|
我想问一下带壳的程序修改后是不是保存了不?[求助]
就是说不脱就不成了 |
|
请问如何让OllyDbg.V1.10聆风听雨汉化第二版避开Themida反调试保护体系[求助]
最初由 卡秋莎 发布 真的要继续向大家学习!!!!!谢谢!!解决了!! |
|
请问如何让OllyDbg.V1.10聆风听雨汉化第二版避开Themida反调试保护体系[求助]
最初由 笨笨雄 发布 版主那些代码不是反调试的程序的!!我只是用说明一下他们在调试分析可能存在不同,那是我调试另外的一个程序!! 总之谢谢!! |
|
请问如何让OllyDbg.V1.10聆风听雨汉化第二版避开Themida反调试保护体系[求助]
在分析上的确是有不同之处的,看看以下两种代码 OllyDbg.V1.10聆风听雨汉化第二版调试的代码: 00475362 /0F84 23000000 je 去自效验.0047538B 00475368 |EB 01 jmp short 去自效验.0047536B 0047536A |73 68 jnb short 去自效验.004753D4 0047536C |C3 retn 0047536D |93 xchg eax,ebx 0047536E |40 inc eax 0047536F |00FF add bh,bh 00475371 |35 0022BA00 xor eax,0BA2200 00475376 |E8 7AD3FFFF call 去自效验.004726F5 0047537B |83C4 08 add esp,8 0047537E |83F8 00 cmp eax,0 00475381 |0F84 04000000 je 去自效验.0047538B 00475387 |33C0 xor eax,eax 00475389 |EB 05 jmp short 去自效验.00475390 0047538B \B8 01000000 mov eax,1 00475390 85C0 test eax,eax 00475392 0F84 45000000 je 去自效验.004753DD 00475398 EB 01 jmp short 去自效验.0047539B 0047539A 7B 6A jpo short 去自效验.00475406 0047539C 006A 00 add byte ptr ds:[edx],ch 0047539F 6A 00 push 0 004753A1 68 01030080 push 80000301 004753A6 6A 00 push 0 004753A8 68 00000000 push 0 004753AD 68 04000080 push 80000004 004753B2 6A 00 push 0 004753B4 68 CC934000 push 去自效验.004093CC ; 软件尚未注册,将不能使用此功能!\r\n\r\n注册费为188元!谢谢你的支持! 004753B9 68 03000000 push 3 004753BE BB 00030000 mov ebx,300 004753C3 F8 clc 004753C4 73 01 jnb short 去自效验.004753C7 004753C6 0FE89F 650300>psubsb mm3,qword ptr ds:[edi+83000> 004753C8 9F lahf 004753C9 65:0300 add eax,dword ptr gs:[eax] 004753CC 83C4 28 add esp,28 004753CD C428 les ebp,fword ptr ds:[eax] OllyICE调试的代码: 00475364 . 2300 and eax, dword ptr [eax] 00475366 > 0000 add byte ptr [eax], al 00475368 . EB 01 jmp short 0047536B 0047536A 73 db 73 ; CHAR 's' 0047536B > 68 C3934000 push 004093C3 00475370 FF db FF 00475371 35 db 35 ; CHAR '5' 00475372 D8 db D8 00475373 20 db 20 ; CHAR ' ' 00475374 BB db BB 00475375 00 db 00 00475376 E8 db E8 00475377 7A db 7A ; CHAR 'z' 00475378 D3 db D3 00475379 FF db FF 0047537A FF db FF 0047537B 83 db 83 0047537C C4 db C4 0047537D 08 db 08 0047537E 83 db 83 0047537F F8 db F8 00475380 00 db 00 00475381 0F db 0F 00475382 84 db 84 00475383 04 db 04 00475384 00 db 00 00475385 00 db 00 00475386 00 db 00 00475387 33 db 33 ; CHAR '3' 00475388 C0 db C0 00475389 EB db EB 0047538A 05 db 05 0047538B B8 db B8 0047538C 01 db 01 0047538D 00 db 00 0047538E 00 db 00 0047538F 00 db 00 00475390 85 db 85 00475391 C0 db C0 00475392 0F844500 dd 去自效验.0045840F 00475396 00 db 00 00475397 00 db 00 00475398 EB db EB 00475399 01 db 01 0047539A . 7B 6A 00 ascii "{j",0 0047539D 6A db 6A ; CHAR 'j' 0047539E 00 db 00 0047539F 6A db 6A ; CHAR 'j' 004753A0 00 db 00 004753A1 68 db 68 ; CHAR 'h' 004753A2 01 db 01 004753A3 03 db 03 004753A4 00 db 00 004753A5 80 db 80 004753A6 6A db 6A ; CHAR 'j' 004753A7 00 db 00 004753A8 68 db 68 ; CHAR 'h' 004753A9 00 db 00 004753AA 00 db 00 004753AB 00 db 00 004753AC 00 db 00 004753AD 68 db 68 ; CHAR 'h' 004753AE 04 db 04 004753AF 00 db 00 004753B0 00 db 00 004753B1 80 db 80 004753B2 6A db 6A ; CHAR 'j' 004753B3 00 db 00 004753B4 68 db 68 ; CHAR 'h' 004753B5 CC db CC 004753B6 93 db 93 004753B7 40 db 40 ; CHAR '@' 004753B8 00 db 00 004753B9 68 db 68 ; CHAR 'h' 004753BA 03 db 03 004753BB 00 db 00 004753BC 00 db 00 004753BD 00 db 00 004753BE BB db BB 004753BF 00 db 00 004753C0 03 db 03 004753C1 00 db 00 004753C2 00 db 00 004753C3 F8 db F8 004753C4 73 db 73 ; CHAR 's' 004753C5 01 db 01 004753C6 0F db 0F 004753C7 E8 db E8 004753C8 . 9F lahf 004753C9 . 65:0300 add eax, dword ptr gs:[eax] 004753CC . 83C4 28 add esp, 28 |
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值