能力值:
(RANK:350 )
|
-
-
2 楼
7C80B529 kernel32.GetModuleHandleA 8BFF mov edi, edi
7C80B52B 55 push ebp
7C80B52C 8BEC mov ebp, esp
7C80B52E 837D 08 00 cmp dword ptr [ebp+8], 0
7C80B532 74 18 je short 7C80B54C
7C80B534 FF75 08 push dword ptr [ebp+8]
7C80B537 E8 682D0000 call 7C80E2A4
7C80B53C 85C0 test eax, eax
7C80B53E 74 08 je short 7C80B548
7C80B540 FF70 04 push dword ptr [eax+4]
7C80B543 E8 F4300000 call GetModuleHandleW
7C80B548 5D pop ebp
7C80B549 C2 0400 retn 4
7C80B529+5=7C80B52E
也就是说将断点设在:7C80B52E 这一行
目的是防止程序检测GetModuleHandleA函数第一个字节是否被设断点,如设断点,会变成CC (即:INT 3)
|
能力值:
(RANK:10 )
|
-
-
3 楼
我在你说的那里下了断点,还是拦不住。怎么办?
|
|
|