|
|
【原创】破解Quick Screen Recorder
7 @6 j m* G5 ~【破解作者】 yijun
7 a7 Z: @6 r. f4 h$ X8 A【作者邮箱】 [email protected]
# W3 W3 A% F( G3 j! O# h; V【使用工具】 OD,PEID. ~( d0 }) N7 X5 H- U# N" K8 I
【破解平台】 WinXP
/ {. `% g, ~" j+ L# F- |【软件名称】 Quick Screen Recorder9 q5 B# S: K. D; r0 R2 V/ h9 W
【下载地址】 天空# U' i6 `' D, _
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on.
7 q# q* A1 \4 K/ d( I' {【软件大小】 540K
* K4 T9 F$ ^. G- x$ d9 ~【加壳方式】 无) x! F4 {# Y e
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:): Q& {0 z" c9 ~' M/ V+ D
--------------------------------------------------------------------------------6 l# t5 m' |! Y! M7 M
【破解内容】7 E' ]8 G& ~# M9 U S& \3 n
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:7 U4 w6 N( C4 V( K* i9 l1 o+ @/ b
00404C69 55 push ebp //在此下断, t, d& J: P5 R; p
00404C6A 56 push esi: m# Z2 j% ?3 G0 ?. l
00404C6B 57 push edi( K' \; O( _8 H3 G
00404C6C 8BE9 mov ebp,ecx
3 I5 x& d" Y9 ]2 {( f3 N7 C0 U00404C6E 6A 01 push 1
& X# J% W) r4 V8 b, J00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名/ z& q0 W( u7 M J9 s$ t! x
00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
' ]' g& i" A- S) O' |6 W' ]00404C78 8BCF mov ecx,edi* S Q& ~( J" w1 F9 w# U. V Y9 T
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
% T; i( U5 @9 f" Y00404C7F 8BCF mov ecx,edi ~, {' X! k. V+ g4 T" v5 q; H
00404C81 E8 A73E0200 call qsr.00428B2D
c+ O0 v% B, b- l00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]7 Y8 w4 b, J! ~( @. d, |* s+ |7 V
00404C89 8BCE mov ecx,esi
$ [# e/ _" w$ C00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
" e0 A0 k, i) Q00404C90 8BCE mov ecx,esi
! a% \# d2 p, g0 `, |7 p g00404C92 E8 963E0200 call qsr.00428B2D3 B- D4 ~ u3 \4 i* b2 W ~4 Q
00404C97 8B06 mov eax,dword ptr ds:[esi]! a r' f* D* v# M9 r7 k; a2 V3 R
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
+ A; |3 P: I. p00404C9D 7D 26 jge short qsr.00404CC5
5 _/ l% a2 [& N7 T1 A8 \00404C9F 6A 40 push 406 t u; O: X1 c2 T7 m& h6 \' T) o
00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
: O2 {* L4 u6 T, A0 b2 S# f# g00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."" J3 _1 O: [/ W- {
00404CAB 8BCD mov ecx,ebp
, @0 b, u. }$ E2 Q& F% T00404CAD E8 C3840200 call qsr.0042D175
" }* H- U$ X! C: v* c X00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
, S9 z$ x8 x' ^% Z00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx5 T& X; @" e5 m8 Q/ ]: c
00404CBD 5F pop edi
$ G2 ?5 w- Q; l; B; k# D7 z00404CBE 5E pop esi
8 R) d) s$ v5 _00404CBF 5D pop ebp
* z5 t( T8 u+ `( O" Y# O00404CC0 5B pop ebx
& N1 }% b4 s% z* W00404CC1 83C4 18 add esp,18
+ A: t: r& K/ d; R4 k; x: I00404CC4 C3 retn$ L3 a. Z" l e$ ^
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]
7 s6 Y7 t. ^ r' B00404CC8 84C0 test al,al
( h, S3 t, ^6 u9 r00404CCA 0F85 1C010000 jnz qsr.00404DEC$ |6 {5 Q; K, V3 I/ F1 S4 S
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
. v- D7 |9 a8 O$ s8 ^6 t1 D00404CD4 E8 87E3FFFF call qsr.00403060" J4 L& N1 s0 N( ]+ H0 Q+ l
00404CD9 51 push ecx4 c* P2 @, _4 g( Z1 @' o. w
00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
, [. Z0 w: h$ o; c! ~- O8 G- f& [2 r00404CE2 8BCC mov ecx,esp8 L5 H2 K2 g, u* ~. D
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp! c4 O x' a3 G1 v1 `: X
00404CE8 56 push esi* L% N4 S7 R& }& \; l9 V
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
d' o! D Q7 ]: \' S00404CEE 51 push ecx
1 Z( n# D" t! L( |; G00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1
: O0 ^% o3 P* C( q+ H. U8 k00404CF4 8BCC mov ecx,esp
, i. W& U+ ^4 P. x00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
9 U7 Q1 b+ A. Y5 x, Y* A! T00404CFA 57 push edi
; D/ d; |( S+ l: T4 ~1 G00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
5 T4 i5 K5 p* j: i00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C], L" i- u) T! t4 e
00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
0 Y- m$ \; B3 G* O+ G00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
8 Z s+ Y- J9 W5 k# \% r3 b1 N" ~00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
; B8 x7 X7 y7 g# T# Q% M, h8 x' ~00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~! _# R% M W% e5 J+ T* F& d
00404D12 6A 40 push 40
. g) [; u- U# W& r; }/ ?1 y9 j00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
, {* z9 L! _$ p7 P9 ^. B00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."8 B {" P6 o& c! p5 Q' }
00404D1E 8BCD mov ecx,ebp
1 t3 @- [8 |, c+ {. y% X* g! B00404D20 E8 50840200 call qsr.0042D175
# F2 n: [5 [$ X& [ v4 w( N& ]" X00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( z6 d) `* a2 M00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
) D) n8 d" j( |7 R5 Z00404D31 E8 5AE3FFFF call qsr.004030907 x7 B7 _( J4 A# \7 @/ ]5 o" s0 h8 Y
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
2 o/ M0 \0 i" R$ J/ t. X2 x5 G00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
7 \& t3 J) Y O- O, F8 U- W! x00404D41 5F pop edi
8 q' m. D3 @ O ]. S0 `* b; A; _00404D42 5E pop esi
3 r' i$ ^# W) Y' k$ [! e( X/ `: ?00404D43 5D pop ebp. e- s1 S- n/ D' V) B
00404D44 5B pop ebx
: D: d6 n& b5 k0 }00404D45 83C4 18 add esp,18$ d& H/ e9 `, T- w
00404D48 C3 retn# q* \% b4 j+ ?3 q, M; u
*********************************************************************************************************************************************************
3 R0 L# B" D' ^6 c Z0 G0 T跟进00404D09处CALL来到:
3 H8 G( m# g J004030A0 6A FF push -1 //一路F8下去~~~~3 K7 k: I9 Z: b/ n2 G) L2 r: l
004030A2 68 C88F4400 push qsr.00448FC8 Z: A7 {3 r1 I: @5 b3 f2 x+ D) X: `
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
+ U1 f5 T: {( M k$ t; W8 @0 G. d004030AD 50 push eax
) u$ i/ B1 h, p$ q& f004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
2 p+ l( k. d h5 j& {( O: b. Z004030B5 83EC 24 sub esp,24
7 ?/ v0 v* S V2 |004030B8 53 push ebx: T$ f+ I! H0 H3 E* n- p4 w7 p
004030B9 55 push ebp, W4 }3 Q8 Y9 Y
004030BA 56 push esi
4 {$ C7 A5 Z/ b2 I: F a004030BB 57 push edi
8 ^4 T2 o) _+ u+ l004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"1 {& X) R6 s" }1 B2 A
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
. U Z+ B/ z: Y2 ~004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
- e% u; c1 y; r8 G% F& f004030CD E8 27C40200 call qsr.0042F4F9
: r" g( C: z/ h f004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
. G/ L$ i8 x% I/ P004030D7 894424 2C mov dword ptr ss:[esp+2C],eax
) J6 U5 p1 i$ n, e: ]6 K5 {: k004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]8 E8 p2 L. Y$ T
004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
( ?6 L% R- b) [2 z2 U004030E4 E8 905A0200 call qsr.00428B79
4 g9 d! R7 \- [4 p7 a5 `004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
7 ?3 @* U: ~2 r2 B004030ED E8 3B5A0200 call qsr.00428B2D" x" g/ P4 K f$ ^# p. J2 V4 a* P
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]* B7 _( B6 l1 Y' \+ J4 F$ V% C
004030F6 E8 7E5A0200 call qsr.00428B79( _. _" a* O: E, M% S: X
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
1 E( U, M+ Y! R6 M: h K3 |: Y! P004030FF E8 295A0200 call qsr.00428B2D7 W4 ^3 Y) Y) F$ I
00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]
: B" D6 f" J* ~2 M3 ~8 X00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]
" B1 p7 X9 G8 C$ g. f1 u1 [/ A0040310B 83F8 02 cmp eax,27 @* `/ V X: A4 v! I
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳3 @; W1 k0 j+ W8 N
00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]4 R3 `. n9 ]$ A( J6 w6 L8 y: ?; Y1 H( f
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
+ _2 g% f% ~& H9 c9 C/ A* o# L8 }, N0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳
; G, e$ p( Q+ E00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
' O8 [/ s$ U1 q3 \+ P( \! w00403126 6A 01 push 1" }3 |' ]) t, r; ^
00403128 50 push eax5 \8 R# S9 c! M& Z ^. p( V
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& C* f+ f$ x p7 e0040312D E8 C4550200 call qsr.004286F63 Q+ W( \, S7 [- X, N6 L w% L
00403132 8B00 mov eax,dword ptr ds:[eax]
) {5 k# g( Y( t4 `00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
, |) a3 S" H# V% I% W) X3 Z' k% i00403138 50 push eax o! T) [2 y1 t7 \3 P2 V- y
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
9 U/ g J% z+ d9 Q4 N0040313E E8 4D560200 call qsr.00428790
+ r/ o! G L" e/ ?7 q00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
1 N" E8 p1 h7 |00403147 8BF0 mov esi,eax
' \$ E' a4 I& J00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3
3 E5 g: s/ |$ P% ]0040314E E8 38C30200 call qsr.0042F48B9 @& `5 p% |8 i: @! _, R" S2 k5 e
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]0 l! Q" \, r U6 P/ m, Y. s
00403156 B9 3E000000 mov ecx,3E
! ?2 m/ I7 ^7 W0040315B 99 cdq
^# r' E! J% @3 [0040315C F7F9 idiv ecx! S& \6 r# g9 d
0040315E 6A 01 push 1
2 e$ }5 a. K, P0 u! s00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]0 y! g( g4 M5 ] E7 ^4 g
00403164 8BF2 mov esi,edx: f% V* ~5 ?* d* y0 x' P
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
7 v! G( ^0 [- ?9 J4 J5 v, D0040316A 52 push edx) n2 l5 \ m- e, l" r5 ~ v# e
0040316B E8 0A550200 call qsr.0042867A/ ^0 b: b5 D6 h
00403170 8B00 mov eax,dword ptr ds:[eax]0 J( l+ _9 X1 p2 c6 r8 N
00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
7 Z, J4 r2 i# b I5 d n00403176 50 push eax
: ?# h8 o9 n& f7 G00403177 C64424 40 05 mov byte ptr ss:[esp+40],52 U* ]- E8 J$ f9 p6 ]
0040317C E8 0F560200 call qsr.004287905 e) c2 t2 W/ h9 G3 v/ w: q
00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]5 o2 u. x- G0 k! ]+ U/ k1 z
00403185 8BF8 mov edi,eax; P% ?, c3 A* _: r( C
00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3" B3 x% ~% P) T
0040318C E8 FAC20200 call qsr.0042F48B$ U$ P& ?" X0 h& C
00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
5 n8 L9 `0 a4 y2 S% N) @9 O z00403194 B9 3E000000 mov ecx,3E
+ W! Z9 w0 k3 _4 S3 \. d6 c! g00403199 99 cdq
3 N0 A F- b- d9 P0040319A F7F9 idiv ecx! \8 l, D; W. b. f; V
0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
4 ?6 d/ C) g! ^8 \4 `004031A1 894424 28 mov dword ptr ss:[esp+28],eax8 a* ]8 x( r- C* A
004031A5 8BCA mov ecx,edx% I( o% A$ w. x: H
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
5 L( V( O' F G- z7 q$ A$ z- x% A004031AB 894424 1C mov dword ptr ss:[esp+1C],eax! H+ a& v Y# a$ z
004031AF 894424 18 mov dword ptr ss:[esp+18],eax
3 n+ [- H7 V, ^) _; i$ L004031B3 894424 14 mov dword ptr ss:[esp+14],eax
& M$ T" \5 }! ]9 K1 _004031B7 894424 10 mov dword ptr ss:[esp+10],eax7 g! T+ ~( M h# X
004031BB 8BC1 mov eax,ecx' T1 w. e; j8 T! f
004031BD BF 0A000000 mov edi,0A3 S! l( n" a3 }: A# Q# Z/ H, z
004031C2 99 cdq
8 s$ P# q! E. ~004031C3 F7FF idiv edi4 v+ j) C4 j! U% ]: E
004031C5 8BC1 mov eax,ecx' F" C. `# D1 _+ y0 ?0 D
004031C7 B3 0B mov bl,0B
4 Y$ Y/ y( [+ s7 X: t004031C9 0FAFC1 imul eax,ecx) G9 p7 d i# t" C% L- p V
004031CC 8BCF mov ecx,edi
' z* g8 @& I1 e$ g004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
0 q0 P) o A( ^$ E004031D2 52 push edx! |! H/ j) } S4 r: |0 N, k
004031D3 99 cdq
7 c9 W! X1 s& k8 X( @" B/ v004031D4 F7F9 idiv ecx( k; I) o9 U) L p) p- |* v9 X
004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]( P, u* P- s2 H9 _: K# o
004031DD 2BC6 sub eax,esi0 M% R$ p2 Z% k r% w8 g& \' Y" r
004031DF 52 push edx
3 F6 L4 f9 u& l+ }2 T7 Z004031E0 99 cdq* {$ c" b6 c, u! P' r6 w
004031E1 F7F9 idiv ecx
, ]+ U0 v* m+ |, @3 h004031E3 8BC6 mov eax,esi- R% N5 s/ C! x1 w7 e3 F0 g
004031E5 52 push edx
4 G' n V' k; R' C' O004031E6 99 cdq
i2 F5 i% I4 _. A5 Y004031E7 F7F9 idiv ecx
7 j3 N9 B$ m- F e& G0 Y004031E9 52 push edx
- {* E, D% s: O3 C. e' g004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]- o: f, a2 ` \
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"9 V7 S- w) K7 m4 @+ o' w) _2 S
004031F3 52 push edx
$ L* u! L {3 m3 x* c4 C) r8 i: L004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893" |5 }$ |* N! R( m; u) S
004031F9 83C4 18 add esp,18
1 i4 D' j* ^2 c6 `- N" D8 O$ o- E004031FC 6A 04 push 4
# ^2 Z4 L5 G% X3 e/ p# N5 x+ e004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]' U% i' C a7 _
00403202 6A 00 push 0
5 Q1 c G4 X! a3 l00403204 50 push eax
8 z* p9 Z, J/ ^% K" v00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]: s2 Y* F4 b+ D; J/ n' g0 h
00403209 E8 D6530200 call qsr.004285E4
! w* F1 T6 m, Q1 z: X0040320E 50 push eax5 d( e4 W( y$ g. m8 s$ f+ S
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
% n& K( k7 l6 H: S+ `00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C, c" g& k7 ]$ o j/ J/ P0 L
00403218 E8 A7C30200 call qsr.0042F5C4, U4 e8 B; i# D% {0 d
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]4 }8 q! Q6 z Q" a
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
7 s% q( ?7 e) `! P# B0 e9 ]00403225 E8 61C20200 call qsr.0042F48B; I4 r" g/ T, t6 E ]
0040322A 6A 04 push 46 S" _# U7 U5 o2 @7 V$ {5 ~3 e
0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
8 W7 Z+ }% b5 y8 w8 I" t, M# w" B00403230 6A 05 push 54 z2 `2 L4 n+ v
00403232 51 push ecx
& h6 i7 S$ g: w00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
3 w+ a9 y8 M% a$ v# O; q00403237 E8 A8530200 call qsr.004285E49 W! w" ?4 Z6 h% ]+ I' C
0040323C 50 push eax. t5 x' i( F( i7 W8 o/ z
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
! s9 C5 Z d& n( E. L' _- H6 P00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D4 l3 D6 l& d8 v/ [$ f' w# B
00403246 E8 79C30200 call qsr.0042F5C4
& {$ G$ x+ u5 I0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30] }$ K- n- M. d: X$ G. U
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl/ N6 {' X% s% ?7 N; g4 F
00403253 E8 33C20200 call qsr.0042F48B
) K! F* X- j) ^$ @00403258 6A 04 push 4
1 {$ _) y) y; s0 P" |0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]2 V5 g& @; p8 D
0040325E 57 push edi
2 B& N* s6 Z& R5 L! {0040325F 52 push edx4 q0 b( O2 y. L) X
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
0 ~2 ~9 Z" h3 x& b00403264 E8 7B530200 call qsr.004285E4
9 M5 l, c* n" T# w00403269 50 push eax
/ t) t G: i2 |5 N# T& C9 B3 r0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 p7 z8 p/ H: X% P* Y* U$ d
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E0 L/ M' s! N! I: d; P; n% M& O
00403273 E8 4CC30200 call qsr.0042F5C4, F, W) H/ N1 p# Z
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]9 L7 U6 X4 z- w! p y% K
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl0 p1 Q/ A5 `4 n; V6 S3 W
00403280 E8 06C20200 call qsr.0042F48B# O+ ]' p0 @+ F) s+ {
00403285 6A 04 push 41 ^5 O! i( t q; A3 L
00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]6 @! h& f: w2 V% B% O M
0040328B 6A 0F push 0F( K* K4 l3 l; w) W
0040328D 50 push eax! l& V% r8 _ A0 h9 V9 Z$ w
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
% L6 x' e5 j) m6 P00403292 E8 4D530200 call qsr.004285E42 k- y( d8 E9 s5 f2 o
00403297 50 push eax" x+ X5 k4 b G
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]# X/ r( t# R& o R/ z, U
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
) x8 E# h* Q) B k' X4 d004032A1 E8 1EC30200 call qsr.0042F5C45 W) |7 s1 X% \8 M! R
004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]& J4 ]0 S" d' X: q/ T E
004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl" j, b3 ^. i2 j# n; G0 j S
004032AE E8 D8C10200 call qsr.0042F48B9 n8 z; i% e( m* W% [( y
004032B3 6A 04 push 4* e% @- ?: Y3 @4 ?: ?/ j3 |. X
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]% H; a8 k. s& j0 I
004032B9 6A 14 push 14% ]# p5 B, [3 F1 b
004032BB 51 push ecx
+ k& u+ R. N L" v, L6 \004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]8 {' m- Z/ K/ Q) e m
004032C0 E8 1F530200 call qsr.004285E4$ s& O. w- |# l& X, L1 U
004032C5 50 push eax
$ v/ M3 u3 [5 b% }* u, H% K3 V004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
% V- U3 U+ W4 m$ d, c" @9 F004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
, Y. F& D+ l/ Z6 }" u6 Z004032CF E8 F0C20200 call qsr.0042F5C4, d) f+ v* U; a- ~1 ^( k4 r; M
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 e1 I q/ S& B) h/ L' P2 ?6 Z% g004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl1 V+ d, y* `$ w% F! f
004032DC E8 AAC10200 call qsr.0042F48B3 d* F& W' D# f5 t
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI5 u. F, X* M0 x( R- u
004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX# \# N' t; U5 x
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL' |* `! u9 d( l% Q; S
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
9 c" ^ P3 ?+ k7 N* A004032ED 8ACA mov cl,dl ; DL送CL- I' H: q f0 H+ K! H! i
004032EF 3AD3 cmp dl,bl ; DL和BL比较, M' u$ X9 l1 j
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
: x& M) M2 B3 g! `3 u; x004032F3 84C9 test cl,cl
# A+ v6 l) |4 M. T& P, v( e004032F5 74 16 je short qsr.0040330D
8 \4 {8 B# u4 D( w) m# w X004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
8 V% }3 z$ p3 y004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL7 ^9 C2 g" F! c' i! w
004032FD 8ACA mov cl,dl4 V* x7 O6 ^( [$ H( X
004032FF 3AD3 cmp dl,bl ; DL和BL比较) _6 H8 x# t- u+ y7 v3 A; a9 Y- B( C
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
( x1 k/ e" T# U; t( {5 L$ ?00403303 83C0 02 add eax,2 ; EAX加2
+ r2 ^+ c3 x8 A2 [0 X# e( }00403306 83C6 02 add esi,2 ; ESI加2
, S) Y7 y8 K* `: u00403309 84C9 test cl,cl5 h, {* N3 L0 z- V4 s$ i# L
0040330B ^ 75 DC jnz short qsr.004032E9 P4 \$ B2 d, P3 N; M1 W/ t
0040330D 33C0 xor eax,eax1 A" [" Q' V% S1 ]" S& }4 o
0040330F EB 05 jmp short qsr.00403316
' F8 ?: u; h4 \/ }& S00403311 1BC0 sbb eax,eax4 I/ k. U2 y. I0 _
00403313 83D8 FF sbb eax,-1
& S, }# i; s4 y5 W/ n" y00403316 85C0 test eax,eax
0 u" x9 X. n" ]( ^1 d) S00403318 74 0E je short qsr.00403328! o, X4 o0 z0 U/ F
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A* W" ^7 g# b- Y4 O& K
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]* K3 }. s- r& s; P) t. I
00403323 E9 F0000000 jmp qsr.00403418$ \5 B2 l! t: v+ I: B6 B+ A
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX9 ?" H \% I c8 E& k, _8 \8 p' O
0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]1 }$ v& K# Z7 s5 F: [, _0 ^/ ?
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]: e' ~ I( V. _5 h
00403333 50 push eax2 L( B8 [$ m" w) b% Z$ r, M: R; i
00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX- i) k5 D5 h- l2 N+ T
00403339 50 push eax& C/ L; @! S6 Q8 o
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX
7 }1 f% ^5 o _, K0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
4 _$ Z1 s3 u7 p" ^' t5 V00403343 83C4 04 add esp,4. y, R: S( b3 |, y
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
# Z5 L* \, B# X& o/ L# [" m00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
- v& x% F1 C1 {- `1 W v- R0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]7 q g @) c n+ ^
0040334F 50 push eax9 O: J3 w; c4 n- ~4 _2 }
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
2 `9 \, W6 Q- m$ i3 @4 u& v00403355 50 push eax$ b; ]. M5 B1 }1 [) [! l% a
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
4 u4 {, |" b* @- U6 i9 {6 ]0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
" A1 w) G: L" B, z7 H) j3 f0040335F 83C4 04 add esp,4" i3 C" x+ n* b. b+ g
00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI3 p" z! [: p8 i" L
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
" {1 X2 _; n; N7 Z2 [: {00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
' M9 B5 w' O* H2 i% ` A0040336B 50 push eax t9 n; u* h) j5 p* U
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX5 K) b# o( e# z7 {
00403371 50 push eax7 ~; P- o- ^# k) }# M0 d1 T
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
: l1 D- b Y7 x% c7 E) g! v00403377 8BD8 mov ebx,eax ; EAX送EBX
. X* S0 E5 k9 y: e5 {* g" ]00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
, A' F; P: P6 D- F) T, X0040337D 83C4 04 add esp,4" V$ L! c7 I4 x; c/ d A1 A
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
8 l& ^& P2 u" s1 {0 y00403384 8B40 F8 mov eax,dword ptr ds:[eax-8] A' L. _) M! [$ y# u; o9 m: _
00403387 50 push eax1 U* b. T$ i1 N" d9 V" I( G
00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX$ g2 O( t- |0 f. { F# C' `: n
0040338D 50 push eax
1 `- |, B; n0 z, |( L5 F* a0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX, K+ _6 L/ W5 y$ r/ X u- J0 }
00403393 83C4 04 add esp,4
+ L, C @4 w( F, j00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]5 @- `/ o8 n; y! L
0040339A 8BE8 mov ebp,eax ; EAX送EBP* H) X2 e0 _" m @& T
0040339C 6A FF push -1
% p8 l% F$ E# [4 }; U0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX! J+ Z) V2 K9 p2 e6 @- {, t
004033A3 6A FF push -11 j4 t8 R' ^9 Z4 y6 f* t2 G
004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX
. M3 S/ O& S7 X% p8 t' k* U004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX3 r2 Z( R; P: B
004033AE 6A FF push -17 ~; @2 o4 T5 m7 X) q9 F
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX3 k% r5 P+ R7 D& Z
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX% L# p. e: L, i% D
004033B9 6A FF push -16 m5 `( V2 k3 Z2 C4 [( i
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX5 g! g* M: n2 K& m6 Y
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
- u: m. n# X/ C, U& y- k3 ?004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX) @( M3 C2 ]# z" l6 h o# c7 ?
004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX2 b7 P( y3 S( K$ {6 F* k& d) l
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
- ^$ \9 a4 b/ R% X% D004033D7 D1E0 shl eax,1 ; EAX左移1位
3 o5 w5 w$ t# P s004033D9 99 cdq ; EAX扩展
) F$ ^+ K, T6 {004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中. c- T+ r0 t1 k B! o) h
004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较7 Y A7 O4 e8 R/ e
004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)
8 A- d* `0 f! e/ p- q: Z004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
4 S, @0 y; P' _004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
4 P2 }* g. Q, r4 L004033E9 EB 2D jmp short qsr.00403418% o4 K0 K' Q y9 i4 q5 k
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX* F4 C# X8 } S8 P2 J/ B$ ~0 ]
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E23 v# ^3 w2 ~2 \
004033F7 99 cdq ; EBX扩展8 z/ ]: g4 N, y: |( S
004033F8 33C2 xor eax,edx ; EAX和EDX取异或
/ T; }1 H# M, x9 K004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX. V( `6 g9 T6 X- `9 y! d6 S' a3 E
004033FF 2BC2 sub eax,edx ; EAX减去EDX! \+ e# A& r# D* t: z
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
; S# [; ?* e% V5 M. D/ }1 V, a00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
, v8 ^, j# \6 }' @! B00403409 99 cdq
2 `6 D5 ~, l$ e# f, I" W0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中5 W. W9 @8 J( S4 H
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
4 u- [% p4 k4 y y2 a00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
N0 M4 C6 Y P00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
. |6 ~1 I* k5 U. G( a00403418 E8 6EC00200 call qsr.0042F48B ;
; \4 q2 c4 ]8 K f# R' T0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* }; b- {' O. t; Y1 g# i00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9. }& A' q& }+ D( t1 C% o
00403426 E8 60C00200 call qsr.0042F48B/ }6 N( U' i) U+ a: m
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
( N0 x5 D; O+ q% C, ]9 Q: P0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8& {; ^) k# ~( @! t4 G8 q1 W
00403434 E8 52C00200 call qsr.0042F48B9 _! A# Y; }2 y, H
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]+ S( \% q* i/ K! f- [
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],79 W8 N @& `6 z: w9 o J
00403442 E8 44C00200 call qsr.0042F48B% B5 e2 f) u5 ?$ @- V7 g
00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]+ v5 F4 P* W- h5 x7 ]8 b+ S
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
, }7 S& G' Q# h6 w00403450 E8 36C00200 call qsr.0042F48B/ _4 c$ f" `; Z; @( {
00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
" B ?7 }$ h$ }7 x h2 o+ [- e00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
8 P" D, [& F* c9 `0040345E E8 28C00200 call qsr.0042F48B' x8 b0 s; o; z3 U6 \8 _
00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
( l/ e' J. h$ K( `$ [. V00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
/ b# T7 q8 U6 I5 l5 i0040346C E8 1AC00200 call qsr.0042F48B" P# Y- J5 s9 ]2 \/ L5 j
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
1 Z, V& Y3 ?5 s! a- Z00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1+ K. y. M7 \$ o( c$ r$ t
0040347A E8 0CC00200 call qsr.0042F48B
8 z/ k, v& j$ h0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]1 G2 s* R5 V# K. _1 ?7 G* y
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0
9 n y* r# w+ W0 T3 S* f+ `00403488 E8 FEBF0200 call qsr.0042F48B
9 f& w( ?1 I, `6 |# O0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
& d6 h, @" T- s/ L( H6 S) _( P00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-17 q1 z& k J/ Q( R! Q. G
00403499 E8 EDBF0200 call qsr.0042F48B2 _0 V3 r- V2 F& {5 w$ {% q
0040349E 32C0 xor al,al ; AL清0
6 J+ Z) A) q7 W2 {* h004034A0 E9 88000000 jmp qsr.0040352D* G/ k- C* y% O) S/ \
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~3 N" h8 |# Y3 b/ ~
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]% n/ F3 ~8 j5 F o0 J) `9 m5 l
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9, [3 X# X2 }! Y+ d. k
004034B3 E8 D3BF0200 call qsr.0042F48B
6 m9 O. m; q' M4 S- r- k# x6 p" r* [004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]) I# f6 K2 S0 q) v& z; Z, N4 D
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
9 @4 c+ P$ I, t' b4 R* G; I7 y! {2 d004034C1 E8 C5BF0200 call qsr.0042F48B2 h; ?! `5 H4 Z+ N, b
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]3 ]3 M( v: p# C! ?8 p+ x
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
) [7 B& Y; C+ V" o004034CF E8 B7BF0200 call qsr.0042F48B2 T$ y& _- }: p5 a# i8 K; a% }
004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]6 ~& I2 q. q4 B) `
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6
* t7 N) Z# P9 g1 r004034DD E8 A9BF0200 call qsr.0042F48B
& x$ W- [1 B# I6 n; _004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
& m; i _$ M- L, Y3 p004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
5 o) B) h( F) M7 z, M* R004034EB E8 9BBF0200 call qsr.0042F48B
, J! T" Y! O8 V: ?3 ]6 _' K( x004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]2 M7 O' M$ d) E0 k5 P
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2$ X2 o, h; w" }' g6 Q% D, r7 l0 ~
004034F9 E8 8DBF0200 call qsr.0042F48B
6 m; q5 m2 w W1 ~1 e5 i004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]4 h* j- @7 T& e- Y: u- B" x
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1& b9 u/ ]" Y+ z9 d2 l
00403507 E8 7FBF0200 call qsr.0042F48B( p) C0 E' h; k$ f
0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
" `6 P; g9 `) O# f& x/ _! t00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0( n/ c" a3 t2 G! d s) t
00403515 E8 71BF0200 call qsr.0042F48B
# t% f. t2 y" k- q0 A) i. w4 e0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]! q! D2 @: B; k" Y+ F* |0 p' t
0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
- v$ Z" k8 c( Z/ g |+ f- e# ]- I, |& R00403526 E8 60BF0200 call qsr.0042F48B# E$ z) K. T! M9 d' u# P4 O
0040352B B0 01 mov al,17 D6 y: p* X; Z! y: g# P
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
; e2 J: g3 c7 T$ P6 p00403531 5F pop edi
' g9 `' \1 k0 M/ T. R: @: x00403532 5E pop esi7 @$ O( h/ i3 ?/ q
00403533 5D pop ebp
5 W9 O- \" t$ ^; `9 X8 f* E) e5 m00403534 5B pop ebx
& Q H) y x! p4 B00403535 64:890D 0000000>mov dword ptr fs:[0],ecx) x; Y! A7 E3 Z- ?
0040353C 83C4 30 add esp,30
) ?! M/ Y( A/ q- f* d8 A8 e6 n( g3 p0040353F C2 0800 retn 8
& } r5 s# h8 z--------------------------------------------------------------------------------
* L- \; v$ V( s" s3 X【破解总结】
# j) v$ f5 H+ n 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^. Q" |: s) e- `* }& d+ a. n
用户名:yijun! B8 \& |/ Y. y5 Y( u8 `
注册码:4893*7777*3726*7777*0529
2 Q" b3 [1 S- A2 ~% \2 P! U$ m--------------------------------------------------------------------------------+ }5 {' t+ R# U- K, {8 m. Z) r
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡