|
|
|
【原创】破解Quick Screen Recorder5 h4 y% P+ m9 @% s, o/ {
【破解作者】 yijun
8 u& ?- Q- v3 k, N: j# ]( [【作者邮箱】 [email protected]- q( {: {6 ?8 {4 G8 I* q! t
【使用工具】 OD,PEID
/ A$ _2 m* D, k【破解平台】 WinXP
% f. v& F$ G8 K4 A+ x: A【软件名称】 Quick Screen Recorder
& _8 Y5 s6 R# z) U6 H& h' {0 ^& c【下载地址】 天空
0 ^3 l N1 e0 l4 d4 c, X5 I【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 5 z N" k0 Z, m/ B& k8 x
【软件大小】 540K
. s/ k3 G/ g0 n2 m; f【加壳方式】 无
7 A0 Y7 K0 q( x; l/ G【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)% ?& u& \7 r7 X1 b
--------------------------------------------------------------------------------. Y% A; P) Z6 A, A9 Q" t
【破解内容】
2 w4 b6 O- r6 E6 R" K$ d( x' c0 O PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
8 F3 h( K7 Q% m$ P00404C69 55 push ebp //在此下断
; A* |- O8 r# q/ _' c8 }0 }, E00404C6A 56 push esi
6 T, y# K7 B) I; C# C00404C6B 57 push edi" Z5 y* g" e3 ^3 `5 u
00404C6C 8BE9 mov ebp,ecx
0 g& t: L9 s& i00404C6E 6A 01 push 1
4 k: e5 {! @, X' X* \3 F4 C! _00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
. G" R1 t0 x, v% I" H, Q% H+ M00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
% v1 K/ ?6 F) Q, w7 }& S00404C78 8BCF mov ecx,edi
' b- t" K/ X" ]- B6 I00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
: |% p9 f( U& g: f4 i" n% e" h00404C7F 8BCF mov ecx,edi: [+ s- x' b& ~6 n) S8 {6 V. d
00404C81 E8 A73E0200 call qsr.00428B2D
( |- t! X/ P5 D" k( x7 R. a p00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]0 y: v1 P% ?' R. N0 i3 g2 E
00404C89 8BCE mov ecx,esi1 t5 [7 M$ \" y7 @* ^& Q2 p. ?8 @8 s
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
" R9 x$ U: x& t! b5 c$ M/ @( f* w00404C90 8BCE mov ecx,esi
[4 u$ t* F5 M9 c( l1 E f00404C92 E8 963E0200 call qsr.00428B2D$ \, e" K5 w& S* j. b7 R9 r0 }
00404C97 8B06 mov eax,dword ptr ds:[esi]3 P2 ^ c5 a* E: r; g* b6 E
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],26 V( G$ j3 i- z* u
00404C9D 7D 26 jge short qsr.00404CC5
! i; }- ^$ X- f ^% s00404C9F 6A 40 push 40
# f9 _; o+ X! Y00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
b! l6 O) Y' C7 c% T% w4 I00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
& a" o. D2 T f# D$ P8 L) m8 t00404CAB 8BCD mov ecx,ebp
& P' G" o" I& S00404CAD E8 C3840200 call qsr.0042D175- @9 h' t9 q! c8 M" H
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ^' R6 y# r3 c/ H1 ~
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
?" p4 F0 t& V' F) d4 n00404CBD 5F pop edi5 `" N" ~& ]4 i! B+ p: _0 B' q4 q; C
00404CBE 5E pop esi
2 ~* M" c4 W, L# F+ H6 W- b00404CBF 5D pop ebp, \+ W' _, n+ y. H5 k
00404CC0 5B pop ebx0 H- G0 O% ^( q
00404CC1 83C4 18 add esp,18' v1 [0 p, J* M
00404CC4 C3 retn. ]! Y/ U2 O8 F7 z; y9 r' x4 K
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]% {! C* C3 z) x
00404CC8 84C0 test al,al% Z. q: w, L, n0 N' ~) p+ d
00404CCA 0F85 1C010000 jnz qsr.00404DEC ^' ?/ U. s' L
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& a+ o7 Y9 o) Q0 h
00404CD4 E8 87E3FFFF call qsr.00403060
0 J5 {- T( e+ A: c& U8 x, W# v% q00404CD9 51 push ecx* l% y9 j7 t( G8 T- G
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0* y2 w1 w: I2 R% W
00404CE2 8BCC mov ecx,esp4 j: G* Q2 q! c, L8 L% e# W
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
$ T# X9 g+ F- N" F2 t- j00404CE8 56 push esi
2 n& N9 ]- A G, X- ?5 w00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
% [" Q/ M: _0 ]00404CEE 51 push ecx! j, r0 T W7 }* n4 `( T$ d2 [
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
) G; y6 Z# {; M1 z5 s5 K# ]- n; C00404CF4 8BCC mov ecx,esp
- K! ?9 X) J8 ^" l& C, z00404CF6 896424 20 mov dword ptr ss:[esp+20],esp- S. n( N4 x `4 t- |5 }) L
00404CFA 57 push edi
$ F9 X8 _5 i& H00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
/ V) X" i2 I# F: u# ?2 a) E( r2 q; z# ]00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]5 u, ~, J8 S0 Y, ?/ I+ l0 O* Q
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],00 X/ I6 g- C F: s& k, r0 T
00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~% N" a7 ` T4 F# d( I
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
. x+ X) s+ f1 K00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~- A1 L" @) x+ n) [ r; F" C
00404D12 6A 40 push 40) P0 f1 g, W% B p8 B
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
9 t& t: I6 u7 P8 }! F+ d6 y7 t00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again.") s: B% q: I4 G, x% U2 X: N
00404D1E 8BCD mov ecx,ebp
/ e- ~4 S5 M) N; R# c Y00404D20 E8 50840200 call qsr.0042D175
+ P/ O! F" X' |# N6 {# d7 k00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" [2 c# E3 n8 e T% s! v! L
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-19 l$ u" U' U9 l" c4 X, O6 P6 D& X5 M
00404D31 E8 5AE3FFFF call qsr.00403090
- @' B$ V% K- k00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]& G v, h7 w- p$ S+ ^& R" d
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx: _# u: t; _3 j+ c
00404D41 5F pop edi
: d O* @4 [( c! _0 @7 ^ y/ W00404D42 5E pop esi: b% I/ e; f& [& Y( G
00404D43 5D pop ebp
! W# n+ O/ C, `- d00404D44 5B pop ebx6 K2 ]+ q- d4 `8 q+ u
00404D45 83C4 18 add esp,18
: x5 b* d& L, l1 {4 F4 M- \7 |00404D48 C3 retn
& w! s5 J; g- d& K; X9 `8 H*********************************************************************************************************************************************************6 k: Q5 z: L4 A5 s( V
跟进00404D09处CALL来到:
# u! H M3 R* D' L" z. U1 A004030A0 6A FF push -1 //一路F8下去~~~~
" |( ~0 g8 w( N; _( f004030A2 68 C88F4400 push qsr.00448FC8" B$ Q6 V* H2 R9 i8 C0 C7 p L
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]) F( e) `" e8 A7 _$ x
004030AD 50 push eax
. Z4 h: M9 u: Q) X' S004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
: i _$ U# e& |* q4 f2 [004030B5 83EC 24 sub esp,24
% z. r( o2 ~* V" e y K004030B8 53 push ebx! x' O" P$ P% Z: \% e( f! K3 t7 g
004030B9 55 push ebp
% s' Y2 s$ [, p- m004030BA 56 push esi1 s1 d# ]' z3 G. V: m
004030BB 57 push edi5 B% e5 V: |0 |. K' n! x" e
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
+ E/ d5 N. h4 x% B/ J004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
* z9 K, a. A: p2 Q" w0 h* \7 B# D004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1+ |, |& G6 Z0 _$ R0 i& m
004030CD E8 27C40200 call qsr.0042F4F9
* e) C3 Z& y5 Z4 L- M- a- l) L004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]% F$ @8 g$ e, z9 {; d$ i4 {
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
) I4 O' n% `9 W2 Y! ~004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]- M! T& ?% k g) `7 `
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
- F% o: ~+ \& O8 q004030E4 E8 905A0200 call qsr.00428B79( T( F) q! P; N2 l, ]5 F% N! U
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
( T8 Z! ~! R: g0 h004030ED E8 3B5A0200 call qsr.00428B2D0 s7 c5 Y8 b& e6 Q+ H* F/ H
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
, ~0 R2 L. q/ `% s! |2 M004030F6 E8 7E5A0200 call qsr.00428B79 j2 n" q- I' t& x6 S9 r' \9 m
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]0 S4 W" B6 \/ N4 O
004030FF E8 295A0200 call qsr.00428B2D* V$ B" V% c+ W# Q( m6 s9 T
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]) {- Q" v' a% e1 i
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
/ c, A3 g9 ]. k/ Y0040310B 83F8 02 cmp eax,2- `. S: l9 }7 R- Y! m% w8 n
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
' G4 h# r- k, ?( d, F7 y00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]- R$ x. ^* N S* \* P( a; B( Z
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
( M) w5 C+ ]* Z# B* `! B: Q$ }0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳% }* F6 Z: ^! g. h3 q
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
+ F. m; S6 p/ F( S1 ?: l00403126 6A 01 push 1. v" ^3 r N8 k# C' z
00403128 50 push eax
) ?. o0 g. k% O2 [' o* H& q00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]# {3 {+ ~) f% |3 a" {* U) v7 k
0040312D E8 C4550200 call qsr.004286F6( m( f8 N) s3 G a, Q' e, T1 N% K
00403132 8B00 mov eax,dword ptr ds:[eax]4 q% ~% a- a7 g' Z* s5 n
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
+ v/ Z2 s% t$ g8 L, |00403138 50 push eax# G, `$ n( H4 B! I9 g/ t) ?) n9 x
00403139 C64424 40 04 mov byte ptr ss:[esp+40],47 Z6 i1 O( c# @, i
0040313E E8 4D560200 call qsr.00428790, t! ?/ j9 q0 t, I
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' N; e! {- ?6 A9 U% a' a
00403147 8BF0 mov esi,eax: u8 g+ d: u7 N
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3. E( }( b( C' s! l( a) W
0040314E E8 38C30200 call qsr.0042F48B' X, }, H, k! r
00403153 8D46 0A lea eax,dword ptr ds:[esi+A] I9 r) E7 Z$ x( G1 n$ [7 |
00403156 B9 3E000000 mov ecx,3E9 U2 j! V# _% e, r, m' p* ^: g: ]
0040315B 99 cdq, P1 h7 B" l) ]( P
0040315C F7F9 idiv ecx- m% {1 @6 A; h( d6 q
0040315E 6A 01 push 1
- s$ I' j# p5 a00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]- T" r6 u) e' [- p) d
00403164 8BF2 mov esi,edx
9 I) E F. o3 ^& G+ L5 h: Y+ ^% B9 o- D00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
9 L) Y S3 i N8 a6 a0040316A 52 push edx
9 {8 e5 g% Y4 E: J/ t& h) n/ i0040316B E8 0A550200 call qsr.0042867A
) j9 z" ^- N0 s2 p00403170 8B00 mov eax,dword ptr ds:[eax]
% T2 m5 f! I: a- [, L' D00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' s) x3 E# o) U" O/ X1 o: A
00403176 50 push eax
, |, d9 n+ k# g! c5 A. k* J6 n% R00403177 C64424 40 05 mov byte ptr ss:[esp+40],5$ f2 u9 m% ?, l% q9 i
0040317C E8 0F560200 call qsr.004287904 `- W* f" u* T
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 P! F' y6 z) M; x- L' ?/ N" T00403185 8BF8 mov edi,eax, |! @0 g5 v# J
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],35 i9 o9 U" r% C
0040318C E8 FAC20200 call qsr.0042F48B8 I$ x5 d3 p- t. k4 \/ u* {
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
; `. X0 y( N5 K( u7 Z) i! B00403194 B9 3E000000 mov ecx,3E3 T: P& v8 t) \ t
00403199 99 cdq
1 M' S3 X: z" B0040319A F7F9 idiv ecx" ?: @" c7 E0 s7 y& c8 U
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]& j( ~( C) b) n$ _- C( x0 n& t7 L
004031A1 894424 28 mov dword ptr ss:[esp+28],eax3 b+ O9 S( o4 t
004031A5 8BCA mov ecx,edx
) n9 ~" J1 v+ R9 r. n, d2 O004031A7 894424 24 mov dword ptr ss:[esp+24],eax* q; G4 d9 \. N0 |5 T) ?
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax0 n1 P K. G$ S& h, {! r
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
; m, N; X3 ]5 A" L004031B3 894424 14 mov dword ptr ss:[esp+14],eax/ K _7 |( C. w7 ?
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
$ _( A2 W; g! ]. b+ x004031BB 8BC1 mov eax,ecx6 i0 E( X' m7 w
004031BD BF 0A000000 mov edi,0A
; Z! f* G' F+ J- ^& G004031C2 99 cdq
# A0 M! w6 A0 w; j& u) R004031C3 F7FF idiv edi5 C9 [/ l3 f8 u6 ]# E& ^
004031C5 8BC1 mov eax,ecx
- Z+ m( N @5 j4 |004031C7 B3 0B mov bl,0B
3 z$ k% H7 n P" f- ]' y004031C9 0FAFC1 imul eax,ecx+ R: y8 D+ {% H; T- J- Y" O) j
004031CC 8BCF mov ecx,edi
4 }! W1 z) Q! E/ h004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl3 w" t' }9 z- ?) k9 Q- y
004031D2 52 push edx$ O9 r1 t6 b: o* Z* E' l
004031D3 99 cdq
2 R- V9 `! B3 _5 M) A004031D4 F7F9 idiv ecx! B: B- Z/ N2 Z% \; k7 ?
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
2 N8 b) Y( J& q, p004031DD 2BC6 sub eax,esi6 K' ?* P7 y% k: X
004031DF 52 push edx+ G) t; \) {1 g- G" J0 r+ t2 Z* X
004031E0 99 cdq
4 ~0 J# \! J( @' O. |9 F4 U( J004031E1 F7F9 idiv ecx
9 d& b* g* S0 E3 o7 x004031E3 8BC6 mov eax,esi
( X$ ^" l& k3 K1 i6 J7 O7 @004031E5 52 push edx
* Y% x2 a, ]! I. E g; D004031E6 99 cdq
, h5 m/ ^1 `. m# n9 J" s- e( v004031E7 F7F9 idiv ecx
# I1 j; ?, {' C5 V* d004031E9 52 push edx
! u; W8 W4 q& C004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
+ x- @# e3 x* |) e- p; |004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"% ]5 \: e" _; O+ U* j4 H9 P7 w
004031F3 52 push edx
o- F0 G) p' d: \" A8 u1 w3 o004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48935 I# [: [; O! @4 m6 s: x
004031F9 83C4 18 add esp,18& f. p, x) u4 g! l
004031FC 6A 04 push 4! q# I! n/ ^! D! z+ p4 p' t
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
: _! j* f0 K6 y: ?00403202 6A 00 push 0: v3 i6 l+ B- c/ B/ e* h# y
00403204 50 push eax
, \( n( o7 ~' k; X6 ]) G4 ]1 r00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
( Y/ m1 D% |6 `- R' i; }1 l00403209 E8 D6530200 call qsr.004285E4- [. ~/ f9 l" ^) z. s* h
0040320E 50 push eax
$ e4 }3 u# I: H# |' C( T0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& x+ G) P8 ]. }00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
9 |, ^* } t: G6 I00403218 E8 A7C30200 call qsr.0042F5C4
* B) \' v; f' a& t! Q: G0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]* t" N( y+ t, s- f+ K. q! G6 d9 V
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl% Z7 {# m9 r8 d# R W9 u
00403225 E8 61C20200 call qsr.0042F48B
+ m) t9 n; u; `$ X0040322A 6A 04 push 44 o5 r) K4 f% A* ^/ F) }
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
) c' b* g+ C6 g! U" f1 K00403230 6A 05 push 5* h" n5 c; G$ t! g3 K5 \
00403232 51 push ecx
( x* z& t9 s( v8 ]4 X- k' o7 N00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! H* K7 d/ j F9 B% |00403237 E8 A8530200 call qsr.004285E4
) w7 J0 s$ I. k6 g; O. d, z& p$ W0040323C 50 push eax8 X8 s; x2 h! s7 l- m( J
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" O6 g8 E# h v6 g# Z0 V00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D/ F$ J. f9 A0 ]6 y
00403246 E8 79C30200 call qsr.0042F5C46 G. J9 `- m* @# [1 g
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
: E9 z: i6 W2 P( A: O% _0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl9 {9 `' Q5 v e; ?$ G- ]
00403253 E8 33C20200 call qsr.0042F48B4 Y) D/ `- d1 g. ]8 i4 K
00403258 6A 04 push 4
: u" I( z- ]( H, n0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
H$ G% c8 b( t# u, n+ C( Y( Z0040325E 57 push edi
* A6 h' ~* o' Q* ? d+ e4 G8 }0040325F 52 push edx
* x) W! A: M, y+ Q" ]+ W00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: G8 D" y- H p, m; q: i' t8 u- _
00403264 E8 7B530200 call qsr.004285E4
& `& W& J4 p# |00403269 50 push eax) X: K8 h* I; B
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
: ?5 b7 B" S/ ]! ^. x2 \7 \0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
* C5 B" T: i" P00403273 E8 4CC30200 call qsr.0042F5C4# P- r" ~; U5 }7 g
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
* m5 k$ S% K9 u+ J# E* _$ \9 n0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
( n7 {5 C/ v# c00403280 E8 06C20200 call qsr.0042F48B
* q3 A, a6 L% B00403285 6A 04 push 4
0 c1 t$ W# W4 S. A00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ D% G1 a- `, W* A- }' p! t; l0040328B 6A 0F push 0F
( h% u- h- _- U& d: u0040328D 50 push eax
7 D2 _! M/ i- I) ^7 l0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
4 a; T7 t( n' x1 c/ F% Z1 u00403292 E8 4D530200 call qsr.004285E4
5 |: J% z0 ^, C Y0 }) v* b00403297 50 push eax
8 S' B5 _# z, D4 f00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]/ V; A, Q5 ?3 P% D! r
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F+ J7 [& [* ?$ A3 P, P o6 a H
004032A1 E8 1EC30200 call qsr.0042F5C4, L1 p% a9 U+ ?+ D% R( ]+ I% _
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 f- C, S& g( a* ^004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
8 k1 f" l: t5 X* d4 P004032AE E8 D8C10200 call qsr.0042F48B+ y1 w5 K7 j% f2 g' [0 W! x
004032B3 6A 04 push 4' j9 H: r" `/ ]* C4 ^& y a
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]! h5 @' M* Z% i: S6 \
004032B9 6A 14 push 148 q- Z6 X) t$ m5 p$ k) `8 e# `! {1 a
004032BB 51 push ecx
# E# D* M' I* e& L. B9 O004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]- k% l/ u2 n& Z, o7 L% ^* p
004032C0 E8 1F530200 call qsr.004285E4
" _' Y# |) {0 \004032C5 50 push eax
' H; K9 }! `$ G8 N/ ]004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& g7 Y- B* {0 _% c
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
* W9 H9 V' A+ V9 A* ~004032CF E8 F0C20200 call qsr.0042F5C4
; T1 w/ H8 Q5 l; q* D004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 c$ ]" V; N. A! ]004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
1 ^. }! T! B9 H. i" W004032DC E8 AAC10200 call qsr.0042F48B' c% U& Y1 `* Y
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI4 H0 M) `% V$ \2 W+ ^' \" `. y
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
( e( M M$ _) V& E004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
; n' G {4 \$ }* N; U& Z- {004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL7 U, d3 J2 K. R7 W4 q& q
004032ED 8ACA mov cl,dl ; DL送CL
1 Y3 y( J- s* e) B$ C# y, E004032EF 3AD3 cmp dl,bl ; DL和BL比较
( ~' o7 a+ ]' Z0 J004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
& t: I0 \. e9 r# X \9 g8 L% K! P6 v004032F3 84C9 test cl,cl& {, ]# e/ t! P# m) K, B3 y7 z
004032F5 74 16 je short qsr.0040330D3 l% O: }( l, A$ }; H6 A1 N
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL- T. @, C4 l" O/ }
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
1 D/ C9 C( `* |& ^2 u7 \0 e2 d; Q004032FD 8ACA mov cl,dl
& D- \+ l5 C# [, e004032FF 3AD3 cmp dl,bl ; DL和BL比较5 a* ^ y4 T, E$ x; J7 d
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)0 t/ U" W6 O+ P' E4 f6 l( p7 t
00403303 83C0 02 add eax,2 ; EAX加2+ o7 E% N' N: s+ _
00403306 83C6 02 add esi,2 ; ESI加2* ]! q: }0 T- O! o' U+ d+ Z" t, K% ^
00403309 84C9 test cl,cl# f5 Z* R1 d8 n6 B/ w# A* m( I1 F
0040330B ^ 75 DC jnz short qsr.004032E9
! d% }+ o( o+ u, r i; m; {0 T0040330D 33C0 xor eax,eax
3 j; v1 a7 _7 R4 L2 K, J- ~* Z0040330F EB 05 jmp short qsr.004033168 T; t( W4 U4 i% M: \$ r1 Y6 [- X
00403311 1BC0 sbb eax,eax/ c& F- | _9 w2 M' z, u* p- |: c; t- n
00403313 83D8 FF sbb eax,-1
& P- a' ?4 E, X00403316 85C0 test eax,eax
/ h( b V) C" u, ]' ]00403318 74 0E je short qsr.00403328
$ K1 F$ }8 ^$ I3 d! F" g8 |4 y0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
, ^( }1 b* H- U0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 P, F V4 L. `# E' [# g00403323 E9 F0000000 jmp qsr.00403418
8 W' @1 b+ t4 I6 b3 |4 z/ l6 |' D00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
% S6 f: e+ Y# a6 S6 J6 B0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]; |. |! J+ q. U4 u& a
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]! N# H! Z5 ]% g+ v; O# Y6 M
00403333 50 push eax2 e, R, ]( t& }2 [. y. _$ i& V
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
! \. R& B! F/ @% |8 f9 k00403339 50 push eax" D, T% K g2 Q) s8 ]
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
" I# @- Q& X- G: i- R0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
- G9 R! K6 G* O: ~4 S00403343 83C4 04 add esp,4& u% J& w. {# J4 H; m6 z
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
, r$ `7 o" b. _1 o% M0 q00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]- N9 A+ I6 e6 `5 p/ A5 y7 a, x9 z
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]& \$ n# [1 e0 Z- V S
0040334F 50 push eax
6 h0 E3 F, q0 j2 z% c& p) L) J00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
5 `9 l+ {( [4 W% G00403355 50 push eax
( {$ c2 |$ g6 }00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX- V" O) t! l9 v( V6 ^$ O( z
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
8 D; y* U" z: m0040335F 83C4 04 add esp,4# K* s' H& t. w+ t
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
1 H' T) q5 I+ P% ?% \6 Y00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. Q B- C! C P! Y00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]& p. d' f+ |6 |; w0 L( [
0040336B 50 push eax, I/ T' ~5 i# V' h4 I8 ?7 [
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX, @7 F" @9 E! a+ U
00403371 50 push eax
/ s* c; x+ _6 p9 O# @( `' I! L00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
; H9 s& ?# \" s, e* P00403377 8BD8 mov ebx,eax ; EAX送EBX4 i* _9 ~9 `/ C6 p
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX1 |# M4 T" _. T: \# k4 x4 F/ H) T
0040337D 83C4 04 add esp,4
( F2 y! f& z8 f0 }: E% i* `' h00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
0 Q8 x; j+ Y+ D/ M& r* W3 {00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
" E: j1 V1 y0 M D00403387 50 push eax1 D- B/ V$ A {' i
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
1 Q$ j$ B4 l4 K a0040338D 50 push eax& P! \' Y" F- x- g' Q
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
# h% c$ m- z, ?( b: r5 e00403393 83C4 04 add esp,43 Z* l8 Y8 R5 D
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] M$ L6 f2 Y" r4 M7 b' B
0040339A 8BE8 mov ebp,eax ; EAX送EBP
0 n$ m9 `( f2 l D& k0040339C 6A FF push -1( X$ ~5 n* f. b) e# J; B6 J
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
, ~) \$ f0 F& a- u3 f$ A004033A3 6A FF push -1
' o) n* y+ l. p5 M3 Q$ \ y004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
( W) z2 ~2 k5 a# n! V: ~004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
$ l1 d& p8 `/ I5 u/ |# j004033AE 6A FF push -1
X& I5 }/ M7 }5 G004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX$ K" h5 _2 [" L( \' I7 |" ?- @5 s
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX* o: f u3 G+ R
004033B9 6A FF push -1. z. d/ J3 Y! Z8 b/ t8 q
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX( f! Z( `2 D1 E+ U) o) ?0 ~
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
) \7 R' n% j$ h$ V004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX6 R" S$ h8 @1 L, z N1 Z
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
, G2 s; f$ `- r004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
: c1 L7 B6 a/ t( s3 v1 R004033D7 D1E0 shl eax,1 ; EAX左移1位
8 S6 v. |9 v. l9 h E7 ^/ T8 W004033D9 99 cdq ; EAX扩展0 d* k$ G6 @* Y+ ~1 ]" L+ C5 U
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中( S1 A# s9 p$ x
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较1 _8 t' }# u% ^6 A, a2 r- _5 `
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)0 _, p% K B' ]3 K
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
& E5 R9 X* L; Y! L( x+ A004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
j4 C* k$ z l/ Q0 p004033E9 EB 2D jmp short qsr.00403418 Z+ X* }) B2 ?3 Q
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
0 `* \& i3 H0 s- Q004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2, s3 {3 v9 z$ T5 B. m
004033F7 99 cdq ; EBX扩展
1 R6 D) D+ l, D004033F8 33C2 xor eax,edx ; EAX和EDX取异或
N$ @+ L# l/ X' X7 X1 L004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
3 Y: K" ^. k3 c004033FF 2BC2 sub eax,edx ; EAX减去EDX& d2 g+ c: J B, J
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
8 B5 |* M, s* B j00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
3 _! Y; L5 K( m5 \8 U1 ]7 n00403409 99 cdq P8 q) [: j( N) `- z
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中6 E+ n1 F! Y8 t5 G5 H4 e! Y
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
7 M/ W5 g% z' h) n6 n- Z00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
1 a9 v4 J3 M$ h& h& l4 G; Y+ z00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
5 o5 [# t2 ~7 n# P' X7 o& {4 v& E- G00403418 E8 6EC00200 call qsr.0042F48B ;
4 s( I. E$ @5 Y: T5 {. P" ~: S) w0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]1 |$ {0 h# u: h+ m& q% ]% ~, ~
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
7 t& }, _! Q6 z) [" g00403426 E8 60C00200 call qsr.0042F48B
# k6 @, H7 O/ h1 h& y4 C+ F& C0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]# G4 e/ [+ t5 v) K1 ~
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8: `5 I t. o( \7 ^& W3 Z
00403434 E8 52C00200 call qsr.0042F48B
% N Z1 z% ], q' P9 C! I00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] @- S2 q2 I [( m
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7. C7 v( W+ S! O9 ?
00403442 E8 44C00200 call qsr.0042F48B$ g6 f' g& G7 q7 c+ K
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]# V& T3 h9 r' ^" G% Z/ Y4 _" [! Q
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6* U4 z: w, k$ M. x% _
00403450 E8 36C00200 call qsr.0042F48B) l. F3 a7 W1 j7 k. c
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
4 R) ]3 I2 e3 e" D& G0 i7 i' Q00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],31 ]* H# e2 w2 `( _
0040345E E8 28C00200 call qsr.0042F48B8 t$ B9 b( ^& x; Z3 A: ?
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]7 M. B8 M8 e2 t8 Y; S' _
00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],24 ~6 q4 r, `5 i1 d4 v
0040346C E8 1AC00200 call qsr.0042F48B9 _ h0 B! h0 y3 q
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]8 x3 `! U% s9 S0 ^) _; U1 m1 T
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
2 v* [# w: ^- Q6 o0040347A E8 0CC00200 call qsr.0042F48B
r t$ ~+ ^# ?+ C! `, l# _0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]/ H7 j! o% W4 H4 O* ? t9 l
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
. B0 A: A. ~8 o; u4 k00403488 E8 FEBF0200 call qsr.0042F48B
8 K4 m4 ?4 g( s6 X4 b$ R) \0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
$ z5 _/ x& ]7 r* r$ C" Q00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
; h& d6 s' T/ m0 v8 G, C; V00403499 E8 EDBF0200 call qsr.0042F48B' Y" F, @0 j3 f6 |
0040349E 32C0 xor al,al ; AL清0, E9 j% c1 G; w
004034A0 E9 88000000 jmp qsr.0040352D
- E$ B2 H( [8 f8 I% m9 [004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~9 U. ^3 C1 w) V4 l, ^* d, C
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]' X. \8 Q, I5 X4 W8 F4 b; E
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
8 H2 C1 [0 ]( n1 Y004034B3 E8 D3BF0200 call qsr.0042F48B2 |. K) u# s% l q V/ L5 P/ u
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
( h( n% o; c2 U: W4 f004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8' p* _. ~/ I3 G! L
004034C1 E8 C5BF0200 call qsr.0042F48B6 c3 P8 g |2 @
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 T- P( h" {. d0 ?3 `0 \( L
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],71 X+ D8 C0 ^$ L5 y
004034CF E8 B7BF0200 call qsr.0042F48B6 A. o3 I8 y. c5 @& d
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]% U7 T' ~4 R- f: K$ V6 s/ Z
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
2 C4 `. `1 X! z: h# M) V004034DD E8 A9BF0200 call qsr.0042F48B: D( R8 p8 M2 n' K
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]: T8 g7 w6 p* a! r) o% R( `
004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
( E: B( a U% _3 N4 P* y' a l004034EB E8 9BBF0200 call qsr.0042F48B6 e5 L% E' p* d' d" Q0 d" o
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]* q4 i0 Z# I0 a8 B" z/ T7 y. A
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2: M7 H0 r+ {8 d7 t3 k+ c: x
004034F9 E8 8DBF0200 call qsr.0042F48B
6 k2 r. B* O/ m) @004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]2 w, @- g- \* X' s2 g8 e7 `7 X; y
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],17 \3 q" a/ [, f* x1 a
00403507 E8 7FBF0200 call qsr.0042F48B
+ {9 _7 i6 l* p% \! a0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]# d! f0 l; F+ g% v J' {
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
9 z0 O+ h+ O0 B: u: b) x00403515 E8 71BF0200 call qsr.0042F48B
/ c1 L; p$ O) i0 a0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]7 n9 v, J. N! r# h& O
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
, G8 T9 z6 V, X# v" f% S5 z( U00403526 E8 60BF0200 call qsr.0042F48B F! N9 D. {& i5 i) q' k
0040352B B0 01 mov al,1$ Z; e g, x( z% b" t0 ~3 e
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
5 d4 z# k {3 I+ U8 _) Q00403531 5F pop edi! u: V5 M/ e( X) p' P) o. A$ W
00403532 5E pop esi# u4 t8 r" }6 ]+ Z
00403533 5D pop ebp7 k( @' [' n7 k5 B0 n$ Y
00403534 5B pop ebx
& n) c8 l" V9 c, J00403535 64:890D 0000000>mov dword ptr fs:[0],ecx5 ^' W6 s9 B/ w
0040353C 83C4 30 add esp,30: e8 m8 [9 s4 c/ E M. N0 g k
0040353F C2 0800 retn 8
/ M; w0 V8 m% \% Q' i) Z--------------------------------------------------------------------------------3 x. h" k O, A
【破解总结】. {! M0 _- c) P8 z: a
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^2 N9 n; n, Q, L* {% u) m2 d* M5 x& ^
用户名:yijun8 F, O. w$ k+ e; y: w
注册码:4893*7777*3726*7777*0529
/ A# ]; C- O6 J) }* S7 \! n--------------------------------------------------------------------------------( f6 c% ]+ \( E! @. f( ^% h
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡