|
|
|
|
|
[求助]push指令字节数
对eax极度优化结果 |
|
|
|
[求助]问一个汇编的问题
http://blog.chinaunix.net/u1/35278/showart_513052.html 一个例子 就是令 ebp 为 PEHead 地址 在 windows.inc 找到这样的定义 IMAGE_DOS_HEADER STRUCT e_magic WORD ? e_cblp WORD ? e_cp WORD ? e_crlc WORD ? e_cparhdr WORD ? e_minalloc WORD ? e_maxalloc WORD ? e_ss WORD ? e_sp WORD ? e_csum WORD ? e_ip WORD ? e_cs WORD ? e_lfarlc WORD ? e_ovno WORD ? e_res WORD 4 dup(?) e_oemid WORD ? e_oeminfo WORD ? e_res2 WORD 10 dup(?) e_lfanew DWORD ? IMAGE_DOS_HEADER ENDS |
|
[求助]汇编程序里怎么调用Dbgprint?
01 .386 02 .model flat, stdcall 03 option casemap :none 04 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 05 ; Include 文件定义 06 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 07 include \masm32\include\windows.inc 08 include \masm32\include\kernel32.inc 09 include \masm32\include\user32.inc 10 include \masm32\include\masm32.inc 11 12 includelib \masm32\lib\kernel32.lib 13 includelib \masm32\lib\user32.lib 14 includelib \masm32\lib\masm32.lib 15 include \masm32\macros\macros.asm 16 include \masm32\macros\strings.mac 17 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 18 ; Equ 等值定义 19 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 20 EbNetBuffer_s struct 21 22 next dd ? 23 char dd ? 24 buffer dd ? 25 alength dd ? 26 27 EbNetBuffer_s ends 28 29 .data? 30 EbNetBuffer EbNetBuffer_s <?> 31 hInstance dd ? 32 szbuffer db 1024 dup (?) 33 34 .code 35 DbgPrint proc uses ebx edi esi debugcommon:dword,debugvalue:dword 36 local @buffer[256]:BYTE 37 local @addr[64]:BYTE 38 39 mov eax, ebp 40 add eax, 4h 41 mov eax, [eax] 42 sub eax, 5h 43 invoke wsprintf, addr @addr, $CTA0("addr:00%lXh || "), eax 44 invoke wsprintf, addr @buffer, debugcommon, debugvalue 45 invoke lstrcat, addr @addr, addr @buffer 46 invoke OutputDebugString, addr @addr 47 ret 48 DbgPrint endp 49 50 start: 51 invoke GetModuleHandle,NULL 52 mov hInstance,eax 53 invoke RtlZeroMemory, addr EbNetBuffer, sizeof EbNetBuffer 54 mov [EbNetBuffer.next],31323334h 55 mov [EbNetBuffer.char], 'abcd' 56 invoke DbgPrint, $CTA0("values is :%s"), addr EbNetBuffer 57 invoke ExitProcess,NULL 58 ;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 59 end start 60 |
|
[求助]OD附加不了程序
附加不了,很正常 |
|
[求助]OllyDBG怎么列不出所有的进程
你那只是获取得PID而已 |
|
帮我看下这个SSDT HOOK哪里错了 谢谢
http://bbs.pediy.com/showthread.php?t=56817 kmdkit 1.8 这是asm驱动开发包,里面带有大量的例子 google 之 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值