-
-
求助]处理TP的debugpoint清零遇到的问题T T大牛快来帮帮我啊
-
发表于:
2012-5-23 11:41
5580
-
求助]处理TP的debugpoint清零遇到的问题T T大牛快来帮帮我啊
#ifndef PASSDEBGUPORT
#define PASSDEBGUPORT
PDRIVER_OBJECT QpDriverObject;
int GetTesSafeBassAddr()
{
PLDR_DATA_TABLE_ENTRY pLE=(PLDR_DATA_TABLE_ENTRY)QpDriverObject->DriverSection;
PLIST_ENTRY p=pLE->InLoadOrderLinks.Blink;
while(true)
{
PLDR_DATA_TABLE_ENTRY pStatusPLE=(PLDR_DATA_TABLE_ENTRY)p;
if (pStatusPLE==pLE)
{
break;
}
p=pStatusPLE->InLoadOrderLinks.Blink;
if (pStatusPLE->DllBase!=0)
{
PWCH str[256];
RtlMoveMemory(str,pStatusPLE->BaseDllName.Buffer,pStatusPLE->BaseDllName.Length);
if (RtlCompareMemory(str,L"TesSafe.sys",pStatusPLE->BaseDllName.Length)==pStatusPLE->BaseDllName.Length)
{
//DbgPrint("模块基址=%x\n",pStatusPLE->DllBase);
return (int)pStatusPLE->DllBase;
}
}
}
return 0;
}
void DuiKangQingLing()
{
int addr=GetTesSafeBassAddr();
if (addr!=0)
{
DbgPrint("基地址==%x\n",addr);
}
char szDgbugProtFeature[10]={(char)0x8b,(char)0x40,(char)0x04,
(char)0x8d,(char)0x77,(char)0xb8,
(char)0x03,(char)0x06,(char)0x33,
(char)0xc9};
int nCallAddr;
nCallAddr=SearchFeature(addr+0x4800,szDgbugProtFeature,10);
if (nCallAddr)
{
nCallAddr-=14;
DbgPrint("DgBugProt清零处==%X\n",nCallAddr);
__asm
{
MOV EAX,nCallAddr
MOV EAX,[EAX]
MOV EAX,[EAX]
MOV [EAX+4],0x70
}
DbgPrint("偏移==%X",nCallAddr);
}
else
{
DbgPrint("未找到DgBugProt清零处的特征码\n");
}
}
#endif
已经能显示模块信息了,就是一进图或者一下断,游戏出现调试错误
win7 32位系统
大牛快来帮帮我啊
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
