#log
var code_addr
var patch_addr
//只需要修改2个变量
mov code_addr,0115F776
mov patch_addr,01210A00
bphws code_addr,"x"
esto
bphwc code_addr
mov [patch_addr],#909060E8000000005E33C0BF00001201813F83EC04890F8580000000807F0524757A807F0404750BC70750EB030983C706EBDD807F040C750BC70751EB030983C706EBCC807F0414750BC70752EB030983C706EBBB807F041C750BC70753EB030983C706EBAA807F042C750BC70755EB030983C706EB99807F0434750BC70756EB030983C706EB88807F043C750EC70757EB030983C706E974FFFFFF473BFE7705E96AFFFFFFBF00001201813F2481C4040F858E000000807FFE8B0F8584000000807FFF04750CC747FE58EB069083C709EBD8807FFF0C750CC747FE59EB069083C709EBC6807FFF14750CC747FE5AEB069083C709EBB4807FFF1C750CC747FE5BEB069083C709EBA2807FFF2C750CC747FE5DEB069083C709EB90807FFF34750FC747FE5EEB069083C709E97BFFFFFF807FFF3C750FC747FE5FEB069083C709E966FFFFFF473BFE7705E95CFFFFFFBF0000120133C08B0725FFFF00FF3D008900240F858E000000807FFC680F8584000000807F0204750CC747FC50EB059083C708EBD2807F020C750CC747FC51EB059083C709EBC0807F0214750CC747FC52EB059083C709EBAE807F021C750CC747FC53EB059083C709EB9C807F022C750CC747FC55EB059083C709EB8A807F0234750FC747FC56EB059083C709E975FFFFFF807F023C750FC747FC57EB059083C709E960FFFFFF473BFE7705E956FFFFFFBF0000120161909090EBFB90#
mov eip,patch_addr
find eip,#9090EBFB#
bp $RESULT
esto
bc $RESULT
mov eip,code_addr
ret
/*
012207D0 83EC 04 SUB ESP,4
012207D3 890424 MOV [ESP],EAX
PUSH EAX
*/
/*
011200C4 8B1C24 MOV EBX,[ESP]
011200C7 81C4 04000000 ADD ESP,4
POP EBX
*/
/*
01128D44 68 185C0000 PUSH 5C18
01128D49 890424 MOV [ESP],EAX
PUSH EAX
*/
功能可以随意扩充,修复aspr ske 2.x的iat更是易如反掌
[招生]系统0day安全班,企业级设备固件漏洞挖掘,Linux平台漏洞挖掘!