|
[转帖]SLVc0deProtecor V1.1
THX!! |
|
|
|
|
|
[分享]PESPin 1304 Unpack
good job!!! |
|
|
|
[ZT]VMProtect1.09
真够快的撒 |
|
脱未知壳请FLY校正一下,看看属那种壳。脱壳两步搞定
WHO IS XIAOHUI? |
|
[求助]关于Xtreme-Protector v1.05的壳,请高手帮忙
00479068 > /E9 1C000000 jmp Lord3GCN.00479089 0047906D |0000 add byte ptr ds:[eax],al 0047906F |0000 add byte ptr ds:[eax],al 00479071 |0000 add byte ptr ds:[eax],al 00479073 |001E add byte ptr ds:[esi],bl 00479075 |0000 add byte ptr ds:[eax],al 00479077 |0000 add byte ptr ds:[eax],al 00479079 |0000 add byte ptr ds:[eax],al 0047907B |0000 add byte ptr ds:[eax],al 0047907D |0000 add byte ptr ds:[eax],al 0047907F |003E add byte ptr ds:[esi],bh 00479081 |0000 add byte ptr ds:[eax],al 00479083 |002E add byte ptr ds:[esi],ch 00479085 |0000 add byte ptr ds:[eax],al 00479087 |0000 add byte ptr ds:[eax],al 00479089 \60 pushad 0047908A F8 clc 0047908B E8 02000000 call Lord3GCN.00479092 00479090 E8 00E80000 call 00487895 00479092 E8 00000000 call Lord3GCN.00479097 00479097 5E pop esi 00479098 2BC9 sub ecx,ecx 0047909A 58 pop eax 0047909B 74 02 je short Lord3GCN.0047909F 0047909F B9 51190000 mov ecx,1951 004790A4 8BC1 mov eax,ecx 004790A6 F8 clc 004790A7 73 02 jnb short Lord3GCN.004790AB 004790AB 83C6 33 add esi,33 004790AE 8D4481 67 lea eax,dword ptr ds:[ecx+eax*4+67] 004790B2 E8 02000000 call Lord3GCN.004790B9 004790B9 58 pop eax ; Lord3GCN.004790B7 004790BA 61 popad 004790BB ^ E9 1190FFFF jmp Lord3GCN.004720D1 004720D1 60 pushad // HR ESP 004720D2 E8 00000000 call Lord3GCN.004720D7 004720D7 5D pop ebp 004720D8 81ED D7000000 sub ebp,0D7 004720DE 8DB5 EE000000 lea esi,dword ptr ss:[ebp+EE] 004720E4 55 push ebp 004720E5 56 push esi 004720E6 81C5 F8040000 add ebp,4F8 004720EC 55 push ebp 004720ED C3 retn 003439EB F8 clc 003439EC 90 nop 003439ED 8DB5 301E4000 lea esi,dword ptr ss:[ebp+401E30] 003439F3 B9 712E0000 mov ecx,2E71 003439F8 F7E1 mul ecx 003439FA D3C8 ror eax,cl 003439FC 3006 xor byte ptr ds:[esi],al 003439FE 46 inc esi 003439FF 40 inc eax 00343A00 D40A aam 00343A02 ^ E2 F4 loopd short 003439F8 00343A04 1070 D1 adc byte ptr ds:[eax-2F],dh 00343A07 A0 F7F4B91A mov al,byte ptr ds:[1AB9F4F7] 00343A0C FF18 call far fword ptr ds:[eax] 00343A0E B3 83 mov bl,83 堆栈: 0012FF9C 0012FFE0 指针到下一个 SEH 记录 0012FFA0 00343850 SE 句柄 00343850 E8 04000000 call 00343859 00343855 0000 add byte ptr ds:[eax],al 00343857 0000 add byte ptr ds:[eax],al 00343859 5A pop edx 0034385A 8B4424 04 mov eax,dword ptr ss:[esp+4] 0034385E 8B00 mov eax,dword ptr ds:[eax] 00343860 8B4C24 0C mov ecx,dword ptr ss:[esp+C] 00343864 C701 17000100 mov dword ptr ds:[ecx],10017 0034386A FF81 B8000000 inc dword ptr ds:[ecx+B8] 00343870 3D 03000080 cmp eax,80000003 EAX=C00000005 00343875 75 51 jnz short 003438C8 003438C8 3D 1D0000C0 cmp eax,C000001D 003438CD 75 13 jnz short 003438E2 003438E2 3D 04000080 cmp eax,80000004 003438E7 75 64 jnz short 0034394D 上面的几个中断到是很熟悉,下面不知所云 0034394D 9B wait 0034394E ^ 71 A2 jno short 003438F2 00343950 A3 602EEC5E mov dword ptr ds:[5EEC2E60],eax 00343955 A6 cmps byte ptr ds:[esi],byte ptr es:[ed> 00343956 A5 movs dword ptr es:[edi],dword ptr ds:[> 00343957 AA stos byte ptr es:[edi] 00343958 AB stos dword ptr es:[edi] 00343959 A8 A8 test al,0A8 0034395B 2D 67ACADB2 sub eax,B2ADAC67 。。。。?? |
|
|
|
CopyMemII + Debugblocker + IAT Elimination + Codesplicing
that is a good job!I think so .. |
|
|
|
|
|
[分享]多款加壳工具汉化版下载
GOOD!THX |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值