|
|
|
【原创】破解Quick Screen Recorder
4 i- |1 |( S* J( t. ^- ?2 u& C2 F【破解作者】 yijun
- Q9 q/ }2 q j1 R【作者邮箱】 [email protected]" ?- L9 m1 h! f. _: B
【使用工具】 OD,PEID
9 ^0 B( ~ K6 Y! @0 ?/ u2 n" L【破解平台】 WinXP) J4 ]4 {" h: l5 J1 N
【软件名称】 Quick Screen Recorder
3 }+ d; _# k, W) z% _/ M【下载地址】 天空2 h9 @6 x9 y8 `! `
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. - r1 i) c& v( a. _1 `2 \1 L# Z, O2 s
【软件大小】 540K/ x4 O q8 M g
【加壳方式】 无
5 W; h% Y& L' G' z& v【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:). e1 W" E) ?4 Y& H
--------------------------------------------------------------------------------1 C- {6 `$ j0 ?: Q# z
【破解内容】
% S; `2 C- \$ V1 o' a PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
$ L& \( ^& i2 q$ F8 E1 w2 A00404C69 55 push ebp //在此下断
3 X" r- ]% ^0 O00404C6A 56 push esi- D6 V! }1 x& C. `/ b7 Q. r
00404C6B 57 push edi
`* a" _; W! k8 r00404C6C 8BE9 mov ebp,ecx
7 K( B1 s& o4 ?00404C6E 6A 01 push 1
9 N; t4 n1 [: @6 _; o- p00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
& h( E5 s l5 K2 ~, `00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]* ~) |7 n, C+ m2 f+ }
00404C78 8BCF mov ecx,edi; O. o3 X* b# I
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码8 T/ h3 c! ^6 g2 P! I$ Q& f( A
00404C7F 8BCF mov ecx,edi
6 P& Z; z/ @8 P$ C* G! y7 Y% l00404C81 E8 A73E0200 call qsr.00428B2D
4 S; B1 G/ z' e' n v5 Q00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]7 k; l9 X @5 v' S7 o) Y/ D
00404C89 8BCE mov ecx,esi q$ v- S$ m2 k9 V
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX# w2 b$ l) h; G3 l% l3 |4 M
00404C90 8BCE mov ecx,esi
. R$ [3 s m s- @! \: q00404C92 E8 963E0200 call qsr.00428B2D. t# U" G' o; V, k$ i0 c
00404C97 8B06 mov eax,dword ptr ds:[esi]. S8 N; t& ~& H5 Z
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
7 F2 I$ {( N2 F2 m" ~00404C9D 7D 26 jge short qsr.00404CC5
0 H) Z+ v5 |3 E, S% ?% h3 o00404C9F 6A 40 push 407 X# u/ q2 {5 B* I/ {: S0 A
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
/ K; Y# P3 f, @1 G" J3 U$ K& h00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."* _4 b+ v: b3 b2 l' `
00404CAB 8BCD mov ecx,ebp
" ]2 m8 M- V$ o. \6 S4 e5 G% L00404CAD E8 C3840200 call qsr.0042D175
& S+ `; c$ u$ j4 k00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
9 C5 M7 g& T+ f( y7 M$ ^; ?0 h00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
9 J$ Y# K; }$ {' Q00404CBD 5F pop edi
% C6 `) z( t+ V% K4 o/ R& `0 f00404CBE 5E pop esi
8 a+ S) r* F) N00404CBF 5D pop ebp! ~* } Z3 T; c' l' C
00404CC0 5B pop ebx4 M2 U, s* U. ?( p; ^0 T; B2 t, B; V
00404CC1 83C4 18 add esp,18
! |& e1 ^% t4 N) n9 S, v00404CC4 C3 retn
" E7 N4 M' s) H- `3 _00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
, F) r! \ R' {3 S00404CC8 84C0 test al,al
# s. \ }6 n t! k9 n) D00404CCA 0F85 1C010000 jnz qsr.00404DEC, U# l& G7 M7 O4 C+ k q$ Z
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
' b1 A5 h' Y+ B00404CD4 E8 87E3FFFF call qsr.00403060) L$ q9 v6 i# \: w7 g
00404CD9 51 push ecx
- y2 j$ u: W' g8 b9 Z2 [00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
0 P/ U1 H: \6 C5 w$ V00404CE2 8BCC mov ecx,esp
/ q; k6 t$ c8 d) e5 s00404CE4 896424 14 mov dword ptr ss:[esp+14],esp3 _/ r% K3 Y2 {$ |3 q0 k* D1 z
00404CE8 56 push esi y% S' X6 {- I% f4 K+ y0 s
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
/ d% t( s( d, @6 F00404CEE 51 push ecx
9 A$ C4 A( \+ r r _ C00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1$ ^, {3 y* l4 ]8 O# D! x. \
00404CF4 8BCC mov ecx,esp, L' N j# M+ C1 M
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp& b! X- P. h" U! n* ^! ?
00404CFA 57 push edi a6 L( M- z1 B0 d+ A
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
* h& L7 _- X, ^+ E00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
- f; _1 q! _& T* v, B% k) C00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],06 i. m" s6 x6 M, U. X6 W
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~# Y; l" {. h$ [9 i# \. c
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~; B4 u* N2 ~. m/ B7 g _; a7 T
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
! g5 ]% K( [/ S00404D12 6A 40 push 403 K- I y1 d# H+ U Z
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"3 o1 I* c4 m4 H7 p% G5 N. D
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."* V$ y L+ j7 K7 J' a
00404D1E 8BCD mov ecx,ebp
) y/ Q" D' X* l- j0 @' n( q00404D20 E8 50840200 call qsr.0042D1755 m' i( x4 {) A- R( f
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]: x- @4 `3 e2 j7 {: w6 R6 `* o
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
5 k( u4 O& N% Z0 W5 ]! p4 `00404D31 E8 5AE3FFFF call qsr.00403090
, r) {1 |; u' G1 g00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]5 Z6 a( z: G! c8 h1 S
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
5 |0 x4 S) j" r j x* d8 {00404D41 5F pop edi
. d* g( X9 J' R4 K" ~00404D42 5E pop esi9 ~0 c; x9 _# n* h
00404D43 5D pop ebp' p! ^& _+ Y$ D- D% m
00404D44 5B pop ebx/ g! w# L8 F1 n& p2 W9 a4 L3 R
00404D45 83C4 18 add esp,18- n4 X9 h! i) Z+ a
00404D48 C3 retn4 |5 K) s% d, H Q5 ]8 w5 u/ S
*********************************************************************************************************************************************************8 h* C+ K4 C' f/ g5 x
跟进00404D09处CALL来到:
3 ` l) H5 Y+ c4 s004030A0 6A FF push -1 //一路F8下去~~~~
( m' s; `6 Z& X004030A2 68 C88F4400 push qsr.00448FC8
- u" M# d }+ E$ D004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]6 b- |/ r5 l2 H4 d5 M/ S$ z
004030AD 50 push eax# [" \4 J% N3 C! |/ z7 r
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp+ [$ ^3 C1 c) S. S7 E
004030B5 83EC 24 sub esp,24
# f6 \" Q2 j( q( ~004030B8 53 push ebx0 m% }- W$ N/ k8 p6 _
004030B9 55 push ebp5 }( Q( v: s: }$ f
004030BA 56 push esi
& Z9 k+ j, O+ q, _1 z! ]004030BB 57 push edi, e' \6 m) x& C6 D" c" a
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
5 t# w" h! _' e5 O004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
$ |% r7 q- |) J' |; w9 o004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],14 s5 [7 J" Q( g. j) a L
004030CD E8 27C40200 call qsr.0042F4F9- c+ f1 O3 ^" F3 }% ~
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
* t0 S( q0 J4 h/ g" j004030D7 894424 2C mov dword ptr ss:[esp+2C],eax( L0 y$ g$ G0 {, p+ u. H" K, S ?1 A
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]3 v) x8 A$ F/ q( ~* L+ w v6 v( x
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],32 i% g3 P' h: T a2 l
004030E4 E8 905A0200 call qsr.00428B79
6 \' Q1 F: x, |& p" K004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]0 j7 v! {8 K* D- i6 S" u; v3 B% Z
004030ED E8 3B5A0200 call qsr.00428B2D# k) R* r# F" w4 T l4 T$ j
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]% w! \8 X1 N% j
004030F6 E8 7E5A0200 call qsr.00428B79* J. |" o! E9 K% w7 y8 T
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
1 S; S7 r6 w8 e S) C004030FF E8 295A0200 call qsr.00428B2D
: S9 Q$ C; f' q1 _8 l/ j( c00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]: U& O: p) U" @" d% H7 f
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]. R2 C* _9 X" ~1 j) I
0040310B 83F8 02 cmp eax,2' {, E4 z) e0 I& c" y) _6 M7 ^
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳5 G' B0 x. ]* M, p$ z
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
& T" ]; f) K$ U) j& i0 b& E. T00403118 837A F8 18 cmp dword ptr ds:[edx-8],18, s; h/ H( L0 o7 D
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳5 t/ Z- Y% x! }! |; o
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
9 ?/ O+ J, a# A s3 U00403126 6A 01 push 19 l& {4 F: E% @
00403128 50 push eax) f, x# Y' P( {- I* `
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
% `) s+ i- T3 l7 i$ |0040312D E8 C4550200 call qsr.004286F6
4 V' b9 e' S* j8 }& g00403132 8B00 mov eax,dword ptr ds:[eax]
3 Z0 B: { @7 n, x Q% S4 q( y @0 z3 I00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' q6 c$ C; K; @- u- E
00403138 50 push eax/ f1 n5 y3 \2 A; O& @
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4# P% h- h4 N2 [, G* j) C/ Y& s* x
0040313E E8 4D560200 call qsr.00428790* F1 n0 A* R2 u( B$ c
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" e: m, i3 ]3 D6 n# E9 J! M, r00403147 8BF0 mov esi,eax
& w. u0 u; k% a& l. \00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
# Z/ X- [' d( @* x0040314E E8 38C30200 call qsr.0042F48B
2 ^ M4 e ]' a u7 j00403153 8D46 0A lea eax,dword ptr ds:[esi+A]5 K6 C2 h2 y1 b% f9 d
00403156 B9 3E000000 mov ecx,3E9 A; x/ s/ _" N$ r8 ~
0040315B 99 cdq: X7 \9 U& c& n$ _7 l8 J
0040315C F7F9 idiv ecx
- o7 _( O3 o- Y! D" S# `0040315E 6A 01 push 1( K- S: Z) y1 D/ ]) q: ~. X3 H; p
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]& G. o1 i1 |' ^+ w8 n- s n
00403164 8BF2 mov esi,edx
; i9 K/ |6 D, j$ Q, W U! `- b00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
* T8 Q3 D1 W3 H+ a: m0040316A 52 push edx+ C. R: O$ P9 h0 x1 z5 Y' w
0040316B E8 0A550200 call qsr.0042867A. h3 u% \. x* I
00403170 8B00 mov eax,dword ptr ds:[eax]
' j! o% M: D2 o3 ]! w* p00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
. s' x- Q# @1 | |00403176 50 push eax
/ ^0 K4 H$ e* I, g00403177 C64424 40 05 mov byte ptr ss:[esp+40],52 o. s. h( c, d/ ]5 |
0040317C E8 0F560200 call qsr.00428790
9 O: Y9 p8 Q: T% ^00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" ^: L# ~+ W# {4 F+ H& a- ]) K00403185 8BF8 mov edi,eax
z1 u0 j0 E% G3 g3 b& R00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3+ S' k' J i( C* ?
0040318C E8 FAC20200 call qsr.0042F48B) F, A+ E. \. s6 n. t8 S
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
9 w j, }5 s% w9 \* w( s00403194 B9 3E000000 mov ecx,3E+ c: L/ @) c( q
00403199 99 cdq
' P- @! l! [% i7 q3 Y0040319A F7F9 idiv ecx
( Y/ ~: r6 x) c" I4 [4 {8 f$ n% V0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
- A+ U' a/ e; [* B' H004031A1 894424 28 mov dword ptr ss:[esp+28],eax% m/ [5 g3 P+ R
004031A5 8BCA mov ecx,edx
( f# g7 n" |4 j# B! F3 f004031A7 894424 24 mov dword ptr ss:[esp+24],eax1 G6 A: p4 F4 l0 W3 r" X
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
9 q4 q; D7 l$ I+ g( r" @$ o$ s004031AF 894424 18 mov dword ptr ss:[esp+18],eax" _9 S5 Q/ O, V) D) o4 q$ n, K2 I
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
[6 J6 e) r' o! l$ `5 T% K004031B7 894424 10 mov dword ptr ss:[esp+10],eax" e4 q9 y* W% Y5 ~
004031BB 8BC1 mov eax,ecx. {) f( i0 u: {6 Q
004031BD BF 0A000000 mov edi,0A
4 j: H V7 E0 h; M- {# @004031C2 99 cdq& I0 G% O: ^/ y: L$ r/ p
004031C3 F7FF idiv edi% _) K5 ?- H9 ?# m) `
004031C5 8BC1 mov eax,ecx
5 C' n% a- x8 [+ U0 y1 V+ v004031C7 B3 0B mov bl,0B8 m0 z) C6 D4 s$ g3 _+ h
004031C9 0FAFC1 imul eax,ecx
% q/ y: L6 p( k1 `8 E/ z5 a7 _ c' Z004031CC 8BCF mov ecx,edi
+ q9 q9 o! ~' M# Z1 x$ f004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
3 |- J. g# ^. m! F004031D2 52 push edx+ S1 e4 F- i0 g1 L; Z' N* @+ u$ o
004031D3 99 cdq0 j6 T' \. P' @. l2 g# C
004031D4 F7F9 idiv ecx* O5 S% r4 y2 {" g
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]7 ` Z8 s) Y% X* c
004031DD 2BC6 sub eax,esi2 ?' \; a: ?& P4 G# G
004031DF 52 push edx
) _2 G. b3 s& ^004031E0 99 cdq) t, N# [9 c- A u0 F
004031E1 F7F9 idiv ecx% w) `# n, G) F0 F0 e
004031E3 8BC6 mov eax,esi
! W6 u& g: p& I5 U; p6 b004031E5 52 push edx& V% V* Z' Q, e2 a# F& M
004031E6 99 cdq
1 K, N; _4 n! Z- l+ y } d. X3 \004031E7 F7F9 idiv ecx- h% c0 M" b: \+ M
004031E9 52 push edx
9 k. ^% r' u+ W% G, P' j x. d004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]) J$ Y7 w, ^0 {7 t, A' i% k
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
3 z" M1 C& r6 R0 [004031F3 52 push edx ~% }+ c6 _& H8 W. \
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
/ d( D. L5 a9 q% x/ z- E, @004031F9 83C4 18 add esp,18' W- r: q# u# j2 E
004031FC 6A 04 push 4
' \% h+ l" p% D( _004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]' G! L) D2 R9 g6 h+ O
00403202 6A 00 push 0" o# {& D) u4 ^: C4 x, Z# J
00403204 50 push eax) u! b' s0 z8 E. f$ O: }! W3 H
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
9 ~+ b" B, K: M5 e) f00403209 E8 D6530200 call qsr.004285E4
5 @! H, |: [+ g8 b9 ^1 v3 r0040320E 50 push eax: z9 B( i; [( W# Z N. D; S5 u
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]& L* z4 o; `# k, f8 X z( }
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C# C. @, f) |! z: o% ]: `
00403218 E8 A7C30200 call qsr.0042F5C4
1 J3 } o ?; B$ i2 I0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]1 I: C0 J5 o( G, S4 h `+ ]
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl# [3 S' z# m& [% }2 D
00403225 E8 61C20200 call qsr.0042F48B
& O: x; N0 l8 o9 J9 G4 Q: {3 a0040322A 6A 04 push 43 P0 p2 w2 I* w
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]; E* m% W3 T1 i: T5 b/ n/ l
00403230 6A 05 push 5& r& N i& M$ y: K5 V8 F) a
00403232 51 push ecx
" X" L' @. h1 g6 n1 _0 w0 O9 D4 D00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]- l" o- D4 j# a# [7 u/ v, [ i
00403237 E8 A8530200 call qsr.004285E47 r0 E' J, Y# z3 h; ?7 C) E
0040323C 50 push eax
- d9 q" E: |3 \0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]* H5 l- ?, d2 b, s2 j1 r& F; o
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D9 W# W; S5 z( a1 x; @" n0 h
00403246 E8 79C30200 call qsr.0042F5C4
3 D$ h. \# {; e: @ j5 r0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) j0 F2 Q- y% E* [. m; f8 z0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl' R" p8 x3 g3 n/ L) X+ V
00403253 E8 33C20200 call qsr.0042F48B
2 R9 S7 j. z" b- S( `# x; c" [# a00403258 6A 04 push 4. W$ ?0 a' F2 _( H
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
8 S, v, k; A$ n, C. o0040325E 57 push edi% F- c2 M- c9 J$ K) e$ @4 f
0040325F 52 push edx- I; }; y/ ^8 ]8 e# M. @0 F
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50], k8 R3 L1 g, c2 Y/ n
00403264 E8 7B530200 call qsr.004285E4
; U$ J! ?1 i/ n. f00403269 50 push eax1 _1 F7 M; G! f
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]/ I9 g% L6 _ M& d
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
; z1 y/ E" X+ y/ L1 I5 ^- `00403273 E8 4CC30200 call qsr.0042F5C4$ d4 E( O) k, Y( i8 i N4 A" z9 Z
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" G, k! y: h# ^ E0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl0 A6 b/ x1 f o
00403280 E8 06C20200 call qsr.0042F48B- n1 Z- B+ ^ m- E3 w' N9 R* j# l
00403285 6A 04 push 4
, p4 q8 t" a" p$ {+ L00403287 8D4424 34 lea eax,dword ptr ss:[esp+34] L- g, C; j+ s, p9 Q
0040328B 6A 0F push 0F; h( z2 k! G$ W8 [/ k
0040328D 50 push eax9 U& M% T/ z0 x! d
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
9 ~+ j0 r1 _: ^( n00403292 E8 4D530200 call qsr.004285E4
! H5 s4 q. f7 H4 w2 j00403297 50 push eax2 W3 ?6 f7 C$ T9 V# a8 e
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, n2 ]9 U/ S% Z* J' c$ V0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F5 G/ a* \- K' i4 {( q# C
004032A1 E8 1EC30200 call qsr.0042F5C4% G; T0 I: j* }1 @, B
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% h! X9 D3 j. g3 ?. X
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl/ k/ W7 e; |' j
004032AE E8 D8C10200 call qsr.0042F48B
5 b6 S" e+ P. s9 C2 A004032B3 6A 04 push 4 G, x; k( U5 x/ U- `
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]. L: o" u8 `/ b/ K; H
004032B9 6A 14 push 14
4 _8 C/ ~: A" p) y) x, ~7 M% a004032BB 51 push ecx
- Q$ X8 A8 s7 K. J004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
6 ]9 S9 F9 V! [: ^7 M004032C0 E8 1F530200 call qsr.004285E4
- \% {: b5 Q4 b* f004032C5 50 push eax
$ Y/ q- [% f2 d1 u* G! E004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]+ {0 p+ x8 Q* R; [0 L- X0 S; Y/ e
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
0 e) u& C4 |; X# k004032CF E8 F0C20200 call qsr.0042F5C4
. g/ L5 r, T8 T* a5 }) }1 q# W; S4 \004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]2 L2 f/ g6 m# t+ j+ y7 e+ |
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl+ c$ m' Y3 \ T2 X* J8 [. [
004032DC E8 AAC10200 call qsr.0042F48B& k/ l( d1 u4 D+ O
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI9 g; R' f3 |& _4 Q& \4 c9 y) C
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
3 Z) n1 t$ u$ y6 e h1 M004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL% K2 Z9 j. x3 Q9 w l& u
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL2 Y& ~: T; z e( z, k9 ^# _
004032ED 8ACA mov cl,dl ; DL送CL
" Z; r7 `7 g6 T9 \; R, i1 R/ o004032EF 3AD3 cmp dl,bl ; DL和BL比较
3 |( M; M. G! o" I; `* O' j8 f0 ~004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)4 T6 |( C2 A( S1 k( X, p
004032F3 84C9 test cl,cl. k7 }: ^7 l/ w3 F. z% P
004032F5 74 16 je short qsr.0040330D
0 O: l& Q7 D" Z- P004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
9 B; ~8 c) `/ A, l5 {$ {2 k! d004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
1 S! }% ~) f( L3 c/ e004032FD 8ACA mov cl,dl$ U0 u8 N$ T6 g; @" m5 S4 F! S+ `4 R4 Q
004032FF 3AD3 cmp dl,bl ; DL和BL比较; x& m1 h7 D8 Q( e
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)% }' G4 I+ K3 F7 I. q8 |" n2 X
00403303 83C0 02 add eax,2 ; EAX加2 {: U8 [3 K- v; v) |1 C6 f
00403306 83C6 02 add esi,2 ; ESI加2
2 b s8 u- z0 T, q/ B( i# I00403309 84C9 test cl,cl
; M6 `- J7 C/ K& S0040330B ^ 75 DC jnz short qsr.004032E9
' A R. X% t5 d( T0040330D 33C0 xor eax,eax, b9 F3 e4 K% i* A0 Z
0040330F EB 05 jmp short qsr.00403316! X/ G" i& q# R- k0 M* F U
00403311 1BC0 sbb eax,eax
) u8 m v7 D7 W. Q' N2 F+ G00403313 83D8 FF sbb eax,-1
$ P' s( X1 V4 t* \1 M; v, h00403316 85C0 test eax,eax
( \1 k5 J/ i' P3 l7 x$ N& ?00403318 74 0E je short qsr.00403328
. L: u% I; F0 Z# V0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A% i7 W9 A( ^9 Z5 L
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]( y3 L( ]' z* \$ }$ `8 ]
00403323 E9 F0000000 jmp qsr.00403418
( l% \1 m+ u# q. B- `00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX( H" W5 J6 I% q/ `4 z ^+ R3 \
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. O1 w9 X' T/ [( N! P, F& [00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
) W6 c" u6 S# F6 e, n8 _' R& Z# @00403333 50 push eax9 x4 k$ Y- z! A+ @! s0 ]5 x
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
' X; ]( e: n1 O* x. I5 H6 x- {: s00403339 50 push eax
, k2 m4 ?0 M v8 t2 Q0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX q. J& J# `1 o
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX# I) p& W! f; b3 {5 s% v
00403343 83C4 04 add esp,4. ~4 s j$ b: B$ ?5 L
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI) G- u- E7 M/ l, I; n
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
3 k& Q) P3 u+ k: Y: D! K0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
% c; k( P5 x) p0040334F 50 push eax8 j* |8 ~) \0 x
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
. @* N8 p% e6 H+ V$ j2 D00403355 50 push eax
5 y' b& J$ ]* t5 M00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
& V( A- x4 g$ @0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX$ T+ K& S4 O' \) C/ W5 j
0040335F 83C4 04 add esp,4' L& f) e0 r7 }+ E$ x
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
2 ^; _ \9 u5 r1 C! M. A00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]! S; R/ i* x/ [& E/ y& Y$ }
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]* u) r8 O( h% B
0040336B 50 push eax
" o/ J' W, W& X" O/ I T0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
' o7 x* i6 i0 j0 b( _" b00403371 50 push eax; U; K V, X- Q+ o- S* t6 A
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
% }" X/ i; h# Q( r00403377 8BD8 mov ebx,eax ; EAX送EBX, ~# h! S% S. f* c! I: H
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
0 r- }& f- _+ r' U0040337D 83C4 04 add esp,47 |) f, ~# O" F
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10] R( o0 N* P8 Z+ z! H
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]3 V+ U$ }: k8 N: f9 z5 a8 ?
00403387 50 push eax
( W V# |/ P1 X: m0 Z00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX7 f+ v: S. E% g' D9 U0 V! v" l
0040338D 50 push eax8 F M4 P/ r( Y$ M+ z
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX- {5 b6 h9 n' I T2 _1 D0 w
00403393 83C4 04 add esp,4
, X6 J6 G- V$ o6 a4 w; ]9 V& {00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 C$ @9 m2 Q3 ^5 y- y6 a
0040339A 8BE8 mov ebp,eax ; EAX送EBP
+ `% `. _! ~' b# W! s; S0040339C 6A FF push -1
e. ?2 B2 X1 L+ k& O7 T0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
3 ^7 \. I4 M( ^+ D s. B004033A3 6A FF push -1$ W# K- J4 a+ ~0 m( I1 h; F0 s2 J
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
0 O. l3 u p/ u& s- G# L9 T004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX. U% Z/ `+ ?/ |* ]/ r% a
004033AE 6A FF push -14 H) ~: b3 I3 H7 F( ?
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
, E( ?( Y- p; D' x% |004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX, q3 T& T+ h- S; j; }2 U& }; q! P
004033B9 6A FF push -1' p+ G/ A; w; t) L
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
# v+ Z) i5 X3 r004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
+ Q9 m3 z u* X' e+ ?+ x3 E004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
/ e# ]1 S+ x' i7 j$ J! L9 |0 O3 I004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX1 ~0 n1 N% z1 s3 O. s5 v t
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: w0 a1 F" z# m9 g0 } p @
004033D7 D1E0 shl eax,1 ; EAX左移1位 i( Q. q4 e- Q g+ f
004033D9 99 cdq ; EAX扩展
' E/ q; q4 a3 _0 t004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中; E! Q, w$ F* w' v1 k7 J
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
. h9 B+ J7 a$ @004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)2 R0 w3 o4 b9 q4 W
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
8 o. ^9 U! i8 A& C h7 \004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]% z2 E k' K9 k. x9 Q& Q
004033E9 EB 2D jmp short qsr.00403418; ~1 s$ x w3 T9 e/ R1 D, H
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX! C$ ?' e4 {( K# S' P
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
. l7 i" {7 Y2 G( Y* s% j004033F7 99 cdq ; EBX扩展6 K8 l- d8 H! K
004033F8 33C2 xor eax,edx ; EAX和EDX取异或: ^/ F' z. a$ y: d' ?9 W% c, Y
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX/ s4 k, j/ A' R+ V
004033FF 2BC2 sub eax,edx ; EAX减去EDX
9 {. I# \3 u% b/ s& x7 D00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]5 f/ i' K( ?/ _. [1 n
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX5 E4 F& u" M% V/ d1 f# U
00403409 99 cdq
% V; B2 ]; ~6 X) [# E8 l0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
! }& x' l7 |5 r1 `. W0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX, D% @3 F+ X. Z5 k9 d/ g
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较5 o- I& d# e& n9 P4 e. K8 H
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
, _" y! L3 ~) i* o' A00403418 E8 6EC00200 call qsr.0042F48B ;
! r* k% |, b5 s0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( E9 I; v& R- Y- q% k9 M00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9/ T( D. B- |! @& ]3 D
00403426 E8 60C00200 call qsr.0042F48B- c6 ~: A! i2 J% ~) \
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, P/ t: A( U* l- I; I. {: N0 v0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
2 w+ |+ R, p2 D; {00403434 E8 52C00200 call qsr.0042F48B% s) A& J$ q0 M) A. _
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]! W. L8 ?4 B2 o8 K" q# `
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],70 U f* `) p/ \" j* T
00403442 E8 44C00200 call qsr.0042F48B6 j5 ~( o: [! }& e8 @
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
; ?' J ?0 q! j% [9 O4 q0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],62 [$ V* v* O: o) z5 W+ I
00403450 E8 36C00200 call qsr.0042F48B
3 ^) t9 w4 L- \! p/ L00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
% U2 w+ O2 f9 |( w00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3: A0 g" j- Z0 Z/ v+ L+ [$ d K% [' M
0040345E E8 28C00200 call qsr.0042F48B
( z" Q% m, b( q! _6 |1 E00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]- K9 _* ?# q* \0 I% |9 F& p+ q
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2& Q( _6 b8 U" ^5 J' }( R. p
0040346C E8 1AC00200 call qsr.0042F48B6 Y& J/ Q, z' [. l K7 v
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]- a. s7 q( ~" n0 Y5 h3 [# K
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
. Y' a+ O3 Y1 W% V* r$ p0040347A E8 0CC00200 call qsr.0042F48B$ a) P9 u' A* u" V3 f: `
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 L% ~8 X) Z& u' d00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
. c a9 C; h$ ]' ?' P" m" Z00403488 E8 FEBF0200 call qsr.0042F48B
: ^6 H% U! }+ {, h) W, M0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
/ k' O2 l% q' ~- \" t: ~1 o) D00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-13 \+ e; z( e! Y$ _- Q# g3 c$ i% A( z
00403499 E8 EDBF0200 call qsr.0042F48B8 ^# F7 w$ z0 D z/ ?( L
0040349E 32C0 xor al,al ; AL清0' @/ F" }% H; K% h1 {; \
004034A0 E9 88000000 jmp qsr.0040352D+ M1 d6 e3 i( {. a! ~# T
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
+ |. L$ R- g' o9 f6 p! |004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) G# m* X3 Q4 X2 }& Z, g) v; J& W
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
) x+ r3 d+ a: H3 ^004034B3 E8 D3BF0200 call qsr.0042F48B
6 U1 S! V3 H7 e004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
( B% v" ]; i8 p" u; g004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
. A/ ?* \5 O1 v$ N004034C1 E8 C5BF0200 call qsr.0042F48B
: M( b* h6 P- }! B004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
9 \ p B, d+ u, n) i004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7/ |3 j6 D' |' [% @: f* m: ]0 A
004034CF E8 B7BF0200 call qsr.0042F48B
" D: @7 W; i) m2 W6 C004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24] }- S! i9 T+ Q, l( b
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6% y2 J4 _+ q& `7 ?
004034DD E8 A9BF0200 call qsr.0042F48B9 W/ Y! z, E [; A
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]3 {- v5 Y$ e7 e+ t8 O; V7 v3 y8 n
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3/ v7 f" m7 H) p' y6 s9 k
004034EB E8 9BBF0200 call qsr.0042F48B1 m4 ~7 e- Z. C6 @
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
# }# `9 s. N/ m- Q, H004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
; |5 l# K x9 o& m/ j% A2 [) u004034F9 E8 8DBF0200 call qsr.0042F48B
* \5 B4 L9 W3 p" E; T% Y004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]! C6 f$ J) k! P4 j; {
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
$ V( Y+ l% o; k. I, W# {00403507 E8 7FBF0200 call qsr.0042F48B
: x9 X6 T, G* _; C: j0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 _* _" `* Q* a- {00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0; `6 b4 w% R% \( O
00403515 E8 71BF0200 call qsr.0042F48B
7 L+ j: Z0 j+ I1 U. s0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
3 E" w! G7 C/ b7 r$ i! e$ I0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
) t& f+ M; U' J9 C9 @00403526 E8 60BF0200 call qsr.0042F48B
& u' A% I$ e% h0 N: C6 c1 a0040352B B0 01 mov al,1/ X4 L/ e& s8 C* }# }/ |
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
/ E3 s/ v( a; w: b. H! g00403531 5F pop edi* M7 a$ ~1 G2 i+ Z
00403532 5E pop esi* B7 t6 l- \# k1 w
00403533 5D pop ebp
$ V6 Q, Y E6 a: |/ l00403534 5B pop ebx B/ M5 J6 e0 Y h6 v- t
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
3 H; n1 f" f% v& ]8 ]1 z0040353C 83C4 30 add esp,30
, V+ {+ |/ V: X* H0040353F C2 0800 retn 83 ^2 a; A& f6 \& T* Q) m5 J0 y: G* G
--------------------------------------------------------------------------------: l; r; V q/ D
【破解总结】
6 k+ J- k$ ~8 H; M( ~( Z; h 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^( F$ X. b2 N y5 r- w [3 d- ^# u
用户名:yijun* y, V; R& m. Q2 w
注册码:4893*7777*3726*7777*0529
/ O* {' V( B5 }+ r6 K--------------------------------------------------------------------------------
. `7 Q- d" `" Y【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡