|
|
【原创】破解Quick Screen Recorder
$ _ F! T$ v, B7 ` E【破解作者】 yijun! V8 Z! A4 V, i3 g% z. I' c' _
【作者邮箱】 [email protected]
6 l% ~. ~$ c6 x |【使用工具】 OD,PEID
+ u# z; v7 ?+ q【破解平台】 WinXP+ X7 F' z! B8 V1 R$ `. n* @2 A
【软件名称】 Quick Screen Recorder
+ D) H7 F' h7 @& y【下载地址】 天空
; w# H$ _# c8 a- Z8 T【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
% P" M+ o2 i8 ] j) e【软件大小】 540K
0 B4 t- S3 F4 y( c7 R# ?4 _9 c# T【加壳方式】 无7 X" R6 x" E8 r4 d' {( I" t5 }% d4 v
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
* F9 t6 O# Q. [% p. U--------------------------------------------------------------------------------
$ w6 A; {4 ]8 U5 J: H【破解内容】9 u$ D2 A/ R: J5 Q/ I: M7 V
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
5 ~$ a, m8 ]" o00404C69 55 push ebp //在此下断" p1 m3 j. E! |* H# q7 v
00404C6A 56 push esi- X8 }) l. _8 j9 i. T& \. }
00404C6B 57 push edi
! B" C3 D# n4 @& C" h& u" ?3 l/ g9 c00404C6C 8BE9 mov ebp,ecx0 H5 ]2 d4 R# i% T; e5 @
00404C6E 6A 01 push 1
) f- ^7 Y; x5 H1 ~00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
% H, ]8 S0 g( b; r8 h00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
) q/ I. ]8 L; ^00404C78 8BCF mov ecx,edi
: x" X! Y9 C" o# {( o, G7 e00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码6 h8 J! }% ~6 J0 ?9 H7 c; l
00404C7F 8BCF mov ecx,edi
% D% u3 }% \6 E- _; a' }00404C81 E8 A73E0200 call qsr.00428B2D
$ r- `7 D% h y( B00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
' a; h1 i" r& E# s00404C89 8BCE mov ecx,esi6 p2 n9 ~% T2 P% s7 `6 v \( S
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
8 w7 C( W' v0 f" @* s. l00404C90 8BCE mov ecx,esi
/ h) Q* w# K2 u" E00404C92 E8 963E0200 call qsr.00428B2D1 M. B b) X- d O# _
00404C97 8B06 mov eax,dword ptr ds:[esi], S" b; u8 K+ }2 U
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],23 M5 v4 g/ q1 g/ z; {$ [4 r6 h
00404C9D 7D 26 jge short qsr.00404CC5
$ Z d; {: b- T( r0 I' h5 w. y+ _5 [00404C9F 6A 40 push 40
( A5 x3 ?7 f+ [% s+ V+ }00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder") {9 F5 W2 F4 y! I% S
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
* t" I8 F& {4 ^! Y8 d5 l1 p8 X00404CAB 8BCD mov ecx,ebp2 x# X5 C: [$ E* ^
00404CAD E8 C3840200 call qsr.0042D175
1 c% r( D$ _9 b5 c) _& Z" u00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]& ?9 G. s+ B6 [8 u. \" z7 }
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx1 ?4 B' R; T. K/ `' G
00404CBD 5F pop edi( M0 P% m" E0 B8 z
00404CBE 5E pop esi& @& N1 U- s) {& y
00404CBF 5D pop ebp" @" ]; X: y1 |' f3 H; B! ~: i
00404CC0 5B pop ebx! j# j% D+ E- G1 M& P7 S
00404CC1 83C4 18 add esp,185 F3 M; o+ A2 {( o% L/ s( P
00404CC4 C3 retn
/ v9 W+ `" c- `1 z00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]% M# p S- m. G& @' P7 U( ~2 c/ v
00404CC8 84C0 test al,al5 Y. P0 }( _1 q
00404CCA 0F85 1C010000 jnz qsr.00404DEC
. e$ c) A3 T5 d" T" @3 I00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" c: _2 m! m1 X" N9 m
00404CD4 E8 87E3FFFF call qsr.00403060: f, l, D! w. i \6 }- k* z) h
00404CD9 51 push ecx
$ P# O/ d. f1 p00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
7 n9 k- F8 I3 B0 \9 |1 {00404CE2 8BCC mov ecx,esp
4 A6 _, r5 E9 u! g( g$ D00404CE4 896424 14 mov dword ptr ss:[esp+14],esp- t! w+ w- ^ G/ U) J ^% z
00404CE8 56 push esi6 }1 W: d9 f8 n
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0" I& M. _( p! E3 r# B$ q$ S) B
00404CEE 51 push ecx
/ n3 D. x, R/ l" _9 m' e7 _00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
+ n0 i/ r8 J9 }; u1 Z5 }00404CF4 8BCC mov ecx,esp2 X! L: j/ t, W2 R1 T5 S/ K
00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
: ?: ^' G* ?4 h1 A, n00404CFA 57 push edi+ U0 k7 |5 D# z m: p$ l+ O& T
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
* V1 w. y5 x- k3 q00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
' M; v+ s8 E! U3 W5 j% i3 e4 _6 O+ z00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
; \/ ?4 U2 |" O+ v" \: j& O00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~7 g3 Z& _$ t1 ?4 d
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~ g" h! W& @& e7 t. z( t9 _
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~1 c* D. C$ `0 |
00404D12 6A 40 push 40
" ]$ l( W2 e2 a+ F00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
0 @) N% P k; ?( e7 C0 n$ @& {00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
- i2 y; o& y5 u1 u' j. D00404D1E 8BCD mov ecx,ebp k! D& B% E: V8 p" j& ~' N
00404D20 E8 50840200 call qsr.0042D175" v8 f9 u; [( ]
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
' Z5 |# n$ I+ @, N; p4 o# O* f0 D00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1; m0 B d) n7 {: H# y+ K( z
00404D31 E8 5AE3FFFF call qsr.004030901 [$ Z- X+ h+ ?# a9 ^
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]( \% J- T/ R( Q7 H8 w+ {$ z
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx$ o6 {5 A: F6 v# p% G
00404D41 5F pop edi* a* f& a$ e4 s5 \
00404D42 5E pop esi
0 D% |6 N- A" _00404D43 5D pop ebp# L, {4 S2 M ~" o/ \ S
00404D44 5B pop ebx
9 M3 w8 ^. K% C00404D45 83C4 18 add esp,18
/ x2 _* ^! R$ H+ K( Q7 z. S00404D48 C3 retn
3 ?7 w t( T5 Y+ [*********************************************************************************************************************************************************
, F$ A% Q: G5 \% V6 d* @( F跟进00404D09处CALL来到:
. m1 a) U4 ~6 w% z; H0 n004030A0 6A FF push -1 //一路F8下去~~~~
( L% B9 z O; G- ~ N' U, y004030A2 68 C88F4400 push qsr.00448FC8
0 [2 q6 k; ?' D+ z7 e004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]$ e" W* s$ I( W
004030AD 50 push eax
2 L5 Q. F* s" }004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
- S, y: e( @' v% ~+ F5 U3 {) q004030B5 83EC 24 sub esp,24
. {! n5 ?8 h% T$ b" m' O004030B8 53 push ebx
+ @; |; t& j$ l: R( [: \004030B9 55 push ebp; z* D+ z: Q* \+ ]# n# t
004030BA 56 push esi
4 \: z* z1 E5 B% F004030BB 57 push edi! ]! G- Z/ U$ v+ p
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
, c) ~9 G) u% ]* a% ^3 w004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
4 @& s' T" H; \4 c9 Q' d, F004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
8 q* H" Q6 f' |) L004030CD E8 27C40200 call qsr.0042F4F97 Z4 ^- ?$ p' }7 J0 K" H& T
004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
' @" E( @* t; J+ d004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
; ^- l$ {) n; d; F* s" g004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
4 z; \ D9 f q8 k. i. O5 k004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3: ^" w2 ~& T; v3 F6 u
004030E4 E8 905A0200 call qsr.00428B79
9 t8 c$ T6 U3 J N004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]1 u6 X; p4 H! y0 P8 X. @! n
004030ED E8 3B5A0200 call qsr.00428B2D
) r; `9 {! F4 B& u( b Z+ `8 B& Q1 E004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
' [2 W5 p& W( D9 l6 v5 q004030F6 E8 7E5A0200 call qsr.00428B79
, h# }2 h: t+ N1 @004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
, y+ V7 h; |4 u5 n! \004030FF E8 295A0200 call qsr.00428B2D+ N5 e- A$ m h
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]& f. j* R( C/ q: P7 }) \6 b
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]: P' F# ~# F8 O
0040310B 83F8 02 cmp eax,2
: V6 N# X! ^5 [: y% u7 k0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
% k5 G, Q2 x. f/ ]+ G k00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
+ {3 h d( ?4 e: m# [ [00403118 837A F8 18 cmp dword ptr ds:[edx-8],18! X, I4 e z9 [) Y8 c5 o
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳1 h, W1 V, _; }7 d s; w3 G, I; U* n
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]+ I% P! c L: l
00403126 6A 01 push 1" M7 `! K' U6 W; b& E
00403128 50 push eax* z# C3 V% C0 o; b( Y( O2 R
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]# b8 m" i: M) b: p
0040312D E8 C4550200 call qsr.004286F6
9 q# G* F5 K% M( k00403132 8B00 mov eax,dword ptr ds:[eax]- i3 d! o, D. a+ c, `' N% W
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20], ~8 a; D3 g% [+ _, R7 n7 L+ s
00403138 50 push eax% K! k; M. Y4 O; Q3 L c
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
: @5 x) b: ^; P5 V: j/ X4 e+ s0040313E E8 4D560200 call qsr.00428790
- W, b' Q% R0 D& Y* t00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& q! n+ G- E9 O, ]& p
00403147 8BF0 mov esi,eax
1 M! e, J; j* Y, U' k00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3) _ e) r) y( ` n" P
0040314E E8 38C30200 call qsr.0042F48B
) ^) K. Y6 D$ J00403153 8D46 0A lea eax,dword ptr ds:[esi+A]% ~5 y0 y4 V) x- M7 _) P
00403156 B9 3E000000 mov ecx,3E
" z+ R1 W9 W \2 L3 T; b; y- g9 s* l0040315B 99 cdq
# e9 H7 `3 b4 D! o0 ?4 }0040315C F7F9 idiv ecx/ i5 F x) ~$ T
0040315E 6A 01 push 1# l# E8 G9 N- x4 }8 y' W
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]. c2 w; e" `; s6 k- t0 x
00403164 8BF2 mov esi,edx
( Z6 @" p% i4 Z: D00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
& Z" a9 n2 W+ K0 v0040316A 52 push edx
2 ]: O! G/ h' j' R4 R6 j( l5 R0040316B E8 0A550200 call qsr.0042867A+ V5 @1 x/ o; Q1 E8 \$ F0 _, c4 H
00403170 8B00 mov eax,dword ptr ds:[eax]6 I9 U N2 z# i0 g7 C
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]& m; Z+ D! f# Q) w
00403176 50 push eax# j, j' d9 F7 |/ f7 ^
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
& a3 \" j7 q, S! ?0040317C E8 0F560200 call qsr.00428790
9 v6 x' ^' a6 z00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
( l7 G& L' u8 ]9 `00403185 8BF8 mov edi,eax# {% L5 @$ f; ~% p$ W
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],35 @9 [" l. ?( z/ l8 `
0040318C E8 FAC20200 call qsr.0042F48B
7 f* e, G6 e5 z, ?5 x00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
! s/ \0 T% e1 j/ t4 p+ T, ?00403194 B9 3E000000 mov ecx,3E3 q- w' o$ ~8 l" G* `4 s. a
00403199 99 cdq
/ s3 @. Y4 i. A1 D" L0040319A F7F9 idiv ecx
( o$ S+ D2 x/ \8 |' L4 n0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]8 _+ ?: X9 H) Z
004031A1 894424 28 mov dword ptr ss:[esp+28],eax" S( i) j+ V* }: A: C: F; _
004031A5 8BCA mov ecx,edx
9 b' N! e+ c% p( F/ h6 c004031A7 894424 24 mov dword ptr ss:[esp+24],eax! j- @5 h" M' G/ F) _
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
% {; L* [# ]2 p004031AF 894424 18 mov dword ptr ss:[esp+18],eax
+ z- x. D5 D& u% V# k9 `004031B3 894424 14 mov dword ptr ss:[esp+14],eax
8 K! c$ n- |; g004031B7 894424 10 mov dword ptr ss:[esp+10],eax! a" D2 g: @: r9 ?0 d
004031BB 8BC1 mov eax,ecx
! S$ V. d* ^0 |1 [# X004031BD BF 0A000000 mov edi,0A1 c5 P! h8 C3 V9 z/ A
004031C2 99 cdq
: Q% }+ L. X7 ~' L2 S004031C3 F7FF idiv edi" o W+ _6 `& p" E
004031C5 8BC1 mov eax,ecx
6 r. f( e5 }1 N* j004031C7 B3 0B mov bl,0B' ~# ^; J) {. v9 Q0 c
004031C9 0FAFC1 imul eax,ecx, S* c& V' @+ k
004031CC 8BCF mov ecx,edi! i; H% X3 A0 ]' p
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
: Q: \! {" x- H$ @004031D2 52 push edx
6 e t5 K* C( j6 |; ?004031D3 99 cdq
1 w: ~3 d/ X% N; g4 ?- K, Z- F$ Q t004031D4 F7F9 idiv ecx
P. N6 H, v* _% h; b, }0 X* c004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]. A+ p+ y' \$ M$ L0 ~& x: M9 y' o
004031DD 2BC6 sub eax,esi6 J5 o: [# |( B; K9 T3 y1 O
004031DF 52 push edx
- a. v9 V6 w, A/ ~004031E0 99 cdq
7 n: N6 b# l4 M, q5 w8 ^004031E1 F7F9 idiv ecx
1 l& y7 x& X& J7 {. l004031E3 8BC6 mov eax,esi
; g o9 o" N) ]% n% m4 D004031E5 52 push edx
' }& S% s3 ^ F' q004031E6 99 cdq9 j- j9 Z& ]; D
004031E7 F7F9 idiv ecx
8 t" r7 h, A. o6 q+ l9 Q5 ]004031E9 52 push edx Z/ O! F- i* I0 t- u, \) j
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
* M+ F) W1 d/ U1 ^. n004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
2 X0 N+ e! E/ Y$ \! p- B004031F3 52 push edx
8 h4 }, S: Z* c' N004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
4 g+ V9 v; B6 h4 Y% C1 C2 K; b1 w004031F9 83C4 18 add esp,18" a9 k5 N, Z. A3 ]6 ? L& y a
004031FC 6A 04 push 45 h# C- \; c: K* B
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
, C0 K( [7 Q3 B00403202 6A 00 push 0/ q% I8 k! n0 t- c2 O1 C
00403204 50 push eax& O$ Y& r# S+ n* a" {
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
. C$ P0 `' L+ ^ _ G6 j00403209 E8 D6530200 call qsr.004285E4
4 \$ D# ?5 N1 p( ^' p5 w [# j0040320E 50 push eax/ b1 o( E2 s, X) Q1 X1 j
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& W9 S9 I4 M5 h" _% L! v: \00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
# K$ S: {/ o0 Z. f00403218 E8 A7C30200 call qsr.0042F5C4
( n$ ? I3 E% C+ O5 L0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]/ R4 s6 h. Z* |0 _& A
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl K9 h& ]$ k. t9 o; J* m1 `6 B3 _9 u. Y
00403225 E8 61C20200 call qsr.0042F48B
5 K. @5 E+ E" I1 h4 A/ ]& F0040322A 6A 04 push 4
4 e+ e/ V, v. O$ d, s( y1 x0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
5 l% F+ h& n2 ~0 i00403230 6A 05 push 5
1 ^! P* l$ I) M" o3 A) \% Y00403232 51 push ecx( k. ? [6 ~+ ?
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& Z) p6 }; ?. D9 t( D* s00403237 E8 A8530200 call qsr.004285E4
' z0 X+ {; T$ s7 h( X |% U0040323C 50 push eax% _4 @! `9 ?' N: o4 l, e
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 |8 k5 L) S, M9 Y. {3 N00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
) }/ m$ M4 W0 h00403246 E8 79C30200 call qsr.0042F5C4" B, g( E0 n2 [( X5 K" r+ z9 h; Z* p
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
! ?% i1 o1 b- B0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl+ w6 p: s; j6 j' V) x5 N0 w4 I
00403253 E8 33C20200 call qsr.0042F48B$ K+ x$ E" I+ u; a1 H$ F7 m+ Q l+ b, P# s
00403258 6A 04 push 4, a" ?$ ~# P" j2 \( }9 c% E
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
) O) g1 M# U: b/ r( I$ j5 L0040325E 57 push edi7 k/ ~3 c% Z! _$ T3 p
0040325F 52 push edx2 i( d# e" o' l- P; q7 b
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" ?0 E" ]" y3 U! j/ q5 q8 V; n8 y00403264 E8 7B530200 call qsr.004285E4
1 ~5 K3 H |! i. E# a" N" S. a00403269 50 push eax
8 q$ H) R5 V) n) A) l1 C9 |0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
$ {" @& P0 h q% @, n: U0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E6 W7 b! }1 v- r3 f
00403273 E8 4CC30200 call qsr.0042F5C4
& U6 b+ O+ W5 _00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]( D5 ]5 t0 V5 ?/ k/ r
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl5 O) ~5 }3 A8 }, M& s
00403280 E8 06C20200 call qsr.0042F48B/ u6 P: z6 |+ H2 y
00403285 6A 04 push 4
) J) ~, U$ h7 }0 Z- r5 i00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]
9 h' D8 U) d+ u% V2 I0040328B 6A 0F push 0F' g/ I, W' { f% R& m
0040328D 50 push eax
. u+ D. x4 S3 M9 e4 ]" G0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]1 u2 x9 h5 T: j) e% R, z
00403292 E8 4D530200 call qsr.004285E4
2 d! n* g- f* o3 s1 j- G, K00403297 50 push eax3 u1 Y1 s4 y) c5 }; K$ X* d
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18] f3 e8 w6 p1 r# m) V6 j
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F) D/ [: u! }) ] b% F) n0 [' b
004032A1 E8 1EC30200 call qsr.0042F5C4
& q0 T& E0 ]% {1 R004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]' n' o5 @0 q2 A2 f: y
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
; X' u; X7 s+ O6 l' }004032AE E8 D8C10200 call qsr.0042F48B
6 _# Z& H9 W$ _5 I0 `. @+ e004032B3 6A 04 push 4
- S: U6 z1 [9 q* s: p! w004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]# W$ Y6 `! j/ {: ^+ U- M
004032B9 6A 14 push 147 x- k- D+ F5 g
004032BB 51 push ecx0 A- _- F E" \+ l# K
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50] d" `: [* w- S8 ]
004032C0 E8 1F530200 call qsr.004285E4" ]2 o! b! c$ n7 O! y
004032C5 50 push eax' P. u* T$ T6 c! l
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
4 d$ l# [7 t9 [! L( e004032CA C64424 40 10 mov byte ptr ss:[esp+40],10) M; c: k+ ~7 x
004032CF E8 F0C20200 call qsr.0042F5C4- k5 y) A$ q, b: ?5 \8 S
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 y/ ?- ]# l6 ^/ ~, z3 T% ]% x004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl; v! U+ y. T3 S- T
004032DC E8 AAC10200 call qsr.0042F48B! _; }. Y7 u7 |$ d
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI1 m8 Y g7 t7 r; L, ~
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX+ G, v/ k! _! i( y
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL
' E/ H8 _3 f" {& W# C. K004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
0 H n2 v4 q! `004032ED 8ACA mov cl,dl ; DL送CL
- Q2 q8 H$ V1 M- v7 q004032EF 3AD3 cmp dl,bl ; DL和BL比较4 x& M+ O: R0 x% }& y: {3 {
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
% t) X. K) t' i" y2 d004032F3 84C9 test cl,cl
7 c3 b3 \/ m+ ?) | r6 S5 R004032F5 74 16 je short qsr.0040330D
0 Z' Q* ` n5 e) e/ @004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL8 j4 {( D& ?* b5 i
004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
* [; t( ~' e f2 G7 y+ r: C004032FD 8ACA mov cl,dl
& R/ J0 b& e- o" l004032FF 3AD3 cmp dl,bl ; DL和BL比较
1 C" X4 q. m' }) V00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)! R! q! F" Z u3 b% N* w2 V, m
00403303 83C0 02 add eax,2 ; EAX加24 n; u5 a0 i: [8 @/ e* I$ Z! n4 ]( Y
00403306 83C6 02 add esi,2 ; ESI加22 X1 {' {6 W3 q. V
00403309 84C9 test cl,cl1 M' {! e) d `
0040330B ^ 75 DC jnz short qsr.004032E9
+ R1 l1 Z5 N* \5 u) v/ n1 e0040330D 33C0 xor eax,eax8 g. w/ b/ [4 I6 i1 S2 W
0040330F EB 05 jmp short qsr.004033161 f1 T* T7 T' k" Y7 x5 Q6 g
00403311 1BC0 sbb eax,eax F# f- X f( [8 j! q& u4 A# l
00403313 83D8 FF sbb eax,-1( B o. F( |7 \$ C
00403316 85C0 test eax,eax# p d- ]/ S; W5 z1 {; w
00403318 74 0E je short qsr.00403328
; \1 n6 {3 E* \' j$ I0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A8 P% }/ E1 ~6 O+ S% z8 v# o9 `
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
7 s4 t4 v, Y7 v7 }5 b- O00403323 E9 F0000000 jmp qsr.00403418
( w0 S# C* ^5 G4 u% x1 v00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX7 X x* E$ O! ~1 r+ Z; d
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]9 @ w; P) S( @# ?+ F
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
4 Q' Z; ], ^. x+ v% I( A00403333 50 push eax- K7 M+ K1 G& D5 y6 j- }) ^. s
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX0 [* W0 a6 R; i; @; Q
00403339 50 push eax. U' `; G4 r% ?4 v6 n
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
( ^# k) ?; a, I4 T$ s1 p& x0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX- M% y! c3 v( x& o$ I5 G9 M% O
00403343 83C4 04 add esp,4
) J2 h; Y, m+ L" O- h) S* ^00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
. _. n6 v1 o. y9 g4 W8 Y0 V00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
& N. e" }; M& d2 ~3 D& t/ X( _& ~0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]; D1 e' h# m" K f
0040334F 50 push eax5 j/ R% M. b) R+ ~
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
2 g- `2 o. [3 q& i" L/ g7 v2 b00403355 50 push eax4 O& Q2 |. Z" g
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX3 R/ \9 m7 m0 O/ l; C0 F9 x
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX9 f; H$ H1 Z0 T5 N
0040335F 83C4 04 add esp,4
" z% d, K) G5 G* C00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
3 d; A8 j- h7 n h1 w' F, f4 ~7 u00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
8 u/ t+ F9 a7 o! ?7 F- t( T9 J4 @00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]& I. R# L& {" \( B7 j& i( K9 V2 W
0040336B 50 push eax
% ~. [, ^4 ?6 a8 r0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX P7 D/ K7 G' o! Q
00403371 50 push eax, [" T! `7 `3 F# E3 m- o7 C( d
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
3 u. m! m) t9 S5 E' Q- ]! j00403377 8BD8 mov ebx,eax ; EAX送EBX
- k5 r# A, G6 j* I00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX# |5 c* x$ U9 n7 x: ^( t g
0040337D 83C4 04 add esp,4. g5 R5 B$ [! R1 @8 G: [
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]- v- F" w/ N9 c! _5 u
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]. ?) |! f Q" y- E2 D% o
00403387 50 push eax7 R$ D7 j' M+ J0 A9 s3 c
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
, F% C; b: T: u) b7 P0040338D 50 push eax
* { H t+ N. C+ F2 Q' f0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX; B2 [0 w. {6 Q( a: n
00403393 83C4 04 add esp,4
; E# b8 v1 a6 U6 d) ?00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 W" r& @' b* K5 F
0040339A 8BE8 mov ebp,eax ; EAX送EBP
2 E# y; S1 P' F0 d- y2 l. M, A0040339C 6A FF push -1
+ Q, u! F- [- x0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX% V- Q8 n* z7 O8 n8 A* d0 P& y- R# H
004033A3 6A FF push -16 K) P4 f! w( x; l- p9 P6 K
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX% Z; x+ u1 g) ]8 w7 z: c
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX1 Y u! i# }* \+ C/ H4 Y
004033AE 6A FF push -14 d8 x" D) [8 e
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
1 ~4 p% a" n- o7 V2 e004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX; |$ c! G$ \9 ]4 S% b9 {6 I
004033B9 6A FF push -1
4 p* y& V2 J2 n- h$ ~# [& k004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX! |8 H) L, G# b3 x% v2 A* L. \4 N
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX* U* n: k5 M9 d% v% r2 t3 {- }
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
1 [; Q2 N$ B& j0 I004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
9 O F' ?+ f& F M. N# l; }) A9 w8 @004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
( |) k7 t" W+ o, x. d! k ^- f7 G6 s004033D7 D1E0 shl eax,1 ; EAX左移1位0 G# K) }8 v$ F1 f! D/ M9 Y4 M- V7 p8 n, G
004033D9 99 cdq ; EAX扩展
- }8 p! E1 ?1 C3 B( s" d# q/ u) z004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中. v' S- N' O. B8 H) I
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较 H3 o, ~& F4 Q/ K
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
! g: c1 ]; w8 G: X3 N004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
" | |0 V7 m; J! ?/ D004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
, U' j3 p2 w6 {. `3 a004033E9 EB 2D jmp short qsr.004034189 N3 [9 T. a7 l1 M6 ~: S" K0 Q
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
$ o- _( p( v2 M9 y5 _004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
3 J1 m/ g( u" y8 Q6 U4 N- A1 D _004033F7 99 cdq ; EBX扩展
% m2 x2 {" b# h; @3 |. n004033F8 33C2 xor eax,edx ; EAX和EDX取异或
g! L6 \( O9 Z6 M004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX4 x- o# S/ _* ?* v# Y4 M* X
004033FF 2BC2 sub eax,edx ; EAX减去EDX
/ |. a9 F4 E. F# o0 R00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]+ H; \5 k/ s8 s" f v' q4 c% s" A7 T
00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
5 a* X9 F r- S) e" Z& v; ~' L00403409 99 cdq/ q5 ?- m5 H. b+ x
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
6 F2 Q* ?) V7 [: A% U( O/ `0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX- r& v' F6 D- n) A0 |# A# d$ n
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
$ t% }' ~6 S: b* A+ `% a00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
* S7 y+ c0 F. K6 f6 J7 J% o3 E00403418 E8 6EC00200 call qsr.0042F48B ;
1 C* [" Z1 F" S! u0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" W; P# X @5 `6 ]* p
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
- A6 {" n' E1 u% f! X' i9 N00403426 E8 60C00200 call qsr.0042F48B% w3 T+ C1 e; e! ]# Z# [
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 j% ?8 ~+ U, o' D0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8* |5 l- [5 p/ M. X9 k" J+ o
00403434 E8 52C00200 call qsr.0042F48B
+ T: z L; }+ L8 {: f00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
4 K! D8 g" Z4 l# p7 O5 O0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],7
+ O P1 p1 W9 p# i& j& G' v00403442 E8 44C00200 call qsr.0042F48B% [) K1 |9 h- X( E( m5 E
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
8 n! s6 ^7 ?, I3 o0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6* S" m) G7 @ h. B2 D0 [' j
00403450 E8 36C00200 call qsr.0042F48B; i2 k6 a2 h6 M: P3 `
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
2 e2 `- ]/ G# D |! Z I00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
|0 S; f7 G' D9 Z( A' ^0040345E E8 28C00200 call qsr.0042F48B
1 s% w" n. t7 U. n; a, Z" g00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
) f3 _! G8 d/ K) t; n00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],24 i, y3 K" v9 j+ k" [ J& e: e: S
0040346C E8 1AC00200 call qsr.0042F48B
0 B" U$ q* `1 E. |/ B" Z" u00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]7 `( L$ j1 K9 d$ i
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],16 s6 s6 S% k- N; C/ l
0040347A E8 0CC00200 call qsr.0042F48B
* a2 h) y3 E4 \& M0 { m1 y0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
5 Q8 ~% w% r. L4 E$ ^$ ]00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],03 x8 z0 j# N0 n) D$ y$ k' j& r& D
00403488 E8 FEBF0200 call qsr.0042F48B
& F% o! E5 p2 N7 o0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
/ i& v8 ?5 J1 X3 l+ E) j0 X00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
; y# V6 l8 u" |: W9 u9 W3 P! S& A% y00403499 E8 EDBF0200 call qsr.0042F48B
$ J6 F7 V d. `4 ]" W f+ o5 b& R* G0040349E 32C0 xor al,al ; AL清09 [) P) o& D) v& N, X4 X
004034A0 E9 88000000 jmp qsr.0040352D
. U# m- j; {/ p004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~ M" [$ `+ w, g4 h
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" C5 d- z8 Y2 U( G( D+ F
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9
$ S, T# m9 ? e; S9 r r004034B3 E8 D3BF0200 call qsr.0042F48B
7 g. O! A: c* A004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]8 F7 J# I3 M8 y- z
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
) R) B$ Q# ?7 K6 f' ^& ~004034C1 E8 C5BF0200 call qsr.0042F48B
% [1 X7 y% V' {004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]) b' G4 {1 d8 h" x0 c( o j
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7' c- O2 q3 H! w1 O e$ ]
004034CF E8 B7BF0200 call qsr.0042F48B% s- x6 E1 x+ H% @
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]" f; H6 S9 k; \$ M( Z" W
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
6 t2 o$ z. }0 b" {004034DD E8 A9BF0200 call qsr.0042F48B
8 r5 m7 X+ A, @004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
1 v; J' C5 T6 Z; t2 [, d/ r# C004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
6 _: P6 G5 ]( U6 I7 u* `& ?! ` I004034EB E8 9BBF0200 call qsr.0042F48B# L- T% p4 b# H* v7 T
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
; S# T u# P9 W# Q004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
! `' F& Z* K0 l/ F004034F9 E8 8DBF0200 call qsr.0042F48B# v# g. Z5 f L5 ]; F( v
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
- l* M: r% ~; @1 Z00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1: i6 ?2 y# x; Y7 T2 f
00403507 E8 7FBF0200 call qsr.0042F48B: \( M2 O8 a( Y- z0 Q8 Y7 c+ U6 x
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]% m( p' h4 F( d9 P
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],02 p7 u7 P( d7 P2 G$ n) U3 l6 ^
00403515 E8 71BF0200 call qsr.0042F48B
1 y% m" s! e$ k8 I; B; O6 t0 _0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: d) @! V: X) o; P* e0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
* B& C- j. v) Q) t8 c7 |9 D# D! A1 G00403526 E8 60BF0200 call qsr.0042F48B; j3 ?4 e1 R$ M& v' W2 C: R
0040352B B0 01 mov al,1
0 {: Y4 R4 |% @% _0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
~, o' E# g% [) `9 S$ ]" @$ v00403531 5F pop edi
# G. i$ q, \" g7 r- {00403532 5E pop esi
, Y" ]# ^" Z( W# f! j& v3 \ F! y00403533 5D pop ebp
2 Y5 r9 G! h' B( U5 A O00403534 5B pop ebx" R) e7 b, `' {& {( ~9 O# c
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
1 f& p; n6 V% M: `0040353C 83C4 30 add esp,300 t3 |3 j( s9 r4 l% a m$ u- q
0040353F C2 0800 retn 8
' n! [+ m! q( O& d9 H) \" B% Q--------------------------------------------------------------------------------! L+ `" _% W' w: M0 m
【破解总结】
$ |7 s- B! d c3 _2 f1 o1 [ 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
8 U4 s6 b3 H, Q用户名:yijun' O! @( {, k/ `
注册码:4893*7777*3726*7777*0529( q V( O1 w3 t) C% T# y. }, z8 F
--------------------------------------------------------------------------------
* [' Q* W8 h( ^【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡