能力值:
(RANK:350 )
|
-
-
2 楼
可以直接用普通断点,将断点设在函数尾部几个字节:
7C80B529 kernel32.GetModuleHandleA 8BFF mov edi, edi
7C80B52B 55 push ebp
7C80B52C 8BEC mov ebp, esp
7C80B52E 837D 08 00 cmp dword ptr [ebp+8], 0
7C80B532 74 18 je short 7C80B54C
7C80B534 FF75 08 push dword ptr [ebp+8]
7C80B537 E8 682D0000 call 7C80E2A4
7C80B53C 85C0 test eax, eax
7C80B53E 74 08 je short 7C80B548
7C80B540 FF70 04 push dword ptr [eax+4]
7C80B543 E8 F4300000 call GetModuleHandleW
7C80B548 5D pop ebp
7C80B549 C2 0400 retn 4 //这里按F2设断
|
|
|