|
|
|
【原创】破解Quick Screen Recorder
_' h# i6 n, i( z【破解作者】 yijun
& G) k6 X3 u! i% ?" {. k【作者邮箱】 [email protected]4 ?0 ^ K% {4 v) {8 m
【使用工具】 OD,PEID4 j/ W4 y* i: B$ v t+ _. Y& \5 E
【破解平台】 WinXP/ @& m3 r1 x' G+ j v8 n
【软件名称】 Quick Screen Recorder& g" k" X: l: [4 H/ q7 A
【下载地址】 天空4 p) b% g+ z) Y
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
* T$ E+ C. B- ?' M【软件大小】 540K% O7 T5 H# |4 p4 t5 f$ s
【加壳方式】 无9 U! L7 i1 F* d o( w! d. n
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
+ R2 V. l: G$ `! g: \! S--------------------------------------------------------------------------------
; S; ?- B& D7 O9 {+ q5 G【破解内容】, R! ~5 N$ r+ L( Q6 w
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:0 ^9 l+ Y c/ M
00404C69 55 push ebp //在此下断5 k+ `0 X, @" ^; e2 b- l
00404C6A 56 push esi
. a( A+ Z8 Y! j- E" L7 B y3 g7 S00404C6B 57 push edi
& d4 D9 w1 ^* a+ o3 Q00404C6C 8BE9 mov ebp,ecx& s. F' l1 g/ q- G
00404C6E 6A 01 push 1; q4 `) I6 L! Y6 R
00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名 @2 H# Z+ d4 d6 v; W8 S3 D* [
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]% B n( z2 D, ^& T
00404C78 8BCF mov ecx,edi
7 H8 Z5 f" ^* ]# v00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码4 E8 s: _, S+ i: D# z0 H
00404C7F 8BCF mov ecx,edi
/ ?* O+ }. B: F$ _+ w00404C81 E8 A73E0200 call qsr.00428B2D2 P5 j0 f! ]7 ]8 t7 F' K: O
00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]. Y- g1 }1 Y Y
00404C89 8BCE mov ecx,esi V, P7 \. [* W. P/ I; w- A
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
, d+ ~" b- Q! G( e00404C90 8BCE mov ecx,esi
3 U: z- N' @ A00404C92 E8 963E0200 call qsr.00428B2D" S# z4 M' I% f [
00404C97 8B06 mov eax,dword ptr ds:[esi]6 J' w+ i& q* K2 E* \8 p
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2! d% K8 k# ~; ^, x, A
00404C9D 7D 26 jge short qsr.00404CC50 f2 G) B, A5 m
00404C9F 6A 40 push 408 ~" w/ |+ i8 b" @' k
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
6 U( f( t3 [, e! p8 Y9 E- N00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."+ l# [' x% q0 w. u- a
00404CAB 8BCD mov ecx,ebp
9 _2 r4 ~0 ?& l2 U" J00404CAD E8 C3840200 call qsr.0042D175( [& l6 O9 w; z
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
2 {- \# C& ?' {6 }00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx: E+ [% w1 D H! q
00404CBD 5F pop edi( L5 v" J$ K" ?* w/ H
00404CBE 5E pop esi
" l1 Y: t- T( J( [6 L00404CBF 5D pop ebp
# a& W* V7 g; r; ?# h7 B$ e7 O" @00404CC0 5B pop ebx
; t- D+ p' a" |00404CC1 83C4 18 add esp,181 b5 `- g& p f5 _( V1 [2 O+ S
00404CC4 C3 retn/ U2 w; U: L8 x, d* Z# S% {- h
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
/ _! L9 @3 ^( N9 e L$ G) ?0 O00404CC8 84C0 test al,al
& g/ Y; ]" F! c# O) @# p00404CCA 0F85 1C010000 jnz qsr.00404DEC4 P. U, i" j; ~& k8 M2 \
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]# e ^0 t; J/ m, b5 G' ]) _( e
00404CD4 E8 87E3FFFF call qsr.00403060* Y0 X3 x! A) j) f6 }
00404CD9 51 push ecx
. L+ Z1 p5 v7 V00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0$ R. g/ |3 t$ X. f( m: ~
00404CE2 8BCC mov ecx,esp8 u! P( U. R& Q; g" b5 C8 x
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp4 H: \. {6 E1 D2 ?& i/ R; y& @
00404CE8 56 push esi
2 \& ~6 w- {8 G00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是01 h' p/ ~/ a; k( ~5 l
00404CEE 51 push ecx, ~" a4 ^, k5 r% Y( ?! T
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
- i9 Y1 b) k& J" i' X00404CF4 8BCC mov ecx,esp
$ r6 O( P/ X5 X5 t h+ w00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
) N! t) K ?$ q! ~" w. d00404CFA 57 push edi$ z# c" q5 l6 o7 O6 s7 h
00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0) J" D; K% j$ T" U' e# |# [: d
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
$ L0 K, n$ z( q00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
! ~' X3 v2 B. ?. S00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~9 C& y: `9 @* l- {
00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~$ @3 e9 B) Y6 e( {' c/ \- h
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~1 M7 B. [" j8 C# r, @
00404D12 6A 40 push 40: ]* T( o9 c& p/ s/ v: Q
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"6 `* S) k6 C: s6 [, E
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."- M3 Q& R: |/ {! _+ b
00404D1E 8BCD mov ecx,ebp
0 R% d& K. U" Y* `' H00404D20 E8 50840200 call qsr.0042D175) e0 T3 n/ ?+ u" L
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]' r7 n7 P7 ]- L# n- z
00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-12 o0 T6 E3 @2 S" Q
00404D31 E8 5AE3FFFF call qsr.00403090$ f/ U- [+ J9 x5 K8 U! q
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
* a- W9 l. N8 R- o6 D* G00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx; v, ^/ ^# ?( K- G
00404D41 5F pop edi
`- {& \, \" b, q00404D42 5E pop esi# v/ T1 ]0 b3 h6 e+ q: Y- {
00404D43 5D pop ebp* y! _( ~0 ^5 C) T
00404D44 5B pop ebx
# F5 `! x5 A. F9 O00404D45 83C4 18 add esp,18- R- O0 ~: H, j; C
00404D48 C3 retn# j7 r! [7 B9 h2 y' l3 [
*********************************************************************************************************************************************************
9 ~+ d2 e& I/ [- q8 Y& ?) u: z跟进00404D09处CALL来到:
7 I( d, s: G7 A- U0 {004030A0 6A FF push -1 //一路F8下去~~~~* I# T: o/ H2 D4 p" _; G
004030A2 68 C88F4400 push qsr.00448FC8
$ i# Z% p5 T) Q) }+ ^' J6 L004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]8 I- k% e" B4 ]3 P- V
004030AD 50 push eax. t1 x U% w/ y5 ?7 y
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
! H3 ~: o7 F3 ?5 `004030B5 83EC 24 sub esp,24
4 W5 n; N6 [" ]5 x, l8 E! E- H' b004030B8 53 push ebx# D) G3 W+ G8 t) l* \
004030B9 55 push ebp. z& X1 m- P& x( R/ W2 V
004030BA 56 push esi
6 m3 v/ I5 M* s9 i* d, o+ \ S004030BB 57 push edi
( g6 W: G/ T4 |# a3 }004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
! S: N, {: q/ Z004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
. r& @) C3 D" M# c004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],13 e! J4 x! ?; X8 K# g
004030CD E8 27C40200 call qsr.0042F4F9
% A0 Y2 a$ a/ l' x$ x- x$ [$ S004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]# g! T! \) N6 {
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
- E; D0 N2 ?) V, f004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]0 k+ O! Z+ C) c/ O" J% \
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3( m9 V8 t" b' X4 V p( Q6 z ]0 _
004030E4 E8 905A0200 call qsr.00428B79
5 i2 r; l* A1 r6 _004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
7 e7 g9 {+ M# Y* Z, d4 p$ ?6 F004030ED E8 3B5A0200 call qsr.00428B2D
3 \' R7 n4 @8 J+ R1 ]- L004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]( B6 d2 v( D% F6 S* H& ?
004030F6 E8 7E5A0200 call qsr.00428B79# ]0 }6 t* |; Q
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
6 ^6 M' `% E4 Y2 x! n004030FF E8 295A0200 call qsr.00428B2D* H& ?) B5 J0 n; O$ [4 m" p& A
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
+ ~$ y8 p }) D" c$ Z00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]# f/ }2 d' H+ C4 ~$ m) E
0040310B 83F8 02 cmp eax,2
- U5 r% }! b$ ?* E0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
9 h( D: s( r( g6 H3 ^00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]4 r* ~% h( \' M4 q5 E" j
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18: `2 Z$ i" F1 B% P9 {; O0 g8 X) v
0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
8 T5 D! @: @2 E! l. K7 E) t00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]( g+ \5 X3 Y2 s1 h' I; @0 D. C
00403126 6A 01 push 1
# W, K2 a4 E' A# L00403128 50 push eax
6 {% g2 }/ N: R/ ]: L( ?, r5 P/ @00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]) b& J @$ j. {! K
0040312D E8 C4550200 call qsr.004286F6
. D1 \, N* L" q' g5 C' d* W6 n00403132 8B00 mov eax,dword ptr ds:[eax]
5 C* O N5 w+ Q/ W00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]4 v; M( u) \. m+ T% b) C4 Z8 E
00403138 50 push eax
) X, H! ]0 l/ `% v+ l( M, m00403139 C64424 40 04 mov byte ptr ss:[esp+40],4$ Z( l- p3 d0 |& K e! r
0040313E E8 4D560200 call qsr.00428790/ A8 G3 O. |) ~& w
00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]4 r( [: X% a9 v' b1 g
00403147 8BF0 mov esi,eax$ Z# x/ {; N6 h
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
1 u1 A6 @; @- Z0040314E E8 38C30200 call qsr.0042F48B: S) T4 O- W3 N+ [
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]4 @- _; T- K7 g+ w
00403156 B9 3E000000 mov ecx,3E
. L; O( L* A6 k$ A1 ~+ L5 E0040315B 99 cdq
" @. y; \- Q M0 o& K! @( c2 \0040315C F7F9 idiv ecx
$ \$ K6 N' y* e/ \! a0040315E 6A 01 push 1 s& U$ ~1 j0 i: K
00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
; r" u6 i" ~2 N9 _0 @/ L2 I; J00403164 8BF2 mov esi,edx
) m$ ~; n/ Q- s V+ b00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]2 h6 ]" |: F* J. H
0040316A 52 push edx
1 D2 k4 v7 R/ l8 r; J3 n0040316B E8 0A550200 call qsr.0042867A5 M% Z! c" {3 l6 Z& r$ J' E
00403170 8B00 mov eax,dword ptr ds:[eax], P! B( R' z# J+ W& n
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]' L8 t7 \8 b) n* @
00403176 50 push eax
0 L" ?* e# W. W3 Z00403177 C64424 40 05 mov byte ptr ss:[esp+40],5/ b* R" a6 a- |8 X4 g
0040317C E8 0F560200 call qsr.00428790# x3 d6 W- P, M6 n5 T5 _
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 P& I. s0 n( ^: r! g6 u4 p! g00403185 8BF8 mov edi,eax% p9 @- g: R( L2 a! Q
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],34 I. \9 N% i- L
0040318C E8 FAC20200 call qsr.0042F48B
4 r$ n: j5 U0 z) V7 V' n: h00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
/ ~' m8 |4 {& f* B7 B9 V00403194 B9 3E000000 mov ecx,3E
6 I. G9 y) L" b0 q, U$ B00403199 99 cdq
, H8 t2 u0 i" [3 k. {& w, S0040319A F7F9 idiv ecx
0 s. I/ \2 b$ v: e0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
5 ^1 s3 Z8 o# ]( u004031A1 894424 28 mov dword ptr ss:[esp+28],eax; [; c% J0 ~" \5 }* l2 @1 a" z: W
004031A5 8BCA mov ecx,edx, k- @: M0 o" A4 ?' s/ q" V
004031A7 894424 24 mov dword ptr ss:[esp+24],eax! z$ q! n: h4 E' }: _
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
9 z7 I4 Q% J- o& E/ f004031AF 894424 18 mov dword ptr ss:[esp+18],eax
; l2 c; b% \' D3 m( s' E% j004031B3 894424 14 mov dword ptr ss:[esp+14],eax3 e. ^) \, |( ?& V' B/ r; Z L
004031B7 894424 10 mov dword ptr ss:[esp+10],eax8 ~. f7 C: F& x/ e' O% @
004031BB 8BC1 mov eax,ecx
7 P+ r5 n5 v" \' o" i8 i* a004031BD BF 0A000000 mov edi,0A
0 i' N" j- a. `( x6 R4 [7 Q+ D( J004031C2 99 cdq
_/ _* ]. y8 t7 ?0 y004031C3 F7FF idiv edi
) c- w6 @7 P# H) B& `004031C5 8BC1 mov eax,ecx, f( q$ ^6 I3 L( N c
004031C7 B3 0B mov bl,0B
% ]$ D/ J4 g8 d2 Q+ P4 _5 ]004031C9 0FAFC1 imul eax,ecx- ~ I6 j& Q& x9 W
004031CC 8BCF mov ecx,edi, j" Z* h: b! A& q- {5 H4 o- o1 r
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl5 I( l$ T+ L, ^" S# J' m
004031D2 52 push edx
/ e7 J0 D2 F) P1 L004031D3 99 cdq* z+ M; Z L( x- O: ^4 r8 O
004031D4 F7F9 idiv ecx
8 E. P! I7 U W% [& m004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]! \, S# J7 ^9 R: @6 X
004031DD 2BC6 sub eax,esi/ A3 @, s/ `4 S# v( D8 _
004031DF 52 push edx. b2 R- e t* c; h
004031E0 99 cdq5 E& b8 l/ D1 Z; m5 \6 }- ^- I
004031E1 F7F9 idiv ecx
/ {3 M$ z* k# t! n004031E3 8BC6 mov eax,esi" l3 }! N7 }0 W& W4 m
004031E5 52 push edx$ J7 Q4 D1 u% K, _6 w( z- |
004031E6 99 cdq1 n$ }* u! ~4 [5 j' E$ T
004031E7 F7F9 idiv ecx
) B* l" D6 ^$ p1 K& r1 s004031E9 52 push edx9 P* N/ V$ E! t4 ?7 ]& P9 `' f
004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]: y0 {, _9 l+ V1 F6 L# i
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"0 Q; r. x/ c# r
004031F3 52 push edx. i8 N) I4 d; b9 `
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893
2 R2 N) X7 |) Y, o1 ?% d5 A004031F9 83C4 18 add esp,18 C ^3 Z5 ` ?3 V
004031FC 6A 04 push 4
& W! B- }: a) R004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
& r. u# \+ y/ i, A00403202 6A 00 push 0* Y, D, r k4 v% X; P8 y
00403204 50 push eax
1 f6 c8 k/ `2 C3 [ B! ]00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]% x8 F7 q5 F- ~
00403209 E8 D6530200 call qsr.004285E4
( a! F3 [! `; J0040320E 50 push eax
1 J- y) `& |" K9 M0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
6 D: V$ A4 E6 g6 Z00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
5 u( y$ k. q& k! P8 v3 M1 l" `00403218 E8 A7C30200 call qsr.0042F5C4
3 S, ?# p5 F7 f0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
3 I7 W2 d! ^+ Q- a! d% @. a00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
/ L* E t! A; O! _00403225 E8 61C20200 call qsr.0042F48B
' F" ?7 o& A& E5 [) p: [4 [( g. h0040322A 6A 04 push 4
# ]8 P1 Y. \) I1 ]& o1 R0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34], U% g( `. ]3 t, K
00403230 6A 05 push 5 M2 a( z& R. G! H' ~8 V
00403232 51 push ecx9 S) L# T$ C- g3 M
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
, ]' ~. ?; ?# Z: y, ~00403237 E8 A8530200 call qsr.004285E4
3 x$ j R& [# d# s0040323C 50 push eax
5 ]3 q9 |7 A- T! `9 S M0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]- ` b: r& g" @4 @* O2 g
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
: q) i$ [; @, [, y- ?00403246 E8 79C30200 call qsr.0042F5C4
" v- l9 `' Z9 m: V$ O4 I+ u0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
; x& N2 D4 y2 O6 | X, W& s! ?& w0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
& \2 H3 N& K0 }2 b7 h* x00403253 E8 33C20200 call qsr.0042F48B
8 U) q6 X8 Z5 Y00403258 6A 04 push 4, o1 }# p1 u; E* I6 s. F
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
) P" |( X4 k& ^" w0 p1 c0040325E 57 push edi# E# M) W* G9 r- u* ~5 X! b! y
0040325F 52 push edx/ `- C' B! i% h/ }
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
5 Y- ~" |1 T/ s ]+ n6 P. n00403264 E8 7B530200 call qsr.004285E41 m9 ]4 ~. v5 b$ `, z7 }! r
00403269 50 push eax6 M+ z( C/ j- ~6 V/ N7 L
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]2 C1 ? Q0 Y* K/ U
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E% B) h' ]: |5 k) R
00403273 E8 4CC30200 call qsr.0042F5C4) r9 |$ T4 {: p: V: m, ^
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]! d S$ @) P8 r4 Y$ q
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl9 w$ x1 P0 `8 m* S+ h7 k4 n
00403280 E8 06C20200 call qsr.0042F48B
; M6 `! l$ A7 X; }! W! N( U) [3 G00403285 6A 04 push 4$ ]- h# P4 x; r0 h# B0 [
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]3 V* x( b7 Y: H
0040328B 6A 0F push 0F
% x/ }7 ^+ |) d C% I0040328D 50 push eax/ v. X' N: V. e7 A8 f
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& h! k' V) V. g: K9 W00403292 E8 4D530200 call qsr.004285E4" p7 j$ }( ^" ~+ r5 U4 p! A# Q
00403297 50 push eax
- Q; i% j9 Q6 {# v: ~00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
# {9 _ t( E: d! F7 D0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F8 j& P: I& j+ D5 ]2 A
004032A1 E8 1EC30200 call qsr.0042F5C4: _. z' b. [& x0 S7 h( {
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]$ r# c! t" w2 m
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl% Y- ~0 l" h4 j. C
004032AE E8 D8C10200 call qsr.0042F48B7 U# }5 n) w0 j6 y6 h/ j
004032B3 6A 04 push 4
: x% x: s4 t4 h( b0 s004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
. \* D( L' x9 [7 }004032B9 6A 14 push 14
* T( b$ S |* s& p2 m8 C004032BB 51 push ecx
l$ r9 _. m: S% g# }004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]9 L+ M, i4 o2 H; V9 M, U" Y
004032C0 E8 1F530200 call qsr.004285E4
) }4 `* x- b" c' B8 o7 L+ }004032C5 50 push eax
3 W; P7 K* m" x% W3 H# }5 O5 X004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
) S, O2 s3 m, E: @5 B004032CA C64424 40 10 mov byte ptr ss:[esp+40],109 I8 a5 j) t1 ~: \% t
004032CF E8 F0C20200 call qsr.0042F5C4- t# f6 z/ V6 p5 g8 W
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
- [! g( i5 `+ ~) ? P1 @004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
3 E6 ~: P1 Z5 ~# [: z004032DC E8 AAC10200 call qsr.0042F48B$ i3 z" s* s; S$ N0 X* a: N& [
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI9 ?4 a1 j* O2 u: c1 ~# f
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX: f) K, \; `9 H. @/ R
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL& b; ?4 A3 n4 Z
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
4 E: C/ r6 e9 l5 x _004032ED 8ACA mov cl,dl ; DL送CL7 x. r; G: T! _9 v9 y
004032EF 3AD3 cmp dl,bl ; DL和BL比较6 T$ I' ~ B8 P) j- Q3 u
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)6 m4 V* U0 e# r* _3 O% L
004032F3 84C9 test cl,cl' K! j- `! U& v( C% ]6 O7 V1 ?5 ?
004032F5 74 16 je short qsr.0040330D
* l# ~) I, N7 N5 V0 }! ]+ K" ~- Q004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
M( N' F/ V5 v7 t# w004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL. q/ ~! E4 z9 _% J/ \+ x
004032FD 8ACA mov cl,dl) v5 J/ C% J; m4 ^% l( a0 |
004032FF 3AD3 cmp dl,bl ; DL和BL比较
- E$ f3 M, Q$ j8 N9 t1 f8 y: E00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳). ?' X0 T2 r5 y3 _0 E8 X
00403303 83C0 02 add eax,2 ; EAX加2
5 l+ M7 e6 B; @- |: X t$ s# I7 n00403306 83C6 02 add esi,2 ; ESI加2
; {# Z! Y# X% ]/ t9 b1 |00403309 84C9 test cl,cl7 h6 D8 Y1 G) t1 @0 d3 |
0040330B ^ 75 DC jnz short qsr.004032E9
4 _! s6 `0 I( d. _; \9 P# v0040330D 33C0 xor eax,eax# A5 n/ k& c" z0 n6 ~
0040330F EB 05 jmp short qsr.00403316: V: e3 l$ N: C$ T1 v# R
00403311 1BC0 sbb eax,eax
+ Y: y$ y; j) Z3 o, r00403313 83D8 FF sbb eax,-1/ P. v# K; c8 J0 J# {
00403316 85C0 test eax,eax
& Y$ d; l/ }; O' t# {0 [/ i00403318 74 0E je short qsr.00403328 J! N) ^( J5 Z
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A
; V" u8 r R2 M" F+ @. ?0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
1 A( x3 I, Z, F. x00403323 E9 F0000000 jmp qsr.00403418! B* d, o7 l. Z8 L0 U" d: `
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX+ O1 s1 `( g/ J4 k0 _3 L
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
+ x: v3 t4 v+ X& _00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
1 U- G6 ^: ?0 g0 g/ f) r00403333 50 push eax- v4 ^; |/ i( I, |" w
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
1 r# A5 {8 z: f! s7 }9 l00403339 50 push eax$ [- w8 m; m4 B* S& x. i
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
- o" w9 n2 e4 P0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX' u0 ?( y2 V' t9 H$ }
00403343 83C4 04 add esp,4
+ c6 o2 K: L: }. X) m- W) R. e% O00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
8 L; O! T# |2 j( d00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
! K& M0 B/ w/ P0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
! f. V: {/ R' g: x4 L# A0040334F 50 push eax' D+ Z( U* H- u& f! i
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
' v! W: l( W' B) f+ P/ v& M00403355 50 push eax7 o1 S8 x1 e5 K9 r$ N
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX, \5 c; w. K+ M0 H6 `/ {
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX, X. S$ K6 p9 J
0040335F 83C4 04 add esp,43 ?$ E2 A( d% D; a, W
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
7 m: l3 T+ Z0 B5 p( a2 y4 |00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
1 F) l: q8 i2 H! s0 i8 {00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]7 c/ r3 ^, ]/ z6 F3 _4 Z, \7 i
0040336B 50 push eax
/ p! ]; O; Q& Y' C4 t) X/ R8 h0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX4 @$ V2 s1 A1 T3 z* z; j6 P$ M' h. t
00403371 50 push eax) U* K' P6 n' n2 K; [
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
3 E1 c! ?5 e i00403377 8BD8 mov ebx,eax ; EAX送EBX: X) Z6 L2 j3 Y$ T/ k
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX# ^0 @: w i1 g- C$ R5 n) w
0040337D 83C4 04 add esp,4
$ N8 P% O1 Q! i/ q4 I% y. w) H00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
, U6 Y- t) v! Y/ P00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
1 f% [0 l9 B' b0 J00403387 50 push eax( P& q/ g( V- Z) a+ ?' u" z
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX* E+ X, O4 p" D0 }
0040338D 50 push eax, y/ i; X+ ~7 |2 `
0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
6 I3 ^4 a4 Q8 B3 X00403393 83C4 04 add esp,42 Q6 }; `, I, w j$ Z
00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
7 I3 l/ F: B& k0040339A 8BE8 mov ebp,eax ; EAX送EBP7 l( Y8 p4 _: W, E( X* m- v8 j# I
0040339C 6A FF push -1
) y* |3 y3 p. w# z0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
. h j) E2 O/ S004033A3 6A FF push -1
$ b' U2 ]) H. N2 W004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
$ U* I+ ?7 h2 C' z# \004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX
: C! {2 z7 X) m4 r1 r% P004033AE 6A FF push -1' @, a9 a: M3 M6 @
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
7 P7 b! t7 _' _004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX7 f& k/ g0 [6 w5 J
004033B9 6A FF push -1
: g6 [9 M. A. C+ I1 m004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
3 L$ X) Y' x; h: ^004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
! ^ U' a9 {) Z# k3 `5 x5 p0 z( Y004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
, x9 P: M# b- K; N004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX! f) \' n& [' h3 B8 M5 T- \
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
+ v" Y' h/ K6 k! A: _' l8 n4 X004033D7 D1E0 shl eax,1 ; EAX左移1位8 I0 G- A- z0 ?9 q( z( z1 |4 A3 J
004033D9 99 cdq ; EAX扩展
' q# G% x. t; y% N. ?( l9 O004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
; t$ v& t* K, R- v% q$ ~& M004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
* D( |. S; j( p/ D$ _$ F7 j004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
5 T/ @3 O0 A! u004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
+ L1 c3 |5 \7 b5 v004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
! L7 o# m1 ^% B6 }" T, K( v004033E9 EB 2D jmp short qsr.004034187 e4 V. q8 u* [& V9 Q
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX5 e0 z' ?9 k$ x; r$ E! J, ]. \$ `6 a
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2/ n B$ i% G& b2 \
004033F7 99 cdq ; EBX扩展
/ ?4 B4 p! N! p8 h" m, p004033F8 33C2 xor eax,edx ; EAX和EDX取异或5 K# j. y+ B5 t5 p2 R1 T
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX; K5 K$ W. h% N. g% t, \/ k
004033FF 2BC2 sub eax,edx ; EAX减去EDX
+ K+ {6 S* P% N6 ~00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
3 ~% e2 R; b* Z00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
' X4 n% Z' a+ ?4 E5 p' K' [1 k# o00403409 99 cdq& t8 G8 ?/ V9 \
0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
/ e! ]7 i8 V& c, Q0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
1 Y ]' I) ]" {- |" b00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较; [) w* G% _6 L" ^* L
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
: \6 c8 ~$ Z3 ]. y1 R00403418 E8 6EC00200 call qsr.0042F48B ; " b$ t6 G8 Q8 E& N% Q# q& r
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]/ o' r2 M- j: o4 Z1 b5 v) n
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
8 S- r4 E# t7 t$ P8 q- G00403426 E8 60C00200 call qsr.0042F48B; v1 H' a, }, w/ _$ v& _! N6 N
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
+ _ ?* N. ?! Z! g X0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8! }$ K" R( {; D# N+ P) j
00403434 E8 52C00200 call qsr.0042F48B
% \. ^. x% h2 _! v7 ?" c00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]' I" O2 Q. \% T2 f& }3 e5 }
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],72 l+ ]' t' a& {& L6 V% e
00403442 E8 44C00200 call qsr.0042F48B
) B" \" E4 Y+ B/ h00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24] J: ?9 o6 Y" W7 C# M, O
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
$ {' @. A0 F: ~' H$ ~* E, C00403450 E8 36C00200 call qsr.0042F48B, t6 L# K. q$ p
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]. w9 O9 l1 |2 _% d/ I; \
00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3- k0 |1 A# w$ k2 q
0040345E E8 28C00200 call qsr.0042F48B% N( |% a5 s+ N* R
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
6 O7 W* M+ ]) q00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2: O1 G4 \7 Z5 [4 y# k
0040346C E8 1AC00200 call qsr.0042F48B
- \" E5 B5 f7 c; h2 B3 ~00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, V1 f- o1 [- j6 _' Y00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],17 z' Y3 J, s3 _
0040347A E8 0CC00200 call qsr.0042F48B: v2 C/ o0 U7 y1 A/ O( M
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
9 W8 U7 o9 k2 ~# M00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0# {5 r0 ~4 T M2 x: Y3 x
00403488 E8 FEBF0200 call qsr.0042F48B8 z& H- o& Y% s" `4 @6 i
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
# ?( K' Q u0 |; W00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1* j4 F. ]& b1 _: y2 c" F' A
00403499 E8 EDBF0200 call qsr.0042F48B0 v5 A% z, n( y8 V z& x s! j2 W
0040349E 32C0 xor al,al ; AL清0
4 @+ M: q5 t6 R004034A0 E9 88000000 jmp qsr.0040352D
, e4 a* b. H/ F G004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
% g& ^0 b0 [7 {, k004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14] s* `/ g2 N1 V
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9# w# f9 N5 r7 V8 X6 v
004034B3 E8 D3BF0200 call qsr.0042F48B
6 s+ E# t% F' i* d" o) O" g004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
: w* F- W& _/ s; `% M( I004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
6 t: D& a& Y9 n' d" Q004034C1 E8 C5BF0200 call qsr.0042F48B
+ `: n* Y1 W" [004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
3 j& G/ P, B& \" V H004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],73 |/ L/ B9 D4 n5 F+ v8 P" l& b9 [
004034CF E8 B7BF0200 call qsr.0042F48B
0 T7 e, O( L- j+ m004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
* ^4 C! B; j" ~: F0 X004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6! \% s- _7 G- u N4 X/ {& a, E0 s
004034DD E8 A9BF0200 call qsr.0042F48B
, s* K0 z; x: n$ Y3 l+ t3 f. _# ?& e004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
; X, `# G/ R2 B4 F7 i004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
( T" W3 q5 Q3 O1 D- I004034EB E8 9BBF0200 call qsr.0042F48B2 `! i3 n) j }7 K: F
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]4 M1 Z N0 _2 [! o6 n4 H& \4 Q3 W
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
, s$ f) H' y& M, m8 K) u004034F9 E8 8DBF0200 call qsr.0042F48B
0 J2 c7 c/ |: m5 @4 S004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 I; W7 R: F# C! e! b4 d) R- ~00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
0 |" ?& p+ O; y! E" |" ]8 m00403507 E8 7FBF0200 call qsr.0042F48B
# e; {* }- |' Z3 Q0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]% C* L& M+ n' z' K
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
4 W; f. J$ |8 A& X" f5 ?6 X00403515 E8 71BF0200 call qsr.0042F48B
! f" c7 s% C5 }0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]; {+ u' f1 p( h1 o( k
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
8 k4 R. @* a) Y0 V0 Y& r00403526 E8 60BF0200 call qsr.0042F48B2 Z3 t2 |. r- S5 E9 ^0 N7 _; P
0040352B B0 01 mov al,1
! }6 `/ u: t9 j k* U0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
. L* ~3 ?4 J" l; K; j00403531 5F pop edi% e) A% w& Z) a
00403532 5E pop esi
; i4 M7 m6 ^9 ]* r/ R: \9 V5 q00403533 5D pop ebp
3 H/ A. f$ d0 X5 E1 J5 k% Z00403534 5B pop ebx' g! \" l* |9 A
00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
2 Q6 [# e3 V5 R9 k' e0040353C 83C4 30 add esp,306 `5 D2 B' T9 t& u, l4 @
0040353F C2 0800 retn 8% E' [8 p; h4 n# C( ~+ v, B" W
--------------------------------------------------------------------------------* |( r5 h' f1 x; o& h' A
【破解总结】
) P% C2 Z" m; N3 A0 ^6 L7 K0 q 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^) V" I; m3 n% v5 D& ^$ |
用户名:yijun
% X# S- j7 D1 T0 e7 W0 L注册码:4893*7777*3726*7777*0529
5 B4 T) ^1 y% I$ U- U6 ~& x& _4 g--------------------------------------------------------------------------------! @4 e9 t' Q! t$ b
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡