|
[ZT]P32Dasm v1.2~1.5
顶一下,免得被标题P32Dasm v1.2 给误了,最新V1.4哦 |
|
[乱][译]被人忘却的DOS平台全套SMC技术
佩服!!顶 |
|
被人忘却的DOS平台全套SMC技术!
procedure TForm1.ModifyCode; var lpBuffer: DWORD; mbi: _MEMORY_BASIC_INFORMATION; a: DWORD; BaseAddr: Pointer; hProcess: THandle; begin hProcess := OpenProcess(PROCESS_ALL_ACCESS, false, GetCurrentProcessId); VirtualQuery(@ModifyedProc, mbi, sizeof(MEMORY_BASIC_INFORMATION)); VirtualProtect( mbi.BaseAddress, mbi.RegionSize, PAGE_READWRITE, // desired access protection mbi.Protect // address of variable to get old protection ); a := 0; lpBuffer := 0; BaseAddr := Pointer($XXXXXXX); //这个地址是Exe文件中根据标志找到的 ReadProcessMemory( hProcess, BaseAddr, // address to start reading @lpBuffer, // address of buffer to place read data 1, // number of bytes to read a // address of number of bytes read ); Dec(lpBuffer); WriteProcessMemory( hProcess, BaseAddr, @lpBuffer, 1, a ); VirtualProtect( mbi.BaseAddress, // address of region of committed pages mbi.RegionSize, // size of the region mbi.Protect, // desired access protection a // address of variable to get old protection ); end; |
|
yoda's Protector V1.03.2.02脱壳――yP.exe全过程分析
看都看不懂,其他的就别想了! |
|
进程刺杀
杀进程? Procedure Kill(ExeName: String); Var hSnapshot: THandle; //用于获得进程列表 lppe: TProcessEntry32; //用于查找进程 Found: Boolean; //用于判断进程遍历是否完成 KillHandle: THandle; //用于杀死进程 Begin hSnapshot := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); //获得系统进程列表 lppe.dwSize := SizeOf(TProcessEntry32); //在调用Process32First API之前,需要初始化lppe记录的大小 Found := Process32First(hSnapshot, lppe); //将进程列表的第一个进程信息读入lppe记录中 While Found Do Begin If CompareText(ExeName, lppe.szExeFile) = 0 Then //判断该进程是否为KpExport.exe的进程 Begin //由于我的操作系统是xp,所以在调用TerminateProcess API之前 //我必须先获得关闭进程的权限,如果操作系统是NT以下可以直接中止进程 KillHandle := OpenProcess(PROCESS_TERMINATE, False, lppe.th32ProcessID); TerminateProcess(KillHandle, 0); //强制关闭进程 CloseHandle(KillHandle); End; Found := Process32Next(hSnapshot, lppe); //将进程列表的下一个进程信息读入lppe记录中 End; End; .... Kill('Dede.exe'); Kill('flyODBG.exe'); .... |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
能力排名:
No.{{ rank_num }}
等 级:
LV{{ rank_lv-100 }}
活跃值:
在线值:
浏览人数:{{ visits }}
最近活跃:{{ last_active_time }}
注册时间:{{ user_info.create_date_jsonfmt }}
勋章
兑换勋章
证书
证书查询 >
能力值