[求助]StrongOD.dll里的fengyue.sys驱动名怎么改-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (1)
天易love 雪币： 2015 活跃值： (902) 能力值： ( LV12，RANK：1000 ) 在线值：发帖 106 回帖 1059 粉丝 21 关注私信	天易love 18 2 楼 1005A345 33C0 XOR EAX,EAX 1005A347 AC LODS BYTE PTR DS:[ESI] 1005A348 8B1487 MOV EDX,DWORD PTR DS:[EDI+EAX*4] 1005A34B 0FB612 MOVZX EDX,BYTE PTR DS:[EDX] // DS:[0062B364]=79 ('y') EDX=0062B364, (ASCII "yueyue") 10007352 8B3D 1C910210 MOV EDI,DWORD PTR DS:[<&KERNEL32.CreateF>; kernel32.CreateFileA 10007358 55 PUSH EBP 10007359 68 80000000 PUSH 80 1000735E 6A 03 PUSH 3 10007360 55 PUSH EBP 10007361 6A 03 PUSH 3 10007363 68 000000C0 PUSH C0000000 10007368 68 C49E0410 PUSH StrongOD.10049EC4 ; ASCII "\\.\yueyue" 1000736D FFD7 CALL EDI 1000736F A3 58F70410 MOV DWORD PTR DS:[1004F758],EAX 10007374 83F8 FF CMP EAX,-1 10007377 74 09 JE SHORT StrongOD.10007382 10007379 5F POP EDI 1000737A 8D45 01 LEA EAX,DWORD PTR SS:[EBP+1] 1000737D 5D POP EBP 1000737E 83C4 1C ADD ESP,1C 10007381 C3 RETN 10007382 E8 79FEFFFF CALL StrongOD.10007200 //释放驱动 10007387 85C0 TEST EAX,EAX 10007389 75 18 JNZ SHORT StrongOD.100073A3 1000738B 68 CC0F0410 PUSH StrongOD.10040FCC ; ASCII "Release DriverFile Failed!" ollydbg.ini文件尾部 -------------- DriverKey=-82693034 DriverName=yueyue UpdateURL=http://117.41.16.240:7777/sod/update.txt 2012-4-13 21:42 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (1)

天易love

雪币： 2015

活跃值： (902)

能力值：

( LV12，RANK：1000 )

在线值：

发帖

106

回帖

1059

粉丝

关注

私信

天易love 18: 2 楼

1005A345 33C0          XOR EAX,EAX
1005A347 AC             LODS BYTE PTR DS:[ESI]
1005A348 8B1487       MOV EDX,DWORD PTR DS:[EDI+EAX*4]
1005A34B 0FB612       MOVZX EDX,BYTE PTR DS:[EDX] //
DS:[0062B364]=79 ('y')
EDX=0062B364, (ASCII "yueyue")

10007352 8B3D 1C910210 MOV EDI,DWORD PTR DS:[<&KERNEL32.CreateF>; kernel32.CreateFileA
10007358 55             PUSH EBP
10007359 68 80000000    PUSH 80
1000735E 6A 03          PUSH 3
10007360 55             PUSH EBP
10007361 6A 03          PUSH 3
10007363 68 000000C0    PUSH C0000000
10007368 68 C49E0410    PUSH StrongOD.10049EC4                ; ASCII "\\.\yueyue"
1000736D FFD7          CALL EDI
1000736F A3 58F70410    MOV DWORD PTR DS:[1004F758],EAX
10007374 83F8 FF       CMP EAX,-1
10007377 74 09          JE SHORT StrongOD.10007382
10007379 5F             POP EDI
1000737A 8D45 01       LEA EAX,DWORD PTR SS:[EBP+1]
1000737D 5D             POP EBP
1000737E 83C4 1C       ADD ESP,1C
10007381 C3             RETN
10007382 E8 79FEFFFF    CALL StrongOD.10007200  //释放驱动
10007387 85C0          TEST EAX,EAX
10007389 75 18          JNZ SHORT StrongOD.100073A3
1000738B 68 CC0F0410    PUSH StrongOD.10040FCC                      ; ASCII "Release DriverFile Failed!"

ollydbg.ini文件尾部
--------------
DriverKey=-82693034
DriverName=yueyue
UpdateURL=http://117.41.16.240:7777/sod/update.txt

2012-4-13 21:42

[旧帖] [求助]StrongOD.dll里的fengyue.sys驱动名怎么改 0.00雪花