404D41 5F pop edi- ?$ O7 S+ r! \6 V' x% D; r/ g9 U
00404D42 5E pop esi
+ q N0 T/ g+ P4 v3 G00404D43 5D pop ebp+ {8 q' }; ~ l+ W, R. v+ O
00404D44 5B pop ebx. K3 n2 E) K& w6 M
00404D45 83C4 18 add esp,18
3 K* J7 G4 G5 Y8 g9 `2 i* M+ R) j7 G00404D48 C3 retn' g' y& Z) f! N8 s7 o6 y" k8 r0 u
*********************************************************************************************************************************************************7 c1 ?5 ]: R ?0 a
跟进00404D09处CALL来到:
8 Y- C/ e# e; C004030A0 6A FF push -1 //一路F8下去~~~~
: q- N: Y: P! {( a- p+ t004030A2 68 C88F4400 push qsr.00448FC8% l. S, @) z8 [& C
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]& c* x0 W- F$ R4 H$ C4 G( f6 K
004030AD 50 push eax
5 E& V3 T: C& {$ B3 A004030AE 64:8925 0000000>mov dword ptr fs:[0],esp- ] n) E3 N6 M' I9 z5 j, T
004030B5 83EC 24 sub esp,24
1 E9 @) B/ o5 H: B004030B8 53 push ebx* K6 Z9 B1 f8 J( H" s
004030B9 55 push ebp u; b/ _: R9 q6 O
004030BA 56 push esi1 }' l# ^! {; B
004030BB 57 push edi/ \8 }1 ^' h6 N9 n- G
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
% w" |& b+ ^8 p4 F& L- _0 G% p004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
. M( e* y' m+ Z/ I004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
7 n( Y1 w9 D' y- }: n9 j004030CD E8 27C40200 call qsr.0042F4F9) {) u9 ]7 i: B; X0 s) Q& u) ]" Z
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]. r% D# ?! O# _& a' }
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
, Q7 l& I, ^9 ]9 F+ P# \004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]. v" G( a* O& Z$ _# O) P
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3/ |$ d: ^+ z. n# I3 e6 M; R# p3 t( ~
004030E4 E8 905A0200 call qsr.00428B790 B5 r% @/ r1 }. l: E
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
! t w$ O6 X' `0 D) _004030ED E8 3B5A0200 call qsr.00428B2D4 P5 _) Y; o! x9 t% ~4 f
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
# [- K! N9 ~5 H8 c004030F6 E8 7E5A0200 call qsr.00428B792 _8 e5 V# F5 k2 b# e
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]2 c( X# G h* d
004030FF E8 295A0200 call qsr.00428B2D# U) Q. O1 b% u6 s5 i
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
5 W: C7 w! y7 G0 H: a. s00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]6 T" O( \- s" l" T# f+ |
0040310B 83F8 02 cmp eax,2
6 ^* k& \8 i1 i' g$ L; A0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳& Q! o5 E1 i6 X' ?- w8 w) t% d: ~9 b' s
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
( ]$ U- b4 M1 _1 f, w00403118 837A F8 18 cmp dword ptr ds:[edx-8],18' C3 a" n- P% T7 X# U: E" V
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
+ t7 ~5 a5 S0 r/ L' G/ b. |2 f00403122 8D4424 30 lea eax,dword ptr ss:[esp+30] o d# e0 s# g: i1 C, X
00403126 6A 01 push 1
, r: w4 c$ W/ z: W V' O, X* j6 S00403128 50 push eax
# b8 e4 U- z! Y9 f s1 [; ^" A00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 X1 B/ e7 B+ g9 u
0040312D E8 C4550200 call qsr.004286F6- M! u! \" N" x' N5 z
00403132 8B00 mov eax,dword ptr ds:[eax]7 ~6 e9 y9 b1 D# ]" B4 |
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
/ P# o6 K5 \8 C3 w7 Y00403138 50 push eax
$ f% q: u7 w }% [: V; @5 d00403139 C64424 40 04 mov byte ptr ss:[esp+40],46 X9 q2 n. p" U( z* n$ V
0040313E E8 4D560200 call qsr.00428790" w0 `0 s D( M5 z" Z- b2 ?% G; B
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]# b7 M5 z0 a# T4 E
00403147 8BF0 mov esi,eax
w. y# Q' {6 ^4 k- z; e: u00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],35 I! ?! h, n' s8 X2 [
0040314E E8 38C30200 call qsr.0042F48B
Y, n; i0 M2 m7 r, H! l' t0 {00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
9 Q! y5 f, F3 |00403156 B9 3E000000 mov ecx,3E; x. I* B1 a) X$ ^) B4 I
0040315B 99 cdq5 k" l( M. T% ?7 S* f% q( @8 p5 \
0040315C F7F9 idiv ecx
: }2 j" k! ]% a0040315E 6A 01 push 1- W( P+ Z* W& @6 r5 {# w# W
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
4 P8 ~! Z7 ? A4 C: _' e7 g00403164 8BF2 mov esi,edx/ ?& t8 H; ]" p! e
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]. d& i2 r* t# [7 {; x5 o9 d
0040316A 52 push edx$ {3 ]; L9 _* m; w* ~& g* [" m
0040316B E8 0A550200 call qsr.0042867A. d3 r: \) a$ Q# X" R% }! ^' O$ s
00403170 8B00 mov eax,dword ptr ds:[eax]3 w* v& [; a' G$ P1 n9 R( f# f
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
! C3 z' m& U: y" B& ]00403176 50 push eax, E* z3 V/ R! p9 L) R3 e/ f# \9 Q
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5( a+ R1 U( p# _0 t1 o, ] L" z" C
0040317C E8 0F560200 call qsr.00428790
8 ~. n: w6 a% q9 n00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: l& H) z( `* c
00403185 8BF8 mov edi,eax
2 i D I' D3 O+ a# i00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
* x* I2 d* o& m$ c6 r0040318C E8 FAC20200 call qsr.0042F48B/ R- {0 @6 `- a) y
00403191 8D47 0A lea eax,dword ptr ds:[edi+A], O8 d2 H* R* f8 u: J, [" a
00403194 B9 3E000000 mov ecx,3E; }3 L$ S, w% o( S! \1 W3 J
00403199 99 cdq
+ k8 G0 u, `3 U6 w# x+ @0040319A F7F9 idiv ecx2 H. @" ]7 j6 F8 Z+ H/ u/ L# d N
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
, G# F7 |. g- ~, r9 a, H* u004031A1 894424 28 mov dword ptr ss:[esp+28],eax8 y/ h* W; l7 L3 {. m0 L' n' b
004031A5 8BCA mov ecx,edx& `4 r1 n6 \6 [
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
. J1 a- m4 X8 [: p C" t; I) a1 k- ]004031AB 894424 1C mov dword ptr ss:[esp+1C],eax: c/ ?9 H% V6 ~# I% X
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
0 m) B9 Z9 B2 ~' C, n004031B3 894424 14 mov dword ptr ss:[esp+14],eax' l( m5 N% t( S2 x0 `
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
- h) `; D6 b9 S+ O. _0 y004031BB 8BC1 mov eax,ecx0 w' C, M7 k' `8 H; s: E
004031BD BF 0A000000 mov edi,0A
; `$ I6 S }4 h004031C2 99 cdq
( U: k G3 [+ |8 w2 |- d004031C3 F7FF idiv edi$ p' g, N7 }% {7 Q. T9 m
004031C5 8BC1 mov eax,ecx
' g9 v, ^4 a8 Q- N004031C7 B3 0B mov bl,0B% q/ s& s( r' Z4 y6 \; v' X- M) \
004031C9 0FAFC1 imul eax,ecx
# W2 ^7 L! ~+ i% ^6 h004031CC 8BCF mov ecx,edi/ Z0 x; L- m4 l% V% v
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl& a6 v! }3 S4 z. k
004031D2 52 push edx2 l {! s6 ^0 J! ~; D! p: q0 n
004031D3 99 cdq
- o/ q7 \" r6 N& d. g/ O004031D4 F7F9 idiv ecx
% ], }) x# s* z/ D004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
" k* a" v0 `" U) k5 a9 A004031DD 2BC6 sub eax,esi: u& s4 }0 g+ n& Z$ H [
004031DF 52 push edx
7 i* L7 n; W- l! G: T004031E0 99 cdq$ [4 N1 i; u7 c% d" o. @1 F
004031E1 F7F9 idiv ecx* Z) g: g" c; |& I
004031E3 8BC6 mov eax,esi. L) ^5 ?% i" p* z8 e: l( D! b
004031E5 52 push edx
$ R( E0 C" Y- F9 ? S$ F004031E6 99 cdq$ D( U& L; n$ B
004031E7 F7F9 idiv ecx8 ]& z2 H4 b/ N& ^* Q" d
004031E9 52 push edx; \* O2 ] q7 C' ^) U/ ^" z! t0 j
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
! P2 m, H7 ^3 t004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d". g8 |1 n1 u& p) }7 f- K7 _
004031F3 52 push edx
$ a! o. _2 f: c& q7 g004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
4 c& r& w$ F1 C1 N* c% F* C004031F9 83C4 18 add esp,18/ j! C z9 W4 ^/ P
004031FC 6A 04 push 4
; Y% y* M/ a" e; U3 t6 b004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
( |* m+ Z+ E, j) C; A5 E00403202 6A 00 push 0! n# I& f( W3 B2 f4 ?) i
00403204 50 push eax# Q) r" {" k1 U
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]$ H; }2 A# h% x6 ?, Q) Y
00403209 E8 D6530200 call qsr.004285E4
) A7 _! m6 k5 T4 E0040320E 50 push eax. m9 x* D5 Q J7 p' Q9 K) P! k- K
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]: }& U0 R6 i4 h7 [# S0 f- U
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C0 J, S2 B i9 P' g
00403218 E8 A7C30200 call qsr.0042F5C4
; K9 t0 B; _* A5 O* n; q' l0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: t! \: E8 @' Q0 d
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl; t. A5 R$ ]* l1 q3 w5 d" J( s& K& I
00403225 E8 61C20200 call qsr.0042F48B3 ~ `5 x, G- D5 j3 v. P
0040322A 6A 04 push 4( X& w; v1 @: X* R4 [
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
4 [/ g2 g+ v# A5 z b8 S3 N00403230 6A 05 push 5
1 K$ S8 b5 D8 P( U00403232 51 push ecx
+ J: r, [$ z) [% Y$ {7 A! l00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
5 c4 e- P! A, Q: E00403237 E8 A8530200 call qsr.004285E40 i8 B+ C, B9 @4 `" c$ w) C
0040323C 50 push eax8 q0 o# k6 E% a6 x- c3 Z
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 k5 {& T7 v; ^- m. [, j
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
2 B' O! x* u% d2 D3 X" E00403246 E8 79C30200 call qsr.0042F5C4
( I4 H% m# X$ @! I& D2 N2 E8 U0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( ^4 Y& R' |$ E; a" L9 ?0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
+ c# |% o7 [* `7 t/ y3 V* c. U00403253 E8 33C20200 call qsr.0042F48B9 c6 |0 V1 f! N" d* W+ S$ q/ q( n/ h4 L( R
00403258 6A 04 push 4
( J: u+ S- H# g/ w0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
. Q7 o R1 F- C3 x9 S8 o# s0040325E 57 push edi
& a5 S, s( T3 [9 v0040325F 52 push edx% ^7 O" T t) C0 T, l; j
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ v! E; o3 Q* j$ n00403264 E8 7B530200 call qsr.004285E4) v3 r- Z" Q% K) P5 G& Q$ |
00403269 50 push eax
( |# m( w3 Q C5 s4 [9 T& a. N0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
' |0 W- s' m7 t7 |0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
# E) H$ _8 b+ N00403273 E8 4CC30200 call qsr.0042F5C4. z. }( e/ u5 k) a4 u4 e2 H
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]1 {; ^6 M6 v6 Z: m! D0 j6 j& I
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl# e9 h% F; y: J/ M8 h) N
00403280 E8 06C20200 call qsr.0042F48B
% G6 V/ z( q/ y& }) e/ p Y00403285 6A 04 push 4
# f- T) ~- o' ~) E00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]. _1 \# \( a4 Q! k/ {) w$ I# T
0040328B 6A 0F push 0F0 X: @* q: L0 \' i; C
0040328D 50 push eax2 ?3 U6 E( g, w
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. u- j7 f; j' g; @, I& h2 L00403292 E8 4D530200 call qsr.004285E42 h: k" {* A) F
00403297 50 push eax
5 G+ Q! L- U" r' c00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
1 P" q8 K& Z" D1 r6 a W0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
; R6 u6 t# s# P! a004032A1 E8 1EC30200 call qsr.0042F5C4( p M' S4 v7 f6 F# Q
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) J q; x5 \7 ~1 B$ }" i004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl1 x, f1 N; W% ~: U
004032AE E8 D8C10200 call qsr.0042F48B
0 Q. o @6 ~# d4 P, I/ [004032B3 6A 04 push 4; @" F; D( C# Q3 o, @. M; ~
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]. [, |6 }& `8 q- Z( n6 q6 e6 T
004032B9 6A 14 push 14
& ]# F( x9 ^: q. O0 `" E0 Y004032BB 51 push ecx) V- D7 R% w- {2 |$ d
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]+ I" z8 T, ^6 k0 `6 g0 H
004032C0 E8 1F530200 call qsr.004285E4
8 u6 M! e: u, ~& T004032C5 50 push eax
% G. h( C( [8 s" G5 w/ @004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]( p# e% e5 i9 v3 { L$ |
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10( ]: U# o4 G6 O: M, G* v
004032CF E8 F0C20200 call qsr.0042F5C4
9 @" V2 u* f% F, H" B. Z* _& i004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 T' G( R7 H6 _
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
) z, g6 X. Z1 f( |004032DC E8 AAC10200 call qsr.0042F48B$ \4 g+ h& \! A \
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI4 l( F# ^+ ^- k% L" R8 |+ ]' t
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
% p+ H+ X* N: z1 v( J004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
9 V5 j6 S% g: G3 _/ B; N) j3 S004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL, o+ a# {5 |7 q. U2 J9 M) x) y
004032ED 8ACA mov cl,dl ; DL送CL" Z6 b7 r) g; I5 v
004032EF 3AD3 cmp dl,bl ; DL和BL比较
: B- s+ u. \+ [004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
) J, ]3 k: B Y+ j/ ^0 L) p' x4 N004032F3 84C9 test cl,cl
" {2 J6 ]9 L. ?+ }7 ] D004032F5 74 16 je short qsr.0040330D
$ M+ c5 R2 I4 r( }, q004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
* W: N K9 @ S& D5 X004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
8 v( D" k9 g9 ^, V/ B' f004032FD 8ACA mov cl,dl
8 {$ Y" `, R4 D8 j' n7 T004032FF 3AD3 cmp dl,bl ; DL和BL比较
7 F. g0 s' A9 _7 r( `0 Z: F00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)* e' u, p! A4 g7 C. o
00403303 83C0 02 add eax,2 ; EAX加2, j( ]- |1 {+ ?8 N* A
00403306 83C6 02 add esi,2 ; ESI加2) V/ p" L$ U% P ~
00403309 84C9 test cl,cl0 X0 @5 w4 R$ `) z2 n( @8 Q h2 I
0040330B ^ 75 DC jnz short qsr.004032E93 m; `# K }( L' _0 T$ Y
0040330D 33C0 xor eax,eax: b. v' L' [5 C, Y
0040330F EB 05 jmp short qsr.00403316 S5 _3 C" g0 g) Q- _
00403311 1BC0 sbb eax,eax
! m- i9 d' _5 [, }; ^! J+ H00403313 83D8 FF sbb eax,-1
; W2 L1 ^; {2 A* ?0 P00403316 85C0 test eax,eax8 {( s6 ^: h( ~ I/ D1 A
00403318 74 0E je short qsr.00403328
P2 I. g: E' C2 h0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A( k7 z R1 Q" d: T- Z/ ~, A
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]0 @ V8 p4 e9 R" K2 M1 C# Z4 [. ^* R
00403323 E9 F0000000 jmp qsr.004034186 U2 Y4 z2 `9 g8 b; C% i
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
& P; ]7 x& \4 O% K0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]: l+ |; Z) e. I, O
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]3 W& s# K" E3 b( \5 A$ r( T# F
00403333 50 push eax
. N+ y+ `' o3 E) G7 ]00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX+ p; x9 ^" k: A- M* V$ D
00403339 50 push eax
- o( h* w, v3 M. E0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX1 o9 ^7 N5 w. o
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX8 t& h3 A( A0 B( U4 n: J
00403343 83C4 04 add esp,4
p: ~; W. k" E& L& B00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI! g& B) r) ~4 N
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
( g: z4 n9 R5 B/ F3 s5 J' w6 g" |& W0 E0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" t5 b6 X" N# e5 ^" I. d
0040334F 50 push eax
. l6 @/ |; k& k1 G& T$ g& o( @( M00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
2 A, a9 a$ b9 _1 [2 |00403355 50 push eax
E) M7 R9 r% }00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX/ }8 s& b- d( v
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
9 g" y; N J9 F. W- E( H% V, e0040335F 83C4 04 add esp,40 m% z1 g! e; J) @4 O
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
^ w2 W! H; N00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
! e5 [$ @3 }( \! f7 z: E0 P4 e00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]" I- o, k# y; x5 o k
0040336B 50 push eax- s$ T5 z1 _# K% s1 a
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX( p8 y, Z9 {7 @
00403371 50 push eax& t" y* q! j3 {$ L6 w: S
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX% w/ p. [* v7 [$ j
00403377 8BD8 mov ebx,eax ; EAX送EBX( T) V8 F( t% i. ] j2 F
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
4 x* z( p7 Y% I" }1 s: h0040337D 83C4 04 add esp,4" s: k1 g; e* ?" i' t1 I/ _& R+ a
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]5 z# d. b: h. f
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
$ l- _( Z# y2 V t4 w" M0 j. m7 q00403387 50 push eax* d" M& ^3 e5 S! o7 x M
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
- _$ P; j& h9 l. `5 v$ |: a0040338D 50 push eax
$ ^! E: Y9 X) i. o* x/ P9 n3 Z0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX0 h f" E. m: E9 |
00403393 83C4 04 add esp,4- k3 U- S6 {4 V! E' e* }% R% d
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 {# J4 i& c3 ]# K3 |
0040339A 8BE8 mov ebp,eax ; EAX送EBP) T' h. V5 a" Z( Q0 J; z; x$ L
0040339C 6A FF push -14 T9 o/ }+ c# t0 z3 U# {; B
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX; n. V6 G7 w) w3 c- S! m
004033A3 6A FF push -1& o" e6 u* A! ^! w( n
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
9 e: s# s# k O004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX* w( G) }, k3 n; L8 H! m1 t. }
004033AE 6A FF push -17 R: J. g7 l: O ?0 D- n
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
' H i: r+ g! S004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX. {; ?3 u7 g* {) Z
004033B9 6A FF push -1. ^1 x! A2 G- S/ ~2 _9 t7 Q s d
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX1 o8 ~5 W& F- B4 {4 N" A& S
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
- Y; X: M* o6 m004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX, ]- V+ e( i+ v, C$ i3 L
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
& Y) [/ ^: ^* w9 p) E004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) g. p: |7 s# ?% P# s1 v004033D7 D1E0 shl eax,1 ; EAX左移1位/ H6 n1 A3 q% S5 l& n" p
004033D9 99 cdq ; EAX扩展9 w& ~+ E1 I! f! P% ?" x; ?1 |
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中6 y8 J! H; n/ [" X. v2 l6 ]8 Y$ N, g5 ~
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较/ m$ s( z2 @" f" {& E
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
. H( U1 |9 W3 H1 P004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A; ^& C: u, y+ x! l6 e5 P9 i
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]8 v. x5 v, n" c# Y
004033E9 EB 2D jmp short qsr.00403418
6 E! W: x7 m, T; D- g0 d% L004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX1 ]1 b( d! U6 s. u4 f: o+ `
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
; |; D' J( P* s. B3 L3 W004033F7 99 cdq ; EBX扩展
) u J/ I* m0 @' Z2 }+ {3 `004033F8 33C2 xor eax,edx ; EAX和EDX取异或
+ B9 K% c2 [1 F004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX1 U, I; e6 J: D5 p4 f
004033FF 2BC2 sub eax,edx ; EAX减去EDX- d3 {7 W% Y( J# `/ o
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]* `: x" u0 i1 u5 ? n' q
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX/ b a! [' G! V: w1 M5 S) T* m8 P# J
00403409 99 cdq5 j0 d- ^" r" R! ^8 C/ T" }2 b N2 u
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中- U* h# Y- Z \, d( Z% z( ^- g
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX" c$ F8 v3 @+ J D
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较+ s5 t" u! w6 V2 d
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)5 O/ ^, n l; @$ k; z8 G( s
00403418 E8 6EC00200 call qsr.0042F48B ;
9 S* \* U7 p- P5 @$ n6 H$ I0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ m4 A: u J% B9 r/ t6 G7 F
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9$ \5 }/ X) E. T: D
00403426 E8 60C00200 call qsr.0042F48B n7 {; m; |' f! q- }. v
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
7 [ [, P: @" V: D1 ?# g6 F5 b0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
. F! H3 z; i. y- L0 ?" }$ ~3 B( s00403434 E8 52C00200 call qsr.0042F48B
) G7 _3 y: B4 N00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
' ?& X$ ]% j- [0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7/ o" I9 G3 w! q! G9 z6 c2 s% g
00403442 E8 44C00200 call qsr.0042F48B5 t- E" Q& y5 T1 O* ]+ k T5 K9 w) b
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
3 z: t* }9 J5 _$ `" L( }0 {3 Y: x# Q0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],69 l/ g, j+ |$ [$ j0 V3 ^: p' h
00403450 E8 36C00200 call qsr.0042F48B
9 H; e$ ~2 F% v" a9 k+ M* }: s00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]6 Q. |' E$ d6 f, ~
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" Q2 {& \8 [& ?! ]. G3 t0040345E E8 28C00200 call qsr.0042F48B' Z" [! c: h2 J% j. m" _5 A7 u" N
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]. c5 G$ w( V% i6 N2 n
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2( G* y9 Q. g3 }0 ]1 g- p: X: M1 Q- ]
0040346C E8 1AC00200 call qsr.0042F48B
3 Z, c6 M( g$ h/ o4 S' H% ?4 R# i. j0 I00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
( S/ e) o* k7 U00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1$ T) e: x' h6 s' o) Z- f. X4 f
0040347A E8 0CC00200 call qsr.0042F48B- O1 b$ o/ b4 J# s+ C6 W# r
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
+ E0 x& N, K% C$ d0 |00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],09 L5 z: t! V7 l! \6 R) H
00403488 E8 FEBF0200 call qsr.0042F48B4 E$ a) r6 D- v1 M" i
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]- Z/ R8 f3 z9 h* B! X0 a4 Q
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
( l+ r# j9 a- g2 C00403499 E8 EDBF0200 call qsr.0042F48B
- Q7 _0 `& v5 S0 I* E2 D7 O0040349E 32C0 xor al,al ; AL清0
4 r: k! D5 s- p+ m. ^% P004034A0 E9 88000000 jmp qsr.0040352D, X( O* V' Q% B2 b- D8 s8 R
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~+ a8 t; i: W+ B: a+ f
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]' c3 N0 J; P8 W' A; |- f
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9. G" g3 T$ l" n K9 A5 C
004034B3 E8 D3BF0200 call qsr.0042F48B
! c* M. R! w1 F! v, P004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" A* m4 S4 g# Y# ?, ^
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8' F8 f o7 X; Y
004034C1 E8 C5BF0200 call qsr.0042F48B
4 v- Y2 h6 x# l# v" r, c004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]( C) v: L9 D; @8 c @. s
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7# C. L0 W: {+ T% G' R. ?
004034CF E8 B7BF0200 call qsr.0042F48B, i0 R6 ?. z |. C) H/ }
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]. @3 G1 y! F& k \1 U
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
0 A# L) m% l% l; T% ]004034DD E8 A9BF0200 call qsr.0042F48B
( @% G0 w( c' |2 m7 y& Z3 @* ~ D004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
- h* ^6 e: L8 O4 Y- P+ M004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
1 [* p& O4 Y! ]% X8 a004034EB E8 9BBF0200 call qsr.0042F48B' D; ]% b2 g. V' Q/ A: E
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
9 Y4 i+ I' J7 L9 A* v6 L9 {( f# Y004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
e, h6 w" e2 H' x) \004034F9 E8 8DBF0200 call qsr.0042F48B
8 I7 C8 E; C2 i G& O/ l+ V* Y }0 Q$ U004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]5 M3 }9 A, b: I1 V6 p
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1, t8 E* V2 b! u' }4 |5 m
00403507 E8 7FBF0200 call qsr.0042F48B& G7 }* ]6 E5 ^
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]8 [) R. c0 b( t' `' f" y
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
9 A: z- b7 [/ ?) O! t* w00403515 E8 71BF0200 call qsr.0042F48B
) I6 \: S& s6 L0 H& K" j0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]2 }+ K7 }4 K/ {: {# Z
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
7 M% B6 U4 Q/ ~+ f2 ]00403526 E8 60BF0200 call qsr.0042F48B( C$ M4 f( X- X# [+ g
0040352B B0 01 mov al,14 ?1 ], x: u A7 e8 ]
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]$ y# G% C% u! A
00403531 5F pop edi: l7 f* b3 w2 c [3 r/ b p% l
00403532 5E pop esi: I, s. P( n5 f' f* A, w' X
00403533 5D pop ebp
) L# o% G: [7 x8 u" B* D( \00403534 5B pop ebx9 w5 t( a3 I- s1 `, A( s7 ~2 \
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
0 l# \: t! d' n' S4 i7 o! B4 l0040353C 83C4 30 add esp,303 [! o& J" v& q; Y& S
0040353F C2 0800 retn 8
4 c% E$ C" }- X6 y--------------------------------------------------------------------------------
4 S# _$ M0 a* `【破解总结】
& B" _/ H6 V4 A! w4 t 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
; w0 s1 U% R& P4 l用户名:yijun! b& \) }8 P8 C9 h. w
注册码:4893*7777*3726*7777*0529
) \) Z% c3 k/ P--------------------------------------------------------------------------------4 k# O2 ?4 h/ H& M+ `
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡