为什么我用RORDBG从来就没有成功脱过壳-加壳脱壳-看雪-安全社区|安全招聘|kanxue.com

为什么我用RORDBG从来就没有成功脱过壳

发表于: 2006-9-26 11:39 3297

为什么我用RORDBG从来就没有成功脱过壳

endofcool

2006-9-26 11:39

3297

ASPR试了多次没成功就不说了，UPX竟然也不行
Eip==00491220
UPX 0.89.6 - 1.02 / 1.05 - 1.22 (Delphi) stub -> Markus & Lazlo
00491220 60                PUSHAD
00491221 BE00F04500       MOV ESI,45F000
00491226 8DBE0020FAFF       LEA EDI,DWORD PTR [ESI-05E000h]
0049122C C7879C200700FC047143MOV DWORD PTR [EDI+07209Ch],437104FC
00491236 57                PUSH EDI
00491237 83CDFF             OR EBP,FFFFFFFF
0049123A EB0E             JMP 0049124A
0049124A 8B1E             MOV EBX,DWORD PTR [ESI]
0049124C 83EEFC             SUB ESI,FFFFFFFC
0049124F 11DB             ADC EBX,EBX
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
00491245 47                INC EDI
00491246 01DB             ADD EBX,EBX
00491248 7507             JNZ 00491251
00491251 72ED             JB 00491240
00491240 8A06             MOV AL,BYTE PTR [ESI]
00491242 46                INC ESI
00491243 8807             MOV BYTE PTR [EDI],AL
0049135E 正常调用(指令数7261028): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7261039): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7261057): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7261068): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7261086): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7261097): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261112): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261127): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261142): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261157): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261172): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261187): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261202): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261217): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261232): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261247): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261262): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261277): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261292): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261307): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261322): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261337): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261352): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261367): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261382): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261397): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261412): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261427): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261442): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261457): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261472): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261487): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261502): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261517): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261532): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261547): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261562): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261577): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261592): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261607): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261622): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261637): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261652): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261667): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261682): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261697): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261712): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261727): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261742): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261757): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261772): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261787): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261802): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261817): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261832): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261847): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261862): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261877): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261892): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261907): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261922): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261937): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261952): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261967): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261982): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7261997): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262012): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262027): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262042): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262057): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262072): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262087): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262102): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262117): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262132): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262147): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262162): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7262180): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7262191): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262206): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262221): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262236): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7262254): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7262265): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262280): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262295): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262310): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262325): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262340): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262355): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262370): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262385): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262400): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262415): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262430): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262445): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262460): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262475): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262490): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262505): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262520): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262535): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262550): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262565): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262580): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262595): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262610): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262625): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262640): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262655): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262670): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262685): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262700): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262715): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262730): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262745): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262760): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7262778): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7262789): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262804): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262819): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7262837): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7262848): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262863): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262878): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7262896): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7262907): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262922): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262937): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262952): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262967): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262982): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7262997): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263012): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263027): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263042): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263057): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263072): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263087): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263102): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263117): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263132): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263147): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263162): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263177): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263192): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263207): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263222): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263237): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263252): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263267): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7263285): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7263296): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263311): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7263329): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7263340): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263355): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263370): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263385): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263400): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263415): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263430): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263445): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263460): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263475): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263490): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263505): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263520): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263535): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263550): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263565): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263580): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263595): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263610): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263625): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263640): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263655): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263670): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263685): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263700): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263715): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263730): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263745): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263760): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263775): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263790): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263805): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263820): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263835): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263850): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263865): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263880): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263895): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263910): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263925): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263940): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263955): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263970): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7263985): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264000): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264015): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264030): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264045): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264060): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264075): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264090): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264105): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264120): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264135): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264150): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264165): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264180): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264195): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264210): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264225): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264240): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264255): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264270): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264285): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264300): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264315): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264330): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264345): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264360): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7264378): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7264389): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264404): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264419): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264434): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264449): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264464): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264479): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264494): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7264512): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7264523): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264538): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264553): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7264571): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7264582): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7264600): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7264611): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264626): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264641): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264656): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264671): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264686): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264701): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264716): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264731): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264746): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264761): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264776): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264791): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264806): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264821): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264836): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264851): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264866): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264881): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264896): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264911): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264926): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264941): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264956): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264971): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7264986): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265001): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265016): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265031): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265046): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265061): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265076): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265091): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265106): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265121): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265136): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265151): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265166): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265181): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265196): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265211): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265226): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265241): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265256): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265271): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265286): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265301): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265316): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265331): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265346): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265361): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265376): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265391): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265406): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265421): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265436): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265451): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265466): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265481): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265496): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265511): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265526): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265541): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265556): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265571): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265586): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265601): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265616): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265631): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265646): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265661): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265676): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265691): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265706): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265721): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265736): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265751): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265766): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265781): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265796): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265811): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265826): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265841): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265856): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265871): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265886): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265901): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265916): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265931): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265946): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265961): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265976): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7265991): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266006): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266021): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266036): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266051): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266066): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266081): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266096): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266111): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266126): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266141): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266156): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266171): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266186): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266201): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266216): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266231): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266246): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266261): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266276): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266291): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266306): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266321): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266336): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266351): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266366): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266381): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266396): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266411): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266426): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266441): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266456): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266471): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266486): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266501): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266516): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266531): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266546): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266561): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266576): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266591): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266606): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266621): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266636): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266651): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266666): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266681): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266696): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266711): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266726): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266741): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266756): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266771): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266786): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266801): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266816): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266831): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266846): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266861): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266876): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266891): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266906): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266921): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266936): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266951): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266966): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266981): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7266996): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267011): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267026): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267041): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267056): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267071): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267086): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267101): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267116): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267131): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267146): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267161): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267176): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267191): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267206): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267221): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267236): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267251): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267266): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267281): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267296): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7267314): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7267325): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267340): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267355): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267370): KERNEL32.DLL!GetProcAddress
0049135E 正常调用(指令数7267388): KERNEL32.DLL!LoadLibraryA
00491373 正常调用(指令数7267399): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267414): KERNEL32.DLL!GetProcAddress
00491373 正常调用(指令数7267429): KERNEL32.DLL!GetProcAddress
可能到OEP了，如果不完全正确，请再单步走几下！
0049138B E9240DFEFF
可能到OEP了，如果不完全正确，请再单步走几下！
004720B4 55                PUSH EBP
Command: makepe
Make PE now
Start:7C920000 End:7C9B4000
Start:7C800000 End:7C91C000
Start:77DA0000 End:77E49000
Start:77E50000 End:77EE1000
Start:77180000 End:77282000
Start:77BE0000 End:77C38000
Start:77EF0000 End:77F37000
Start:77D10000 End:77D9F000
Start:77F40000 End:77FB6000
Start:76320000 End:76367000
Start:7D590000 End:7DD82000
Start:770F0000 End:7717C000
Start:76990000 End:76ACD000
Start:77BD0000 End:77BD8000
Start:76300000 End:7631D000
Start:62C20000 End:62C29000
Start:73FA0000 End:7400B000
Start:10000000 End:100A7000
Start:73D30000 End:73E2E000
Start:61BE0000 End:61BED000
Start:71A20000 End:71A37000
Start:71A10000 End:71A18000
Start:73390000 End:734E4000
HODULE=00400100
nSec=3
VirtualSize RVA PhysicalSize PhysicalOffset
p=004001F8
5e000    1000       0       0
p=00400220
33000 5f000 32400    400
p=00400248
5000 92000    4e00 32800

到这里就结束了，也没有文件生成，望指点，谢谢！

[培训]《安卓高级研修班(网课)》月薪三万计划，掌握调试、分析还原ollvm、vmp的方法，定制art虚拟机自动化脱壳的方法

收藏・0

免费・0

支持

最新回复 (2)
endofcool 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 78 粉丝 0 关注私信	endofcool 2 楼而且任务管理器里面查看被调试程序占用CPU几乎100% 2006-9-26 11:40 0
cyto 雪币： 417 活跃值： (475) 能力值： ( LV9，RANK：1250 ) 在线值：发帖 41 回帖 624 粉丝 0 关注私信	cyto 31 3 楼 rordbg好像不是用来脱壳的. 而是辅助脱壳,你可以通过它知道程序运行过程. 2006-9-26 12:56 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

endofcool

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (2)
endofcool 雪币： 200 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 11 回帖 78 粉丝 0 关注私信	endofcool 2 楼而且任务管理器里面查看被调试程序占用CPU几乎100% 2006-9-26 11:40 0
cyto 雪币： 417 活跃值： (475) 能力值： ( LV9，RANK：1250 ) 在线值：发帖 41 回帖 624 粉丝 0 关注私信	cyto 31 3 楼 rordbg好像不是用来脱壳的. 而是辅助脱壳,你可以通过它知道程序运行过程. 2006-9-26 12:56 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复