是这样的, 在学习WIN32汇编的, 在筛选器异常处理这里碰到一个小问题, 我想在异常发生后, 跳到ShowMessage();这里执行, 也就是在异常处理回调函数的时候设置CONTEXT中EIP的值, 有没有哪位大侠知道怎么用C语言实现的.
#include <windows.h>
int ExceptionHandle(EXCEPTION_POINTERS *);
int (*lpNewHandle)(EXCEPTION_POINTERS *);
int ShowMessage(void);
int (* lp)(void);
int (*lpBackHandle)(HWND, LPCTSTR, LPCTSTR, UINT);
LPTOP_LEVEL_EXCEPTION_FILTER lpOldHandler;
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
int x = 0;
int y;
lpNewHandle = ExceptionHandle;
lpOldHandler =SetUnhandledExceptionFilter((LPTOP_LEVEL_EXCEPTION_FILTER)lpNewHandle);
y = 4 / x;
lp = ShowMessage;
ShowMessage();
SetUnhandledExceptionFilter(lpOldHandler);
return 0;
}
int ExceptionHandle(EXCEPTION_POINTERS *lpExceptionPoint)
{
char szBuffer[256];
wsprintf(szBuffer, TEXT("异常发生位置: %08X, 异常代码: %08X, 标志: %08X"),
lpExceptionPoint->ContextRecord->Eip, lpExceptionPoint->ExceptionRecord->ExceptionCode, lpExceptionPoint->ContextRecord->EFlags);
lpExceptionPoint->ContextRecord->Eip = (LPTOP_LEVEL_EXCEPTION_FILTER)lp;
MessageBox(NULL, szBuffer, NULL, MB_OK);
return EXCEPTION_CONTINUE_EXECUTION;
}
int ShowMessage()
{
MessageBox(NULL, TEXT("Welcome Back"), NULL, MB_OK);
return 0;
}
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法