|
|
【原创】破解Quick Screen Recorder
# D% P& h* B5 M1 |" V3 o- m【破解作者】 yijun
6 t" F$ l( X& W5 V【作者邮箱】 [email protected]7 w& e$ m7 E' z7 ~
【使用工具】 OD,PEID
, d4 w( [# }: M【破解平台】 WinXP- O. n$ V( M+ \; d9 b
【软件名称】 Quick Screen Recorder7 {: j5 U% [6 _+ k8 R6 K
【下载地址】 天空
$ [9 D, S7 A! Y: `& ?/ O& X0 e; J) v【软件简介】 Etrusoft Quick Screen Recorder is a tool used for recording screen activity into standard AVI video files. If you move the cursor, launch a new program, type some text, click a few buttons, or select some menus -- anything that you see on your screen -- Quick Screen Recorder will be able to record all these and allow you to play them back later on. . n5 p% F" V6 |. g4 L% F9 m' s
【软件大小】 540K
- L4 R! J2 r! s- ]0 H/ C/ p【加壳方式】 无 q; u2 l% x3 ^, I- F. t% j9 p: U
【破解声明】 我是一只小菜鸟,偶得一点心得,愿与大家分享:)
l3 w% w% O- ^--------------------------------------------------------------------------------
- |5 }9 B2 J6 t9 m* ?' Z1 e& \【破解内容】
7 q( G+ e. N. M5 n! S! C3 U PEID查壳知该软件无壳Microsoft Visual C++ 6.0编写。OD载入很容易来到以下地方:
# y/ ~$ D1 A1 S0 J% H+ f00404C69 55 push ebp //在此下断" o' a) c# r& }2 j
00404C6A 56 push esi
) k+ |, H' V0 ?" ?, u00404C6B 57 push edi
' g; g/ ^" V* x00404C6C 8BE9 mov ebp,ecx
, V: ]4 j4 o# a. |4 Q: f00404C6E 6A 01 push 1
# ~1 Y+ O* g/ s2 t( j, }00404C70 E8 7C910200 call qsr.0042DDF1 ; 取用户名
$ h+ y% B0 _5 |9 T00404C75 8D7D 60 lea edi,dword ptr ss:[ebp+60]
" z7 ]4 h+ x, D/ H% H- h' i/ x00404C78 8BCF mov ecx,edi- a/ ~9 n2 T. H1 h* a- X, F
00404C7A E8 FA3E0200 call qsr.00428B79 ; 取注册码
) J L. ^6 P* p u+ a3 r4 m9 Y3 j00404C7F 8BCF mov ecx,edi
5 w7 R: O' L/ F$ D! }6 F7 H00404C81 E8 A73E0200 call qsr.00428B2D
' \8 j( f# `/ Q6 B6 r& z00404C86 8D75 64 lea esi,dword ptr ss:[ebp+64]+ W7 v0 f: B ~8 w
00404C89 8BCE mov ecx,esi
$ O- n0 J; h" H$ u6 u1 J$ r- J00404C8B E8 E93E0200 call qsr.00428B79 ; 用户名送EAX3 j( |+ E! c' [/ U( S# `: |
00404C90 8BCE mov ecx,esi [( U2 C D: \, @* f: p& j' n& p
00404C92 E8 963E0200 call qsr.00428B2D
; K% ?5 E6 l5 F00404C97 8B06 mov eax,dword ptr ds:[esi]
3 x* Y* Y+ W+ F5 I! Z) z00404C99 8378 F8 02 cmp dword ptr ds:[eax-8],27 u0 A2 R/ Q# n1 W5 p
00404C9D 7D 26 jge short qsr.00404CC5
: `8 S$ t- \- L c3 r# d00404C9F 6A 40 push 40
& q, ]/ z/ _: U00404CA1 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"; Z( Q7 @( p* F4 N; {' s4 Y
00404CA6 68 24E54500 push qsr.0045E524 ; ASCII "Please input your name."8 u. H5 Y% i3 u1 e: n, w( S* P, m" L
00404CAB 8BCD mov ecx,ebp
/ X Y( Q, h. E4 e# o00404CAD E8 C3840200 call qsr.0042D175
. w) Q1 [: [+ H% C00404CB2 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]
c8 l% u$ u5 |00404CB6 64:890D 0000000>mov dword ptr fs:[0],ecx
- B: ~4 W& G {3 x& h, J00404CBD 5F pop edi; G5 {: B% X: \6 q
00404CBE 5E pop esi
4 N7 u* ]) C' M) d00404CBF 5D pop ebp; d' k- f- K- d8 I
00404CC0 5B pop ebx$ v; v. I4 {* G; z) ]1 i2 u
00404CC1 83C4 18 add esp,183 _" _1 P7 m6 A9 }6 L$ H9 P% y
00404CC4 C3 retn& j/ g$ w2 [6 v: r
00404CC5 8A45 5C mov al,byte ptr ss:[ebp+5C]* j) O* M+ b6 D3 H% v
00404CC8 84C0 test al,al
, d. d( C5 @) d T00404CCA 0F85 1C010000 jnz qsr.00404DEC. Z7 Q- [; E' }* `% {
00404CD0 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
+ Y* z! e% _9 u: L- j2 q7 a00404CD4 E8 87E3FFFF call qsr.00403060& [0 D, Q U& i0 D6 m9 K) [0 a
00404CD9 51 push ecx
* g7 ]2 E( S/ v9 B3 l. O3 H1 `00404CDA C74424 28 00000>mov dword ptr ss:[esp+28],0
; P* j1 m% `; ?! d9 h00404CE2 8BCC mov ecx,esp: f* [! `- @2 E
00404CE4 896424 14 mov dword ptr ss:[esp+14],esp
- o" q' q; [) _$ B w/ @' u00404CE8 56 push esi
/ k* O6 S6 q/ H% ?: m00404CE9 E8 12A50200 call qsr.0042F200 ; 测试用户名是否是0
( z* x( z% s5 E6 O. X00404CEE 51 push ecx) Q$ J" @$ C9 h& Z* M" g# @6 ?# N
00404CEF C64424 2C 01 mov byte ptr ss:[esp+2C],1. l) Y) z* c7 Q) N2 w
00404CF4 8BCC mov ecx,esp
" z1 g% E. `9 Q9 W! p" x00404CF6 896424 20 mov dword ptr ss:[esp+20],esp
! B ` m, o$ \3 e" V00404CFA 57 push edi
$ ]& A! r; K0 L# s: O/ }00404CFB E8 00A50200 call qsr.0042F200 ; 测试注册码是否是0
T2 n( h1 f: I/ t6 J+ R* a00404D00 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
" X& C$ S M) d4 J+ `/ l+ e00404D04 C64424 2C 00 mov byte ptr ss:[esp+2C],0
5 M) W6 R3 c5 _00404D09 E8 92E3FFFF call qsr.004030A0 ; 关键CALL,跟进~~~~~~~~~~~
* W# ~2 f$ x$ v" |0 a00404D0E 84C0 test al,al ; 刚才那两处都等就注册成功,此时AL=1~~~
8 S/ S4 j/ \; d7 s8 a/ y00404D10 75 37 jnz short qsr.00404D49 ; AL=1就注册成功~~~~1 a2 v; T7 a3 K' }3 p9 D* o
00404D12 6A 40 push 40
9 P. w3 k& F0 e2 |00404D14 68 3CE54500 push qsr.0045E53C ; ASCII "Quick Screen Recorder"
' c) T* Y% R1 X7 w00404D19 68 DCE44500 push qsr.0045E4DC ; ASCII "Sorry, your registration key is wrong. Please check it and try again."
* R" Z& t' d( y* r# F! n00404D1E 8BCD mov ecx,ebp) x8 u4 F1 W. n2 S$ o0 l' v1 [1 l
00404D20 E8 50840200 call qsr.0042D175) d" g; t4 l0 F. B
00404D25 8D4C24 14 lea ecx,dword ptr ss:[esp+14]
2 ]1 f w6 {# Z/ N! w; H6 w00404D29 C74424 24 FFFFF>mov dword ptr ss:[esp+24],-1' t) j1 F0 e; d/ V
00404D31 E8 5AE3FFFF call qsr.00403090* X% s- K1 a- _5 w$ o, x6 H
00404D36 8B4C24 1C mov ecx,dword ptr ss:[esp+1C]! x. \/ _# D9 W8 z9 e
00404D3A 64:890D 0000000>mov dword ptr fs:[0],ecx0 q* @$ v; w0 ]
00404D41 5F pop edi% q' Z% p! q O d8 G
00404D42 5E pop esi' u, ~7 j7 ?% l
00404D43 5D pop ebp+ c3 I* c& t9 G, ^; Y+ h
00404D44 5B pop ebx6 ]1 z! P' f& M$ z
00404D45 83C4 18 add esp,18
/ U; m: h! X% @( j00404D48 C3 retn# h" k; n* s. h9 p: H: Z
*********************************************************************************************************************************************************8 f& U- N7 [' H. d7 }) K
跟进00404D09处CALL来到:
/ s& B- B. J% o" D" n- |3 b004030A0 6A FF push -1 //一路F8下去~~~~+ {0 {; d2 j; q9 ~/ E
004030A2 68 C88F4400 push qsr.00448FC8- q( k6 U/ A2 ]) u s" J
004030A7 64:A1 00000000 mov eax,dword ptr fs:[0]
9 M7 ]4 K C6 L$ l. \0 |' u9 D004030AD 50 push eax! ?4 K4 {: v$ h/ s
004030AE 64:8925 0000000>mov dword ptr fs:[0],esp
( Y1 i2 E* Y# T1 N/ \* `004030B5 83EC 24 sub esp,24# C7 @6 ]2 C4 O) C. X0 P$ K' }
004030B8 53 push ebx7 }& Z6 n3 B' L; h: U- o5 y
004030B9 55 push ebp
0 C- X1 Q& a/ ~9 ]4 b004030BA 56 push esi' p. t( G O3 Z6 B6 Y; e
004030BB 57 push edi a w# F( ?3 A
004030BC 68 28E24500 push qsr.0045E228 ; ASCII "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890" j: ^# v9 |/ N
004030C1 8D4C24 24 lea ecx,dword ptr ss:[esp+24]3 q) |5 f- X6 M9 B
004030C5 C74424 40 01000>mov dword ptr ss:[esp+40],1
& _! K0 ~& q P+ I7 s9 q6 {004030CD E8 27C40200 call qsr.0042F4F9
' A' y* N ] |; C) h004030D2 A1 38F44500 mov eax,dword ptr ds:[45F438]. p9 X/ g' J* i: U7 j
004030D7 894424 2C mov dword ptr ss:[esp+2C],eax7 o$ W E4 k2 g: J- a
004030DB 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
, ]6 f6 i) Y4 r$ ~1 M004030DF C64424 3C 03 mov byte ptr ss:[esp+3C],3; E8 P* v+ C$ ]8 E9 q- `
004030E4 E8 905A0200 call qsr.00428B79
% N5 @( g- p) [) K2 ~+ C6 @# q, s004030E9 8D4C24 48 lea ecx,dword ptr ss:[esp+48]! W- d6 c# {: W5 o7 Q# f# E' C, z
004030ED E8 3B5A0200 call qsr.00428B2D
* [5 q# {) [% P& X1 r004030F2 8D4C24 44 lea ecx,dword ptr ss:[esp+44]" i- ^ b7 r* ^# c$ P7 Y
004030F6 E8 7E5A0200 call qsr.00428B799 N% V' B& r8 X& c ^2 A
004030FB 8D4C24 44 lea ecx,dword ptr ss:[esp+44]
0 t) O. ]6 r: Z u004030FF E8 295A0200 call qsr.00428B2D
+ V6 I. y: ?5 E1 j00403104 8B4C24 48 mov ecx,dword ptr ss:[esp+48]5 w3 I8 g7 S' Q' k# i$ R
00403108 8B41 F8 mov eax,dword ptr ds:[ecx-8]! u* C8 N5 _1 O
0040310B 83F8 02 cmp eax,2# L4 w: d5 K& _ {
0040310E 0F8C 4F030000 jl qsr.00403463 ; 用户名小于2就跳
3 a7 e" w X9 ]$ X00403114 8B5424 44 mov edx,dword ptr ss:[esp+44]
8 P, f. z+ S0 c+ ?00403118 837A F8 18 cmp dword ptr ds:[edx-8],18
3 L7 M& o T, ~0 a/ M$ B9 F" ~$ W* }. a0040311C 0F85 41030000 jnz qsr.00403463 ; 注册码不等于18(16进制)就跳! Z, f0 a# R3 ~8 I3 }4 M) {: J, S' q
00403122 8D4424 30 lea eax,dword ptr ss:[esp+30]
, N' X+ Q# g4 c1 I00403126 6A 01 push 1
8 G/ _% Q8 A* [: D00403128 50 push eax, i2 A! \' C% }1 n
00403129 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
% q/ J H! @/ N* O0040312D E8 C4550200 call qsr.004286F6( V' Q/ f, O0 |% y$ x" a) J( U
00403132 8B00 mov eax,dword ptr ds:[eax]1 X+ w( {* x& `% Q1 o
00403134 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
$ F: h1 G D# [0 W) A00403138 50 push eax
3 R9 O# |8 g1 B. x7 }( Z% E( A00403139 C64424 40 04 mov byte ptr ss:[esp+40],4
6 T3 I# Q0 s* q2 R8 g' K0040313E E8 4D560200 call qsr.00428790
: U+ U1 H/ V) }" l" r5 \00403143 8D4C24 30 lea ecx,dword ptr ss:[esp+30]# I& ], q: c: o) ]% T; w
00403147 8BF0 mov esi,eax$ i& i) _: ~' P, W, O
00403149 C64424 3C 03 mov byte ptr ss:[esp+3C],3 ]% a1 [; k+ [. t- S3 ~/ M
0040314E E8 38C30200 call qsr.0042F48B
; s: \. Y( u ]! \00403153 8D46 0A lea eax,dword ptr ds:[esi+A] S3 Y8 }9 p5 Z5 q
00403156 B9 3E000000 mov ecx,3E5 P) M7 V) W' ~$ z
0040315B 99 cdq$ o9 L9 l% |0 q! s
0040315C F7F9 idiv ecx+ j1 c# ~% C# B0 j! Z: I
0040315E 6A 01 push 1
2 [. {$ N" E) U) _. C E% B. \00403160 8D4C24 4C lea ecx,dword ptr ss:[esp+4C]
* E- d9 B+ q. R( a4 s6 l; A00403164 8BF2 mov esi,edx% _8 m$ T: X0 Q' F
00403166 8D5424 34 lea edx,dword ptr ss:[esp+34]
+ k5 s) { @$ f$ n4 [& I0040316A 52 push edx
, H0 k4 E7 R% n X( B" F y" |* q0040316B E8 0A550200 call qsr.0042867A
8 Z: B& \" U/ B0 M" Y00403170 8B00 mov eax,dword ptr ds:[eax]
- t! m; E( h; \. @; w3 `* s00403172 8D4C24 20 lea ecx,dword ptr ss:[esp+20]& r4 u4 q( I0 t( q; M
00403176 50 push eax; T6 r; |" W, J3 Y. ]
00403177 C64424 40 05 mov byte ptr ss:[esp+40],5
8 i$ q* d5 l5 b2 c0040317C E8 0F560200 call qsr.00428790
1 e. c1 j9 H3 W& `00403181 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
0 k1 O$ G- [' T% a3 s1 h& t00403185 8BF8 mov edi,eax
M6 t' z x$ Y7 v00403187 C64424 3C 03 mov byte ptr ss:[esp+3C],36 V! z0 p* |1 q
0040318C E8 FAC20200 call qsr.0042F48B
8 J! f& M" M/ q: t+ }* C0 }8 t00403191 8D47 0A lea eax,dword ptr ds:[edi+A]
! A; s/ @$ @% s) R/ S( w9 T00403194 B9 3E000000 mov ecx,3E8 i5 W" _% w1 M& l/ Z! |; E' b
00403199 99 cdq
3 S( } a2 J, Z; ^3 d& [0040319A F7F9 idiv ecx
8 i5 u7 i. r; v/ Q0040319C A1 38F44500 mov eax,dword ptr ds:[45F438]
+ D( b9 ^. g$ t004031A1 894424 28 mov dword ptr ss:[esp+28],eax
* \) P* X' e2 Q( Q4 ^ g" C0 ?004031A5 8BCA mov ecx,edx# W3 p+ o$ g% b V& J% p
004031A7 894424 24 mov dword ptr ss:[esp+24],eax
6 m2 s7 C9 Z9 Y/ V" S8 [% B004031AB 894424 1C mov dword ptr ss:[esp+1C],eax
2 H0 c& \" A& w1 R3 Q3 f; n004031AF 894424 18 mov dword ptr ss:[esp+18],eax
' k2 |" g" z! X5 ?, O' c7 Y004031B3 894424 14 mov dword ptr ss:[esp+14],eax# s& z5 D( _/ B- G: R9 C2 h: Q
004031B7 894424 10 mov dword ptr ss:[esp+10],eax
) [7 g$ ~. E+ M, v& E004031BB 8BC1 mov eax,ecx( d8 q7 P4 n" _* P/ k
004031BD BF 0A000000 mov edi,0A0 \3 z' c4 B" o& W* K4 }
004031C2 99 cdq8 X% \4 o6 B" Z) V& D
004031C3 F7FF idiv edi
/ g+ P" f4 F. ~/ x$ u! ]004031C5 8BC1 mov eax,ecx% v8 _" ?2 L3 `
004031C7 B3 0B mov bl,0B m% h" Y: b% N' ^
004031C9 0FAFC1 imul eax,ecx
9 }. b( m& q) W004031CC 8BCF mov ecx,edi( _) a4 e9 J9 W
004031CE 885C24 3C mov byte ptr ss:[esp+3C],bl, _; G+ w- g2 a$ h$ ?" y: I
004031D2 52 push edx8 b6 c; N% E# W4 S
004031D3 99 cdq
_7 m% G8 s5 U2 k5 U2 \004031D4 F7F9 idiv ecx
! N3 e0 S9 R/ n1 F+ N1 v2 A: I004031D6 8D04F5 00000000 lea eax,dword ptr ds:[esi*8]
# z! y% g$ j* `: M004031DD 2BC6 sub eax,esi
% T9 H5 o; g; C. B004031DF 52 push edx
1 R4 J7 f) J+ j7 n7 m004031E0 99 cdq( W* F3 n2 T6 h1 A
004031E1 F7F9 idiv ecx
5 W! m* }& f7 q9 t004031E3 8BC6 mov eax,esi! L9 K3 u$ T; s, o! @! j+ Q) w: S
004031E5 52 push edx( E' H% j* p3 J7 A6 }; A% d
004031E6 99 cdq0 F+ X' Z0 _4 M
004031E7 F7F9 idiv ecx
" P* `* o3 B3 O+ N( {9 ?004031E9 52 push edx
! m" l3 a" q$ u8 J$ o- z. Y004031EA 8D5424 38 lea edx,dword ptr ss:[esp+38]+ N9 |* C' l( s, C
004031EE 68 1CE24500 push qsr.0045E21C ; ASCII "%d%d%d%d"
$ |9 } U9 t. q2 F8 ^8 l/ R004031F3 52 push edx2 v3 u' l/ b$ w* h
004031F4 E8 D8580200 call qsr.00428AD1 //由我们的用户名得到一个4位数,我的是48935 l1 _- K1 p2 y3 Q% E0 G! h5 ]
004031F9 83C4 18 add esp,18
: q' d L5 j4 p. \0 X% ?- q k9 f004031FC 6A 04 push 4. T; P: H8 B! F0 [5 H7 c
004031FE 8D4424 34 lea eax,dword ptr ss:[esp+34]
$ n1 ]4 {! f+ L3 h00403202 6A 00 push 0
" b6 w9 H! W5 e8 y+ U6 }( X00403204 50 push eax. @- T( m2 Q/ k J% Y
00403205 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ c4 g( Q- O: {; X ~
00403209 E8 D6530200 call qsr.004285E4% s5 @0 {: I; q* J. q7 x
0040320E 50 push eax
2 q5 _; {- S2 V* p) I# m s' z W0040320F 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
( @5 F6 Y! G1 I% I00403213 C64424 40 0C mov byte ptr ss:[esp+40],0C
$ V5 i* f! ~3 ^4 c" w( e00403218 E8 A7C30200 call qsr.0042F5C4
5 w( f8 ?/ G( R* l I( ]; a0040321D 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
" \& S# I) b( s9 Z00403221 885C24 3C mov byte ptr ss:[esp+3C],bl
i9 _% h) ?& q7 j$ K00403225 E8 61C20200 call qsr.0042F48B) K6 O2 W; {1 }6 _5 H3 K2 ~; ^
0040322A 6A 04 push 4
% w( j0 n. g7 H& ^2 d7 t$ a0040322C 8D4C24 34 lea ecx,dword ptr ss:[esp+34]" Y& J5 A9 `8 Y
00403230 6A 05 push 5* P- t( c% A* d! P* O+ q
00403232 51 push ecx; H1 E9 ^7 Y1 v0 M* Y* h2 A- O
00403233 8D4C24 50 lea ecx,dword ptr ss:[esp+50]
& N5 c- a8 X" K! Y00403237 E8 A8530200 call qsr.004285E4) H$ G s- X" c1 A/ U) K
0040323C 50 push eax
% M: M. L8 Q5 m! c) R/ W) s0040323D 8D4C24 20 lea ecx,dword ptr ss:[esp+20]
4 X% {) f) \& A* x" v00403241 C64424 40 0D mov byte ptr ss:[esp+40],0D; P3 F9 d1 w1 v ?
00403246 E8 79C30200 call qsr.0042F5C42 B; g: P5 v" R9 D9 i; H$ z; W
0040324B 8D4C24 30 lea ecx,dword ptr ss:[esp+30]4 \- E( \- R4 \3 S- z& |0 e/ l: @) N
0040324F 885C24 3C mov byte ptr ss:[esp+3C],bl
/ O/ T1 T0 a( A q, u00403253 E8 33C20200 call qsr.0042F48B
( Q. |6 E, R( D5 V00403258 6A 04 push 4
) K* g _; A4 B: b: _$ t0040325A 8D5424 34 lea edx,dword ptr ss:[esp+34]
: ]6 g+ b; s4 A) I0040325E 57 push edi( \3 P3 A: X) [( x* P
0040325F 52 push edx
# V8 G6 W. [5 ~4 @$ `, x00403260 8D4C24 50 lea ecx,dword ptr ss:[esp+50]/ z, e/ _0 M4 Q
00403264 E8 7B530200 call qsr.004285E41 d$ x" Q5 j) P
00403269 50 push eax) U! L( A& r j+ m7 u
0040326A 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]- B) i* @3 b3 _5 N
0040326E C64424 40 0E mov byte ptr ss:[esp+40],0E Z+ T: {. C# a8 E: w' [ f& t/ K
00403273 E8 4CC30200 call qsr.0042F5C4
- T4 @, L4 r/ H00403278 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
! K9 T3 U+ M* w7 X0040327C 885C24 3C mov byte ptr ss:[esp+3C],bl
! J0 M. o( p2 p' i0 r4 G# Q0 f00403280 E8 06C20200 call qsr.0042F48B
* H) u7 n( L: g* ]# }& }, s00403285 6A 04 push 4
' M+ {1 Z s. @, A00403287 8D4424 34 lea eax,dword ptr ss:[esp+34]/ o, L7 n2 j Q
0040328B 6A 0F push 0F
' w9 m7 ?7 A5 j; K0040328D 50 push eax' b3 Q; H% U, F' ]
0040328E 8D4C24 50 lea ecx,dword ptr ss:[esp+50]( U3 C! J$ h0 Z( p. j
00403292 E8 4D530200 call qsr.004285E4
% q% A8 u* F; }0 A/ v" N1 G00403297 50 push eax
0 J( A5 J' I$ Z00403298 8D4C24 18 lea ecx,dword ptr ss:[esp+18]0 M% y" ~- M7 K, Z
0040329C C64424 40 0F mov byte ptr ss:[esp+40],0F
0 y) P: i) ?1 o6 i004032A1 E8 1EC30200 call qsr.0042F5C4
/ Q, ~ }, Z" _4 J! i: T( X7 N/ J/ l004032A6 8D4C24 30 lea ecx,dword ptr ss:[esp+30]
6 \5 M8 I5 y* Y004032AA 885C24 3C mov byte ptr ss:[esp+3C],bl
9 @/ T- R, e( [004032AE E8 D8C10200 call qsr.0042F48B |5 l8 q$ M. r
004032B3 6A 04 push 4% S# Z# U& Y% N! Y8 _
004032B5 8D4C24 34 lea ecx,dword ptr ss:[esp+34]: ~4 b! I. F* h' l
004032B9 6A 14 push 14
1 k+ K/ {$ B3 L m! Q* `004032BB 51 push ecx
9 D2 j: k3 }6 R+ `: o004032BC 8D4C24 50 lea ecx,dword ptr ss:[esp+50]3 {6 g, z2 I% @) l" D' Q
004032C0 E8 1F530200 call qsr.004285E4
' F4 @; x" [- E# i5 L H004032C5 50 push eax7 r! q9 W3 f. D: M# e+ [
004032C6 8D4C24 14 lea ecx,dword ptr ss:[esp+14]7 v4 p7 h) U `. X/ Z) j9 H
004032CA C64424 40 10 mov byte ptr ss:[esp+40],10- M; F) S- H1 f2 s
004032CF E8 F0C20200 call qsr.0042F5C4
. e) E; l2 U* F c5 ]# |+ A7 j004032D4 8D4C24 30 lea ecx,dword ptr ss:[esp+30]$ C9 b9 |; S3 c) Z. @
004032D8 885C24 3C mov byte ptr ss:[esp+3C],bl
J% G% n& e7 @; R5 l5 p: s004032DC E8 AAC10200 call qsr.0042F48B
& n x' E3 ]) E k& d+ l$ u6 g004032E1 8B7424 24 mov esi,dword ptr ss:[esp+24] ; 注册码1到4位送ESI
; r* p9 c/ b3 V! C004032E5 8B4424 28 mov eax,dword ptr ss:[esp+28] ; 4893送EAX
+ l. H; ~$ e- e0 k% G0 Y004032E9 8A10 mov dl,byte ptr ds:[eax] ; [eax]送DL7 r- P6 z" R8 ]+ P
004032EB 8A1E mov bl,byte ptr ds:[esi] ; [ESI]送BL7 e; A+ M, k; G
004032ED 8ACA mov cl,dl ; DL送CL$ I+ x2 B/ R2 U! `
004032EF 3AD3 cmp dl,bl ; DL和BL比较, `2 v; w/ q' l
004032F1 75 1E jnz short qsr.00403311 ; 不等就跳(不能跳)! F0 D* f* W7 D1 ?5 c
004032F3 84C9 test cl,cl
, q: v6 |! Y- x004032F5 74 16 je short qsr.0040330D
# V! ] ]- d# ?# W9 f004032F7 8A50 01 mov dl,byte ptr ds:[eax+1] ; [eax+1]送DL
7 J3 W+ g, k; \1 t004032FA 8A5E 01 mov bl,byte ptr ds:[esi+1] ; [esi+1]送BL
8 A) b2 S" M3 U' X004032FD 8ACA mov cl,dl
9 h: Q; j/ W0 c% i. P" p9 O$ {004032FF 3AD3 cmp dl,bl ; DL和BL比较0 V' Z' x" _0 L" {9 f# s, k6 c V7 u
00403301 75 0E jnz short qsr.00403311 ; 不等就跳(不能跳)& Q. m I0 J+ q9 \* c
00403303 83C0 02 add eax,2 ; EAX加25 b+ B" B: v) P' G( l( v; u
00403306 83C6 02 add esi,2 ; ESI加2
$ r) c+ d, u1 Q ?00403309 84C9 test cl,cl
7 [- K; g# Y) \4 d, M% @' t( x0 k0040330B ^ 75 DC jnz short qsr.004032E9( ] E- r1 z/ p% ]. m
0040330D 33C0 xor eax,eax$ E. d9 Y( K+ J
0040330F EB 05 jmp short qsr.00403316/ |8 f) ^- D% `$ u1 t
00403311 1BC0 sbb eax,eax% I- L3 @: i+ P C$ g5 \
00403313 83D8 FF sbb eax,-15 B3 O, {% H+ [% X, y- R1 U
00403316 85C0 test eax,eax6 Y! n- y7 ?; ?; @
00403318 74 0E je short qsr.00403328
6 a6 i0 q, c, x/ Q+ y7 [4 H6 b% c0040331A C64424 3C 0A mov byte ptr ss:[esp+3C],0A# f8 G- c e. i+ ~0 H# d
0040331F 8D4C24 10 lea ecx,dword ptr ss:[esp+10]
8 F; L7 P# }; K2 ?% v+ E00403323 E9 F0000000 jmp qsr.00403418" L: w+ Q/ ]7 ~7 {
00403328 8B4424 1C mov eax,dword ptr ss:[esp+1C] ; 注册码6到9位送EAX
% t Q. z* H% O1 b9 h. [. \5 m% S0040332C 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]+ ~) f5 b8 F" w1 O# p
00403330 8B40 F8 mov eax,dword ptr ds:[eax-8]
" h* h/ ?) V1 Q; d z1 I00403333 50 push eax
9 Z: g# F! S( t- M- r( s00403334 E8 82C50200 call qsr.0042F8BB ; 注册码6到9位送EAX* Z( x4 D# x) \
00403339 50 push eax1 D/ w+ P, r1 k/ _$ n/ K" P9 V
0040333A E8 466D0100 call qsr.0041A085 ; 注册码6到9位转换成16进制送EAX: o. I! g. R1 j+ V% x9 p7 [1 ]. C
0040333F 8B4C24 1C mov ecx,dword ptr ss:[esp+1C] ; 注册码11到14位送ECX! e4 E f& U, W) X' T
00403343 83C4 04 add esp,4
+ H( @# x( J7 f, L( ~& T k1 i0 K00403346 8BF0 mov esi,eax ; 注册码6到9位的16进制送ESI2 v$ ~5 x( z( O* |
00403348 8B41 F8 mov eax,dword ptr ds:[ecx-8]
# v6 ]- V# B5 G) o4 P" e0040334B 8D4C24 18 lea ecx,dword ptr ss:[esp+18], D/ C$ G% j( P% V5 a
0040334F 50 push eax ]# i' e- x$ l9 y: {
00403350 E8 66C50200 call qsr.0042F8BB ; 注册码11到14位送ECX
2 u; n( a) e$ r) Q1 G4 T# D h00403355 50 push eax
& |) s2 @; D6 u% n$ y+ Q00403356 E8 2A6D0100 call qsr.0041A085 ; 注册码11到14位转换为16进制送EAX
. l: j$ ^+ S3 R3 o0040335B 8B5424 18 mov edx,dword ptr ss:[esp+18] ; 注册码16到19位送EDX
0 T! B/ A/ i7 Y0040335F 83C4 04 add esp,4
& X1 x+ V( ~* N, O% K5 u00403362 8BF8 mov edi,eax ; 注册码11到14位的16进制送EDI
% U% W/ ^5 _* ^ p6 w% D7 N/ c00403364 8D4C24 14 lea ecx,dword ptr ss:[esp+14] a: R# L z) d* S
00403368 8B42 F8 mov eax,dword ptr ds:[edx-8]' e: C5 k% k1 j# {( D: }+ w1 k
0040336B 50 push eax) x7 b1 B% n b/ k" ?9 g5 q
0040336C E8 4AC50200 call qsr.0042F8BB ; 注册码16到19位送EDX# G2 G2 }: Z3 f' v `" Y
00403371 50 push eax+ q) e9 [; J$ K7 e; T( ]5 j3 v: e( b! g
00403372 E8 0E6D0100 call qsr.0041A085 ; 注册码16到19位转换成16进制送EAX
7 d9 {+ ^ v% N# q/ \, g00403377 8BD8 mov ebx,eax ; EAX送EBX: B! W7 M- a8 T% `
00403379 8B4424 14 mov eax,dword ptr ss:[esp+14] ; 注册码21到24位送EAX
, J2 J- c& i! @+ y7 f- d# d0040337D 83C4 04 add esp,4
& Y! y6 D; [9 P+ Z00403380 8D4C24 10 lea ecx,dword ptr ss:[esp+10]( ~, v, N) t- U7 e! m1 V p6 ~
00403384 8B40 F8 mov eax,dword ptr ds:[eax-8]
: ^# a5 R7 r9 y, O a3 e3 E00403387 50 push eax
& g& J1 i2 h' ^# ~* x00403388 E8 2EC50200 call qsr.0042F8BB ; 注册码21到24位送EAX
% c5 C: v/ ?5 l5 A0040338D 50 push eax
; W# i+ w" J" A2 p. i) w X4 Z0040338E E8 F26C0100 call qsr.0041A085 ; 注册码21到24位转换成16进制送EAX! ?: n0 s4 ]" X8 ?" v' | e
00403393 83C4 04 add esp,4
: G0 L% V: W ^3 R00403396 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]$ {" H) ?7 {- e/ S8 l# q% t
0040339A 8BE8 mov ebp,eax ; EAX送EBP
{, [- N7 Z: c- S6 f+ }, N: ^0040339C 6A FF push -19 H, P3 y& p( r1 J& Z6 a5 |
0040339E E8 67C50200 call qsr.0042F90A ; 注册码6到9位送ECX,长度送EAX" r0 x' V% `4 S- k
004033A3 6A FF push -1
. S. i: E, D4 l# [% F0 m- K3 _004033A5 8D4C24 1C lea ecx,dword ptr ss:[esp+1C] ; [esp+1C]送ECX" m7 x5 p# P) H
004033A9 E8 5CC50200 call qsr.0042F90A ; 注册码11到14位送ECX,长度送EAX" i5 u7 M6 V( f% N A" p' G
004033AE 6A FF push -1- X# L! H8 a$ M4 g7 w ?; z2 A
004033B0 8D4C24 18 lea ecx,dword ptr ss:[esp+18] ; [esp+18]送ECX
2 k& A: K( _# W; i2 V$ @1 R! H/ `004033B4 E8 51C50200 call qsr.0042F90A ; 注册码16到19位送ECX,长度送EAX
8 t' z" }4 P/ Q! B. B& i004033B9 6A FF push -1 p& B- S$ H3 g' Q/ e4 D, I7 b: C
004033BB 8D4C24 14 lea ecx,dword ptr ss:[esp+14] ; [esp+14]送ECX- \ E( U4 s% _- Z
004033BF E8 46C50200 call qsr.0042F90A ; 注册码21到24位送ECX,长度送EAX4 A7 [0 n" H, Q+ `! Q
004033C4 8D8CB6 04AB0000 lea ecx,dword ptr ds:[esi+esi*4+AB04] ; [esi+esi*4+AB04]送ECX
: i% N3 |' n" N: t6 n004033CB 8D844E 34220000 lea eax,dword ptr ds:[esi+ecx*2+2234] ; [esi+ecx*2+2234]送EAX
$ Y( K0 V/ _' h1 n2 M+ C004033D2 B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX: F( _6 k( [; c/ E0 k3 U, K( o5 F& @
004033D7 D1E0 shl eax,1 ; EAX左移1位' |1 R! |8 P( u; D' S& C. X* P
004033D9 99 cdq ; EAX扩展! c0 H4 o, u) ]: h7 `0 p: `) d
004033DA F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
) u; B/ _6 Z5 V8 D2 ^- t004033DC 3BFA cmp edi,edx ; EDX和注册码11到14位的16进制比较
# o$ {$ @7 {& } B: G004033DE 74 0B je short qsr.004033EB ; 相等就跳(必须跳)& T* C: N( Z2 f, J
004033E0 C64424 3C 0A mov byte ptr ss:[esp+3C],0A
4 A2 y; I* f9 ~0 C+ o& l, y004033E5 8D4C24 10 lea ecx,dword ptr ss:[esp+10]" P$ X# q% h/ z7 }/ O% S. m5 ^1 q
004033E9 EB 2D jmp short qsr.00403418, j- Z3 V+ {/ y: n* q4 ?4 D
004033EB 8D83 CAEAFFFF lea eax,dword ptr ds:[ebx-1536] ; [ebx-1536]送EAX$ ]) O2 T) V( n* c2 j
004033F1 81C3 E2090000 add ebx,9E2 ; 16到19位注册码16进制加9E2
9 ^7 _! [( u2 y. o004033F7 99 cdq ; EBX扩展
+ I9 A1 G9 L- S8 t9 b004033F8 33C2 xor eax,edx ; EAX和EDX取异或% @9 Q/ S0 T8 l
004033FA B9 10270000 mov ecx,2710 ; 2710(10进制的10000)送ECX7 \ U9 {3 h O. V6 _' V
004033FF 2BC2 sub eax,edx ; EAX减去EDX
! H+ e4 n! Y9 i) a00403401 C64424 3C 0A mov byte ptr ss:[esp+3C],0A ; 0A送[esp+3C]
! s% J! j9 T* Q00403406 0FAFC3 imul eax,ebx ; EAX乘以EBX+ `3 n t# ?" O
00403409 99 cdq
" _$ [+ P9 o/ P) G, f! L0040340A F7F9 idiv ecx ; EAX除以ECX,商在EAX中,余数在EDX中
4 N& L# ?, ]) m9 Q! y; Q* C: x0040340C 8D4C24 10 lea ecx,dword ptr ss:[esp+10] ; [esp+10]送ECX
" _, h2 F4 B& z- F i( U00403410 3BEA cmp ebp,edx ; 注册码最后4位和EDX比较
- J8 ?+ m. r! Z0 e" C00403412 0F84 8D000000 je qsr.004034A5 ; 等就跳(必须跳)
$ c0 S7 a2 j8 |9 a+ t00403418 E8 6EC00200 call qsr.0042F48B ;
$ l6 j9 s! N5 ]) k) t; X0040341D 8D4C24 14 lea ecx,dword ptr ss:[esp+14]& }2 Z5 e2 Y" [% R
00403421 C64424 3C 09 mov byte ptr ss:[esp+3C],93 U# n; T0 J2 D3 I/ Y
00403426 E8 60C00200 call qsr.0042F48B& x6 {3 E9 r! s- D7 B, D+ D: ^' D
0040342B 8D4C24 18 lea ecx,dword ptr ss:[esp+18]
" g) x) I$ b1 X k8 S2 g+ A$ y; a1 C0040342F C64424 3C 08 mov byte ptr ss:[esp+3C],8
, [0 J( \1 Q0 v1 u* [00403434 E8 52C00200 call qsr.0042F48B) x/ ?# i( v5 M0 y% e2 H! i! I$ h
00403439 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]
6 n: F7 n$ p0 s+ G5 L9 w0040343D C64424 3C 07 mov byte ptr ss:[esp+3C],79 q# d4 h, K9 X! {. w! x4 _
00403442 E8 44C00200 call qsr.0042F48B
. u) N7 r& F! f5 r- ~$ L. k" {00403447 8D4C24 24 lea ecx,dword ptr ss:[esp+24]9 x. c+ x4 T1 l, I+ {4 w
0040344B C64424 3C 06 mov byte ptr ss:[esp+3C],6
' Z" Y0 v$ R+ f) z C' p0 A( C00403450 E8 36C00200 call qsr.0042F48B
2 n, C/ I& s1 l$ F6 y7 W00403455 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
0 @, y" Z2 n7 [6 k00403459 C64424 3C 03 mov byte ptr ss:[esp+3C],3
" w4 j) j) V& m! V+ @1 d( f0 G/ O0040345E E8 28C00200 call qsr.0042F48B
# b* U" w' ~: S$ s# n00403463 8D4C24 2C lea ecx,dword ptr ss:[esp+2C]
# d" G' `% m- J" p" e5 z/ Q00403467 C64424 3C 02 mov byte ptr ss:[esp+3C],2, {* v5 K! h$ R( L M( h
0040346C E8 1AC00200 call qsr.0042F48B
' }" ^ |% \+ z" m h00403471 8D4C24 20 lea ecx,dword ptr ss:[esp+20]# ]) V9 A& }1 }5 [" ~) B( |
00403475 C64424 3C 01 mov byte ptr ss:[esp+3C],1
5 {2 |: K9 @" l% O- p' h0040347A E8 0CC00200 call qsr.0042F48B
0 Z6 Q: T3 v2 h, j/ O+ E0040347F 8D4C24 44 lea ecx,dword ptr ss:[esp+44]5 Y- H4 t5 A2 @& N/ ]
00403483 C64424 3C 00 mov byte ptr ss:[esp+3C],06 T a) @0 b* V( }& h( f
00403488 E8 FEBF0200 call qsr.0042F48B6 s+ t, K9 F5 Q: z
0040348D 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
) U- l5 Y; S/ q' @0 v00403491 C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
8 [6 J. @1 z+ s }$ x$ K1 j& O) \# g00403499 E8 EDBF0200 call qsr.0042F48B
; A% V& M8 |- g. T0040349E 32C0 xor al,al ; AL清0
! P8 h9 M. l; f004034A0 E9 88000000 jmp qsr.0040352D2 Q. p1 P6 m8 s8 ?/ [, N$ e
004034A5 E8 E1BF0200 call qsr.0042F48B //以上两处均跳则来到这里,F8下去~~~~~~~~
. D+ K1 j$ ^! B3 T! J4 e004034AA 8D4C24 14 lea ecx,dword ptr ss:[esp+14]3 n5 I' }4 R9 l; E5 q
004034AE C64424 3C 09 mov byte ptr ss:[esp+3C],9" Q+ p6 ?7 V' q, p8 J
004034B3 E8 D3BF0200 call qsr.0042F48B0 Q' N, K" P: e3 X4 t0 z
004034B8 8D4C24 18 lea ecx,dword ptr ss:[esp+18]3 g# c$ K7 {# P& g7 h; \4 z
004034BC C64424 3C 08 mov byte ptr ss:[esp+3C],8
" _. D% l* { X! F2 y004034C1 E8 C5BF0200 call qsr.0042F48B5 y: H- j2 i7 R* b
004034C6 8D4C24 1C lea ecx,dword ptr ss:[esp+1C]8 f$ x1 k- Z9 u/ X
004034CA C64424 3C 07 mov byte ptr ss:[esp+3C],7
V# a: r( g/ \4 I H9 a. A' |8 I004034CF E8 B7BF0200 call qsr.0042F48B
+ ~" }1 e4 A/ L; a004034D4 8D4C24 24 lea ecx,dword ptr ss:[esp+24]3 K2 q/ a. F8 C8 B, {! r) D: y
004034D8 C64424 3C 06 mov byte ptr ss:[esp+3C],60 E- S6 P2 t6 H
004034DD E8 A9BF0200 call qsr.0042F48B6 \( S- ^* j4 f" g$ z/ v& l
004034E2 8D4C24 28 lea ecx,dword ptr ss:[esp+28]
) P4 x: g2 C- z$ |004034E6 C64424 3C 03 mov byte ptr ss:[esp+3C],3
! z. I; I3 k# {: P& t& {004034EB E8 9BBF0200 call qsr.0042F48B# Q2 } S7 M% }4 c
004034F0 8D4C24 2C lea ecx,dword ptr ss:[esp+2C] z5 Q9 u1 c6 d T) a( `2 b
004034F4 C64424 3C 02 mov byte ptr ss:[esp+3C],2
8 p- O) D0 Z7 T004034F9 E8 8DBF0200 call qsr.0042F48B' a/ y1 n9 E, Z$ u
004034FE 8D4C24 20 lea ecx,dword ptr ss:[esp+20]1 ~5 I9 k5 \- M' B9 f
00403502 C64424 3C 01 mov byte ptr ss:[esp+3C],1
, b/ c8 U# S7 ^- q. o00403507 E8 7FBF0200 call qsr.0042F48B
, j) p' \: T' z) s5 k1 i0040350C 8D4C24 44 lea ecx,dword ptr ss:[esp+44]! {# L. K6 a7 [" x8 K$ m0 R9 L w
00403510 C64424 3C 00 mov byte ptr ss:[esp+3C],0- t( i9 `. F/ ^0 ^6 x' v9 B3 Q! h
00403515 E8 71BF0200 call qsr.0042F48B" X# g/ j9 X2 {
0040351A 8D4C24 48 lea ecx,dword ptr ss:[esp+48]
' g6 [4 v7 T# g ^6 l4 D6 C0040351E C74424 3C FFFFF>mov dword ptr ss:[esp+3C],-1
$ p6 r2 ]/ U! U. B9 y00403526 E8 60BF0200 call qsr.0042F48B
, b1 P: q) D3 k# m |- y$ Y1 a0040352B B0 01 mov al,19 {4 {0 G/ g6 U6 s- E- k- f' {8 S
0040352D 8B4C24 34 mov ecx,dword ptr ss:[esp+34]. N% D5 F. g3 Y
00403531 5F pop edi
+ e) {- p: {7 [; h) b( M00403532 5E pop esi
, a9 K& c! ~5 u7 G9 c00403533 5D pop ebp0 J) q" f1 m4 o) ?, a% D
00403534 5B pop ebx
/ ]$ S1 D& P. g* F- m- E00403535 64:890D 0000000>mov dword ptr fs:[0],ecx
! @$ `* O% A" c9 v# }0040353C 83C4 30 add esp,306 H2 [3 L. G) p7 _: R& I
0040353F C2 0800 retn 8
) Y* _2 m* a: T: L/ p0 f--------------------------------------------------------------------------------) q2 J% `) E" z& M, s4 a Q
【破解总结】
3 @8 Q8 }/ J# h% B( q( I P 用户名必须大于2,注册码必须为24位。注册码前4位由用户名决定,11到14位由6到9位决定,21到24由16到19位决定,5,10,15,20任意^-^
* E' e+ O) K8 v用户名:yijun5 x$ x0 y" K0 f' Z0 U- |
注册码:4893*7777*3726*7777*0529
& w6 }8 g3 J& M1 c! k1 x: Z2 q--------------------------------------------------------------------------------- f; i" R; C0 I" n( t9 X' v. n
【版权声明】 本文纯属技术交流, 转载请注明作者并保持文章的完整, 谢谢! |
|
狗仔卡
发表于 2006-8-28 11:03:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡