|
|
【原创】破解Quick Screen Recorder
) P6 ?! U1 T+ W. A+ H/ {0 ^2 x【破解作者】 yijun/ x2 a6 |0 n( |0 t; N
【作者邮箱】 [email protected]% R* h! f) p9 ?
【使用工具】 OD,PEID! e) ]$ v- z7 O A- a
【破解平台】 WinXP% r1 t. L' ~8 k- n9 H5 k! z W! g
【软件名称】 Quick Screen Recorder U, A5 D. m& x; G% k: @
【下载地址】 天空4 ^3 T% o {) Q% Z/ `* k/ z
【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. 5 k% c; N) E9 Y; e, A
【软件大小】 540K) |# t* a; b7 v0 a% {+ g
【加壳方式】 无! t: f/ X0 r# ]$ v; _
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
3 G9 ^0 v. R. ]: _' u) C--------------------------------------------------------------------------------
( K- F# Z& n1 k Z% y$ g @【破解内容】4 ^. @9 b$ S" p# A# ]. K4 T6 c+ q
PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:' m0 t* U* J C+ q
00404C69 55 push ebp //在此下断& G. U" r' X* I; e
00404C6A 56 push esi
6 \7 k/ H, r0 K( z; N; G00404C6B 57 push edi! D/ ?0 C% X: ]9 ^# E
00404C6C 8BE9 mov ebp,ecx, |6 X' L: H4 Q+ u' y
00404C6E 6A 01 push 1
% \- K( P5 D! ` {" F; I& p3 \00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
6 P3 S# F8 q S- `% z$ {$ I00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]1 a' O# e% ]6 k" ]! r! c6 d% R. J- W
00404C78 8BCF mov ecx,edi' @; u9 U. J# P5 @, I1 B5 U" t
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码" O% D5 \, f8 @% P
00404C7F 8BCF mov ecx,edi
% F) c" a9 @# U W0 Y00404C81 E8 A73E0200 call qsr.00428B2D
3 w k3 o8 G! l00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]
) \- e- A, V! t; F+ _: f1 S00404C89 8BCE mov ecx,esi) l2 u V$ O& H; b- _5 y, X$ ~1 Y3 r
00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX
4 d! s$ D% k" c& h/ ~ k00404C90 8BCE mov ecx,esi
! f0 Z( e& L. |7 K; m w00404C92 E8 963E0200 call qsr.00428B2D2 H& m! x) M# v: o) a' f
00404C97 8B06 mov eax,dword ptr ds:[esi]( I8 H5 I5 d) ~& t1 `
00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],2
' I+ p2 \1 v) e' t: n, m E7 w+ `00404C9D 7D 26 jge short qsr.00404CC5+ H; R( I y' C7 V( Z
00404C9F 6A 40 push 40
, `* b+ k9 J( k% ?00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"4 |; S- z% d7 f2 y: O( a* T
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."
5 g4 \' L+ Y: n00404CAB 8BCD mov ecx,ebp7 }* |1 S1 X% k& Q5 M
00404CAD E8 C3840200 call qsr.0042D1753 e1 m( F% m6 A1 i" |1 _
00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]0 P3 ]. I0 ?- _' G& A* d6 r
00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx! f* Q0 h6 M0 k* q: I* Y' u
00404CBD 5F pop edi
! u/ I9 B1 m$ y1 Z/ q9 P6 F4 Y00404CBE 5E pop esi# f" ~5 c9 {9 _ W2 o& S9 N
00404CBF 5D pop ebp
/ I. t( H5 Z |0 d00404CC0 5B pop ebx
& O' R* z% H ]& ^+ V& R00404CC1 83C4 18 add esp,18
, `, K Y" g7 a00404CC4 C3 retn6 G5 |$ ?2 P$ b* S; t
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]/ }4 V3 @& V, g
00404CC8 84C0 test al,al- x& h# i7 W; G9 j5 n, b& E, L% |
00404CCA 0F85 1C010000 jnz qsr.00404DEC8 I" t5 ]' ^. S9 D
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" U& `' H1 |3 f
00404CD4 E8 87E3FFFF call qsr.00403060
5 {5 K, J- r P- Z# ]4 R( @00404CD9 51 push ecx
* e, O4 O, V1 P+ Q' f00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0% R4 |- q; w0 {: D& B; a
00404CE2 8BCC mov ecx,esp- L- ?% V0 A, f6 T
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp8 {7 l. W# z/ R
00404CE8 56 push esi7 P/ B8 a2 g R& X* C3 M/ h6 i
00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0* G) _/ _ |( ?$ p @
00404CEE 51 push ecx2 g: x" x: P1 B, i7 C; m# v
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1/ m- U+ _( s( y; Q6 R/ \( ~
00404CF4 8BCC mov ecx,esp
0 z6 N# {) S; B9 A8 l! `8 p00404CF6 896424 20 mov dword ptr ss:[esp+20],esp! F$ g4 q# b" \
00404CFA 57 push edi
9 _; F' x9 C! c4 s9 m+ |00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0& t, J7 \$ k _5 v" i
00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. }8 C* C7 [/ l3 }2 i# R00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
6 X" a1 O4 u. k' d. D1 {1 n00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
: Q: J/ D" \0 C00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~( w' P. |# h# u' |( K9 H R; ^
00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~
: f; T7 b7 O# M) `! o) _00404D12 6A 40 push 404 m5 M" u1 ^' a7 b6 k
00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"; s; U+ s( L; r( W. v. C1 b7 Z
00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."" I9 k- m" J1 d+ m) b( Y* e3 O
00404D1E 8BCD mov ecx,ebp8 H) W% O* M3 U' x, p
00404D20 E8 50840200 call qsr.0042D175
- t, _! N# C1 t. a; Y0 E* @00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
& K4 ]" c9 u0 |1 T6 L* i) f, M00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1
1 m8 W' X% p+ K- T( o$ O7 M& Q/ [00404D31 E8 5AE3FFFF call qsr.00403090
3 v( i5 V6 y/ P& A00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
& N! X2 j1 ~; k% n# P6 z6 v1 Z00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx
- ?- H: t" f' q0 {- H0 J00404D41 5F pop edi
- s. D2 r5 Y$ r3 h00404D42 5E pop esi
/ s0 F" J7 ]! F* O3 n00404D43 5D pop ebp
" b$ H3 X6 w& P: {4 S5 M00404D44 5B pop ebx# }5 p" W5 a1 x4 o
00404D45 83C4 18 add esp,18, S; ?* ], r6 L5 o( x) @; s
00404D48 C3 retn1 J. Z3 _8 ]) }/ A
*********************************************************************************************************************************************************- d$ ~9 l$ B {1 Q
跟进00404D09处CALL来到:( m* L' R0 o. ^- u1 ~
004030A0 6A FF push -1 //一路F8下去~~~~8 Z4 z- w7 j3 O6 [8 F. |. w1 I
004030A2 68 C88F4400 push qsr.00448FC8
+ W. J4 l; W+ S w004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
5 `$ y6 t# U# ~0 k. s$ }004030AD 50 push eax. |' x% O5 L& L5 u7 D- ^ D2 l
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
* m) i9 r! j% e u1 E* v- K0 @7 }004030B5 83EC 24 sub esp,244 Y$ ^& [/ J6 U |" p# I
004030B8 53 push ebx
/ E! A/ U2 W6 n( A6 l004030B9 55 push ebp
) r. R! ]0 f. d/ \$ u! m( [004030BA 56 push esi o# r" {0 l1 Y# H1 t
004030BB 57 push edi/ R3 [, j2 b- {* O; T5 U
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"6 P- N" Z# e" r# c& a" K: B% B
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]( G1 q+ _0 V; A2 R
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1+ _' G' J3 t8 ^* e
004030CD E8 27C40200 call qsr.0042F4F9
5 t# g( `, n* u" T004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]
8 C( L# L* J. `2 n# T004030D7 894424 2C mov dword ptr ss:[esp+2C],eax: S1 A1 F$ c3 W' C+ j( `9 m
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
2 [! J% c4 Q* Y; n4 @; B: d6 q004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3
' E5 H6 J% u3 h) D6 y. \% U) w004030E4 E8 905A0200 call qsr.00428B79
1 Q7 l) T( L7 d8 c004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
: y9 G) k- ?; o9 |6 [$ d004030ED E8 3B5A0200 call qsr.00428B2D4 D- `0 X3 o# Q4 u
004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]1 {' f! d: {8 w6 R% F( ]2 s: A
004030F6 E8 7E5A0200 call qsr.00428B79
' D, w" S0 J1 u4 j s004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]2 v& C& r/ M: F
004030FF E8 295A0200 call qsr.00428B2D
2 C% X5 q4 N4 ?/ C% K; x5 }00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]5 y8 P2 }) G3 j0 q1 X* S2 I& `, c- K/ ?
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]* ^3 r; U7 L- ?; I
0040310B 83F8 02 cmp eax,2
! p' h8 C) H- ~: x6 P6 p$ b0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
; V) v$ e8 P# E" l0 q$ o00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]5 b# I) r& P/ q2 Z
00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
; k* D" K* A( |/ k" b/ X* R/ `3 g0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳, I/ e6 g1 ?* O8 G# h
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]2 N) _$ b! N9 a- O: ^- y3 ~4 `8 n
00403126 6A 01 push 1
6 X* _3 |5 T2 R( B) E00403128 50 push eax
2 S" z: y% f# U# g. c0 o00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]* ^" y( E3 ]# }, R" W
0040312D E8 C4550200 call qsr.004286F64 x: _8 Y) `& y7 G$ N) \
00403132 8B00 mov eax,dword ptr ds:[eax]
3 w. w) b" Y4 U2 r6 t4 V00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
2 W8 L! H5 m/ V7 p" V1 u00403138 50 push eax: y, Q" _! s5 W. O9 y- t- r( M
00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
4 l8 d/ N: o2 o: d0040313E E8 4D560200 call qsr.00428790
+ Q; B. r( A; v1 S% F00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
4 s, y' i7 f( `8 K& |7 r# X2 Z00403147 8BF0 mov esi,eax( j) V v+ ~1 f$ c+ O' {
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3( j, X2 S& R+ O" F
0040314E E8 38C30200 call qsr.0042F48B2 S# \, I8 p% y2 }% W
00403153 8D46 0A lea eax,dword ptr ds:[esi+A]" X8 I6 g/ S/ F* F d
00403156 B9 3E000000 mov ecx,3E0 n: _( E0 Q5 M4 l) p5 H. N
0040315B 99 cdq" [& h9 A" j9 a& ?8 U" {) ^1 ~5 N
0040315C F7F9 idiv ecx
* j. y) T" v: V4 y( s& m0040315E 6A 01 push 1
# d' S1 u4 B/ ^* T9 i$ S00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]- `2 [& N& }2 P$ e
00403164 8BF2 mov esi,edx0 O X) S% G; \* |
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
1 X0 P) u# {+ `$ K7 v: t# |' P# t0040316A 52 push edx7 x' l+ r0 S! A' f: { m4 E
0040316B E8 0A550200 call qsr.0042867A6 T: D$ q4 d: A7 ?! @6 w
00403170 8B00 mov eax,dword ptr ds:[eax]
) R4 c2 f7 {/ U" }. N00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
( M, o0 N1 ~# B: e5 b5 Z8 v00403176 50 push eax
5 c) |3 u4 X/ E( L' l: e00403177 C64424 40 05 mov byte ptr ss:[esp+40],56 J5 V |# Y# {, {+ S2 o# p: I
0040317C E8 0F560200 call qsr.00428790
: f% w* a; V! y" ^: Z00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]8 Z+ }' i; i& [
00403185 8BF8 mov edi,eax
9 [3 t# X ~9 e/ r" L& |7 h) U00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],3
. F) T, X" F, L4 ] s% X0040318C E8 FAC20200 call qsr.0042F48B
! ?* c# n6 @/ L$ f# [0 L/ o% x, a00403191 8D47 0A lea eax,dword ptr ds:[edi+A]( @5 T- z: D4 F2 I
00403194 B9 3E000000 mov ecx,3E
- [$ |* _9 d+ i- o* ]00403199 99 cdq' k. o& q& D5 ^& X- @
0040319A F7F9 idiv ecx
* R* q2 s6 x, N" W0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
: U0 A0 w7 G+ r& j+ q004031A1 894424 28 mov dword ptr ss:[esp+28],eax! N$ ]4 t3 q4 ~
004031A5 8BCA mov ecx,edx0 y& x4 w2 m; y- k3 i7 b0 R
004031A7 894424 24 mov dword ptr ss:[esp+24],eax5 a: r2 O( k$ d6 k9 `# }
004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
& v' w4 c0 w( ^: l004031AF 894424 18 mov dword ptr ss:[esp+18],eax* X' ?3 p0 Q% a. L# N
004031B3 894424 14 mov dword ptr ss:[esp+14],eax
* o/ M" j# `6 Q2 D004031B7 894424 10 mov dword ptr ss:[esp+10],eax
. G! |6 y& s- _4 u8 S' L$ {: h004031BB 8BC1 mov eax,ecx P( f" }/ C2 @2 G
004031BD BF 0A000000 mov edi,0A
% I' D# P2 k; G) @9 P004031C2 99 cdq
8 p% ?* a# q! y5 _. H004031C3 F7FF idiv edi
( u7 I' B) {6 P; @9 B$ I+ n004031C5 8BC1 mov eax,ecx2 \! Y& e3 W) b
004031C7 B3 0B mov bl,0B: T$ z# y$ h4 F1 ~9 b
004031C9 0FAFC1 imul eax,ecx
1 z- m8 I3 w( p& ~004031CC 8BCF mov ecx,edi; w5 i0 O& n* u$ L
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl
, \$ b& ]: g# K* W004031D2 52 push edx5 @: C. T( x$ p8 b" S1 R3 n( d
004031D3 99 cdq
- y1 }) @' h7 K004031D4 F7F9 idiv ecx
' e& u# ]1 Z& B5 a1 {7 H004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]; k& N8 @: f" l; M( f2 z& C0 S
004031DD 2BC6 sub eax,esi1 [4 Y n L# M$ C
004031DF 52 push edx
$ s% F$ L' M H% a4 i! F004031E0 99 cdq
4 v3 j/ S6 g. e: a$ j3 J/ V004031E1 F7F9 idiv ecx: _2 ]: b- l( w7 f
004031E3 8BC6 mov eax,esi
; C' Y& w0 V2 H t004031E5 52 push edx5 w- | }6 g9 |: t
004031E6 99 cdq' V' M% w7 U. Z3 i9 j1 L
004031E7 F7F9 idiv ecx; N$ k$ L4 f0 h+ J
004031E9 52 push edx
( H( P& d# f& g6 t004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]
! O& E$ o; e' O. W004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"8 I( Y: @! i/ K2 N! o1 w
004031F3 52 push edx
+ Q% t( N1 |4 ]2 V- Z' I% p B004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是4893% |8 w ^7 @: B% U3 E' h: `
004031F9 83C4 18 add esp,18
6 B* u, g: _& n: i; G004031FC 6A 04 push 4: I! M4 P' o( M, d- ]# X* a
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
2 S" m6 E) }! c9 ]6 ^$ E00403202 6A 00 push 02 B. G8 V8 v& V7 E; q. d
00403204 50 push eax; S! t2 D5 c# w4 q1 W
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]2 Z' `% J! w; j0 a9 _" h
00403209 E8 D6530200 call qsr.004285E4
- H( G' D6 d# I3 x! u) C0040320E 50 push eax4 m3 S4 C! [8 h$ Z9 ]
0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]/ L& k. h$ @: G6 H: h
00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
! l0 X5 i5 t+ U r+ s% J00403218 E8 A7C30200 call qsr.0042F5C4" b& k' [( A1 [+ o. n" ?
0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]3 D7 b0 M g6 e
00403221 885C24 3C mov byte ptr ss:[esp+3C],bl5 d1 O$ M- e1 g/ i" @/ |
00403225 E8 61C20200 call qsr.0042F48B
+ ^4 y6 G# _$ s% e; I! q7 Z0040322A 6A 04 push 4
7 m+ U3 K+ @2 O/ C/ ^0 g0 F6 d0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]
* Z+ @/ ?6 E7 k6 o7 M( O00403230 6A 05 push 5
# Z' W9 A. |( `* R00403232 51 push ecx7 i1 C6 V" \9 `+ [3 y& T! a3 A
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]" M; X) P4 M: `: E" {1 g3 o
00403237 E8 A8530200 call qsr.004285E4; s% d9 x) U+ Z9 ^9 y
0040323C 50 push eax) B# L& ^- f9 U
0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]4 [6 t" L" B: q3 k0 j
00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D
: N' t4 y/ G J$ n" y* b0 ^5 D00403246 E8 79C30200 call qsr.0042F5C4
( h# O7 S& Q9 o( r" K! G' ]* M0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
# G: t( T3 p& a' ?6 x( V( }- U7 [0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
& Q8 p* h9 M( o: V. |- f4 V4 |2 y00403253 E8 33C20200 call qsr.0042F48B
1 H N. G9 q3 Q( V; Z8 Q8 J00403258 6A 04 push 4; G: i, @) o4 u. J
0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]. D5 N% y# }5 R; _. Z# }
0040325E 57 push edi
# z z1 \0 w/ l. O0040325F 52 push edx# v8 k; e# ?! E9 a7 Q
00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
" `) W8 A0 J- C' c$ N00403264 E8 7B530200 call qsr.004285E4+ n! g8 K9 Y) M* N: a+ \. x
00403269 50 push eax
6 Z0 b) F$ X. i) d; A0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
4 a: c2 L6 w# @* B4 c$ D0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E0 a9 W$ B' ?9 M9 N, F) e. @5 R; y6 R: X F
00403273 E8 4CC30200 call qsr.0042F5C4! s' I; b) P; E; I' s
00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]% T) o/ u" m; g2 R# I* ~
0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
1 O" m: g$ s' Y) O00403280 E8 06C20200 call qsr.0042F48B
+ z/ k- x: e# \- ~7 \. \6 O% B) W+ U00403285 6A 04 push 4
$ x7 @* {1 \) `! J |% _00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]; @1 v% E! y# @3 n
0040328B 6A 0F push 0F* H8 J7 @# K6 r5 E% @
0040328D 50 push eax4 D- b+ R' P0 O/ O) X$ x
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
! {* t6 D/ J! {( ]% m1 h00403292 E8 4D530200 call qsr.004285E4) R3 [4 ?% t' e7 g- H A
00403297 50 push eax" J8 B: r! i" [) H9 ]
00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
7 y# ^% z5 P) _) U1 Z5 M0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
/ T4 z& D8 j U# ?0 J004032A1 E8 1EC30200 call qsr.0042F5C4
8 N* {" G x5 F004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
; l$ S8 G- J9 n7 L, o/ p004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl( w, O! L6 n1 C- v
004032AE E8 D8C10200 call qsr.0042F48B
3 G, R5 E! n1 v3 q5 b004032B3 6A 04 push 4
2 M0 C) Y: h' z, p7 C' ^2 F) {004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]# Q9 e( _+ R% G4 a$ p
004032B9 6A 14 push 14% l( j( y3 ]; U4 a8 c: X% b
004032BB 51 push ecx1 d" n5 X% t9 W4 |" N- O
004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50], O/ O, ^$ q5 W
004032C0 E8 1F530200 call qsr.004285E4" F0 f; V+ [: x/ @: {
004032C5 50 push eax E. D4 X: |3 ^3 V
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]/ x0 e" `6 m; g% V7 H" ^# o8 p1 ?
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10
C( q+ [2 O. @# H' f004032CF E8 F0C20200 call qsr.0042F5C44 D( Q- Z0 c& d* P( ?. t
004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]; J. j- X: y) x" b5 s# m/ t n3 i
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl# R- j& r4 j/ m: N" h/ h
004032DC E8 AAC10200 call qsr.0042F48B+ T% w; h4 j5 ~! H k3 c
004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
3 [4 N3 c4 C) n- U k0 q) R004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX( W' s: U$ k5 @7 S9 @) N9 U& y
004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL, d0 y+ A! b! y7 x/ }* j% F1 n5 S
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL
9 m- B) X, _+ H* Z# Z004032ED 8ACA mov cl,dl ; DL送CL- h, S$ C+ X6 u, B7 ~
004032EF 3AD3 cmp dl,bl ; DL和BL比较
+ e! b' R6 i3 I' t6 W; W' u. l! x004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)
$ A) P% C! U' A" b004032F3 84C9 test cl,cl& [( h; B$ T) O* B5 z
004032F5 74 16 je short qsr.0040330D
& p9 S; u% ?& d6 M! p4 b' C. H4 n/ A004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
% Q- x/ h6 P( T004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
/ t( H; G: } I- G+ n$ P004032FD 8ACA mov cl,dl
$ Z" X( C5 q4 E) P) }1 e2 |5 m) i/ f) R004032FF 3AD3 cmp dl,bl ; DL和BL比较
4 ~0 e) W$ B; G8 c6 ^+ k8 i00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)
! D1 g, v: O. _# D00403303 83C0 02 add eax,2 ; EAX加2$ c6 d! k3 N( W# F. h' k# ^7 s
00403306 83C6 02 add esi,2 ; ESI加2
2 b: U" |& d {! `; }$ G- \. u00403309 84C9 test cl,cl
% U+ k& F& U0 i6 h8 C0040330B ^ 75 DC jnz short qsr.004032E9
3 {+ ]# _: [: }, \0040330D 33C0 xor eax,eax7 \& X( \# v/ v) Z, H
0040330F EB 05 jmp short qsr.00403316
1 K4 T% O7 E& C0 D2 ^; R9 Y! h4 W, m00403311 1BC0 sbb eax,eax
3 J2 t! n3 ?8 m% L0 j) F. x00403313 83D8 FF sbb eax,-1# N! X9 P7 g8 T% C' p# m7 m
00403316 85C0 test eax,eax) H9 y! m6 F) E& j% u9 Z
00403318 74 0E je short qsr.00403328$ @# o8 h1 n* Y5 S ^
0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A! g7 F |' s2 G p
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]( `" M+ n& m8 P* i/ l
00403323 E9 F0000000 jmp qsr.00403418
3 ^& ?1 @. e5 v# I2 {00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
; m6 ^ Z' a# S4 [5 v! ]1 S0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]/ R4 z: F* K# d6 D
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]/ m7 M1 i. t4 X7 _8 l, Q) R; A
00403333 50 push eax
% P# i$ l) y: e2 m' Z; y00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX
0 H$ v$ C, ?$ i3 E' B00403339 50 push eax7 v1 e# J) v) x0 t8 k& P
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX( l" Y% z9 @9 v8 C
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX
% c& u& P0 z! w! l00403343 83C4 04 add esp,48 o9 q' A4 g. i' N Z( i
00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI
% r, t* J0 }* q. U4 F00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
" _8 r0 s- |# M& q0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
, M' U5 f& v: \. o4 e* p' l; T0040334F 50 push eax
5 X6 l: v' J; ]+ n/ S5 a00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX: i z# l% o8 y. _& {. l
00403355 50 push eax8 c. N8 w9 o8 f
00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX0 J9 w5 N4 i- ` `9 E& n
0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX- |6 W* }; Y* h7 |& `% V( L1 T& u
0040335F 83C4 04 add esp,4
8 V( A8 ^/ F* M! k" y00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI9 }) F E' x4 V( |5 Z, Q: X- c7 \2 D
00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
* c2 Q# P9 d) u0 d1 H, P00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]
: b) R$ |1 ^' `/ Z5 {8 K+ i, v0040336B 50 push eax
3 w1 a) F- u5 i0 P: R0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX! f/ }2 A0 a$ ]+ r
00403371 50 push eax, ~6 S5 y n. H) g
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX2 q. q: j: v1 v4 |( o
00403377 8BD8 mov ebx,eax ; EAX送EBX- _2 E! E5 j3 R7 A' E
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX7 g5 c e0 e' h0 Q: |! U# a7 L$ _
0040337D 83C4 04 add esp,41 G) `3 i6 w" r- U
00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]( I' t! I0 ]# F. @+ O
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
" p# P7 I1 c" u) A00403387 50 push eax
* t+ P9 b7 l) [( g, W Y00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX: J) ?4 S7 j& l9 Q. B/ ~
0040338D 50 push eax
+ ^# g1 ^& `7 ~/ N! ~) B0 I6 B0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX
; Z; R9 z) h. g& C" N+ o6 x8 A4 l00403393 83C4 04 add esp,4
8 Q. c! F" a$ R00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
. W$ E8 ?! N5 I" C0 v$ n0040339A 8BE8 mov ebp,eax ; EAX送EBP
% c) t% G) r% W J6 e) v0040339C 6A FF push -1
& v* c( I2 ?6 h8 r3 p: z* I0 H0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX
7 g8 b. O9 H/ O, n, e4 O004033A3 6A FF push -1
& A$ A7 C( T1 ]" T3 ^! y8 P" J004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX2 Y% U! y5 v$ ^2 W
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX+ k% M" E4 N$ k
004033AE 6A FF push -1, A. B5 @3 v8 w- Q- ~# X
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX& \2 S' H! i, Q* A2 k4 x; u
004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
& s- Q' |6 }1 k( n% G. B6 H! I004033B9 6A FF push -1
7 E/ U) a, A- _0 n004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX
$ i4 v9 b) Y+ @6 e7 C9 O6 D% n* U004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX
6 O- S* R$ [( i/ _004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
& u" `& l" `' _- Q3 E8 V, \004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX( \' F P* L3 c1 I9 q( @' c, l
004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX
/ ], F& Y! |4 ^7 Q. _004033D7 D1E0 shl eax,1 ; EAX左移1位4 g: r8 w& G) r6 A1 j+ M3 P' P
004033D9 99 cdq ; EAX扩展3 d+ w: @! F# k& [; z: b
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
# t) ~7 q- Z8 k. R; N6 F+ ]: P6 c004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
2 y% | A' |6 t, z ~ q# Z004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)4 @: v1 c/ t+ k* Y8 o
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
1 {9 ^$ {. d1 J: M004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
" R4 {) K5 [ A! j3 W- g. K004033E9 EB 2D jmp short qsr.00403418
) s3 H/ _; R: x2 W004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX
" ] G9 N8 [& T' h0 C$ ~* ~" c2 U004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
( F e1 A" e; ]5 u P" o) \; y004033F7 99 cdq ; EBX扩展
; m" I; r! X9 J. x. ]004033F8 33C2 xor eax,edx ; EAX和EDX取异或: Z: s9 D4 u- ^2 H5 w5 i
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX' ]: d# r. T5 D: [7 N
004033FF 2BC2 sub eax,edx ; EAX减去EDX9 ]* z7 T# r8 `( H
00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
4 l3 a& P X) F8 X1 }; m; {00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX
2 r: l: f9 t+ @. @/ M; ~00403409 99 cdq
3 B4 ~: K5 Q! G5 {+ N0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中 J" i3 m! M( J; v% h6 M1 _* W0 K
0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX) J, w1 I/ y0 z( o# p6 ?
00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较' t8 E2 ]( z: R t' ~
00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)3 c9 n3 F/ M, V
00403418 E8 6EC00200 call qsr.0042F48B ; 1 v |+ D$ M, f, ^2 k& X4 c
0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
( K7 J4 R4 d4 x+ h" E% ]00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],9
: K3 i( ~2 Z& l, q! ?. Y00403426 E8 60C00200 call qsr.0042F48B8 j3 J4 F$ f% Q- w" D1 P# H8 k
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
6 C# l! Y$ ?! B! W2 l0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
9 M# G& U% D, e00403434 E8 52C00200 call qsr.0042F48B4 ?4 q" j9 B0 G. [5 i2 x8 I
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]0 g8 N7 I9 |" Y
0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],72 N! ~! s0 m. v1 H9 a0 z
00403442 E8 44C00200 call qsr.0042F48B
! u3 g/ n$ k- e1 s& q6 ~, @! M00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24] ~3 t" C. x5 z) D; x/ I! G
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],65 n# m8 X; j; K5 D5 t; X4 J+ s
00403450 E8 36C00200 call qsr.0042F48B
' h; B7 v4 G; D- F3 c2 }' B00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
+ Q- m7 E Y9 |& v00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],33 K/ Y0 P) M& y. ]
0040345E E8 28C00200 call qsr.0042F48B
$ {$ r2 C: C( A- Q00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
3 D2 {- f9 A2 `' o# _; C; H( P00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2
7 u' n% ]9 ?3 g8 P. U" ?9 M3 t0040346C E8 1AC00200 call qsr.0042F48B/ {2 w5 X: i4 c. w' g& n- a
00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
; a1 f6 Q. |2 j7 s2 n' T# j, |. G00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
' f( K- n6 o+ A- N H$ N* X# F0040347A E8 0CC00200 call qsr.0042F48B9 c. l$ w5 ^; _8 F. r
0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
" U3 g: m' ~! n" g! c0 y00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],0& @( y2 P1 P1 z
00403488 E8 FEBF0200 call qsr.0042F48B
* @! i( J S5 z m4 L8 m1 C7 y% H' Y0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48], P$ I) a( X8 m% }! a! T8 h
00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
+ k! @1 { k! s# L& ^! E00403499 E8 EDBF0200 call qsr.0042F48B1 p) h- L3 s; P2 n: r
0040349E 32C0 xor al,al ; AL清0
8 D6 f* }% U6 g- Y v004034A0 E9 88000000 jmp qsr.0040352D
7 D i0 d, v! n |004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~, v, `8 k9 [ H! F
004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]" y' C6 S0 J$ N+ m( W& l
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9( H1 |1 E+ H$ t: |, s e
004034B3 E8 D3BF0200 call qsr.0042F48B" d% N- [* u( u0 y: y( u. A7 g& }
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]2 J u# t% B1 Y, n' F
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],89 b3 e" y! R9 n: l* L9 D; `
004034C1 E8 C5BF0200 call qsr.0042F48B M1 J6 z$ G. X" m
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]# B& B8 q1 |5 a7 S* K v
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7( ?+ f" l) P8 t3 R( D
004034CF E8 B7BF0200 call qsr.0042F48B
$ e& D' x( {, H8 i' x004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]
" @6 u4 t" p7 ~+ z004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],6& k( l6 `- U4 `" C1 i3 J+ C
004034DD E8 A9BF0200 call qsr.0042F48B! T, ^$ S+ x$ ]$ C4 p( T% V
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
. V& Z+ m% [8 c004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
% v: E( _9 _; C! n004034EB E8 9BBF0200 call qsr.0042F48B
: B3 ]* v# h9 }: T1 b8 s. L5 I004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
6 |! M* b5 b1 t: S! L# B- B% g. d004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2: Q9 Q, W O+ V$ E
004034F9 E8 8DBF0200 call qsr.0042F48B
3 l" k; Z$ Z2 u# P: V004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
5 r6 `8 x4 G0 L1 c( M" F; p0 i% Z00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
3 y3 { v7 a0 h00403507 E8 7FBF0200 call qsr.0042F48B
" [! M9 Q _; C0 y( X. z8 N. q0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
/ J/ e- A+ Q7 q' `: j6 P( G0 X& [# _7 `00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0
2 o* K- ~& ?: `* L1 @ g00403515 E8 71BF0200 call qsr.0042F48B5 d5 e, S. X. m
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
1 z6 v, \2 p1 m* q- S4 s2 m) L2 e7 ]0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
( [' B' s7 ~9 E" G7 G00403526 E8 60BF0200 call qsr.0042F48B
8 J% ~# N5 g# D* X" Q0040352B B0 01 mov al,1, O4 m8 o G, k0 D0 q6 \+ {
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]
* u; N# i* t7 x$ V! b4 t$ y [00403531 5F pop edi
" j2 W5 @& q7 B: |( _00403532 5E pop esi
$ M, h. L, u' m+ P& T00403533 5D pop ebp
: o6 o3 ~) b# r0 r7 w3 C$ Y: Q8 ?00403534 5B pop ebx
$ |* h; o5 P" G( l+ e" i00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
" {9 v1 y ~6 A, Z! s0040353C 83C4 30 add esp,30
: P0 n2 t% R" t0040353F C2 0800 retn 8
( A; e% L. E8 }; @7 b" t A) f--------------------------------------------------------------------------------) b( C1 Y+ h- u# a: ^) u
【破解总结】
" N1 n5 b" x8 c$ a7 `4 Q* W% V* } 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^2 E, ~! T) m% Q3 v& n) f
用户名:yijun
# c3 Q, R. e0 h- Z注册码:4893*7777*3726*7777*0529
3 v$ I0 P5 r$ {* n5 W--------------------------------------------------------------------------------' N) V' l- |# ~( P3 m- l% U; e/ x
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡