|
|
|
【原创】破解Quick Screen Recorder
& }! e" P J% |) ]9 }5 O U* F【破解作者】 yijun8 Z2 F% L" m4 @
【作者邮箱】 [email protected]" s8 ^' k5 D6 b
【使用工具】 OD,PEID
5 k1 K' O1 A" h3 t7 L【破解平台】 WinXP. U" B# w# N# S, }. Z
【软件名称】 Quick Screen Recorder9 r6 l [# P% u1 \
【下载地址】 天空. z* z7 j2 s/ S+ R
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
# y0 _; V1 K f3 d/ @【软件大小】 540K
$ _5 C; A3 ~0 S( \3 t; Y# V【加壳方式】 无0 L$ x# T9 l: l6 |2 z
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)& c& }; Y$ \1 U
--------------------------------------------------------------------------------+ A. `' v% k' L( K& b
【破解内容】! ?; i7 Z( A/ i
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:. V! L% U0 L! ` a
00404C69 55 push ebp //在此下断
* ?- [/ _$ ^) P! L( D# a: K1 }00404C6A 56 push esi; F( F T1 I. s6 _
00404C6B 57 push edi
/ ~# A, J0 Z6 w' N# v! u4 h00404C6C 8BE9 mov ebp,ecx
3 I0 E* ^, b) l1 B% S00404C6E 6A 01 push 15 ^! `' A' f7 P4 C7 p8 f
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
9 n( k* r0 ]8 \ I6 |: o$ \00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
" i- }' o8 |. P' z. U00404C78 8BCF mov ecx,edi
2 s, Q% V# v* K8 g- D; W: b00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
& A+ ]; G4 M7 Q" f& M$ K00404C7F 8BCF mov ecx,edi
+ R2 f) A/ n7 K4 q00404C81 E8 A73E0200 call qsr.00428B2D
- A4 `& V+ j9 Z00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
: g2 B* Q5 A) s1 D# }6 q' d00404C89 8BCE mov ecx,esi
) p# @. {6 C- g% ~0 O5 I00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
* s0 h/ `0 f+ c$ {, o% X00404C90 8BCE mov ecx,esi
% I7 V3 R! n$ G; z. i# M8 g00404C92 E8 963E0200 call qsr.00428B2D
: W6 Q) l; s9 o! s+ L00404C97 8B06 mov eax,dword ptr ds:[esi]
* ~7 V) ~5 J9 B; j$ i/ Z00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
& R; A9 J7 U+ e00404C9D 7D 26 jge short qsr.00404CC5
* H& N6 b; B: \! W! \2 [00404C9F 6A 40 push 40
) E, U9 o( m5 Q4 X00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"+ [6 Q2 n: K# U) _! q
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."5 u6 K2 D+ j! f
00404CAB 8BCD mov ecx,ebp
0 P) b$ b8 I* x, W8 W00404CAD E8 C3840200 call qsr.0042D175& W7 k3 W9 n9 W
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]( `1 F! R8 O: C1 }
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
: q( v. Q# e' U! Y; u5 L00404CBD 5F pop edi
( h8 d ?- c. v5 v/ S00404CBE 5E pop esi' C3 ~9 d+ ~) J. k
00404CBF 5D pop ebp( T: o' R8 A4 v( |+ x' E! C, R
00404CC0 5B pop ebx4 i! N4 ]6 q* w& O1 D- b( G' a$ s! o
00404CC1 83C4 18 add esp,183 |; r) Z: w/ P5 L1 x/ e2 G& }
00404CC4 C3 retn: E+ n+ O8 h; y3 r! V: B4 S6 K
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]8 c% | _8 W. o$ G" @4 [# ^
00404CC8 84C0 test al,al7 y$ Z: D1 s# z Y" A( A6 N' l$ q" S
00404CCA 0F85 1C010000 jnz qsr.00404DEC
$ b1 f1 m' P9 b- k# l' Z00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* Y/ {/ P2 P9 Z. y00404CD4 E8 87E3FFFF call qsr.00403060' z# n9 [3 R* G: s: `$ d
00404CD9 51 push ecx
: g$ K s" P; E7 \+ x00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],02 |8 m9 m$ u0 b: g
00404CE2 8BCC mov ecx,esp* y# f! \3 T5 _" k) r$ h
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp; C; h$ E$ f0 C7 t9 ~
00404CE8 56 push esi+ B5 O0 W( E1 W! m+ P; Z0 I
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0, A5 n& O' C+ U0 P8 p. f
00404CEE 51 push ecx
3 v N3 K& X) S4 j8 A0 M. ` k C" D4 X00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],13 \3 f) p) |! W
00404CF4 8BCC mov ecx,esp. A \- u; D$ U! ~5 _0 v% _
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
2 Z6 {3 C+ N, B: Z' s& C& z ]00404CFA 57 push edi
' k5 A' W7 e* R" i9 F5 I' p4 t00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是02 @0 o, ]5 O$ h7 i. d9 W
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 S( K" B- N$ h% M6 k% Y
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],07 ~5 a. M$ o/ {
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
# @' _% t' H" x6 Z1 t, ^$ b+ }( X* |1 i00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~8 K7 N5 ~) }) ?6 G. `
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
/ Y3 s n9 Q2 S% t) n00404D12 6A 40 push 40
@& p) b, n6 T. ]+ O00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
$ o/ b3 h+ S- h; X4 F% ^3 z' W00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
/ z7 c" g i% K00404D1E 8BCD mov ecx,ebp# o0 {3 V; K0 i. @5 Y' Z
00404D20 E8 50840200 call qsr.0042D175. z/ @! N. q: E& j) y+ w, ?
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" K5 J# W. ^+ o* `
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1) |6 E+ V7 n5 p) [( d* g9 ?
00404D31 E8 5AE3FFFF call qsr.004030906 O* m* o! m1 M; Q3 b, H
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]" U* X" c! E; ?5 v
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx% q2 ~, h5 I$ I- _' b* D
00404D41 5F pop edi% y) ?: M* d% s2 M2 U7 P
00404D42 5E pop esi( R( `2 k. E' @/ [+ N! Z! f
00404D43 5D pop ebp5 |& F( z$ c. |* Q
00404D44 5B pop ebx
, m5 q" H; Q7 u( z00404D45 83C4 18 add esp,18
9 ^8 I& r6 g/ l" ?. r4 ]00404D48 C3 retn
, N9 `: ]8 ?. N( p, ~% u& K*********************************************************************************************************************************************************: x& U; Q0 ]# Y( }+ a
跟进00404D09处CALL来到:
1 A- v' W& r v2 i, D004030A0 6A FF push -1 //一路F8下去~~~~$ ~) S. U- B" f9 u u/ j) d6 d* ?
004030A2 68 C88F4400 push qsr.00448FC8/ `3 L* Z! F9 u: r1 u. B
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
1 g! v) ]3 V5 e( h, O5 m7 {004030AD 50 push eax2 i# J: t. N8 b8 Y: x% `3 n
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
/ H9 m# @' k7 t004030B5 83EC 24 sub esp,24
% ?. \4 z1 F/ p4 n. E004030B8 53 push ebx
$ Q% j' N! Y5 L0 b: \5 h( N004030B9 55 push ebp
0 a3 x+ u [. {' T* q004030BA 56 push esi
* c( g- A& J5 w6 n" y9 }( f9 O004030BB 57 push edi
4 p0 W) G H" o7 D% L& H004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; f. h/ T0 D. \9 \2 x
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]& m8 z! D& W/ s8 e, f6 C, M, J- U
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1. m# ^- e% v, w2 v, [
004030CD E8 27C40200 call qsr.0042F4F9
; b( x; v3 c% D" U, h. q( m- Q) H: P004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
# B o6 a3 C3 [' x004030D7 894424 2C mov dword ptr ss:[esp+2C],eax9 G$ u% n5 h- F
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
3 g3 t/ l1 G! J8 O004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
4 q! l" I6 N1 X/ a/ e" J6 P1 Z004030E4 E8 905A0200 call qsr.00428B79
, ~" u7 R! q# N# |, ~2 P( W4 d004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]0 e8 H1 v- H% m2 `' i0 W) Y
004030ED E8 3B5A0200 call qsr.00428B2D+ D8 n9 A# f7 L5 N; `* W+ c+ `
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]' U% `/ i' G$ U. w3 H+ e. s: |: G
004030F6 E8 7E5A0200 call qsr.00428B79! ~) R |- W( T1 M" J& b0 f; I# h
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44], f& ~6 c _4 H+ c/ ]
004030FF E8 295A0200 call qsr.00428B2D6 v& B) ~9 y" N2 w! {
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
" f# e- F( E1 D+ b2 V! J00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]' h5 ]& Y" `/ U4 M F X
0040310B 83F8 02 cmp eax,2; r- V. o5 N+ f& M v" b
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
) r) b! P- e( }9 T00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
: f2 z" p0 h- R6 T d9 v00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
- I( t u8 b0 J! x, |1 r5 m0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳' ]+ f9 H) }- {5 I$ g
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]% {, l6 w3 n/ q1 o3 a- m2 d* T
00403126 6A 01 push 1& @2 S- j2 ]4 ]8 r# a6 K
00403128 50 push eax* M) i7 p' |: O5 b9 n: y
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 }( r. b$ J6 P8 }
0040312D E8 C4550200 call qsr.004286F6- [2 q0 N; f( W! X
00403132 8B00 mov eax,dword ptr ds:[eax]
2 _! e4 i" m* y' I M4 @00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
2 ^+ Q8 ?# D# H2 ^4 ~00403138 50 push eax
. _( U. @6 w/ N, d4 E% _8 m5 B00403139 C64424 40 04 mov byte ptr ss:[esp+40],4/ s! c: Z! Z) W; a5 W) z2 M9 V V
0040313E E8 4D560200 call qsr.00428790
( u3 T) d6 B3 d8 m( ` [. w00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 _5 U D: D0 p5 v8 ]/ n6 P
00403147 8BF0 mov esi,eax
/ X6 g2 d- G! i0 V) V' y# s00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3- B& }- B8 m9 E$ Z4 s
0040314E E8 38C30200 call qsr.0042F48B
Z2 d$ u3 [; X' m3 b. @2 D00403153 8D46 0A lea eax,dword ptr ds:[esi+A]
! G2 q. u1 m" {! i: G00403156 B9 3E000000 mov ecx,3E
$ j) d2 c8 \! C0040315B 99 cdq
" A. P. a% n0 c0040315C F7F9 idiv ecx) t9 n1 t; W% o9 ^. R
0040315E 6A 01 push 1
2 h1 m/ c! [0 F! b4 b00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
) d+ ?. Q$ |* u4 H4 I9 ~00403164 8BF2 mov esi,edx+ L( @# w" _% h( s
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]5 h; \: |4 B# y$ y, D
0040316A 52 push edx# ^! ~ `8 i" D8 {6 Z2 E
0040316B E8 0A550200 call qsr.0042867A* V1 j7 @1 K \* M- k
00403170 8B00 mov eax,dword ptr ds:[eax]
7 Y; `9 W: x) T' k% x00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]3 F# \& H9 o/ H: s: @! K
00403176 50 push eax
6 q; {* r! B& n; x00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
# x4 f! i5 w S* f* C0040317C E8 0F560200 call qsr.00428790! h! a+ {+ a* _* T
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 n A6 n, }7 p! w00403185 8BF8 mov edi,eax
5 f' G) Y/ x& z7 _5 h00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
; W! t" w0 L3 @0 \$ a2 t4 e0 d0040318C E8 FAC20200 call qsr.0042F48B( {# c# d/ P9 E: o. L0 J$ A
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
1 N% O9 i0 U3 L% @00403194 B9 3E000000 mov ecx,3E! s' C7 k- c3 u) j: m7 a) T* _
00403199 99 cdq8 N# C, [0 e e$ b# Y1 v
0040319A F7F9 idiv ecx
5 }5 G y$ P" x, y& x0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
4 W; L, D* o% ?3 e3 t004031A1 894424 28 mov dword ptr ss:[esp+28],eax5 `! K3 g# M$ r* b
004031A5 8BCA mov ecx,edx: j; c8 O% A; z, U
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
5 }0 [2 f# l2 e( ?4 K004031AB 894424 1C mov dword ptr ss:[esp+1C],eax( u. s; w7 ]- t) g
004031AF 894424 18 mov dword ptr ss:[esp+18],eax. N9 A f* R+ [6 z/ g$ T# g
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
# P8 Y, u+ n7 ]: p! J; z/ E7 e$ ]004031B7 894424 10 mov dword ptr ss:[esp+10],eax
7 ^+ D5 ]$ G+ c8 ~004031BB 8BC1 mov eax,ecx
9 Q' Q8 d% b/ k' O4 [$ p1 t* h; k2 o004031BD BF 0A000000 mov edi,0A8 p- v0 B, _& w- f
004031C2 99 cdq
8 e0 [' }% F n# t3 H004031C3 F7FF idiv edi
; O$ c) ?. _" S& ~7 S: W3 w004031C5 8BC1 mov eax,ecx( D4 Y* N( X3 L3 u- x/ I0 M
004031C7 B3 0B mov bl,0B
5 L9 W1 z9 l |8 f( w+ j004031C9 0FAFC1 imul eax,ecx! p' K+ |0 ^; i9 R- I& O3 _4 E
004031CC 8BCF mov ecx,edi
! Q* ]; }* u! O6 m; G6 Q004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl6 z2 B( R3 x% E) x/ s& G4 L* k
004031D2 52 push edx) K; _1 R$ a, D5 E) N3 N& x
004031D3 99 cdq
* I/ _6 q4 u; K3 I1 C# h! }- \004031D4 F7F9 idiv ecx
5 V* R0 D# o) ]004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]' i8 I: U8 y4 N: U. N# F7 `* J
004031DD 2BC6 sub eax,esi
- y4 r \! g3 |004031DF 52 push edx% w# U. t0 M7 J. b0 P- `
004031E0 99 cdq, y4 ^; G2 X0 X! ?
004031E1 F7F9 idiv ecx
: q( a4 l7 j: v9 m- o" f: `0 d& D! S' V+ ~004031E3 8BC6 mov eax,esi: ?8 p! F! i- }
004031E5 52 push edx
. ~- [; X% A+ C# z9 a004031E6 99 cdq! Q* v: d5 J2 \; z
004031E7 F7F9 idiv ecx) {% B3 H4 H4 }- C; q. R. H
004031E9 52 push edx
2 E* b) H6 u- e7 b004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
& E2 u7 q; h- A5 u- [ G* @& {+ e004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"* G3 M6 ~8 t$ S8 D" g% f. d
004031F3 52 push edx
1 \& T+ j+ R& q. f4 e( C B& h2 z004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
* k1 n2 I! |1 L: y3 h6 S6 t004031F9 83C4 18 add esp,18* m6 [$ O! g) [' z( n$ [7 S
004031FC 6A 04 push 4 C6 p: Y8 U! \/ V/ N. g' y
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]& H. s+ d8 z+ X
00403202 6A 00 push 0
' L- s$ A7 U$ V) e3 ]- t00403204 50 push eax
4 T, p- b {; c2 a0 t3 M/ _$ `# f6 g' n) _00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( a. {8 _8 Y. C* c, X00403209 E8 D6530200 call qsr.004285E4- \- L9 b T: w: s0 G6 i3 T
0040320E 50 push eax4 [" s- v. W. W) M' ]
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]2 b; N% O a" S+ W# f
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C! o! g& |7 V8 B- z7 ]; y7 H
00403218 E8 A7C30200 call qsr.0042F5C4
/ Q; C9 ^9 X& N+ C8 \; c9 {0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30], h' P' Z) K# E% n# b$ y
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl' B& n& p7 D4 B5 p% ^; l- V% W0 M
00403225 E8 61C20200 call qsr.0042F48B
4 `6 n2 K9 Y; v2 ], a0040322A 6A 04 push 4/ M- ~6 [0 n! |6 z- m1 E& i- C# [- r% F
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]; P+ }0 x' ?0 a5 l2 M; `6 o
00403230 6A 05 push 5
7 R5 V- N T- M9 y8 u% \00403232 51 push ecx
% U- O1 e2 d+ M' L5 l, y! G00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 G, S! j% O1 t3 U# j3 C4 {" M/ w00403237 E8 A8530200 call qsr.004285E4) ^7 @- D2 k, e! Y
0040323C 50 push eax T, P" o% }- ]/ R% |7 ^( M
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]# Y4 s/ K$ m$ ]4 ^6 F
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
: U0 L5 ]' u1 m8 A o+ j1 j00403246 E8 79C30200 call qsr.0042F5C4
: E& [5 w, {) J) n0 d0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
+ h6 D; L! Q0 B5 d5 \2 m, n0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl$ R% Q% s! o5 s3 V8 B/ T5 b1 W( M
00403253 E8 33C20200 call qsr.0042F48B
6 u+ X' t) Q, [00403258 6A 04 push 4
& f( P4 x, n7 W, `+ F0 w0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
3 U( t t/ i0 I. J3 H7 ]" }4 D0040325E 57 push edi
a$ @9 N1 {" C" P0040325F 52 push edx. D7 ^: W) r9 K4 ?
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]3 y& e; s- J0 E* W' S5 j+ C
00403264 E8 7B530200 call qsr.004285E41 n) l, l5 P4 |! ~8 O) _4 l
00403269 50 push eax* P |6 s& L! n- U* L, U$ b9 K
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]* k3 x3 t3 A9 H" P3 d- R9 N _
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
- P+ t: [; h( ?/ k" l' a' j5 e00403273 E8 4CC30200 call qsr.0042F5C4
, s" c! d% a1 n00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 k6 w9 t V* B3 z1 O5 `2 B
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl5 _! s, b. c# I: v& h
00403280 E8 06C20200 call qsr.0042F48B
+ W2 D7 I7 D" j00403285 6A 04 push 4
+ m5 B5 Z( H' @- M O9 s. W- y00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]0 Y) d& ?! F: Q3 j
0040328B 6A 0F push 0F
5 o. P# n' k# A, [7 E( ]% v' K2 T0040328D 50 push eax
/ l1 U& A7 V) H8 M$ O& g& t0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]# V1 v2 B4 ^6 S+ y& b) b9 K
00403292 E8 4D530200 call qsr.004285E4
3 s" `1 i7 G6 r# ]- C8 i00403297 50 push eax
% G/ U+ m& c( Y' l [0 I00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]: g7 i2 m% _, m, z$ g0 Q- x }" I
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F) S# l6 c! ^# h( i/ }5 O
004032A1 E8 1EC30200 call qsr.0042F5C4
4 K2 r9 @) t/ Z1 s+ U004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
r* S4 Y9 j% D8 K+ o; J2 _6 B004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
' [9 |3 H2 ?" _- E+ G; q004032AE E8 D8C10200 call qsr.0042F48B
0 u! E7 R$ q- ]6 |004032B3 6A 04 push 4# h, v- C/ w! A' c
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]( L1 K5 c6 ~% N
004032B9 6A 14 push 14 V! Z2 G, W c( A
004032BB 51 push ecx% Z% s2 y4 N& }0 d
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
9 W8 F7 @# R9 L7 j# ^: U9 U6 y004032C0 E8 1F530200 call qsr.004285E4- m; P3 p) ~) Q8 `7 g' t
004032C5 50 push eax
# C$ }4 e. D% r' m/ ^* o004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
# |. ~4 }7 F* y: B, d9 F. i& L004032CA C64424 40 10 mov byte ptr ss:[esp+40],10+ ^6 P. R! @% Z: E6 X
004032CF E8 F0C20200 call qsr.0042F5C4) h; k3 W8 g$ W4 ~; t" A
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" H% q# J; g. Z* X4 h004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl0 R, n0 N! w$ b$ R1 V6 S/ Z [8 P
004032DC E8 AAC10200 call qsr.0042F48B
2 D ^8 ^0 l' B+ L N F0 ?5 R004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI2 `/ }" s& S, r2 j. t! @
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX8 U! ]6 Y, h6 Z5 I; u: @% p0 e- [
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL; `; F# ?# I+ P$ |( k+ X
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL3 e, }/ e! z1 D' M+ C
004032ED 8ACA mov cl,dl ; DL送CL
9 g" \+ p4 |+ {! i8 u004032EF 3AD3 cmp dl,bl ; DL和BL比较
8 }! x8 i" e* }, `! ]6 d- T; f004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
- _* l6 f) @9 C( p& {004032F3 84C9 test cl,cl
* c" U0 g# X8 v, ], s6 p; H004032F5 74 16 je short qsr.0040330D
$ O9 N+ F6 Z$ R6 c3 \# i7 R004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
5 {4 }: ^& s" k. {0 a- V$ m004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL$ s# w" i& n3 n* ~* d( v1 [7 s
004032FD 8ACA mov cl,dl$ z% p( ^4 u. F7 N2 G7 i2 ~0 d
004032FF 3AD3 cmp dl,bl ; DL和BL比较4 {8 K9 v+ I% N) m/ P, X
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)5 E K3 n* r$ | ~0 o
00403303 83C0 02 add eax,2 ; EAX加2
: K6 O$ [1 i! C4 h- ^6 A" R+ |00403306 83C6 02 add esi,2 ; ESI加2
! W0 D, \; L2 _& V ^. j3 C00403309 84C9 test cl,cl
7 `( H' B( i' I# }0 p, {' m0040330B ^ 75 DC jnz short qsr.004032E9; L1 l' q" H' U# h c
0040330D 33C0 xor eax,eax; i) w$ ^$ s# g! n, t
0040330F EB 05 jmp short qsr.00403316
. ^- a+ i4 \/ k) `6 D1 I- m/ B00403311 1BC0 sbb eax,eax
, @6 y! l$ t6 I8 l/ F4 e7 \. {00403313 83D8 FF sbb eax,-1) @( V* e% x- ?3 g* p
00403316 85C0 test eax,eax. V/ x' a- V7 E0 M- A7 G
00403318 74 0E je short qsr.00403328& F- Y; p" p6 R S# o
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A) ^! H, [! `: ^0 Y) y+ P6 Q
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]3 q. @$ A P9 q2 v' _; Y* ^: Q3 n" M
00403323 E9 F0000000 jmp qsr.00403418
3 a K c$ |% N' R! b00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX R$ `* J, U/ u K3 c7 J* K
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]; N- J/ S- U3 G8 v. C
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]7 B) X6 Y: D2 h; @6 z8 E" X
00403333 50 push eax, g ]" S2 l/ Q0 B: x
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
% a7 G" z7 D8 H7 R8 o9 O( N00403339 50 push eax0 q6 ~9 b/ U: L0 J' Y7 J
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
- ~4 B* h; {. @3 Y9 z0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX# M* ?- l& ?4 \: f# g: B
00403343 83C4 04 add esp,4
+ J: u. S; B; l3 v- C8 Z00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI/ I. [! Z- Q$ K, O3 c: k
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]9 i. l+ F4 P R5 H# M! e7 n
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
4 t. z4 v2 }. R0040334F 50 push eax. H$ u% y: c4 B7 T
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX0 x" _% ]7 H: c' x4 N! `& v1 _
00403355 50 push eax
5 `- a. _+ ^6 K0 X0 B- y3 w00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX/ J. I+ F5 ?( r6 k7 p
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
) u b* b, l: h2 Z9 w0040335F 83C4 04 add esp,4 l: A1 A5 H- n( {8 I: [; E
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI/ H3 Q+ J9 v" Z: @3 x3 Z) X. s
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]5 S5 M+ X4 @& n! ~' v6 o
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8], o- L! X' Q1 z/ K: k" O
0040336B 50 push eax
d2 y8 z9 }) r: {/ d0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX B* U% ?. k3 Z! v* [( a F3 n
00403371 50 push eax* d6 \2 @9 g; v/ G
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX; M% k5 `' k, p3 g! \. S- r
00403377 8BD8 mov ebx,eax ; EAX送EBX/ F: D5 G8 r2 Z
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
3 z% `& g0 R1 L- [5 e0040337D 83C4 04 add esp,4
/ M, r e7 ^! ~- T& R9 P f00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
" N8 r9 p& T/ P+ l' q00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]& [" B* y q4 n1 @0 B! |
00403387 50 push eax
. N P. S$ Y3 j# ~. {+ ^$ J* Y00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX/ l- u9 f4 I4 Z! i4 c% F! a/ A
0040338D 50 push eax! t: s+ D; D! r9 k2 }
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
7 _+ D1 G4 f& x* Z00403393 83C4 04 add esp,4
5 S9 }8 F7 i8 }; Q5 ~: B* ?00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 b" F4 {5 D2 D0040339A 8BE8 mov ebp,eax ; EAX送EBP
$ H e; e) c2 w7 ?8 s2 m# ~+ P0 z% l0040339C 6A FF push -1
% j* }* ?; R8 Z5 T3 l: c, j: m/ P0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
M5 P" u5 k! b9 ^004033A3 6A FF push -1
& ^0 a+ n$ n9 H8 s2 W' Z. s% o004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
g3 ]# B- K9 Q004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX% {' W3 N) l( b* J3 D6 `; o
004033AE 6A FF push -1
# y$ T, R$ v: i004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
/ T* A7 ?$ g- W; _* Y- z6 ?004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
1 m% ]8 J5 F# |0 B004033B9 6A FF push -1( t2 h9 f3 ~. v% J
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX; |( z H' F2 t, o
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
% r$ g' {) T9 a3 {2 m8 y" [. u004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
% D1 c/ L5 c. c7 n' ]+ ~6 Y004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
. `. U: {& {: X* j( A- x( J004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: E+ t A1 T8 E, r2 u
004033D7 D1E0 shl eax,1 ; EAX左移1位
7 F) t2 w1 C) o P004033D9 99 cdq ; EAX扩展8 f" ]1 x) f5 m
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中% O c( q! s+ @( U
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较% g6 i! C; P1 k' S. g! W1 O/ Y
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
# v2 K2 @, y; g+ Z004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
) l' a; o) k' ]/ J, h2 T0 l004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
3 ~9 b3 `1 r; W& O4 U( p004033E9 EB 2D jmp short qsr.00403418
) q' n% A; m/ @004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX/ N& U: M1 w2 X. w* T# [" e
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E27 e2 q+ q" ~) d' x
004033F7 99 cdq ; EBX扩展/ Y W/ g/ b( V# |
004033F8 33C2 xor eax,edx ; EAX和EDX取异或/ u9 a/ t$ y( _$ v( g# a# V' A
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX/ e0 B1 z; b3 ~3 R
004033FF 2BC2 sub eax,edx ; EAX减去EDX/ w# e% w4 Z" g8 @9 J, D p1 ?
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]- r/ J' a% \0 j' R8 w
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX% C2 U3 G# ]0 L% i3 A+ Q6 e- @
00403409 99 cdq
$ O, b5 x2 K6 {$ W0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中3 u2 P# x: B) u9 c% n, ^/ ^% f( V
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
" A: U: N* y$ q. k) N o00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较/ S# ^2 y0 G, x
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)+ @ W; B( L+ u1 m9 I0 v2 t% a
00403418 E8 6EC00200 call qsr.0042F48B ;
5 x6 b, e% i& v- u: f0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
3 V9 e9 i5 {7 d b6 _6 t; ]# w$ q+ K00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9" Z) o2 A. V+ T3 z
00403426 E8 60C00200 call qsr.0042F48B
+ Z' y' `6 e- P$ U }$ Y2 @0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
# N% [- S' X9 Q Z2 C& o0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],83 N% u3 [8 ~* y/ |6 J! v
00403434 E8 52C00200 call qsr.0042F48B
3 A N2 m4 `+ x, b+ x00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
: Z, K& T+ T: o' u3 _+ w& F0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7( q& m9 w4 ^' D1 n p, P( a
00403442 E8 44C00200 call qsr.0042F48B
" T+ w! {: z5 Y5 m! j% H00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]% k/ b$ E# y' o' q+ O; V: O
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
" J+ T |7 d7 `00403450 E8 36C00200 call qsr.0042F48B; `% R! n* p" G) n2 _/ P
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]. i/ a& V3 T( ]: Q( h: O
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3$ m* U; X4 f$ }+ ~( @: c5 A& R0 C
0040345E E8 28C00200 call qsr.0042F48B
% O! z3 L, h D; N00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]/ n: Y3 Z: \) D0 j- U3 N" J) d
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2- v% l+ K( U: o/ N2 L0 S' k( N
0040346C E8 1AC00200 call qsr.0042F48B
, s0 Q% n$ Y0 F" f00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]. l% s: o: x1 b. c: I+ z) d
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
n4 a% U* m/ G2 t" B0040347A E8 0CC00200 call qsr.0042F48B
3 |3 ]7 h1 p# |) b/ n0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]: y! s5 l9 B6 T/ ?
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0) O" g0 n$ \) p) H6 T
00403488 E8 FEBF0200 call qsr.0042F48B- B# k: D( W+ y. @; s
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]8 d6 b9 Z4 o+ c- I6 u
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
. H3 ^9 h7 h5 h; V: {00403499 E8 EDBF0200 call qsr.0042F48B
$ p+ B# U! o/ a! e0040349E 32C0 xor al,al ; AL清0
1 m+ E* j7 K% p& i2 y3 {004034A0 E9 88000000 jmp qsr.0040352D
! D, ?0 }" a+ k" f, ~ u004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~# k3 j: r0 c+ d* Q4 D) e, D
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]8 q1 r8 }2 M; C6 Z
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9; U3 @' l' c& d$ R+ M3 ~* @
004034B3 E8 D3BF0200 call qsr.0042F48B8 D. _9 G5 E" Z' t0 l7 G, T
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18], _2 Y: f8 ^& u0 u- c
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8" X# [8 W7 m& B/ ~& f w
004034C1 E8 C5BF0200 call qsr.0042F48B& v6 `5 k) c5 Z( R" l. a
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]7 {5 P; e9 E* `9 K# q# O6 H4 b* ?* B
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],79 O/ J1 c8 l6 I* q! T' S0 G
004034CF E8 B7BF0200 call qsr.0042F48B! b( I6 E e0 t' l3 m5 }
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
2 I- k# _$ ~* U+ W' b% y, H5 N# _004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
) W3 w9 m; }- f, c5 ^" ^004034DD E8 A9BF0200 call qsr.0042F48B, F6 f/ c4 O( ?( |5 B4 M8 `0 @
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]* I; e) c2 j* g% M& K
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3, g1 w( U6 B6 K5 ^5 S: z) b, u9 P
004034EB E8 9BBF0200 call qsr.0042F48B$ ]' \9 K6 n4 q3 ?' v, n
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
) w1 `( g( B1 r6 @004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
& f: n2 j; D- }( i% o" x+ a" Y$ n004034F9 E8 8DBF0200 call qsr.0042F48B T$ |( s- n/ G7 D& V
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]- J, W( q& j. F3 d% A5 G0 O
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
" Y& F# r4 J; i8 ]: I( U' [ S00403507 E8 7FBF0200 call qsr.0042F48B
. D- \- [6 u. {; a+ Z* u0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
4 ?- C: V G- I. \/ Q( c00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0 I" s {* I* I* ]' G I! @) w3 u; p/ N' h
00403515 E8 71BF0200 call qsr.0042F48B
) v3 d5 o+ \- N/ g- W" x/ z( Y0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
6 J0 N& n+ h: A9 |( O+ Y4 `& X0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-12 p/ N7 l- l$ p# ^8 o1 m
00403526 E8 60BF0200 call qsr.0042F48B \4 w6 |' T. y. I
0040352B B0 01 mov al,1
1 p: c& H4 P2 S, M2 y& v0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
s! T7 ?" w v9 @* s+ x00403531 5F pop edi5 Q, O3 C. @7 S' h# q
00403532 5E pop esi% a. I5 |* A7 D
00403533 5D pop ebp
# y0 K; `: i1 H$ A. \00403534 5B pop ebx; R, d! H2 w3 [- y; f4 b
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
# J, i& v" i S x9 O% O. R7 d0040353C 83C4 30 add esp,30
- k5 Y$ s( j( |; P0040353F C2 0800 retn 8
2 u) V% r+ w6 x% V--------------------------------------------------------------------------------; V+ ~% {: K9 u" g
【破解总结】
3 @9 W9 N6 z+ p: Q. c 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
( L1 K+ d+ \3 I8 P/ Y- r$ s: {用户名:yijun
4 w( b4 N# ~5 X1 f( E# w5 {注册码:4893*7777*3726*7777*05295 M2 f0 u$ B: ]$ t# v" _+ F9 Q
--------------------------------------------------------------------------------
/ p/ I" I, u2 r: o【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡