[分享]SimplePack 1.2脱壳脚本-加壳脱壳-看雪-安全社区|安全招聘|kanxue.com

[分享]SimplePack 1.2脱壳脚本

发表于: 2006-11-5 22:07 3768

[分享]SimplePack 1.2脱壳脚本

skylly

2006-11-5 22:07

3768

附带一个例子
//simplepack 1.2 go to oep
//code by skylly
gpa "VirtualProtect","kernel32.dll"
cmp $RESULT,0
je err
bp $RESULT
esto
bc $RESULT
rtu
find eip,#61# //popad
cmp $RESULT,0
je method2
bp $RESULT
esto
bc $RESULT
sti
sti
sti
jmp oep
method2:
find eip,#FFE0# //jmp eax
cmp $RESULT,0
je err
bp $RESULT
esto
bc $RESULT
sti
oep:
cmt eip,"oep"
an eip
ret
err:
msg "error"
ret