|
|
|
|
|
打netsowell屁屁!六一快乐吗?
楼上表冲动啊 |
|
关于老王的壳的不得不说的几句话
最初由 gkend 发布 完全正解 好的壳像upx,aspack是不会被误报的 |
|
|
|
关于老王的壳的不得不说的几句话
最初由 gkend 发布 堀北想支持你的观点 但是请问 哪些商业保护壳被哪些杀毒软件误杀了? 除了老王的壳,还有哪些保护壳用别的壳加的壳? 这些我都不太知道,请指教 |
|
|
|
关于老王的壳的不得不说的几句话
最初由 nbw 发布 成百上千种壳, 没可能卡巴都要去脱 比方说,某天卡巴收到10个EPE的样本, 其中2个确认是木马或病毒 那么很有可能卡巴不去研究怎么静态脱壳而直接灭了它就完事了 |
|
Code Virtualizer 1.0.1.0
也只有传说中的软体蠕虫才能测评 |
|
Thinstall.V2.7X.Single.Main.eXe.UnPacK Script
宁静的夏天 天空中繁星点点 心里头有些思念 思念着你的脸 我可以假装看不见 也可以偷偷的想念 直到让我摸到你那温暖的脸 知了也睡了 安心的睡了 在我心里面宁静的夏天 不知道为什么一看到这个贴子,就想到这个了 |
|
[分享]FCG学员B区脱壳(二) 断点篇 CHM版本
这个不学习了 |
|
Pespin v1.1 脱壳机(6月12日更新)
0040393A - FF25 74404000 jmp dword ptr ds:[<&kernel32.CloseHandle>] ; KERNEL32.CloseHandle 00403940 - FF25 9C404000 jmp dword ptr ds:[<&kernel32.CreateFileA>] ; KERNEL32.CreateFileA 00403946 - FF25 98404000 jmp dword ptr ds:[<&kernel32.CreateFileMappingA>] ; KERNEL32.CreateFileMappingA 0040394C - FF25 94404000 jmp dword ptr ds:[<&kernel32.CreateThread>] ; KERNEL32.CreateThread 00403952 - FF25 90404000 jmp dword ptr ds:[<&kernel32.ExitProcess>] ; KERNEL32.ExitProcess 00403958 - FF25 8C404000 jmp dword ptr ds:[<&kernel32.FormatMessageA>] ; KERNEL32.FormatMessageA 0040395E - FF25 88404000 jmp dword ptr ds:[<&kernel32.GetFileAttributesA>] ; KERNEL32.GetFileAttributesA 00403964 - FF25 84404000 jmp dword ptr ds:[<&kernel32.GetFileSize>] ; KERNEL32.GetFileSize 0040396A - FF25 80404000 jmp dword ptr ds:[<&kernel32.GetLastError>] ; KERNEL32.GetLastError 00403970 - FF25 7C404000 jmp dword ptr ds:[<&kernel32.GetModuleHandleA>] ; KERNEL32.GetModuleHandleA 00403976 - FF25 78404000 jmp dword ptr ds:[<&kernel32.GetSystemDirectoryA>] ; KERNEL32.GetSystemDirectoryA 0040397C - FF25 70404000 jmp dword ptr ds:[<&kernel32.GetTickCount>] ; KERNEL32.GetTickCount 00403982 - FF25 6C404000 jmp dword ptr ds:[<&kernel32.GlobalAlloc>] ; KERNEL32.GlobalAlloc 00403988 - FF25 54404000 jmp dword ptr ds:[<&kernel32.GlobalFree>] ; KERNEL32.GlobalFree 0040398E - FF25 38404000 jmp dword ptr ds:[<&kernel32.MapViewOfFile>] ; KERNEL32.MapViewOfFile 00403994 - FF25 3C404000 jmp dword ptr ds:[<&kernel32.ReadFile>] ; KERNEL32.ReadFile 0040399A - FF25 40404000 jmp dword ptr ds:[<&kernel32.RtlZeroMemory>] ; ntdll.RtlZeroMemory 004039A0 - FF25 44404000 jmp dword ptr ds:[<&kernel32.SetFileAttributesA>] ; KERNEL32.SetFileAttributesA 004039A6 - FF25 48404000 jmp dword ptr ds:[<&kernel32.SetFilePointer>] ; KERNEL32.SetFilePointer 004039AC - FF25 4C404000 jmp dword ptr ds:[<&kernel32.TerminateThread>] ; KERNEL32.TerminateThread 004039B2 - FF25 50404000 jmp dword ptr ds:[<&kernel32.UnmapViewOfFile>] ; KERNEL32.UnmapViewOfFile 004039B8 - FF25 A0404000 jmp dword ptr ds:[<&kernel32.VirtualAlloc>] ; KERNEL32.VirtualAlloc 004039BE - FF25 58404000 jmp dword ptr ds:[<&kernel32.VirtualFree>] ; KERNEL32.VirtualFree 004039C4 - FF25 5C404000 jmp dword ptr ds:[<&kernel32.WinExec>] ; KERNEL32.WinExec 004039CA - FF25 60404000 jmp dword ptr ds:[<&kernel32.WriteFile>] ; KERNEL32.WriteFile 004039D0 - FF25 64404000 jmp dword ptr ds:[<&kernel32.lstrcat>] ; KERNEL32.lstrcatA 004039D6 - FF25 68404000 jmp dword ptr ds:[<&kernel32.lstrcpy>] ; KERNEL32.lstrcpyA 004039DC - FF25 E4404000 jmp dword ptr ds:[<&user32.wsprintfA>] ; USER32.wsprintfA 004039E2 - FF25 E0404000 jmp dword ptr ds:[<&user32.BeginPaint>] ; USER32.BeginPaint 004039E8 - FF25 E8404000 jmp dword ptr ds:[<&user32.DialogBoxParamA>] ; USER32.DialogBoxParamA 004039EE - FF25 DC404000 jmp dword ptr ds:[<&user32.EndDialog>] ; USER32.EndDialog 004039F4 - FF25 D8404000 jmp dword ptr ds:[<&user32.EndPaint>] ; USER32.EndPaint 004039FA - FF25 D4404000 jmp dword ptr ds:[<&user32.GetDC>] ; USER32.GetDC 00403A00 - FF25 D0404000 jmp dword ptr ds:[<&user32.GetDlgItem>] ; USER32.GetDlgItem 00403A06 - FF25 CC404000 jmp dword ptr ds:[<&user32.KillTimer>] ; USER32.KillTimer 00403A0C - FF25 C8404000 jmp dword ptr ds:[<&user32.LoadBitmapA>] ; USER32.LoadBitmapA 00403A12 - FF25 C4404000 jmp dword ptr ds:[<&user32.LoadIconA>] ; USER32.LoadIconA 00403A18 - FF25 C0404000 jmp dword ptr ds:[<&user32.MessageBoxA>] ; USER32.MessageBoxA 00403A1E - FF25 BC404000 jmp dword ptr ds:[<&user32.ReleaseDC>] ; USER32.ReleaseDC 00403A24 - FF25 B4404000 jmp dword ptr ds:[<&user32.SendMessageA>] ; USER32.SendMessageA 00403A2A - FF25 B8404000 jmp dword ptr ds:[<&user32.SetTimer>] ; USER32.SetTimer 00403A30 - FF25 00404000 jmp dword ptr ds:[<&comctl32.InitCommonControls>] ; comctl32.InitCommonControls 00403A36 - FF25 AC404000 jmp dword ptr ds:[<&shell32.DragFinish>] ; SHELL32.DragFinish 00403A3C - FF25 A8404000 jmp dword ptr ds:[<&shell32.DragQueryFile>] ; SHELL32.DragQueryFileA 00403A42 - FF25 08404000 jmp dword ptr ds:[<&comdlg32.GetOpenFileNameA>] ; comdlg32.GetOpenFileNameA 00403A48 - FF25 10404000 jmp dword ptr ds:[<&gdi32.BitBlt>] ; GDI32.BitBlt 00403A4E - FF25 14404000 jmp dword ptr ds:[<&gdi32.CreateCompatibleBitmap>] ; GDI32.CreateCompatibleBitmap 00403A54 - FF25 18404000 jmp dword ptr ds:[<&gdi32.CreateCompatibleDC>] ; GDI32.CreateCompatibleDC 00403A5A - FF25 1C404000 jmp dword ptr ds:[<&gdi32.DeleteDC>] ; GDI32.DeleteDC 00403A60 - FF25 20404000 jmp dword ptr ds:[<&gdi32.DeleteObject>] ; GDI32.DeleteObject 00403A66 - FF25 24404000 jmp dword ptr ds:[<&gdi32.GetDIBits>] ; GDI32.GetDIBits 00403A6C - FF25 28404000 jmp dword ptr ds:[<&gdi32.GetObjectA>] ; GDI32.GetObjectA 00403A72 - FF25 2C404000 jmp dword ptr ds:[<&gdi32.SelectObject>] ; GDI32.SelectObject 00403A78 - FF25 30404000 jmp dword ptr ds:[<&gdi32.SetDIBits>] ; GDI32.SetDIBits 还好vmp的不多 40393A: FF 25 74 40 40 00 FF 25 9C 40 40 00 FF 25 98 40 40 00 FF 25 94 40 40 00 FF 25 90 40 40 00 FF 25 8C 40 40 00 FF 25 88 40 40 00 FF 25 84 40 40 00 FF 25 80 40 40 00 FF 25 7C 40 40 00 FF 25 78 40 40 00 FF 25 70 40 40 00 FF 25 6C 40 40 00 FF 25 54 40 40 00 FF 25 38 40 40 00 FF 25 3C 40 40 00 FF 25 40 40 40 00 FF 25 44 40 40 00 FF 25 48 40 40 00 FF 25 4C 40 40 00 FF 25 50 40 40 00 FF 25 A0 40 40 00 FF 25 58 40 40 00 FF 25 5C 40 40 00 FF 25 60 40 40 00 FF 25 64 40 40 00 FF 25 68 40 40 00 FF 25 E4 40 40 00 FF 25 E0 40 40 00 FF 25 E8 40 40 00 FF 25 DC 40 40 00 FF 25 D8 40 40 00 FF 25 D4 40 40 00 FF 25 D0 40 40 00 FF 25 CC 40 40 00 FF 25 C8 40 40 00 FF 25 C4 40 40 00 FF 25 C0 40 40 00 FF 25 BC 40 40 00 FF 25 B4 40 40 00 FF 25 B8 40 40 00 FF 25 00 40 40 00 FF 25 AC 40 40 00 FF 25 A8 40 40 00 FF 25 08 40 40 00 FF 25 10 40 40 00 FF 25 14 40 40 00 FF 25 18 40 40 00 FF 25 1C 40 40 00 FF 25 20 40 40 00 FF 25 24 40 40 00 FF 25 28 40 40 00 FF 25 2C 40 40 00 FF 25 30 40 40 00 |
|
|
|
(求助)请问这是OEP吗?
像BC 1999 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值