|
|
|
|
|
[停止]看雪工具光盘2008版FTP分流
下载一个,支持一个,看看有没有好东西可以收藏 |
|
[转帖]最新hasp监视器haSploGer - Hasp4 / HaspHL Loger by Xyrurg && sataron
没有找到GiA_HlongUSB.sys,谁有这个sys啊? |
|
[下载]ollydbg2.0a 发布
不错,变化还真有不少哈 这个是2.0a分析的 CPU Disasm Address Hex dump Command Comments 00401000 . /EB 10 JMP SHORT 00401012 00401002 |66 DB 66 ; CHAR 'f' 00401003 |62 DB 62 ; CHAR 'b' 00401004 |3A DB 3A ; CHAR ':' 00401005 |43 DB 43 ; CHAR 'C' 00401006 |2B DB 2B ; CHAR '+' 00401007 |2B DB 2B ; CHAR '+' 00401008 |48 DB 48 ; CHAR 'H' 00401009 |4F DB 4F ; CHAR 'O' 0040100A |4F DB 4F ; CHAR 'O' 0040100B |4B DB 4B ; CHAR 'K' 0040100C |90 NOP 0040100D |E9 DB E9 0040100E . |E8314800 DD OFFSET ___CPPdebugHook 00401012 /> \A1 DB314800 MOV EAX,DWORD PTR DS:[4831DB] 00401017 |. C1E0 02 SHL EAX,2 0040101A |. A3 DF314800 MOV DWORD PTR DS:[4831DF],EAX 0040101F |. 52 PUSH EDX 00401020 |. 6A 00 PUSH 0 ; /ModuleName = NULL 00401022 |. E8 85100800 CALL <JMP.&KERNEL32.GetModuleHandleA> ; \KERNEL32.GetModuleHandleA 00401027 |. 8BD0 MOV EDX,EAX 00401029 |. E8 1E220700 CALL 0047324C 0040102E |. 5A POP EDX 0040102F |. E8 7C210700 CALL 004731B0 ; [Copy_of_ollydbg.004731B0 00401034 |. E8 53220700 CALL 0047328C ; [Copy_of_ollydbg.0047328C 00401039 |. 6A 00 PUSH 0 ; /Arg1 = 0 0040103B |. E8 70370700 CALL 004747B0 ; \Copy_of_ollydbg.004747B0 00401040 |. 59 POP ECX 00401041 |. 68 84314800 PUSH OFFSET Copy_of_ollydbg.00483184 00401046 |. 6A 00 PUSH 0 ; /ModuleName = NULL 00401048 |. E8 5F100800 CALL <JMP.&KERNEL32.GetModuleHandleA> ; \KERNEL32.GetModuleHandleA 0040104D |. A3 E3314800 MOV DWORD PTR DS:[4831E3],EAX 00401052 |. 6A 00 PUSH 0 00401054 \. E9 13CA0700 JMP 0047DA6C 00401059 . E9 9E370700 JMP 004747FC 0040105E /. 33C0 XOR EAX,EAX 00401060 |. A0 CD314800 MOV AL,BYTE PTR DS:[4831CD] 00401065 \. C3 RETN 00401066 /. A1 E3314800 MOV EAX,DWORD PTR DS:[4831E3] 0040106B \. C3 RETN 0040106C /$ 60 PUSHAD 0040106D |. BB 0050B0BC MOV EBX,BCB05000 00401072 |. 53 PUSH EBX 00401073 |. 68 AD0B0000 PUSH 0BAD 00401078 \. C3 RETN ; RET is used as a jump 这个是老版本分析的 00401000 > $ /EB 10 JMP SHORT Copy_of_.00401012 00401002 |66 DB 66 ; CHAR 'f' 00401003 |62 DB 62 ; CHAR 'b' 00401004 |3A DB 3A ; CHAR ':' 00401005 |43 DB 43 ; CHAR 'C' 00401006 |2B DB 2B ; CHAR '+' 00401007 |2B DB 2B ; CHAR '+' 00401008 |48 DB 48 ; CHAR 'H' 00401009 |4F DB 4F ; CHAR 'O' 0040100A |4F DB 4F ; CHAR 'O' 0040100B |4B DB 4B ; CHAR 'K' 0040100C |90 NOP 0040100D |E9 DB E9 0040100E . |E8314800 DD OFFSET Copy_of_.___CPPdebugHook 00401012 > \A1 DB314800 MOV EAX,DWORD PTR DS:[4831DB] 00401017 . C1E0 02 SHL EAX,2 0040101A . A3 DF314800 MOV DWORD PTR DS:[4831DF],EAX 0040101F . 52 PUSH EDX 00401020 . 6A 00 PUSH 0 ; /pModule = NULL 00401022 . E8 85100800 CALL <JMP.&KERNEL32.GetModuleHandleA> ; \GetModuleHandleA 00401027 . 8BD0 MOV EDX,EAX 00401029 . E8 1E220700 CALL Copy_of_.0047324C 0040102E . 5A POP EDX 0040102F . E8 7C210700 CALL Copy_of_.004731B0 00401034 . E8 53220700 CALL Copy_of_.0047328C 00401039 . 6A 00 PUSH 0 ; /Arg1 = 00000000 0040103B . E8 70370700 CALL Copy_of_.004747B0 ; \Copy_of_.004747B0 00401040 . 59 POP ECX 00401041 . 68 84314800 PUSH Copy_of_.00483184 00401046 . 6A 00 PUSH 0 ; /pModule = NULL 00401048 . E8 5F100800 CALL <JMP.&KERNEL32.GetModuleHandleA> ; \GetModuleHandleA 0040104D . A3 E3314800 MOV DWORD PTR DS:[4831E3],EAX 00401052 . 6A 00 PUSH 0 00401054 . E9 13CA0700 JMP Copy_of_.0047DA6C 00401059 > $ E9 9E370700 JMP Copy_of_.004747FC 0040105E . 33C0 XOR EAX,EAX 00401060 . A0 CD314800 MOV AL,BYTE PTR DS:[4831CD] 00401065 . C3 RETN 00401066 . A1 E3314800 MOV EAX,DWORD PTR DS:[4831E3] 0040106B . C3 RETN 0040106C /$ 60 PUSHAD 0040106D |. BB 0050B0BC MOV EBX,BCB05000 00401072 |. 53 PUSH EBX 00401073 |. 68 AD0B0000 PUSH 0BAD 00401078 \. C3 RETN |
|
[求助]谁能告诉我setjmp3的函数原型啊
想hook setjmp3这个函数,而不是setjmp,所以需要他的api原型 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值