|
|
|
【原创】破解Quick Screen Recorder
# ~. f! t1 l" r+ N. v/ G X. I【破解作者】 yijun5 c9 E, h% m. D
【作者邮箱】 [email protected]' g. `* @& h: O
【使用工具】 OD,PEID
3 r3 Z: k. n7 F+ A【破解平台】 WinXP
s9 M$ \3 W8 B6 L# u, L【软件名称】 Quick Screen Recorder
! g7 S+ Y. i. M【下载地址】 天空0 l9 b; P( w# Z4 W1 O, G- E, e$ ]
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
& O6 h. b/ g: V, @% b7 a$ S) y【软件大小】 540K
- w! e8 H( M" v【加壳方式】 无. n: G" Q* Q6 ]- i
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)+ ]8 M8 _* { A7 T' ^! \
--------------------------------------------------------------------------------
6 t: K+ C+ l8 e- o1 i' Z【破解内容】" c" k- a/ s3 P3 L, v1 H
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
$ m8 m! J( P) ]# w0 M' Z& c00404C69 55 push ebp //在此下断8 C. h" H, y. _7 n
00404C6A 56 push esi
, Y' E3 b7 ~2 W% I4 R3 d/ V Z00404C6B 57 push edi
9 p; d. G' T' S1 Q3 O; U00404C6C 8BE9 mov ebp,ecx$ k0 j0 C7 s8 R+ k$ K
00404C6E 6A 01 push 14 g* T5 p/ l# z. K' m: e
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名6 o( D+ h( ~7 F; x% [& h
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]4 [* ^' H/ c# D0 w0 l, I
00404C78 8BCF mov ecx,edi% s9 Z& @& G/ e1 |3 ?* U. M8 V$ ~
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码7 ]4 H6 l- A, r @; H, J
00404C7F 8BCF mov ecx,edi
" B- @3 u' L# C00404C81 E8 A73E0200 call qsr.00428B2D: N s' n4 V# [
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
, }5 ~6 g" q) G2 Y00404C89 8BCE mov ecx,esi
L# f9 E) ^9 v00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
& R% }% a# `2 Q: P: N/ q1 g00404C90 8BCE mov ecx,esi
+ g6 y, x6 m1 `$ C6 G00404C92 E8 963E0200 call qsr.00428B2D; D" l- U _% f: I+ |' B
00404C97 8B06 mov eax,dword ptr ds:[esi]
- P% B4 y8 p0 x5 I/ t" R: H, Z00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2$ @& \9 X% d0 v2 l* S; y
00404C9D 7D 26 jge short qsr.00404CC5
: ~( k# B+ R% l/ g! V00404C9F 6A 40 push 400 j) i- P4 ~' S
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
8 C: C. [7 f. a2 P+ x& ?00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."0 N0 w d0 f/ V( I4 B
00404CAB 8BCD mov ecx,ebp U& _, L% e* Y4 I G( P0 w2 ^
00404CAD E8 C3840200 call qsr.0042D175
% Y+ n( C- g, K5 T L: C, ]00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]$ M& Z3 I" B3 S0 A7 w
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
) N; Y% Z$ o8 G00404CBD 5F pop edi9 C' R, H+ m7 @' ~: x2 m5 k5 Y- d
00404CBE 5E pop esi* S _' ~3 I- k. T( y; ^4 O( B
00404CBF 5D pop ebp1 ^. v1 [7 k" i v* w
00404CC0 5B pop ebx# p* l8 [( S' T+ K
00404CC1 83C4 18 add esp,18
5 v$ I! [2 x* R% R00404CC4 C3 retn* Z, |: d" f2 T
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]8 v5 K- l! } {0 ^% M% E! g/ f( u
00404CC8 84C0 test al,al
( t% J% G. g! X. L" F/ \00404CCA 0F85 1C010000 jnz qsr.00404DEC* X o- U3 _- g0 `( \ a
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
$ T) l5 k* |7 `: L00404CD4 E8 87E3FFFF call qsr.004030602 X$ Y1 D! b9 j6 r i$ u- f
00404CD9 51 push ecx/ ^7 b5 Z! _3 q7 `# D9 D
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
. \& p4 v( C; [+ o00404CE2 8BCC mov ecx,esp! ~; H( l- d+ \ s4 \7 z4 \
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp# `( S* j( M `- K7 [0 \9 B1 C
00404CE8 56 push esi
6 m& M1 e. m6 A9 i( H00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0' K8 C) d- i' C1 B# E
00404CEE 51 push ecx$ ]' v. R2 D' p! |6 |) V9 G. W. J& A
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1% V0 |0 z7 P! F0 o5 T( d" s
00404CF4 8BCC mov ecx,esp, }8 m# o- @! t: x
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp1 i5 u( Q% o0 {& ^ H
00404CFA 57 push edi% {3 m) \* @. o2 F% p, Z( d. i2 E
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0# p7 V H& r2 V1 D
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]" ]% _1 p& S0 M9 L
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
8 K* x8 G3 P/ X- M& y00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~. X) U/ m& X$ w* T! s+ x
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
/ G! ^- i) c/ G1 [# ]4 a0 ?00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
7 u2 X5 v( |1 q1 J4 ^. i6 [00404D12 6A 40 push 40
! t4 P7 _1 Z/ B2 a. k2 D00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
- d$ y- M. M% y( g4 q {7 P& \7 Y00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
$ R- u$ p7 y2 q6 ~" t00404D1E 8BCD mov ecx,ebp' j: o5 Q8 a8 z% K. l0 M; |
00404D20 E8 50840200 call qsr.0042D175) t+ t D/ K: V" x! m
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]- s4 A \9 `% w1 `/ s- X5 N1 P
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
, B' x1 L3 A Q8 D' P00404D31 E8 5AE3FFFF call qsr.00403090
: t2 M$ C( r l7 u! b E0 o00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
: L4 c9 f1 x) L+ V$ E. J2 ?00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx5 ^, D7 Z7 Y5 W) U9 ^5 c8 ~& E
00404D41 5F pop edi
6 A8 h" ?9 L& a00404D42 5E pop esi
( V, Q! B& b2 G4 t% y) U2 _00404D43 5D pop ebp
% M- H8 I. q% G% ^7 z% {# `00404D44 5B pop ebx
% ]: e/ O' i' {( v% A9 ^$ d00404D45 83C4 18 add esp,186 i/ z$ x& _8 P5 W
00404D48 C3 retn: J4 x4 I( ~- m U$ H
*********************************************************************************************************************************************************
6 x1 N8 O+ ] d- v1 K k跟进00404D09处CALL来到:7 P& n/ U2 P( q5 N7 p% c# z
004030A0 6A FF push -1 //一路F8下去~~~~
! e' |9 g/ u4 f/ g; R' X004030A2 68 C88F4400 push qsr.00448FC8
0 }0 ^+ c8 W6 B% j1 { u" {" O( o004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
# k- s1 T7 _' P$ V2 @# E- s004030AD 50 push eax
# p3 ]% f; }: y3 f5 v$ ?004030AE 64:8925 0000000>mov dword ptr fs:[0],esp' _+ q {- a$ L+ G; y2 K
004030B5 83EC 24 sub esp,24
$ t; V7 P/ W' ^! O004030B8 53 push ebx- T( K; O5 ?" [7 }! V. k
004030B9 55 push ebp" g- u* C1 J6 s# }* m: f
004030BA 56 push esi0 e9 q; `5 I4 Y9 N! N
004030BB 57 push edi
" f& q( C4 B5 u+ L7 \ ^( G- f6 y004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"4 T% F5 `* _. B9 t9 K! P( L
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
4 L* v1 M s8 C004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],11 g/ L8 u/ i" C( d8 j+ o( f
004030CD E8 27C40200 call qsr.0042F4F9* a" T- i7 m: Z" k' z- Q; Q( m
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
# G4 h6 z% ]3 S004030D7 894424 2C mov dword ptr ss:[esp+2C],eax, n, o9 h5 y$ s% z6 S7 i. r4 m9 _
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
' g4 O% f$ g- T( }& h# \004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3: Y4 o6 l o2 E! F- c8 ~
004030E4 E8 905A0200 call qsr.00428B794 H J* s7 @6 Z+ j/ \( l/ k
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]8 O; h* f) K. k9 w( s8 C2 s
004030ED E8 3B5A0200 call qsr.00428B2D' F2 n# _$ r" Q% Y X
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 y5 E8 l' M" @- l( n" W004030F6 E8 7E5A0200 call qsr.00428B79
& {, W. ]/ @. g2 Z' t+ B0 @3 E u004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
3 M1 K5 D) }! I9 d1 f' o p" l004030FF E8 295A0200 call qsr.00428B2D
3 |4 T/ Q, X) \. r/ H00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
; U* {7 u; q3 G2 [00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
" T4 t4 ^2 T# A- f7 s$ S0040310B 83F8 02 cmp eax,2
4 c. g9 k3 V$ Y0 j7 j( C0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
; F% l( v m2 g1 w3 o {. \( t00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
* r, g: K8 S& E; I0 F7 ~! \7 q00403118 837A F8 18 cmp dword ptr ds:[edx-8],18; \" r+ w8 L3 Z4 G+ k
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
, c: p- t8 n% K; B00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
1 f9 Y; e t8 X1 v" p" Y* a00403126 6A 01 push 1
1 r' G7 t2 Z; l' }7 B S3 L00403128 50 push eax- q e$ J# u8 D7 `+ e4 W6 q+ b
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]3 N7 o/ Z1 ?7 }3 t' O
0040312D E8 C4550200 call qsr.004286F63 E6 t! {# M$ @- I. ]. q$ L4 s; L
00403132 8B00 mov eax,dword ptr ds:[eax]" Y& U( M1 f4 f) [8 r; v% \; `
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]! `# O% ?+ }! K$ q! ^ h
00403138 50 push eax
2 ?. ~0 o4 V1 r4 f5 B8 o& \00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
+ J3 [2 i9 k# U; u# O6 o; m s' u0 p0040313E E8 4D560200 call qsr.00428790
$ v! w" e0 T* z9 o+ W$ l00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 z; Q0 R7 b: w$ i4 o00403147 8BF0 mov esi,eax* D1 S# x3 I/ F; G0 P6 G0 j
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
) b( i! H# N& c2 x, W. }) V, K( e0040314E E8 38C30200 call qsr.0042F48B3 I) N8 [2 R. a' Q* r& d- x% ?: ~
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]' [" f- b& b: q" j2 a' Z1 c: D
00403156 B9 3E000000 mov ecx,3E
. ^, ~8 @- ~8 X! L& t9 o0040315B 99 cdq
3 ^4 H7 ~* s v" K4 w' {0 k1 \4 S0040315C F7F9 idiv ecx3 O/ {) y! V$ I* M
0040315E 6A 01 push 17 Y9 i( y' l: m! d" \+ a+ G
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
. r7 c5 F+ P; Z2 V9 ~& `, s$ ^00403164 8BF2 mov esi,edx. K) u. }3 E: ^7 t4 `
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
! e* B! A0 M. ~ U0040316A 52 push edx& O2 g! i: Z w0 \3 @
0040316B E8 0A550200 call qsr.0042867A1 ?' A& ^$ v: q r8 U$ F
00403170 8B00 mov eax,dword ptr ds:[eax]1 T2 ?; q- o# H& f/ b
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
) m( d6 B0 [# N' ? f5 c00403176 50 push eax
9 a: J) N' C0 [+ o00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
* W* U3 e5 Y$ g& w. M( ?8 O( F z0040317C E8 0F560200 call qsr.004287908 D! B" J3 a0 U- N. ^6 R% T2 D
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
. u3 ~9 x9 v/ g( e% o00403185 8BF8 mov edi,eax. J7 |9 H" o2 p& d( k: \: j* k
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3( X6 E6 E5 P% `: ?% _7 X
0040318C E8 FAC20200 call qsr.0042F48B
) `' _! T' w% z- t( O3 X' n00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
- @' y" z& ^1 a! X1 t! }00403194 B9 3E000000 mov ecx,3E
; q. I0 V; m3 x* ]4 ~00403199 99 cdq
! ?& G% O: A7 a+ O# p, |9 C0040319A F7F9 idiv ecx$ D) O: ~9 P- A1 l# K$ X
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]! c2 g0 K: b5 F L
004031A1 894424 28 mov dword ptr ss:[esp+28],eax6 b; Z- [! r9 } c9 b7 A
004031A5 8BCA mov ecx,edx
. s+ q0 l0 F* h- f004031A7 894424 24 mov dword ptr ss:[esp+24],eax
3 g1 j) U4 r: y% R( Y+ I004031AB 894424 1C mov dword ptr ss:[esp+1C],eax. a9 Z& s7 S+ a5 A5 D
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
6 w9 ~- B: T5 F004031B3 894424 14 mov dword ptr ss:[esp+14],eax& L7 D- Z% a% z& {& J/ z0 E9 x2 s
004031B7 894424 10 mov dword ptr ss:[esp+10],eax( L5 e' V6 @$ u* j
004031BB 8BC1 mov eax,ecx! z4 G$ E' O" Q4 f' r
004031BD BF 0A000000 mov edi,0A! }$ o! S/ ^3 a4 E @
004031C2 99 cdq5 c+ [% @& S" D, g; ^
004031C3 F7FF idiv edi# @3 s. p/ z& c' ?, |. U
004031C5 8BC1 mov eax,ecx4 P9 B1 w3 }0 D
004031C7 B3 0B mov bl,0B
- Y* D/ b% }8 Y% t B$ I004031C9 0FAFC1 imul eax,ecx
- F! e# d" J/ E5 ]004031CC 8BCF mov ecx,edi1 }, O/ z3 N2 Q2 K( ?
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
+ E" [6 U, \' J( `( y) a4 {; m004031D2 52 push edx7 b+ ]2 n5 C. @! ^- P) W
004031D3 99 cdq! d- f w# j G4 L" l$ E' n
004031D4 F7F9 idiv ecx0 d& p2 t4 W* B: r5 k
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
, g- x& v W6 G0 d004031DD 2BC6 sub eax,esi3 p3 g/ r2 G C, j" m5 ^0 o
004031DF 52 push edx
4 ~2 h5 R8 e6 v004031E0 99 cdq
9 S8 b" Q) ]1 T! W. y7 P, n004031E1 F7F9 idiv ecx" ^3 E+ ]$ R, i+ X+ k1 Q p
004031E3 8BC6 mov eax,esi) u* m" ~3 t5 L) S# r7 X
004031E5 52 push edx% r9 X$ g( A$ Q) f7 R1 l% p7 [
004031E6 99 cdq
`( J! ^& _/ O( k" `004031E7 F7F9 idiv ecx
# D5 R: F! }" N+ E3 ?9 n1 [004031E9 52 push edx
- u. V8 ?' c2 r3 G# F004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
! f, Y- a4 r, a0 Z. r7 K0 a+ [! I/ |004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"& W' M" ~2 F$ R3 ^7 g+ M
004031F3 52 push edx
* @! B W. h/ \9 O7 g3 i; z; b004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
* q6 H" f5 k+ C, f) t2 A004031F9 83C4 18 add esp,184 s% a, K, u3 B* m% Y
004031FC 6A 04 push 4+ \' U- Y6 C$ \1 R, h% {
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
+ H/ i- n/ A" v$ y' I( [00403202 6A 00 push 0
; K5 U1 i, D! w00403204 50 push eax; N$ F' E; V' x+ F& X
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
9 s1 C3 f N3 b$ U1 `00403209 E8 D6530200 call qsr.004285E4
3 A- `% J" O) t. {8 n0040320E 50 push eax
* v! v; E3 N' m* E, R/ g0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]' d- n/ k; E" _% g/ ^
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
# s3 V1 j4 @9 D5 F00403218 E8 A7C30200 call qsr.0042F5C4: a! Y Y+ N3 }$ `
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]/ V' |+ g3 }! D; d/ ~' F7 [
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl: s& k+ W# n% q6 Y9 M$ _0 G4 k) Z
00403225 E8 61C20200 call qsr.0042F48B: B! X% [+ X* p/ W1 K7 K. K
0040322A 6A 04 push 47 B; ?* n' g& N& k1 a
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
: v% `: l' ^" m- [# u! _7 ` l+ @00403230 6A 05 push 54 S3 I r1 z& J0 l9 P
00403232 51 push ecx1 c& L! s5 c& e( s
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. _# A! j+ S; I) |! {0 s. d00403237 E8 A8530200 call qsr.004285E4
( t- \: X* z& j! X- ]& D4 X0040323C 50 push eax9 g' G( i, A4 J% P* d( Y" t
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
0 k3 k" u w9 ~" W, j3 X00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
. U$ b7 I4 i. D% l W* x00403246 E8 79C30200 call qsr.0042F5C4
+ \' D% P! g, _6 P% I0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# I% P6 n: |( {+ z( U: I0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl; a! v# N7 x1 ?, C E/ @" Q
00403253 E8 33C20200 call qsr.0042F48B9 S! W3 i& N2 u! v+ ?) A+ p
00403258 6A 04 push 4
9 g0 F9 ~. ? F- g9 _( p$ l0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
. ^% ?, Q4 B- h( v0040325E 57 push edi0 _6 I1 B' D( r5 c* t
0040325F 52 push edx# E2 k" R% x4 m/ S0 |& E
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 W9 B( \; p( J. e" D) ~
00403264 E8 7B530200 call qsr.004285E4
7 P$ Z/ L( a; a2 Q; K! N& R00403269 50 push eax
4 g+ \7 H! @4 u9 E0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]$ b7 I G9 W$ b/ T2 A# E; z
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E7 G$ `: _& J6 m8 ~5 A F) C
00403273 E8 4CC30200 call qsr.0042F5C4
$ q, Y* [$ W, [8 \. _. |00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30], z8 u/ V6 \& B1 C! R1 p( D9 m
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
/ a' k- e: Z$ x00403280 E8 06C20200 call qsr.0042F48B
8 W& w& }4 Y$ D% C00403285 6A 04 push 4/ t# z; e9 p* P o
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
# S0 b1 r! ~$ k4 x( s0040328B 6A 0F push 0F# _3 }! |3 t0 L! A; Z3 w+ ^! V( C
0040328D 50 push eax
. u; | j4 Z3 z$ g4 `/ ^0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]1 M5 i( [$ Z" S2 @0 Q' y# I1 u: g D
00403292 E8 4D530200 call qsr.004285E4
5 W, m& S4 k/ L# {. W+ ~# c6 G00403297 50 push eax
. e9 s8 R& p* X00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, D q4 r2 o) m5 \7 Z) N0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
! L- c4 }) @3 B2 F. n. |, b004032A1 E8 1EC30200 call qsr.0042F5C4
6 s+ P/ ~0 f3 \: Y004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]* i. g; ]4 K1 D
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl0 a0 n$ Y; t; h) b, L
004032AE E8 D8C10200 call qsr.0042F48B
8 y" |. }/ r7 i, W( n004032B3 6A 04 push 4
# n9 R7 q0 s+ @004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
* X# O8 `' Q/ e8 u- ?3 l004032B9 6A 14 push 14# M8 `0 g1 c1 W9 u( r- e7 Z
004032BB 51 push ecx3 L7 D' X' U' a& Q6 b' t1 u" {# y
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]& E8 M9 ~9 g o
004032C0 E8 1F530200 call qsr.004285E46 _7 H' j |# x+ T0 B' L# |1 f
004032C5 50 push eax
) v* S% {/ Y$ t" {1 r004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]* I# `/ V4 y0 N1 ~6 t5 q5 f
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
! Y7 |6 |# B+ u5 T3 C; S1 N004032CF E8 F0C20200 call qsr.0042F5C4, C5 S: C3 j6 T1 @! A
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 K& L) ?4 r* m0 c
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl c" I5 A+ k. t7 b: M2 ^) W2 }
004032DC E8 AAC10200 call qsr.0042F48B
! t. }/ E# U* K004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI, W. A% x. ~: d; ~3 k. O
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
6 X, }; p# J2 A004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
' H+ ^& ~# D$ f7 E6 |004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL V8 Y( c1 a( Z% x `, v
004032ED 8ACA mov cl,dl ; DL送CL
1 n) A8 u$ |: s. Y$ k8 m" R5 D004032EF 3AD3 cmp dl,bl ; DL和BL比较
- k" A5 A0 [0 W0 [1 k8 x7 a004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)" P8 P: L3 U. E0 `1 o$ c! D7 a$ `
004032F3 84C9 test cl,cl9 S. n' N. } X+ O) E( |2 c9 f
004032F5 74 16 je short qsr.0040330D
- s) a$ t7 y# [! @' P& p: \004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL6 k# ^* i) G$ C- z# B: i' ~3 V# Q
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL2 w# ]2 r: J# v* N) b" J
004032FD 8ACA mov cl,dl
& X& d0 F( m8 Y! H. l004032FF 3AD3 cmp dl,bl ; DL和BL比较
3 v; B: ^& C2 P0 D6 F00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)3 }4 L1 l, }! x, ^! f: w% d
00403303 83C0 02 add eax,2 ; EAX加2
/ X- J: n4 @; C2 c00403306 83C6 02 add esi,2 ; ESI加2# A0 M$ G/ m! [) Q. ]
00403309 84C9 test cl,cl
( ]4 ~6 o2 V. J2 E ~. O0040330B ^ 75 DC jnz short qsr.004032E94 |" f8 y( h+ J& G
0040330D 33C0 xor eax,eax
2 J2 Y5 M, f' j5 t4 W4 [' E3 ~3 S% r0040330F EB 05 jmp short qsr.00403316
2 N2 v5 m( X. @4 |- ~00403311 1BC0 sbb eax,eax7 m( D6 B, v' N+ G
00403313 83D8 FF sbb eax,-1) x) i( `$ I. W/ a- I
00403316 85C0 test eax,eax& f; f( ]+ q! Z, v# ~8 T
00403318 74 0E je short qsr.004033287 p. Q" x5 E' r7 i& y Z
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
6 T' \2 G, J1 _/ s Z( j0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]% s, ^- T0 M7 Z* D" ]
00403323 E9 F0000000 jmp qsr.00403418
# u/ O2 `/ y! ]# \0 z% U00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX l4 u* V' |3 w7 t I
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
* J! u3 }% o. J$ S* D5 W00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
& P/ n; q8 V8 _7 }* F- R/ t00403333 50 push eax
- I$ Z5 ?9 i- x; |3 ~$ r& S00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
* ?$ a/ P& h* z00403339 50 push eax, v- M* j7 L4 k& R' I( X
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
& y8 T* u9 A% ^" g# A" o1 j0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
* s' x y+ w+ G# D' a% O, v. @5 T00403343 83C4 04 add esp,4
0 o" i8 d+ L& K00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI# |# T( M" O& a
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]3 I# w; ~. g$ ?
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]! [' K1 h$ L6 @ y. D0 o- ~
0040334F 50 push eax
- d) q: }0 K# w! F1 W) q00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX. c& B' }5 m( v( }0 A) R/ ]
00403355 50 push eax
# q7 \0 ^, o( O/ H8 F, d! N, |# |00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX2 A+ |) J& j' A6 }
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX% e% K* ?' q$ I" v4 ~! P
0040335F 83C4 04 add esp,4
" `7 E. ^+ ?- w% g2 t) A/ C4 C. B3 \00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
( m+ f* o# ?% B* T* g+ J00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
# v2 Q9 ?- R8 A7 Z5 B00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]( Q) n- X' w, m! m1 g# ~6 t) i
0040336B 50 push eax: f9 d: z/ B, K. L" f) _' D9 V5 a2 ^
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX, u- H2 G- x1 M7 M$ h& l! h; L
00403371 50 push eax
" T0 e, \& y9 B; g00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
& p( B+ |5 U2 r W* C: F00403377 8BD8 mov ebx,eax ; EAX送EBX
5 c# f E$ P; ?- l$ p4 U00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX& [; A1 f8 D0 H7 |; n
0040337D 83C4 04 add esp,4
0 @6 H& k# ~3 R$ d00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
* v: b& P4 A+ G5 A4 v7 F% m00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
+ O, Y( B6 S% N* X& R" j2 i00403387 50 push eax
6 Y" `" Q/ C4 w$ G2 Y* M: c# e O00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
( o2 V! u E7 j$ U0040338D 50 push eax
+ Z3 @ _( H7 M$ [) ^0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX% Q* @0 _. t$ K
00403393 83C4 04 add esp,4% K7 L2 k7 s3 d9 b5 R; t
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 z5 s8 Y8 r+ N$ @5 ]
0040339A 8BE8 mov ebp,eax ; EAX送EBP
! @! ?* v# m) \5 w4 m0040339C 6A FF push -1
, @. v" ~, W: P+ E6 R& X0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
0 ~ K U" V3 R) C004033A3 6A FF push -1' I6 X* X" F7 E# I+ L; d Y( i/ d
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX: r1 F& Z* w0 }- M
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
& J2 e/ q6 G' M% p5 c3 I004033AE 6A FF push -1- W& E/ n% B6 [. @) ]6 z( d6 I' n
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX- s* ]: Q; w9 S8 M" w+ h% l
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
# H0 [. a u& g004033B9 6A FF push -1
! O) y3 K8 l8 W004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX, G0 m6 R7 Q; h
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
: Q$ Q4 T/ X z004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX- @( |9 I9 V! E- s0 m) r5 y# q# |
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
1 `1 Y8 N- x$ ]" }" m004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
: x! `3 ^) O' |% p- D) G, z004033D7 D1E0 shl eax,1 ; EAX左移1位
( e/ m$ B* I6 J/ _+ M004033D9 99 cdq ; EAX扩展1 Y. i H8 P4 r4 H# O: W! `0 b5 P" O
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
7 G* \3 T5 ] l/ N! A: \004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较; j: A+ [8 s2 Z
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)# F8 z' E; y _$ a3 e2 H0 I
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
) w' l+ \) e* e2 b004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
0 T B$ W E! P9 x. o% E7 W) X2 I1 j2 I004033E9 EB 2D jmp short qsr.00403418
, T) T) S9 B; A6 Y- C g# M V$ W7 I004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
* G( F/ R9 L+ n+ t004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
% X; V) ~7 M: j* f0 J' F0 h$ t! ]' A004033F7 99 cdq ; EBX扩展" j' B4 O- l* C
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
/ H+ y( \) M5 F% o/ ~. `004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX6 D: R# q* S/ d- |, B
004033FF 2BC2 sub eax,edx ; EAX减去EDX
6 h6 }. m7 E4 X$ n# Y% W# Q00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]; } C" o, T( j# f
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX; A/ ^6 i# w" G( l
00403409 99 cdq4 s2 B% l& Q5 }+ L" z: m, ^& c
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中. F' I2 P( I$ \) ~' o) Z1 ]( A
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
: r* Q# N. T% G+ {9 B00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较8 r) W7 T) @4 B/ Q7 ^# `
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)# V1 X3 L L9 Q" l+ |8 x5 [
00403418 E8 6EC00200 call qsr.0042F48B ; 8 @: O( F) s, x u# M
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
+ R: |5 i8 a% b1 _5 R4 g9 O! N00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
) p: t- h/ q7 q; @( E00403426 E8 60C00200 call qsr.0042F48B0 v! e* G4 U* M- r
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 K8 \! v7 l3 y9 p) h4 A; o
0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
5 j* T8 L* M4 N1 s4 ]8 {' J00403434 E8 52C00200 call qsr.0042F48B' H7 D$ R$ h6 c$ j p% K {
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]/ z8 v6 A6 u( X: M- W# @
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7; m! O4 w2 J! c! I, i
00403442 E8 44C00200 call qsr.0042F48B
" r3 ` V, N& i/ S4 o( ?00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
: b; Y" `3 K, B' y( h4 p6 \0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6- l+ R/ r8 F W- m
00403450 E8 36C00200 call qsr.0042F48B
' A9 A a* b, T! `1 G00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
6 C2 ^) ^1 U! E! N00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
* a* ~2 i0 O- Q0040345E E8 28C00200 call qsr.0042F48B% h" j Y5 I6 R4 j$ V/ [! R
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
2 ~. `; A% g* X. y Z( x# d2 t00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
- l v9 F: j# A5 y1 K: E5 K5 m* {0040346C E8 1AC00200 call qsr.0042F48B
; q4 u$ o0 p4 l) K( X6 P8 s# _1 {00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
* m; G6 z' G+ {% u4 I( }/ P00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
( |2 Z4 M% c4 \, z0040347A E8 0CC00200 call qsr.0042F48B
' D% g- ?3 E' O% y( }+ j0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
\) J, d5 L/ a* n0 U: ?2 X00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
2 h. E$ U3 x- _( X3 |( D, u- Y8 D00403488 E8 FEBF0200 call qsr.0042F48B
/ |) O4 {3 n, P: W; e$ C/ p8 \2 Z0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 `$ Y8 Y; Q6 E00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
. ?7 D6 E1 f0 `' r% O7 V8 e _00403499 E8 EDBF0200 call qsr.0042F48B
; c5 W3 Q+ A {# k ^+ l3 I1 ?0040349E 32C0 xor al,al ; AL清0
& C* R2 n; `2 G) H8 @' m004034A0 E9 88000000 jmp qsr.0040352D
6 B. O7 ]0 t0 Y! [& y* Y004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~7 E, T3 r0 V$ @+ O: F, v
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]$ M, h8 C7 t! u
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
: d E/ l! D6 p5 n' g+ F/ R7 x004034B3 E8 D3BF0200 call qsr.0042F48B+ @ N' R q. O. A) _) b! |( p% u
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
" Y" r" a c5 K6 H2 K/ y004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8, ^/ a8 ^2 Y/ D
004034C1 E8 C5BF0200 call qsr.0042F48B
3 h* s+ S/ l& y: u004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]- v* t3 o3 A0 v) f1 X% G
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
# K- P# Q7 G' V) Y3 |( D004034CF E8 B7BF0200 call qsr.0042F48B0 _1 p! Z5 g8 R# F# V
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
1 J" Z0 U( s+ R( M0 x004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
, p* L; r9 V( k/ x( `004034DD E8 A9BF0200 call qsr.0042F48B. g3 V9 A8 t. {! Z. {/ `
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
4 y9 B" q1 { H' }004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],33 L) ^; E+ A- t+ j5 D0 u
004034EB E8 9BBF0200 call qsr.0042F48B
: }- ~) J' l9 {8 W) l( |4 I004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C] B( f7 O0 T, F
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],29 G8 g9 V0 e+ v1 X- {
004034F9 E8 8DBF0200 call qsr.0042F48B
+ l. v% }# O7 J/ F7 e& h5 o0 X004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
( q4 B; ?1 {, o$ j# Y/ z00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1 i& l! k7 s* l Q3 @; t9 G- A' h
00403507 E8 7FBF0200 call qsr.0042F48B
( @! h1 Z+ Q6 P6 U0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
# U% k$ X7 F- Q00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0" t7 y J* W( J
00403515 E8 71BF0200 call qsr.0042F48B
1 X0 \+ e5 o+ C. R# t0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]$ t# j2 s% a) Z: k; E! [$ x
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
; n- ^5 L O0 C/ Y9 p/ z' H; [( f00403526 E8 60BF0200 call qsr.0042F48B( K4 y0 x# B" e: i7 k
0040352B B0 01 mov al,1
% W, p p; i5 u0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]9 q) B) W+ e3 h% A
00403531 5F pop edi
5 h% c g0 n! F1 s7 t00403532 5E pop esi
) f9 m) Y, t# J. W: H6 g+ z00403533 5D pop ebp
; i3 z( z3 y9 u3 p( k( \) @00403534 5B pop ebx7 Q3 p- }+ C! X9 k7 R+ q
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx1 {$ E- k2 f n
0040353C 83C4 30 add esp,30! l- |0 \+ Y7 q8 V
0040353F C2 0800 retn 8
4 f8 g: D* ]# [8 V9 X--------------------------------------------------------------------------------
8 ^( M( k+ ~' @$ p9 [2 b3 \【破解总结】& ]$ L( {. u3 q
用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
Z! V' t/ V& i! z用户名:yijun4 U5 o4 I" j' F% A4 o G
注册码:4893*7777*3726*7777*0529& a& _9 K5 _4 H8 l0 I9 `. w/ o
--------------------------------------------------------------------------------
5 c- P% f# P9 t6 W. X* s& j6 Q( R【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡