-
-
Script for Winupack 0.37
-
发表于:
2005-12-4 07:49
3894
-
/*
//////////////////////////////////////////////////
Script for Winupack 0.37
Author: loveboom
Email : loveboom#163.com
OS : Winxp sp1,OllyDbg 1.1,OllyScript v0.92
Date : 2005-12-04
Config: Ignore all Exceptions.
Note :
//////////////////////////////////////////////////
*/
var addr
var apiaddr
var val
var bpaddr
start:
gpa "LoadLibraryA","kernel32.dll"
mov apiaddr,$RESULT
bp apiaddr
l1:
eob l2
eoe lexcept
esto
l2:
cob
mov addr,[esp]
inc addr
mov val,[addr]
cmp val,75C084AC
jne l1
l3:
bc apiaddr
mov addr,[esp]
bp addr //卡吧之类的软件会hook api,保险点做法
esto
bc addr
mov addr,[esp]
cmp addr,0
je lw2
mov addr,esp
add addr,4
mov addr,[addr]
go addr
lend:
cmt eip,"OEP,Please dumped it,Enjoy!"
msg "Script by loveboom[DFCG],[FCG],Thank you for using my Scripts!"
ret
lexcept:
msg "exception."
ret
lw2:
find eip,#61E9#
go $RESULT
sto
sto
jmp lend
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
