|
|
|
【原创】破解Quick Screen Recorder
o' X8 y' W- k【破解作者】 yijun
) k. k/ R5 ]1 j' f4 \( @5 l- V1 \【作者邮箱】 [email protected]/ R6 d; L+ G5 x: r m. o9 m
【使用工具】 OD,PEID
. d" B4 B2 f( b2 k0 N; |【破解平台】 WinXP& t8 @7 d, Y2 t! i
【软件名称】 Quick Screen Recorder9 S5 o/ O) j, x/ k, h
【下载地址】 天空0 g) f: \% H! m& x9 d2 x
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
/ P, o4 m4 b2 V" [7 y5 i5 Y【软件大小】 540K
d F. V5 e4 A7 F" C: W7 n【加壳方式】 无
, ?! D) f+ N- S4 @3 ]; u# E" p【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
E+ s: Z) S* e7 ~) n! a; h; R, W0 \--------------------------------------------------------------------------------8 g S% }* d) y, y v9 R. k" G
【破解内容】2 h. u" j$ L. Q* _4 f' O
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:# G6 t* @- b$ n8 x f
00404C69 55 push ebp //在此下断
* ` v, _$ g3 `5 w00404C6A 56 push esi
$ [# _$ S3 t/ ] }( f00404C6B 57 push edi
! |( R2 M* Z, h2 J00404C6C 8BE9 mov ebp,ecx1 q W8 R5 h0 {* o
00404C6E 6A 01 push 1
* V, v' S+ |; q$ |1 V0 h/ w9 g m00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
) }5 \) Z, t* b% A4 u6 r00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]4 I3 q! }6 ]5 J* Y, U
00404C78 8BCF mov ecx,edi
* L' W/ b V" s# c a" g00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
; @* t5 P* r8 m+ ^; K$ I! ]00404C7F 8BCF mov ecx,edi; e& U. s6 Z: r$ ?+ s9 o( t
00404C81 E8 A73E0200 call qsr.00428B2D( e q# a! K; P7 [/ y
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
/ O0 T% p! e2 X( C. a2 r. Y00404C89 8BCE mov ecx,esi
+ x4 z) f+ A$ H# [& M00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
: w& \$ j# p7 Z4 T& N/ E00404C90 8BCE mov ecx,esi
, R# `2 v6 G. ^+ X00404C92 E8 963E0200 call qsr.00428B2D
$ ^- b8 P" q* v n' m! K00404C97 8B06 mov eax,dword ptr ds:[esi]
; t2 U p" N7 O5 H, z ^00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2+ p& ]" g" {0 E1 p' E
00404C9D 7D 26 jge short qsr.00404CC5
) A' {6 {/ H* Y00404C9F 6A 40 push 40
; c& A m$ I9 b \2 B7 H% h00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
S9 e7 V- {# @) n00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
! k1 `% T% D8 ]6 M00404CAB 8BCD mov ecx,ebp# f1 a9 s S- ]' d$ Y% Q8 m
00404CAD E8 C3840200 call qsr.0042D175
; ]/ R2 e5 M7 }4 {0 V! Z! `00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]% A7 l' _( X5 M0 L1 o% G
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx ?5 a' O% p# {9 q a( ^3 O
00404CBD 5F pop edi
9 o6 m- r) \: q$ J }. X+ H/ y00404CBE 5E pop esi, ~# G2 i( r) g
00404CBF 5D pop ebp
- g- O/ e! i4 p# R' j00404CC0 5B pop ebx0 r" R2 ^( R5 H7 P. {
00404CC1 83C4 18 add esp,18" k) F2 p! [; |; c" l
00404CC4 C3 retn
- u Y3 @: m3 {00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]( ?/ N' I) P4 f# M
00404CC8 84C0 test al,al
8 O* @" E% k! y% X00404CCA 0F85 1C010000 jnz qsr.00404DEC
6 H9 S7 C) d9 X; w6 t* W3 u$ W& o00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) [9 _ \$ h" q, ~00404CD4 E8 87E3FFFF call qsr.004030607 j; V0 G/ _/ m! z6 J
00404CD9 51 push ecx) Y" Q$ \8 Q8 e& ?4 M
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],01 y- U. s$ s# K/ f7 o: W" e% a
00404CE2 8BCC mov ecx,esp
0 |9 O; q; K/ {8 H f, c) e00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
8 z' W" T8 q$ L f6 y00404CE8 56 push esi
$ d( R! o# e; M00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0# X, A7 `+ U( h( {: H% Q/ {/ M" |
00404CEE 51 push ecx
& `' G9 c. T: U, X3 B4 n00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1; U7 H' y( }/ r7 N$ }. M* q8 J9 V4 z
00404CF4 8BCC mov ecx,esp+ V9 e6 d9 `; u5 X8 p, t9 J- E9 k; a
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
4 y1 y6 h" H9 V3 u" k: U6 u' c) Y- }- ^00404CFA 57 push edi1 }7 h1 C1 A) q. F9 u5 s& a- C
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是06 `' o; x( ?8 g" E
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
O- I' f3 F7 `, Q00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
/ j' Y0 r* ]1 ^8 v3 J4 Y00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
3 k, [+ b3 S. w4 { x. I2 A8 w% z* @00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
) n) Q! s, V* @: F. Q$ `0 @( t. L00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~' `" D- ?* c, e9 K4 \. G
00404D12 6A 40 push 40
$ K! Q7 B) V; ~' R. D# @4 H, \+ s00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"6 U0 y1 B: k* I% B
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."9 [3 N2 `8 `6 O2 j( I: j' s' \
00404D1E 8BCD mov ecx,ebp
0 T; q; o) l* e, X4 n- g- k0 E00404D20 E8 50840200 call qsr.0042D175
: @- |) l! t/ g00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
& N% A. @ q" Y. B4 c00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-14 b0 _4 D) I, \, q5 _, d
00404D31 E8 5AE3FFFF call qsr.00403090) Y `+ x* f& X4 n5 B G, N
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
5 D0 Z; K# M4 l5 ^* i1 s x0 \00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
7 A9 C3 b5 c& k00404D41 5F pop edi
' o5 V& M6 M' R00404D42 5E pop esi
$ e D. z8 s s00404D43 5D pop ebp$ C+ \) g% g! x5 J7 I
00404D44 5B pop ebx
5 D& J1 |' d- d1 s9 c, b6 J00404D45 83C4 18 add esp,18
/ G- d! c: d7 S: j+ ?2 D# u7 T" h00404D48 C3 retn5 D8 H/ }/ `$ g! K: n# c0 L4 t
*********************************************************************************************************************************************************5 n) ~* y2 B7 C3 q, `% R- E; q
跟进00404D09处CALL来到:1 ?! z! a3 o! o- ~$ M
004030A0 6A FF push -1 //一路F8下去~~~~
4 |: X4 K% r1 @- U5 Z3 ~004030A2 68 C88F4400 push qsr.00448FC8
0 Q# {& p2 t( F3 ]$ Z" \004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
( W O# T* G, O3 |4 Y9 l* n" o; d9 L004030AD 50 push eax! a1 I" h; K9 g$ ^3 b8 s; W5 ]
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp6 i' x/ `% g. p4 y
004030B5 83EC 24 sub esp,24
( V& G0 x3 b* v004030B8 53 push ebx9 A" r; H( k8 ?. G# A% S2 @/ S
004030B9 55 push ebp7 a7 B8 T$ Q/ R" R" g G
004030BA 56 push esi
u9 r, s7 c( Y' C8 B004030BB 57 push edi' G: z% e5 D$ k; g' ^8 K
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"3 k' K5 P3 W3 K3 q
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24] h- t4 b2 \! Z1 M% y# d
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
7 G; j' { G' v' G004030CD E8 27C40200 call qsr.0042F4F9
4 A0 ?6 K0 J- ^6 a004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438], P* G* @) F+ p5 x# I
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
/ x+ H0 E8 m. W- y" c4 p004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]$ J$ H2 y" t/ ^2 }/ r& ^; F
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
4 i2 L; h$ A0 l& M" Q9 X0 x7 K& q004030E4 E8 905A0200 call qsr.00428B791 n! I( a0 ?4 [/ ]# D
004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: n- y. x/ Q6 C' U! L m( ]004030ED E8 3B5A0200 call qsr.00428B2D! j7 y5 p& T* S7 ?9 v+ z
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]2 G$ Y* |" K* a/ \; ]& h
004030F6 E8 7E5A0200 call qsr.00428B79+ w j8 x. c: g" S2 y$ [% L: n
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]' s4 b2 f) U2 t" O8 _2 i9 |& j
004030FF E8 295A0200 call qsr.00428B2D
' e/ F+ I- \$ n0 C00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
& l p9 _: u# L0 ^1 E7 ~00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]5 r& p4 \' U7 W0 s3 u: f A$ [
0040310B 83F8 02 cmp eax,2. O/ z+ b B" z1 F) U% s$ N3 r- Q
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳1 \1 Z1 g4 k( h. X- A N" y
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]) G, V6 |! N4 W( \$ k
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18* J. T% ?! f' w; ~+ w+ O* r b
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳& m1 B7 I: E# j5 R
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]& a3 W$ H1 F- U7 d5 u3 ^) ~& N
00403126 6A 01 push 18 ~( c4 Z/ f0 ^7 ]* ?7 C, s+ F& }
00403128 50 push eax
3 |1 `! E" H1 U0 {, a, F00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 C! c7 ]- c. a. Q6 _
0040312D E8 C4550200 call qsr.004286F6
, U$ `1 q) Z4 A7 ~3 g8 f) H9 z00403132 8B00 mov eax,dword ptr ds:[eax]3 n6 [# f+ W( g
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]1 B1 t- {" j' }" D* R! w
00403138 50 push eax
1 Z4 R! T0 q. f- Q, b$ e+ D/ B) G: H00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
+ E. ]4 I/ }/ ^6 F3 A0 F9 N0040313E E8 4D560200 call qsr.00428790/ J. d- z' @$ [' M. j* ^
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
5 f7 g5 |0 o$ E& ?- i( _00403147 8BF0 mov esi,eax0 U1 O4 |( C2 o( k9 B
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
+ ?9 T/ `" M$ _/ A0040314E E8 38C30200 call qsr.0042F48B
5 S4 M4 I6 ]0 Y7 I* f/ k- H8 [; g00403153 8D46 0A lea eax,dword ptr ds:[esi+A]; F- q, h* |0 l
00403156 B9 3E000000 mov ecx,3E3 G6 b) R: D$ q- A2 n" {/ z. e% P
0040315B 99 cdq
* E* `2 a1 t* m0040315C F7F9 idiv ecx
; [' y# N+ O. R$ k; |# t0040315E 6A 01 push 1' u5 X0 g* _ L' d8 r& ~* ~
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
2 v7 z z/ q5 N00403164 8BF2 mov esi,edx& Y) Q3 Q7 }/ j+ l2 {6 x
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
1 K8 }9 r1 g1 s+ J! R0040316A 52 push edx% \# l: @1 M2 c
0040316B E8 0A550200 call qsr.0042867A [- q& I6 W0 C# w
00403170 8B00 mov eax,dword ptr ds:[eax]0 f) n( D: i: ~" [
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
! A- _8 j+ U! q# ?" [& y00403176 50 push eax& Y& R& ~/ t, u# y _
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5# U3 ^* y% N. ^" ?
0040317C E8 0F560200 call qsr.00428790+ }8 `7 a& T& |& D; l3 r( p
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]7 H+ w4 @# s3 u e' N( [! H3 R
00403185 8BF8 mov edi,eax Z. B! s% E" T- i
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3% Z$ a7 F+ E+ e% v
0040318C E8 FAC20200 call qsr.0042F48B
& ?1 }/ m# E) R! u7 O, u00403191 8D47 0A lea eax,dword ptr ds:[edi+A]' c3 w6 {6 g3 C6 p
00403194 B9 3E000000 mov ecx,3E
; A) F% t I3 y J; h00403199 99 cdq3 N' ~6 ^* X2 k8 u) z4 [
0040319A F7F9 idiv ecx
$ B3 S, m. \2 ~& _" z, u' ?4 t; a0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
, Y# {. m5 X' [2 K3 N( w004031A1 894424 28 mov dword ptr ss:[esp+28],eax/ {( a) z4 U" T+ Z6 Q* O
004031A5 8BCA mov ecx,edx* C- G4 z& j! F8 c1 L4 |
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
; N \ X- T4 z3 z* ~$ X" n004031AB 894424 1C mov dword ptr ss:[esp+1C],eax3 a/ g; w* |/ t7 W; o
004031AF 894424 18 mov dword ptr ss:[esp+18],eax5 P$ J/ s% y& X- s9 t/ N" S% ^
004031B3 894424 14 mov dword ptr ss:[esp+14],eax" ~) p, n9 Q* o4 u/ {/ y
004031B7 894424 10 mov dword ptr ss:[esp+10],eax9 |* C1 v* M! ?" G4 r5 o
004031BB 8BC1 mov eax,ecx
- Y+ N* Z8 a- X E; W$ Y$ w004031BD BF 0A000000 mov edi,0A
" d: D7 X6 H7 H/ e) Z/ ^004031C2 99 cdq \7 B$ g$ G, D' n; X- Z
004031C3 F7FF idiv edi
) q2 Z7 r! P l' b004031C5 8BC1 mov eax,ecx
/ ]% i) m# g; U004031C7 B3 0B mov bl,0B+ r6 I3 ]: n' C3 q: _ j; ]
004031C9 0FAFC1 imul eax,ecx
( x- b9 T4 I! t2 p- o4 t004031CC 8BCF mov ecx,edi
( v6 @; v6 @* E! S: [ |8 K004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl$ [! @' l" g0 K* q v$ F
004031D2 52 push edx
( f4 F$ @* P4 O z5 Q) k( }5 w004031D3 99 cdq Z0 R4 m- B t0 R+ m. ^6 g# f
004031D4 F7F9 idiv ecx- P" z' P# q! ?- K0 z. q
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
& F F8 f' e9 f6 W; m3 q004031DD 2BC6 sub eax,esi8 I9 c0 i. w6 s# |
004031DF 52 push edx
7 l0 t% s3 \4 W3 m t6 \- U& F' E; J, d004031E0 99 cdq$ v2 q! h* P. `2 f( L" s& r! N7 n
004031E1 F7F9 idiv ecx
! f r( S/ U9 a/ b/ M, e; M8 E004031E3 8BC6 mov eax,esi
& Q8 W$ Y# u: X) g( U004031E5 52 push edx: D' N% N: x: z7 ^: ]6 R9 O
004031E6 99 cdq- Q! [6 O, M6 F5 Q
004031E7 F7F9 idiv ecx
2 e V6 n$ n% }8 ~7 a3 L" c, D2 X3 k3 |004031E9 52 push edx: n% d/ L- J4 L, I
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]( U# J7 G; o) ]3 y I
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
- W' Z! l9 z* O004031F3 52 push edx
* Y6 z& m1 Q3 }3 {( E. P; r/ H004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893+ l+ k$ M2 X M8 ]
004031F9 83C4 18 add esp,18$ R- W( v/ I, g. _, S. \
004031FC 6A 04 push 4
! b f% y- C2 t% d" f004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
( r- _3 [7 @0 D" D' e00403202 6A 00 push 01 T# V( K1 h2 |- }8 o' t, ?
00403204 50 push eax
7 {/ E: s) c& U00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
+ r0 G; k% H3 {4 w0 f: ?00403209 E8 D6530200 call qsr.004285E4
' G4 G* f- N/ v2 r0040320E 50 push eax }- [( V8 `9 s0 [) T. l5 C
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
( O" Z+ K0 _( z2 k& j7 b) t" D# L00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C- F* e% I6 u* T y8 |( }' v5 r
00403218 E8 A7C30200 call qsr.0042F5C4
x. q! m w1 F2 g) s0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]0 u4 O* s H- r! |/ \* Y# M: K
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl; X6 Z3 v6 p- S
00403225 E8 61C20200 call qsr.0042F48B/ ~' i9 ^. t, k+ I/ e! h L
0040322A 6A 04 push 4
0 r: b6 {2 c+ F" X- f0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
( ]; t& \" L) K- L00403230 6A 05 push 5
; y9 w( e& Z" O: f6 N D00403232 51 push ecx
( @/ i. _) r1 e& B% B" U00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
' Q- G) s2 x- @0 [00403237 E8 A8530200 call qsr.004285E48 R# ?; ^" j2 W2 \: K( N$ t, g
0040323C 50 push eax0 x' c6 G* y; }0 A+ `! X
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
" `5 X3 J b- k+ A1 u00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
$ O2 s O7 T3 U& M# C& o00403246 E8 79C30200 call qsr.0042F5C4
, z& @# }# i4 |7 X0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 G/ {' `% t% @& }5 Z+ I8 H4 P2 B
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
# p, L7 y: L1 K2 k, k6 x00403253 E8 33C20200 call qsr.0042F48B! w5 f x0 t, G. M+ W2 `* T0 T
00403258 6A 04 push 41 t7 C& w4 h, W& W, y' ^2 e# p
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
5 F2 n! `: M( I3 ?: W z0040325E 57 push edi
+ s! o( v, ?3 Q# K" \: Z0040325F 52 push edx
) n$ C3 W6 L' }$ j2 q* Z. n00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
' S8 `8 D( Y- h, j00403264 E8 7B530200 call qsr.004285E4( m2 G3 [1 }* D3 K- z7 }
00403269 50 push eax* ]+ ` k/ w* ~
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
% j( C& c6 j$ T7 _0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E
- g6 V2 O9 a% p( s# ?: @; O00403273 E8 4CC30200 call qsr.0042F5C44 K0 b9 ^- v. B3 d
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]8 Y' f- s$ C) { j* K3 p K
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl1 s- C" D" d K9 e) _
00403280 E8 06C20200 call qsr.0042F48B
& z2 h" y6 W/ i( y' \$ F00403285 6A 04 push 49 _8 C0 p2 g* Z' w" r
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
~) N$ b5 m O5 y6 w4 F) p; Z, n0040328B 6A 0F push 0F
8 i; p" e! }8 A5 N' o& ]0040328D 50 push eax. s7 E5 t# a6 Q, }; _) H# c
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
5 c/ R, r6 t: K1 p4 `00403292 E8 4D530200 call qsr.004285E4
9 o- v! w' \" h7 \" l00403297 50 push eax( `( v8 ^$ J; y$ V8 q
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
: X1 e! M' `% A. B, E- V0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F& b+ _, h, Y6 l3 s& W
004032A1 E8 1EC30200 call qsr.0042F5C4# T, _; D- a/ F5 l9 c9 V% ?, E
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]: S8 M* [7 w6 K0 S' f4 y9 e y) x2 d
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
8 ?7 ~% l: h3 m* \004032AE E8 D8C10200 call qsr.0042F48B6 I- T- q4 |. ^4 ]8 M3 x" e( K! }' m$ ]
004032B3 6A 04 push 4
/ K. j, W5 V4 D7 z004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
. l$ O0 m% Z* n5 }! p/ k1 C004032B9 6A 14 push 14 m" h2 V( i. S1 |& i
004032BB 51 push ecx+ E7 G: ~1 w/ q z' U m
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
]3 ~! o2 n* D4 F9 i, y, b6 a# M004032C0 E8 1F530200 call qsr.004285E4
0 I4 g: Q0 H* O2 H# q/ Y004032C5 50 push eax3 K7 M; v$ e7 r6 Y
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
, y; r( b: j* ~- c5 ]" L6 ^004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
6 t: @* c b& T" W7 l004032CF E8 F0C20200 call qsr.0042F5C49 U9 b# ^9 h) o. n0 o* o' A! T
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]. b* `6 J/ y8 v; }! {3 \ t9 C' W
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
$ t' t$ ]7 ~1 f" j8 Z) y% z7 q004032DC E8 AAC10200 call qsr.0042F48B
+ e% N9 p. A& d* [* S004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
8 c" |- [7 |2 p2 ]1 t+ H+ t004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
1 M3 }/ F0 S% j/ i+ [6 C004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL: e+ Y& l% K3 P" {$ N! W3 @- b D
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
) d V' K) K# r" M9 m+ B7 g7 J7 N004032ED 8ACA mov cl,dl ; DL送CL
/ Z7 |/ {) P: g004032EF 3AD3 cmp dl,bl ; DL和BL比较
+ r' y: E, W7 o004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)) @' B- r+ P7 s) I8 U
004032F3 84C9 test cl,cl" x/ L& q1 r3 A) C
004032F5 74 16 je short qsr.0040330D" R& O4 w& k/ Y/ [. [9 l! ^7 L' J6 N
004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL9 N& S& ~/ e' O/ ?: l" D
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL+ t: h" M; |5 z7 N5 R
004032FD 8ACA mov cl,dl
0 O5 `& }2 `) `% t0 y. _! f004032FF 3AD3 cmp dl,bl ; DL和BL比较) D& C0 J5 Z$ b S1 `; u* l
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
q0 A' P6 ~0 a1 O00403303 83C0 02 add eax,2 ; EAX加22 b2 v( L' m8 h; T
00403306 83C6 02 add esi,2 ; ESI加2
9 A' y5 ?* g& y0 z; l7 M0 z: ~1 X00403309 84C9 test cl,cl
5 c. R5 p. N8 \4 B2 ]0040330B ^ 75 DC jnz short qsr.004032E9
/ ]4 q) p! U+ z( Z" c& z0040330D 33C0 xor eax,eax5 g8 E0 W/ Q+ ?' B0 K4 r
0040330F EB 05 jmp short qsr.00403316
( j" P. g. e, V& m T00403311 1BC0 sbb eax,eax
: K2 z6 s' u3 x4 p% B00403313 83D8 FF sbb eax,-1
3 I* b1 v! j; Y9 k00403316 85C0 test eax,eax
6 q7 o( t( m% C0 ^ R. m00403318 74 0E je short qsr.004033281 d2 ^1 R. r- e! ^5 j
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A- v6 z1 k( H8 ^) S* j
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]- b9 ]. F0 D' M z6 Q8 x* y
00403323 E9 F0000000 jmp qsr.00403418/ d, ]3 t3 t0 C
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
4 ]6 s' U7 a2 e9 ^* L6 t8 f+ b0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]# w3 Z; n+ d6 g' _6 D& x
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
w+ f; S& a! C: g00403333 50 push eax
: B( @7 l. V( X; B00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX, A' t4 o' s8 ?* m2 K$ Z8 f
00403339 50 push eax: }3 T5 g) q: B! r7 c" k" E; y+ @
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX: [$ ~% g" G+ a% s9 k
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX' d/ @. e! |$ A/ p x2 W' y' }+ B
00403343 83C4 04 add esp,4
+ P& ?9 a& u- U( T' Z$ f00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI0 T7 Z' S9 E- e
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]4 D1 `# l! A9 `; q& S X! I* Z
0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
0 G1 c3 H! ~* E0040334F 50 push eax; z; \6 `% C% Y4 h
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX/ O1 w% t& s$ O$ k, v' M. O
00403355 50 push eax9 _9 Y" A4 k3 G) O
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX4 H- t( W9 e! ^) D: \
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
y7 G- T0 p! A8 {4 J; Q0040335F 83C4 04 add esp,4( f: ^2 T9 `6 u
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
$ o' h. n$ q8 l. Y% L" A7 K v00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
# I7 @$ z9 K9 x, }- C$ J( Q00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]* J% N, V6 b- h0 T; [" S
0040336B 50 push eax
7 [- ~0 D0 `, ~0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX
/ l* Y; ] t6 I00403371 50 push eax& N5 [% `( E" j& K5 d( }
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX! \1 y% x2 y; v: ?) Z7 b) c5 Z" p
00403377 8BD8 mov ebx,eax ; EAX送EBX
/ t2 ]* n. U; {- ?00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX) O' c2 u" g# m7 L& Z* f
0040337D 83C4 04 add esp,4
1 K( t& C: d$ P( ]3 s# k1 w& ^00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]3 O3 G r# C5 Y% Z+ b% T( B4 _% ^
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]! ^) Z. l6 d* _- O _
00403387 50 push eax
" C) Y+ w8 o+ t1 O00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX( j( _0 g) B. g
0040338D 50 push eax
: F0 X% O# C# u. g0 N+ f8 h# }+ D0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
! E/ C2 | m& Z00403393 83C4 04 add esp,4
/ U1 m* E: f: N& d00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
w2 G9 h9 e* P! r$ O2 F0040339A 8BE8 mov ebp,eax ; EAX送EBP
: t! y5 P2 d' U- C$ Z$ b5 j- N0040339C 6A FF push -10 o* b0 i5 A3 u9 O% Y' ^$ F
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
8 Y9 D; t; v/ R2 {4 V004033A3 6A FF push -1
" M6 L% g* ~1 S3 M# m6 e" y4 B004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX* o4 z3 l% |9 S4 d& D9 R
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX* w ?$ K7 x# ?* |' J- u p
004033AE 6A FF push -1
7 M6 X' b, a! R" t& g; U6 r. ?004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX2 I! J5 M" m! N
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
2 m2 M- F! m% x004033B9 6A FF push -1
4 B) e) {# |( u0 l004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX$ G U( i5 z! t* B3 K% w
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX; s0 @. b8 O" x) j7 J. P
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX" v0 w/ `0 ~ f% X7 z. l
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
1 _' I) Q6 n! t/ G004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX+ V) R& b3 b5 N' \ k6 w5 T+ P4 J2 \
004033D7 D1E0 shl eax,1 ; EAX左移1位
! |& u, T' L8 F+ m& t004033D9 99 cdq ; EAX扩展/ }* }! \+ e7 J& ]
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
9 g+ G# g2 E6 c% T004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
- n- s+ G% _; j' ~4 D! {004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)# z9 L( ]$ R' O$ `# M% Z c0 Z
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A' ]4 |7 D& q3 f' g
004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]' e6 X8 B; }* J7 i
004033E9 EB 2D jmp short qsr.00403418
, f; U# d/ K5 I. z6 }004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX: U4 b; b% c z/ L/ l
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
, y: ^' }) t9 }; }; O6 r+ A q4 n# ^004033F7 99 cdq ; EBX扩展
( Z: F0 ` n: j# h; r1 B0 j1 w004033F8 33C2 xor eax,edx ; EAX和EDX取异或8 `* S$ j( V% X7 f- D: x4 c6 e$ ~
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
. W# g+ r" N& F. B& ?004033FF 2BC2 sub eax,edx ; EAX减去EDX3 p' H* Z, Y" C4 q9 C: r( l
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
+ Z" |* X6 F) O1 s i! P& E00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX9 d* W% f) C; @* U/ m
00403409 99 cdq
- ^* {: a, ~, ?+ U& U9 z5 o4 y0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
* c- P/ I1 n9 o: ~: Q0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
$ X* Y6 e. D9 O2 V9 J0 G0 U00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较/ T, f, R* Y+ V, W& i
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
: A f/ j) C' o) l! }8 n4 h00403418 E8 6EC00200 call qsr.0042F48B ; l, p( u% }, w7 }* y2 d) J
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) U8 v; N/ F0 m00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
1 ^( V I- F: C: F: _- ?00403426 E8 60C00200 call qsr.0042F48B
; ~: O9 G8 w* v8 g; \ S0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
% v# S. q) F; [) }1 `) q* i+ [; E0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8; |& [" Y+ I6 d# b/ W' \8 l B: V
00403434 E8 52C00200 call qsr.0042F48B
% {4 X0 U. S( n2 M; w00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) ~6 U- I' H ^2 w4 V
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7/ @; Y5 V) _* b
00403442 E8 44C00200 call qsr.0042F48B
; y+ h3 @3 ~' T+ `1 S& V00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
! {3 p* G h& |0 Q x2 Z/ N" ]0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6% X+ _8 K9 S6 C) }! X' ]: i- u7 |
00403450 E8 36C00200 call qsr.0042F48B
3 C$ ~6 P: f2 f+ e. t00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]0 Y; z8 G, K" M: l6 _7 m
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3& {9 l0 u% H* s; m. G
0040345E E8 28C00200 call qsr.0042F48B
1 g4 t/ B7 l. ]6 ^. i; d8 Z; `2 |# ^00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
( F1 c5 L$ W" } p00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
6 v- n5 ~: M$ U$ z: x9 J6 r0040346C E8 1AC00200 call qsr.0042F48B9 P; o8 s4 \" u B* `4 A) `
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]( L# o- D# M$ z* y! q3 N
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],13 R7 S: O4 C- f6 d8 H* l7 b( h
0040347A E8 0CC00200 call qsr.0042F48B0 }2 {- D# k* `- M0 {
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
# f- }" `, _! `7 O( g00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],01 N+ X2 B4 @" Q: [* M7 `3 V" A$ R
00403488 E8 FEBF0200 call qsr.0042F48B8 `0 F V9 S- J$ ^# e1 Y, _, I
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]4 ?9 S+ j" J ?8 s
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-19 b+ W8 R# g; c: G J- I
00403499 E8 EDBF0200 call qsr.0042F48B: k" r) x7 N! w0 f
0040349E 32C0 xor al,al ; AL清06 |" M4 b. K' @( z$ x& i: M! {
004034A0 E9 88000000 jmp qsr.0040352D
& _* \7 X* r, ^9 D1 ^004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
5 U- m* W3 N6 K& _004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]. V7 T. t- R( _$ @5 }) B
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],97 H6 g( b1 L" m. Y0 ]
004034B3 E8 D3BF0200 call qsr.0042F48B/ s. A! ~' _! u# u4 a# C
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
! D0 R6 Q+ K8 o7 y) Q' F2 \004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],81 K$ }+ c: a- l$ f! k7 T7 z" K/ Z8 P5 f
004034C1 E8 C5BF0200 call qsr.0042F48B
1 `+ M; P! a1 _$ f" N4 M' i% ?004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 E" u$ g: K* I7 ?
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7& x7 |% o6 d3 O. [6 Q8 E( J' i
004034CF E8 B7BF0200 call qsr.0042F48B
) Y# i- o1 o& m8 U# x004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
0 f. M" K) w1 @# }004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
_. b' y: A& v9 h# ~004034DD E8 A9BF0200 call qsr.0042F48B b+ l( u9 ~# _3 H# o
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
7 y' O- N2 }4 }3 q+ H9 w$ Y004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3' |% ?# P: h/ ` Q
004034EB E8 9BBF0200 call qsr.0042F48B
' Y# Q, X/ a9 N) E004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
$ F. l3 A- e# c* P004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2% ^' q8 t2 \0 Q% z
004034F9 E8 8DBF0200 call qsr.0042F48B3 L7 z& c* D$ U; w' U% b
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 Z! ^- r' _8 C9 I% K& o* z6 `' A1 z. U00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],17 @& ~, i: p: |! `
00403507 E8 7FBF0200 call qsr.0042F48B4 u1 C: N% f. P% Y
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]8 B+ a. n- M; q. P
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
1 Q0 D/ }9 p/ c' @00403515 E8 71BF0200 call qsr.0042F48B6 B2 d& j* m0 @ v0 E
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]& ~ e6 Y6 I9 w2 _9 N# \8 ~
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
) \( ]5 T g1 b9 q4 ]1 L00403526 E8 60BF0200 call qsr.0042F48B
/ w W& M+ |6 E* s& y! l3 D0040352B B0 01 mov al,1
! Y1 V' P Y% {$ F- C' r0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]7 i$ J5 q1 v9 N$ l1 f7 O
00403531 5F pop edi
- ~5 @9 \8 |; O00403532 5E pop esi
! N* X' ~: `2 T. \* C$ o00403533 5D pop ebp0 g: r" j# F, O7 d* H
00403534 5B pop ebx
V. I7 C" p3 U00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
3 O# w+ H$ g+ U0 H- r: g( I0040353C 83C4 30 add esp,30
8 `0 g- L" H- z# T0040353F C2 0800 retn 8/ ^4 r" i- x4 ~ P
--------------------------------------------------------------------------------
; k, [, u* u) w6 }. B+ s【破解总结】
2 _! ]" w8 }1 e3 Z# A: R) | 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
( f* j3 K8 L# P* x用户名:yijun
* Z% ~- N' j- }. N注册码:4893*7777*3726*7777*0529
8 }% i# f, T' M- k/ p4 u--------------------------------------------------------------------------------
/ \& Z, @. i8 J【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡