正在学Unpacking ACProtect，看到里面有个小软件是专门对付Code Splicing的，以下是它的源码：

procedure TForm1.Button1Click(Sender: TObject);
var PID,PHD,Start,Size,SPStart,SPSize,Cnt,I,Go,GJMP:DWORD;
    Buf:byte; JMP:WORD;
    MBuf:array[0..4] of byte;
begin
Memo1.Clear;
PID:=HextoInt(Edit3.Text);
Start:=HextoInt(Edit1.Text);
Size:=HextoInt(Edit2.Text);
SPStart:=HextoInt(Edit4.Text);
SPSize:=HextoInt(Edit5.Text);
PHD:=OpenProcess(PROCESS_ALL_ACCESS,False,PID);
for I:=Start to Start+Size do begin
ReadProcessMemory(PHD,Pointer(I),@Buf,Sizeof(Buf),Cnt);
if (Buf=$E8) and (I+8<Start+Size) then begin
  ReadProcessMemory(PHD,Pointer(I+1),@Go,Sizeof(Go),Cnt);
  ReadProcessMemory(PHD,Pointer(I+Go+5),@JMP,Sizeof(JMP),Cnt);
  if JMP=$25FF then begin
   ReadProcessMemory(PHD,Pointer(I+Go+7),@GJMP,Sizeof(GJMP),Cnt);
   if (GJMP>=SPStart) and (GJMP<SPStart+SPSize) then begin
    ReadProcessMemory(PHD,Pointer(GJMP),@GJMP,Sizeof(GJMP),Cnt);
    if (GJMP>=SPStart) and (GJMP<SPStart+SPSize) then begin
     Memo1.Lines.Add(inttohex(I,8)+' <-- '+inttohex(GJMP,8));
     ReadProcessMemory(PHD,Pointer(GJMP),@MBuf,Sizeof(MBuf),Cnt);
     WriteProcessMemory(PHD,Pointer(I),@MBuf,Sizeof(MBuf),Cnt);
    end;
   end;
  end;
end;
end;

Delphi的程序我不懂，看了半天也不知道怎么用脚本现实同样的功能：（

请大侠指点

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课