[原创]新手脱ASProtect 2.1x SKE -> Alexey Solodovnikov
呵呵,这个程序,我算是比较幸运的了,真接修复就可以了,好了,拿出LordPE,找到进程,DUMP出来

1.我想问一下怎样DUMP出来?

修复抓取文件,打开脱壳后的文件,下常运行~!~!~!

2.想问一下怎样恢复抓取文件

不知道是在上面两步我操作错误了,还是怎么回事生成的文件运行不了

[求助]用IceExt时出错
又看到CCDebuger出手问题一下子就解决了

[讨论]游戏厂商是怎样检测外挂的
国内外有哪些主要的NP?

一种很好教程演示方式[更新]
我也强烈支持.

softICE不能启动[求助]
我的可以在xp+sp2下运行,不过先杀一下毒,有时可能是中毒了.

哪位兄弟有没有《黑客反汇编揭密》中文版电子书？
老大，没有下载的地址啊？

[求助]求一关于圆的算法
感谢每个回贴的兄弟!

[求助]求一关于圆的算法
非常感谢shoooo!

一启动Soft-ICE, CPU就100%。 这正常吗？
我以前装了个3721上网助手，结果也变成这样，后面俺删了，就可以了。所以说上网助手是垃圾！

ODbgScript 入门系列(四) ODbgScript的 注意事项和使用技巧
不好意思,今天下了最新的ODbgScript确实看到了最新的文档,支持老大再接再厉为全中国人造福

[求助]用OD在某一条件满足时执行某操作?
我是想设一条件断点如MSG==201当断点被拦截到时自动
执行bp send命令!就像在softice里bpx [地址][if 表达式][DO "命令"]我也想在OD里面实现一样的功能。不知道我的意思兄弟明白不？感谢各位兄弟的关注！

ODbgScript 入门系列(四) ODbgScript的 注意事项和使用技巧
老大,OllyScript官方出的0.93版支持+,-操作
这是0.93版的文档,也希望老大也出个这样的文档,有利于大家学习
OllyScript plugin v0.93 by Izik
-------------------------------

1. About OllyScript
1.1 What's new in v0.93?
2. API reference
2.1 Commands
2.2 Global features
3. License and source code
4. Contact me

------------------------------

1. About OllyScript
-------------------

OllyScript is a plug in for OllyDbg (v1.10) which provides a powerfull
automation features to the debugger, in a form of an assembly-like language
that can be easily picked by people who knew assembly to begin with ;-)

------------------------------

1.1 What's new in v0.93?
----------------------------

* New pseudo opcodes were added:
        TEST, NOT, PUSH, POP, LEA, XCHG

* The ability to use 16/8bits registers versions of GP registers

* The ability to use expression as an arugment

* The ability to add comments to the debugged code on the fly

------------------------------

2. API reference
----------------

The API reference is been splited between ORIGINAL_README.txt and this one.
For any commands/features prior to this version (v0.93), look at ORIGINAL_README.txt

In addition, the ORIGINAL_README.txt also contains a proper introduction to the language
and it's features. If you're new to this plug-in - it is strongly recommended to review it.

2.1 Commands
------------

TEST dest, src
--------------

TESTs src and dest and updates the *INNER* ZF flag.

Example:
        test ax, ax
        je _foobar

NOT dest
--------

NOTs the dest (which is also the source) bits

Example:
        not eax

PUSH src
--------

PUSHs src to the stack, and updates ESP

Example:
        push eax

POP dest
--------

POPs from the stack to dest, and updates ESP

Example:
        pop eax

LEA dest, src
-------------

Sets the effective address of src to dest

Example:
        lea eax, [ebp+4]

XCHG dest, src
--------------

XCHG values between dest and src.

Example:
        xchg eax, ebx

COMMENT [addr,] comment
-----------------------

Adds a USER defined comment to the debugged code on the fly.
The 1st arg is optinial and by default sets to the current value of EIP

Example:
        COMMENT deadbeef, "This is where FOOBAR function gets to work!"
        COMMENT "Here is where the unpacking takes place!"

2.2 Global features
-------------------

The following are newly global features added to the OllyScript language.
It has been done with a big respect to keep backward compatibility.

16/8bits support
----------------

Now it is possible to address within the script to a 16/8 bits registers.
This option will only be working for 16/8 version of a general purpose register.

32=>16/8, Table:
================

        32bit | 16bit | 8bit
        ----------------------       
        EAX     AX      AL, AH
        EBX     BX      BL, BH
        ECX     CX      CL, CH
        EDX     DX      DL, DH
        ESI     SI      -
        EDI     DI      -

Unlike any real assembly flavors (AT&T, Intel) there is no need to define the operation size.
By default all variables and registers are 32bit (DWORD) within the script. And the 16/8bit
layer is currently been implemented via bitmask. As I did not found a real support, to access
such registers from within Ollydbg API.

Expressions as argument
-----------------------

Now it is possible to use an expressions as argument within the script itself.
The numeric values within the expression are always considered to be in hex base.
Currently only minus ('-') and plus ('+') actions are been supported.

Example:
        mov eax, [ebp-4]
               
Again, unlike real assembly flavors (AT&T, Intel) there are no stricts.

Example:
        mov eax, [ebp+1+1+1+1] == mov eax, [ebp+4]

It is also possible to use variable(s) within the expression

Example:
        mov eax, [ebp+foobar+5]

This will take ``foobar`` variable value, and use it to calculate the rest of the expression.

Also notice that when unknown string appears within the expression (aka. syntax error).
It will not cause a fault, but rather assume that string value is 0.

3. License and source code
--------------------------

This is an open source project. The original author (SHaG) did not set up a proper license
for this code. But for the project sake, keep it free and open with respect to its authors.

The source code of this version and its matching binary release, can be found @ f85K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4c8@1P5e0j5@1i4K6u0W2L8%4u0Y4

4. Contact me
-------------

Izik, <izik@tty64.org>
925K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4c8@1P5e0j5@1i4K6u0W2L8%4u0Y4

[原创]ODbgScript 入门系列（三）ODbgScript的脚本命令(2)
是啊!有些命令我也没看到,希望能看到完整的帮助

调试好帮手ODbgScript 入门系列（一）－认识ODbgScript[原创]
真的不错啊!

[求助]用OD在某一条件满足时执行某操作?
是不是这个问题很弱智啊!为什么大家都不理!

[求助]用OD在某一条件满足时执行某操作?
各位老大出手啊!