能力值:
( LV2,RANK:10 )
|
-
-
2 楼
xdjm help me!!
00564000 > 55 push ebp
00564001 8BEC mov ebp, esp
00564003 6A FF push -1
00564005 68 1D321305 push 513321D
0056400A 68 88888808 push 8888888
0056400F 64:A1 00000000 mov eax, fs:[0]
00564015 50 push eax
00564016 64:8925 0000000>mov fs:[0], esp
0056401D 58 pop eax
0056401E 64:A3 00000000 mov fs:[0], eax
00564024 58 pop eax
00564025 58 pop eax
00564026 58 pop eax
00564027 58 pop eax
00564028 8BE8 mov ebp, eax
0056402A E8 3B000000 call 0056406A
0056402F E8 01000000 call 00564035
运行到这里 77FB4DC6 E8 480BFCFF call ZwContinue
这句走两次 然后就提示系统需要重启。
77FB4DBD 0AC0 or al, al
77FB4DBF 74 0C je short 77FB4DCD
77FB4DC1 5B pop ebx
77FB4DC2 59 pop ecx
77FB4DC3 6A 00 push 0
77FB4DC5 51 push ecx
77FB4DC6 E8 480BFCFF call ZwContinue
77FB4DCB EB 0B jmp short 77FB4DD8
77FB4DCD 5B pop ebx
77FB4DCE 59 pop ecx
77FB4DCF 6A 00 push 0
77FB4DD1 51 push ecx
77FB4DD2 53 push ebx
77FB4DD3 E8 F213FCFF call ZwRaiseException
77FB4DD8 83C4 EC add esp, -14
77FB4DDB 890424 mov [esp], eax
77FB4DDE C74424 04 01000>mov dword ptr [esp+4], 1
77FB4DE6 895C24 08 mov [esp+8], ebx
77FB4DEA C74424 10 00000>mov dword ptr [esp+10], 0
77FB4DF2 54 push esp
77FB4DF3 E8 AFC2F9FF call RtlRaiseException
77FB4DF8 C2 0800 retn 8
77FB4DFB >^ E9 7DBCFAFF jmp 77F60A7D
77FB4E00 >^ E9 6425FCFF jmp 77F77369
77FB4E05 >^ E9 3626FCFF jmp 77F77440
77FB4E0A >^ E9 B2F3FAFF jmp atol
77FB4E0F 90 nop
77FB4E10 0000 add [eax], al
77FB4E12 0000 add [eax], al
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
是不是我提供的线索太少了 还需要些什么线索阿
|
能力值:
(RANK:350 )
|
-
-
4 楼
最初由 whereisdog 发布
是不是我提供的线索太少了 还需要些什么线索阿
勿违规点将,能回答的,会给你答复的。
|
能力值:
( LV2,RANK:10 )
|
-
-
5 楼
点搜索,找loveboom的脱壳机.
|
能力值:
( LV2,RANK:10 )
|
-
-
6 楼
顶顶顶顶顶顶顶顶
|
|
|
|
