|
|
|
【原创】破解Quick Screen Recorder
2 R8 q8 O C, U0 O* H7 k【破解作者】 yijun
* E3 d6 p _3 P! E# G w( z【作者邮箱】 [email protected]
& B2 W3 K( O9 J& i& |【使用工具】 OD,PEID
8 e2 g3 f* {' B2 v3 V4 o- T【破解平台】 WinXP: E, N! C3 u3 d" M$ K( v+ w
【软件名称】 Quick Screen Recorder
! V/ @; N) R1 z1 o9 Z【下载地址】 天空
6 M' o/ z4 d0 x【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 5 @: ]) M; b2 b2 f j8 S
【软件大小】 540K
4 [$ V) a& U9 K% g【加壳方式】 无
R( E# D/ p% J, h+ ]" f# g/ G【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)% Z0 }' U! a) o4 h7 O( h( e V
--------------------------------------------------------------------------------
, R2 r* j, [1 ^ y- u' c【破解内容】
, N P2 D2 Y8 ^$ S0 d; c2 F PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
2 s% p& b5 F0 T! ~7 m: A00404C69 55 push ebp //在此下断0 d, Q! s w' D
00404C6A 56 push esi8 f0 U, j+ m' v, ?2 L3 G
00404C6B 57 push edi
' e) q, M* p) ]8 d3 U00404C6C 8BE9 mov ebp,ecx8 C2 e# R9 |2 p) k f
00404C6E 6A 01 push 1+ @4 e0 v7 U8 r0 l* ?* Z
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
9 E$ ?! L3 }! ?/ L- O00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]6 Y% s w7 k9 Y* w7 |
00404C78 8BCF mov ecx,edi- B M, L% @/ y8 k
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码) ?# {1 n% S8 `3 G3 B; s8 o" r, c
00404C7F 8BCF mov ecx,edi$ I/ N' X6 ]9 O+ l3 O; U* U$ E
00404C81 E8 A73E0200 call qsr.00428B2D
y* u9 Y6 [. e5 J ?: X. ~00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]0 Y' C$ Z% o9 o: ?7 ~+ d
00404C89 8BCE mov ecx,esi
5 e1 |% H- Q$ {00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX* r8 M9 H* _ e. w& G
00404C90 8BCE mov ecx,esi6 M+ v |8 |# Q% m) J
00404C92 E8 963E0200 call qsr.00428B2D
! a' g& F, ~ R* Y- N6 {00404C97 8B06 mov eax,dword ptr ds:[esi]
& U% G- H2 A3 n00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
" A( N6 a& ?1 R* Q) B/ a00404C9D 7D 26 jge short qsr.00404CC5
) w4 H( h7 n9 R- M00404C9F 6A 40 push 40
3 e. r& p" \" S# C$ i1 N/ I00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
# x3 i7 x( a- y9 Y00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."9 G0 d$ |( h- C8 W1 n: i
00404CAB 8BCD mov ecx,ebp
1 S& p9 ?! b3 T/ C00404CAD E8 C3840200 call qsr.0042D1751 _3 v! `4 B& w1 M
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]6 c x6 L- N8 D4 g! I/ C* H
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
4 i; r2 C9 R5 W+ m% |6 Z* M00404CBD 5F pop edi, w0 e y; E8 J( a5 N
00404CBE 5E pop esi% m9 l' a: ]1 W9 N/ E
00404CBF 5D pop ebp$ y( \8 X+ ^, m) ~( m7 N
00404CC0 5B pop ebx
# X. j# J" R! k9 Q9 i00404CC1 83C4 18 add esp,18
. x7 Q9 W% G6 b7 F% }1 D. p4 y! x00404CC4 C3 retn
% ~! ?5 a C& y00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]" X6 ? ^7 | Q* X7 C
00404CC8 84C0 test al,al& {3 d8 b- j0 n% r" J; H y& [
00404CCA 0F85 1C010000 jnz qsr.00404DEC; G- f. ~9 {5 `7 G
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
4 `: T2 l5 q3 B# Y00404CD4 E8 87E3FFFF call qsr.00403060" ?) M7 r+ m$ B3 A: @
00404CD9 51 push ecx
" Z! V, S' r' e- n$ ^9 A, `00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],08 W y' J& I3 F. E
00404CE2 8BCC mov ecx,esp# ?7 ~+ p# O/ u: s5 v
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp- b) s @% X4 D2 n7 Q: G1 u: o
00404CE8 56 push esi
! h i( k8 q1 P; b00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是01 @% e4 h9 h7 J1 g
00404CEE 51 push ecx
$ p- }6 r C7 Q# l3 M00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
Y: g, m* b& u; j8 |4 k00404CF4 8BCC mov ecx,esp
L) S/ v4 [& c1 g00404CF6 896424 20 mov dword ptr ss:[esp+20],esp- V. q9 D7 j- m# T3 M
00404CFA 57 push edi
0 t- Q9 E8 }0 ~) Y* a" w00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
7 A9 H2 B& D( H4 k8 h2 _6 F, y00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 b* e% L$ a0 I% M: ^) ]1 S" D" g% d00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
2 s& B: Q9 K8 G& B00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~ ?( R6 [: ?, ~9 L7 a( u
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
0 v' f, B B; u) t1 Y n7 ?00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~# E1 X, i) E* V3 t: c1 Y
00404D12 6A 40 push 40
: W% P6 n7 B: o00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"4 ~" c; F2 ?8 I) a
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
8 O' W/ d* F. r4 i; @00404D1E 8BCD mov ecx,ebp
$ w0 Z& l- V" p2 @# p- G9 S00404D20 E8 50840200 call qsr.0042D175# |# X* Z9 Y2 P7 ~- Z3 L' G
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]7 o: G0 M8 H9 W4 }( O, L/ B
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-15 G/ P9 V. G3 Q n' q; J+ O7 H1 U& P
00404D31 E8 5AE3FFFF call qsr.00403090
9 n! d7 b+ O( |$ l% c) V- o4 c6 L) ^: n$ g00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
( P4 `2 w, d9 [00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
! t4 G# u- X" a* j4 Q00404D41 5F pop edi# s/ P; f+ H/ r
00404D42 5E pop esi" G# E- ~7 l. ?2 _5 H6 l3 H
00404D43 5D pop ebp
3 N3 m2 w# x2 U: w- i00404D44 5B pop ebx( p8 C2 A5 c7 l& T
00404D45 83C4 18 add esp,18
/ D Q! I: S' |( C7 q( J" h+ n- ^00404D48 C3 retn8 P: r, w V7 b* j' x$ k
*********************************************************************************************************************************************************5 p- o3 N, L. ~2 ]9 f) X0 ~# L% s
跟进00404D09处CALL来到:
. J* z% p1 X# H+ Z9 l004030A0 6A FF push -1 //一路F8下去~~~~# \8 L: q0 |& H9 Y/ E* r" L
004030A2 68 C88F4400 push qsr.00448FC8; ]0 m D0 ^1 @
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
3 x& i9 u2 C, d: {! O004030AD 50 push eax
9 S Q' Z/ _9 N# G& h004030AE 64:8925 0000000>mov dword ptr fs:[0],esp, |" e; K" V6 v8 |7 R( |" D
004030B5 83EC 24 sub esp,24
: u$ N" h6 u# w; L9 ^" m7 h004030B8 53 push ebx
: j; [0 O% \6 G1 O% p, [004030B9 55 push ebp! O% L) ^8 t8 t/ P6 D9 k, ] ?
004030BA 56 push esi
" b2 h: y4 b( R! V* }# B) |004030BB 57 push edi6 K) ?$ T* o) T5 W! t0 Y
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
& y3 f; w$ _9 D, W' r& N004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]7 E- U1 w. D& c% q# Y
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
7 x# E; ^+ v0 m$ i) T" ?' s6 b004030CD E8 27C40200 call qsr.0042F4F9/ X$ ~8 I, Y( F/ C, Y% t
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]. ]# o ^! J8 v* ~
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax2 r$ Z% S8 M J2 w6 ^* ]
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]% S7 q `. ^8 `( M0 T( w3 `
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
4 h& N, ~# v- G5 h% C z004030E4 E8 905A0200 call qsr.00428B79
( V/ k8 \' O2 ^( g& P- o! z004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
* }; o% i& O$ t" [0 r+ J004030ED E8 3B5A0200 call qsr.00428B2D% ~# D* B, n% U- B% U1 B( s
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]/ K0 r7 i( [& p- B
004030F6 E8 7E5A0200 call qsr.00428B79+ T& A" t+ S: n2 D( l! j4 X
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]8 T7 ]' A; {# v/ \) d) k% s
004030FF E8 295A0200 call qsr.00428B2D
' O+ ~; A' \; G# N0 v3 w! L00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]% i* J$ ]1 N9 H8 I
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]7 @' T* f1 ? \7 Z6 k
0040310B 83F8 02 cmp eax,2
! L" R' _( R* n+ J, k- e0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
7 |- Y( i& y3 {7 }1 h6 w3 H, i00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
2 r! v$ l, v: w* x, y, \6 w00403118 837A F8 18 cmp dword ptr ds:[edx-8],181 y, n# I% P1 U. {6 d, M' R
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
7 @, i z- Y9 q! w; E- H4 q) @00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
0 V0 D _8 a( ]) D1 E00403126 6A 01 push 13 G/ S6 b. O: X9 y3 ~2 N
00403128 50 push eax
4 y' p% S& S" E6 G) n! s& d00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ D- C U( e8 c. E, \" H0040312D E8 C4550200 call qsr.004286F6
( g: _: X0 i- J% T4 C, F" o5 M" z5 c E00403132 8B00 mov eax,dword ptr ds:[eax]6 Y# Q& U6 Z' c& T3 @- y* k
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]+ T/ A4 ^4 D+ {, Y( w
00403138 50 push eax
: g' O2 d; K; A* r2 S: g00403139 C64424 40 04 mov byte ptr ss:[esp+40],4& j7 j% X1 C2 D1 L* O6 C
0040313E E8 4D560200 call qsr.00428790
6 ^. N0 p I+ ^8 `00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]- u. [, N; u6 ?7 B$ Y( B' e
00403147 8BF0 mov esi,eax
' ?& k) Q" C! D" |+ ~7 ]) z) B00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],33 d7 L0 }2 i8 v+ w" t, Y
0040314E E8 38C30200 call qsr.0042F48B7 H$ ~; N( U& m( s& W3 k
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]% p" v* @1 a, |- K* `
00403156 B9 3E000000 mov ecx,3E
( n9 _6 e% a& y5 w0 F% h0040315B 99 cdq
4 W9 g% u$ V( z4 q0 b6 T* x0040315C F7F9 idiv ecx- k, M) J6 U$ P
0040315E 6A 01 push 1& @2 U, W Q: B' O/ {( ~0 ^
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C], i0 X9 l7 D6 j+ X! |
00403164 8BF2 mov esi,edx) ]8 w. \/ a, x D! }
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
4 s! [ {9 T& M0040316A 52 push edx( a9 T9 k& z4 [ g9 I
0040316B E8 0A550200 call qsr.0042867A
0 {) d: f. }$ f/ a# a$ y00403170 8B00 mov eax,dword ptr ds:[eax]
* `6 T2 l/ g0 |8 L! G5 p8 V- y00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]8 o/ b/ }1 [6 v3 c. D
00403176 50 push eax
. G/ i( Y: G. K5 `00403177 C64424 40 05 mov byte ptr ss:[esp+40],5! c/ k- w0 N2 D1 A9 M* g
0040317C E8 0F560200 call qsr.00428790' o! H9 \; [/ I
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30], c2 i9 J; `+ a" v. `2 ^
00403185 8BF8 mov edi,eax
* U* R& k/ L0 s# Z6 M2 ?% m00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3. Y! Q# Y& l1 h# p, s
0040318C E8 FAC20200 call qsr.0042F48B! B7 I7 x. C0 F
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]( X# t' l- d3 y) U. Y
00403194 B9 3E000000 mov ecx,3E' l- c2 W& M5 `5 d$ T+ t ~" H( _1 R
00403199 99 cdq/ ^- A8 H9 ]6 J! W
0040319A F7F9 idiv ecx: X% M, H/ Y$ W: e0 u9 r/ B
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438], x" ]) B/ M6 E4 Q" W; q6 ^
004031A1 894424 28 mov dword ptr ss:[esp+28],eax# p/ F2 S; b3 i( `4 q2 S) u& U
004031A5 8BCA mov ecx,edx1 [5 O, K5 S" @
004031A7 894424 24 mov dword ptr ss:[esp+24],eax6 p/ `6 Z/ G" u3 U' s5 O
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
$ |8 r9 N: D \004031AF 894424 18 mov dword ptr ss:[esp+18],eax! B" M( ?, w y0 c% M" l& r, n
004031B3 894424 14 mov dword ptr ss:[esp+14],eax. X' I6 e6 d1 k
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
5 k$ Q! S6 F/ V6 r4 Q3 T8 a004031BB 8BC1 mov eax,ecx
% Y4 e# e- P' {004031BD BF 0A000000 mov edi,0A
8 n# o" I6 k8 v004031C2 99 cdq/ v2 B( } X( Y Y
004031C3 F7FF idiv edi
) x9 h* B2 [: v; F* B8 p! ^/ I: G! n& \$ \004031C5 8BC1 mov eax,ecx
* ]3 n3 n6 j P e. V& }004031C7 B3 0B mov bl,0B4 B+ s+ ^1 a# \& j1 i5 q
004031C9 0FAFC1 imul eax,ecx0 k' A m! w, E3 P$ S
004031CC 8BCF mov ecx,edi
$ r% i# j* N. \+ l% D004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
/ z0 e2 d9 J+ ^ ]" A004031D2 52 push edx6 s8 g- A- D, R/ y. Z
004031D3 99 cdq) A7 N0 |$ N0 Z" L
004031D4 F7F9 idiv ecx+ |6 y i: @; g
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
/ @, i& h2 h0 X0 W; w* t, w004031DD 2BC6 sub eax,esi' e0 q) p" e- u9 o
004031DF 52 push edx4 U. W2 o9 ` F. _ W
004031E0 99 cdq% z6 v! ^- b0 _: B5 B5 @
004031E1 F7F9 idiv ecx! ]% V" e- _5 g9 }$ r
004031E3 8BC6 mov eax,esi
' `/ [& ^9 a6 g3 F5 l% T# u: z004031E5 52 push edx
5 P+ D' v @2 M0 i9 e6 M3 U004031E6 99 cdq$ u" _. \ l/ w6 F
004031E7 F7F9 idiv ecx
7 s) D) t( j9 Q+ |' c) R004031E9 52 push edx1 i Y$ g3 ?6 z2 w9 q; B9 j
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]; y! p8 `$ ^( Q6 l" i% m% N; ]3 [
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"& @; t. _1 ?* |1 ` {4 H* x- C* D, i
004031F3 52 push edx' I3 Y( Y$ P- R# Z* L) y+ y, G/ O
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
4 O9 w0 h6 U" k. ?: @004031F9 83C4 18 add esp,18/ N. u. |9 h7 h1 y/ g
004031FC 6A 04 push 48 u6 g: N, C2 ^: V
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]! a& r' ^" [* J6 K% d& f1 c
00403202 6A 00 push 0: n0 L) x1 d" g7 j) T
00403204 50 push eax% c2 |+ d4 C, ?2 T. C; b
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
R) w) n1 u9 Y& O+ q7 M00403209 E8 D6530200 call qsr.004285E4) D8 z- \, w: n7 N; E
0040320E 50 push eax
) T$ ?, Q2 |7 A; R0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]4 p3 B; v- K" t# d- F k! O
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C) r5 A& G( s9 e8 f$ H
00403218 E8 A7C30200 call qsr.0042F5C4
' Y# }) W5 j4 c: M' v0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]( O; u* K9 X$ g# V p3 z! c
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
3 Q7 ~; c* w8 G |00403225 E8 61C20200 call qsr.0042F48B
- V: @& b: C+ d5 q) K; N X/ D0040322A 6A 04 push 4
- u0 d7 b0 d3 n2 K! e: x0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
2 `' ~* J4 C/ V y# S1 e4 J* L6 ^/ l00403230 6A 05 push 5* Y# B( j- n' a& O& O) h
00403232 51 push ecx, C- e. ?; Y: E% f! H& l6 i
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
; L, L1 Q" M$ Y, W8 p00403237 E8 A8530200 call qsr.004285E49 B* J) M8 B- c8 C/ n
0040323C 50 push eax; C& F! |8 p# t: u
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]( G6 T7 B+ {& a: T0 z) Y- e
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D1 d& C" z2 p# N( T |3 m
00403246 E8 79C30200 call qsr.0042F5C4
( Y3 p3 y) V/ W" S* o0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]. T6 p% q, E" |" {2 \6 g
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
4 D' M i/ p; W1 n8 H00403253 E8 33C20200 call qsr.0042F48B
' V5 Q5 J0 N( a3 a00403258 6A 04 push 4
$ l5 v A5 d: s; i+ M/ c/ v& f5 i7 e E0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
" e$ T* v) Z, J* z' j0040325E 57 push edi
- J+ Q8 f5 x/ C# \ h0040325F 52 push edx# U: `: g# Y3 [# {& m/ [
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 |) f, f+ v I4 D( d4 [
00403264 E8 7B530200 call qsr.004285E47 S j& d4 ^0 s* w. {: K1 \
00403269 50 push eax+ [% ? F& q- d1 n) X: G
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
% Q$ j/ n1 ^) l5 N2 w% d% T0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E* `2 R: Z2 ^2 i0 I, x
00403273 E8 4CC30200 call qsr.0042F5C4" R# P" o9 y# h
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]6 \7 t/ \" q8 I1 i
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl A! ]8 w: K9 Z" F
00403280 E8 06C20200 call qsr.0042F48B* p- M6 {. j+ T+ k1 u
00403285 6A 04 push 4
7 X/ {& X% ]0 y) p& |8 x$ s8 X/ @- p00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
& b0 l0 p) i( B7 i0040328B 6A 0F push 0F
* o- p+ S, \0 P5 t9 f: T" e# `0040328D 50 push eax
5 ?) T' j- ]0 c& H' N0 ^: S0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
# j- G' T- Y2 f8 G00403292 E8 4D530200 call qsr.004285E4
8 P- Q$ |; e. R* ^7 q00403297 50 push eax
! |# _# _* K" a. c, E N% _00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]. c) e& d$ C; Q) ]2 m* {' K% r
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
+ o I/ g: ^/ @/ m- i2 y2 r" w% y8 R004032A1 E8 1EC30200 call qsr.0042F5C4: v+ [( H' T. j1 V6 \
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
) \6 `, j5 S$ {: Y# p: A0 k6 @5 N004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
1 S( W/ t9 X! M" I! `. [* m004032AE E8 D8C10200 call qsr.0042F48B8 j5 X- L8 J, n5 e% ~! z
004032B3 6A 04 push 4
6 Q( a2 @. [* O) w9 B0 x% n004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
. V; U3 Z0 A) u4 x# t# f004032B9 6A 14 push 143 { V/ }1 _5 |* s
004032BB 51 push ecx
, \; G5 ^# ~" N7 y% H! c3 o004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]5 F* o& f2 |9 v
004032C0 E8 1F530200 call qsr.004285E4% @0 q) ?1 x. F4 e4 U% Z
004032C5 50 push eax
+ P7 j9 O2 U8 B9 [2 O E! q6 w004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 I) \9 T7 b- U) D& m004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
+ ~5 g, t0 x7 Z- p1 G( c0 P* z004032CF E8 F0C20200 call qsr.0042F5C4
1 C6 U. D8 e# ^0 [* \+ ]004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% X- `% `/ Q/ \( j6 {& h
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl* j+ k8 r4 J! c1 F4 k
004032DC E8 AAC10200 call qsr.0042F48B
: m$ o% u+ K4 \! u/ L004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
; m' |3 L+ [) ]9 q- Z+ t004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX" U! }) n4 _, N! R6 K
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL7 N7 c w0 \# o! J. w
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL9 g* K3 @9 o2 U
004032ED 8ACA mov cl,dl ; DL送CL
2 w6 \6 c) ^7 b6 F3 X0 @004032EF 3AD3 cmp dl,bl ; DL和BL比较$ H* A& S9 S4 b2 ^
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
0 r& z: B2 D8 `. E% S5 a; v004032F3 84C9 test cl,cl
' N; M3 ?6 u p& I004032F5 74 16 je short qsr.0040330D; n# f$ z4 ?, P8 h' g
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL2 N/ o @+ U2 n4 R: S& L5 n
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
2 }' _# F: n" ?8 h' f0 R004032FD 8ACA mov cl,dl
* e* ~1 K0 N+ x5 D) Z4 M- H" c+ n004032FF 3AD3 cmp dl,bl ; DL和BL比较
3 ~4 u9 g# Y. x7 x0 P x8 w. Q00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
9 X0 d: N* r4 C* l. N! ~ j0 u) q; L00403303 83C0 02 add eax,2 ; EAX加2) U/ t4 V9 S! e2 m, J6 u/ _
00403306 83C6 02 add esi,2 ; ESI加27 y( `/ j7 v& j$ ?# c
00403309 84C9 test cl,cl
0 Y' m, [9 K( ~( `/ ~0040330B ^ 75 DC jnz short qsr.004032E9
! J1 B9 i$ ~& ~8 A. x. |, D0040330D 33C0 xor eax,eax
1 ~6 t( }5 e, l$ b9 M9 p3 E4 Q; @$ x0040330F EB 05 jmp short qsr.00403316
; U( {5 g% L* v" u+ W00403311 1BC0 sbb eax,eax
9 V, u; F! d# t00403313 83D8 FF sbb eax,-1
$ N1 u3 M( Y6 B00403316 85C0 test eax,eax
1 T% ^1 x5 P+ t00403318 74 0E je short qsr.00403328
: @9 Z w) K' m. m$ _3 ~; ]$ i0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
% d3 F7 L/ w5 Q0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
) M% c# ~* t1 {3 i; B2 r7 `1 h2 V! J00403323 E9 F0000000 jmp qsr.00403418
5 U4 F+ m W7 h/ n00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
- l3 G! H* I4 O: y0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
( y& x" b, T8 M$ Q00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]8 R: C4 `+ p, B Z6 q5 u
00403333 50 push eax
+ C3 |. v6 x3 | j00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
3 N8 E w) I, ^9 i00403339 50 push eax
) S/ c% Y' q1 V) R4 K0 e0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
) K0 Y& ^ e) x0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
: } ~! d! V8 x# o- \9 a00403343 83C4 04 add esp,4+ F: ~+ N) k% F; Y5 ^
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI. R0 r6 p% g9 ^
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]; y" u9 z3 @- D, k- Q- ?6 T& @
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]" V% x | g' W
0040334F 50 push eax: E/ w- }6 g" `* G( |+ l' F# Z
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX# ~1 n2 Q1 g. s$ b v0 _7 w2 G/ l
00403355 50 push eax0 e- E5 c! s9 A/ J" H6 @! p7 w
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX' i. B6 n- D o+ a) s
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
0 O+ J+ E% H4 s% q0040335F 83C4 04 add esp,4
/ s$ X# ]0 n% k+ G00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI) \+ q3 ~$ y9 E4 I
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]) p8 x- W; Y1 G+ J+ x5 z! c0 m" i! f
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
( R2 C6 y1 a$ {) g1 y+ X! i6 f0040336B 50 push eax5 X& I4 D0 r5 W% v% Q8 T! d0 O, c
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
: M5 j; {# K* y, t9 b. @8 U00403371 50 push eax( g( {. h9 u3 B6 }2 w; |
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX0 y! H3 l7 d f
00403377 8BD8 mov ebx,eax ; EAX送EBX( h E; V- C7 r
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
+ y7 D5 @7 T3 I1 u" g9 |6 q0040337D 83C4 04 add esp,4 e; S" V3 D$ B# t
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]: e* L% b: |# D. w
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]' _: J( J- F# o- T" c5 l5 U
00403387 50 push eax
5 o; F6 }* N2 U* n8 h00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
; Z$ Z4 G3 U: f8 F- L! k0040338D 50 push eax
% J, m2 |* T# ]; z0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX. c8 @" D& `3 B$ A/ w3 n
00403393 83C4 04 add esp,4
( G1 g$ S* t7 A: K% K6 E# J00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
0 N) ?. K6 Z' [0040339A 8BE8 mov ebp,eax ; EAX送EBP
% Y$ I3 v/ j& B- q3 f0 C0040339C 6A FF push -1
8 e- b8 v4 ~$ V4 D9 W0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
: t, a+ B- e$ T8 B( c5 A) s004033A3 6A FF push -14 o% |7 l. a0 R
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX$ o' O) ^( j0 O2 q0 l& P, T5 s! s
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
% t! [1 ~9 x/ h8 a' {) @004033AE 6A FF push -1# E8 j- N5 V0 A! W8 c* d
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX9 p3 [: o; c: a( C. s" r9 r6 C
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX6 X9 g0 x, h! j# S
004033B9 6A FF push -1' l# Q! B. f" G+ U4 D( \: c
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
/ t8 C- j T! D4 I3 Q5 `004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
* U J. f" E$ V004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX6 x3 e0 C# J# L) z" h, h; ~
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
. w3 @5 G8 J" H004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
) R2 ?+ q+ M, w: X004033D7 D1E0 shl eax,1 ; EAX左移1位
! o) T/ E1 H7 X. B+ u, m) |- E2 y004033D9 99 cdq ; EAX扩展
9 g. U* L. J% L6 e004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
* S9 d& Q- n8 |7 [& S* f5 l004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
% [2 K4 b) }, v3 ]004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
8 r& b0 G+ N: D6 o5 I" u; q+ I004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
* x7 C6 Q5 h2 d6 C2 D& q/ `* ]1 c004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
6 \$ U8 o3 M9 w8 \$ L/ I' j, h004033E9 EB 2D jmp short qsr.00403418
" j3 S& [; q* g3 f8 {004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX. W, F$ h- h; H8 h2 x8 H. q- K
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
9 k! V) z/ K8 m% r) m, A004033F7 99 cdq ; EBX扩展
i. M9 ^7 J. P* R. u0 ?) V$ n* F004033F8 33C2 xor eax,edx ; EAX和EDX取异或) J2 r- P* t% L
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX4 ]( n- c8 _- L1 B {
004033FF 2BC2 sub eax,edx ; EAX减去EDX
' G8 W. V$ t; z00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]; K$ F% E6 `: I- N1 s* W* ~. n% U
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX5 o7 _ j9 ^8 ^! C
00403409 99 cdq
i( g4 n! K; D% n0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中- _' U$ y7 f I
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX `+ q" F- S5 o. \# Q/ L7 N
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较: @* X* m) S3 h1 g2 v' G
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
# m: H- c9 u4 }0 z! O& O5 G00403418 E8 6EC00200 call qsr.0042F48B ;
2 L" a% i& b. B. Y! S ]; R6 h7 T Z: r. l0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ ~ q' p/ }" R1 c# s$ A$ G* A) _2 S
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9( y7 G9 o$ _7 ^8 T' J
00403426 E8 60C00200 call qsr.0042F48B
, a' n* q( E* S8 G+ @0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ^: d+ k3 N; I( H# h. z. ~
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
/ p4 m7 @1 O O00403434 E8 52C00200 call qsr.0042F48B
, Z, s. X& T) `6 ^' n6 W7 D5 o3 G, n00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
6 y; }6 U( S9 Q r0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],73 Y, _5 r( G! f" w/ j% ?
00403442 E8 44C00200 call qsr.0042F48B
: v! X' b9 h# x00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
4 U5 c' f, U8 X# z7 F0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
D9 A! ]9 k7 A2 _8 @) W7 l7 s00403450 E8 36C00200 call qsr.0042F48B
6 C$ y4 E+ ]! W X3 T1 q/ b5 b5 v00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
3 j3 W; R& ~- n' m00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],30 D3 B' {8 J6 ^1 I0 V$ K
0040345E E8 28C00200 call qsr.0042F48B. `3 g/ z# T+ m! m& x. _- j+ g
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]8 x5 ?1 z- W# c4 |$ R
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],24 K7 [ x0 _, Z% J6 F8 O& ^
0040346C E8 1AC00200 call qsr.0042F48B2 v/ H9 h% D& S$ L# H1 c. H( l
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]; D2 Y) v4 K: Z2 B
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1; }! {8 X+ `( e. K9 h' c# }
0040347A E8 0CC00200 call qsr.0042F48B! G! P. ?3 U, X- a1 f9 r3 L, `
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]8 q# ~# z( \' H4 H2 a" R
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0' A% A3 O$ O0 j, H& z o
00403488 E8 FEBF0200 call qsr.0042F48B2 r/ r; S" K% r8 ]6 |- _* t0 L, T
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
- u* R7 m+ b4 ~2 t$ Q' I2 o h' e& Z00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) \ f! Z. C! P+ v+ E
00403499 E8 EDBF0200 call qsr.0042F48B
7 P, {; [, {# i: g0040349E 32C0 xor al,al ; AL清0
( A' E& H, l3 N8 }004034A0 E9 88000000 jmp qsr.0040352D* s( c. j0 L; S# x
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~7 U1 V2 u; H- c$ {) l
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( P; x7 C$ f9 A004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
$ O: y: f) b" `9 B7 y004034B3 E8 D3BF0200 call qsr.0042F48B
; O& |' o" k5 ?6 W) }004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, W* w& Q, }3 U4 a5 \% J004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
' T# t- R f* V* ~& J004034C1 E8 C5BF0200 call qsr.0042F48B0 _. n% i5 ^. X3 j# ^; F& U
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]. X4 [! @, e! `+ { @
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],75 d R1 ]1 P$ h. s3 Q
004034CF E8 B7BF0200 call qsr.0042F48B# a( h$ `1 e' m4 O0 A$ p
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
1 [% b% p" R g+ Y* o004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
1 i: s: O6 O% B! H, [( \1 y6 M+ R004034DD E8 A9BF0200 call qsr.0042F48B
7 [7 P1 p3 V: u% V; b004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
' G$ n7 r! x( `: v0 s004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3/ M+ [, w u* t3 V
004034EB E8 9BBF0200 call qsr.0042F48B
/ g) t3 K7 _% ~8 p3 a004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]) o) S( E, u( ]
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
. }. y: `2 Q- J" }3 Q0 Y004034F9 E8 8DBF0200 call qsr.0042F48B, C4 L- N+ s' x, D
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20], j0 L8 B3 d- \7 E: a/ A; }
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
$ x8 V0 y" C8 X00403507 E8 7FBF0200 call qsr.0042F48B
# D; d; F, c" G- j* h: u0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]( q/ ~# Y D ^: i8 C
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
) S( l1 y4 @1 I1 ~00403515 E8 71BF0200 call qsr.0042F48B
0 Y A1 T. Z: @9 H4 b1 C0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; G+ f; j( S1 f; E3 P
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1) O( ~. b# _$ l1 a0 D" m* O, i
00403526 E8 60BF0200 call qsr.0042F48B
+ q( F. T/ j) Q0 E# q8 t2 R0040352B B0 01 mov al,1
$ F/ W4 I/ Q) s4 N6 n& E0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]* j! z$ m, s$ {( B1 z
00403531 5F pop edi
, f" Y% n3 z3 b2 K/ `9 p00403532 5E pop esi, ]* A% H& J' Z1 |& W9 J; U5 z, ^
00403533 5D pop ebp" m& q: d3 r& o) B. m' U8 T
00403534 5B pop ebx
% k( _! b7 v+ m& S5 o6 \2 S9 r# M: Q00403535 64:890D 0000000>mov dword ptr fs:[0],ecx& _4 v! v6 ]1 q6 T
0040353C 83C4 30 add esp,302 J! x5 @4 i( O" a
0040353F C2 0800 retn 8
0 a7 h b8 X# Q, p2 o; `--------------------------------------------------------------------------------
! X/ q( R: H, p0 E4 B& i( S【破解总结】
; e4 {. m( j% { 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
( d' `1 X2 \" K用户名:yijun- f- E2 X# ~5 i3 g+ k/ a0 o
注册码:4893*7777*3726*7777*0529
) l$ |' B( o0 M2 d- K$ }2 A- e--------------------------------------------------------------------------------# h% r: I, j! x# q2 s6 H9 m
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡