按照Bi11的windbg方式已经到了这里
0:000> d 064bedb8
064bedb8 3c 2c b3 00 00 00 11 00-4d 5a 00 00 05 00 00 00 <,......MZ......
064bedc8 04 00 00 00 ff ff 00 00-80 00 00 00 00 00 00 00 ................
064bedd8 40 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 @...............
064bede8 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
064bedf8 00 00 00 00 80 00 00 00-0e 1f e8 00 00 5a 83 c2 .............Z..
064bee08 0d b4 09 cd 21 b8 01 4c-cd 21 54 68 69 73 20 70 ....!..L.!This p
064bee18 72 6f 67 72 61 6d 20 63-61 6e 6e 6f 74 20 62 65 rogram cannot be
064bee28 20 72 75 6e 20 69 6e 20-44 4f 53 20 6d 6f 64 65 run in DOS mode
0:000> dd 064bedb8
064bedb8 00b32c3c 00110000 00005a4d 00000005
064bedc8 00000004 0000ffff 00000080 00000000
064bedd8 00000040 00000000 00000000 00000000
064bede8 00000000 00000000 00000000 00000000
064bedf8 00000000 00000080 00e81f0e c2835a00
064bee08 cd09b40d 4c01b821 685421cd 70207369
064bee18 72676f72 63206d61 6f6e6e61 65622074
064bee28 6e757220 206e6920 20534f44 65646f6d
.Net Reflector的版本是最新的4.2.36.0
用LordPE从 064bedc0 导出 e0000大小的内存为dump.dll文件,然后用Reflector加载dump.dll文件失败,错在哪里,请指教 -_-bb
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课