我用TMDScript-1.9.1+_0.3的脚本调试,提示IAT基地址在:6F0208后,停在了这里,请教高手们,后面该怎么做....
00407190 53 push ebx
00407191 8BD8 mov ebx,eax
00407193 33C0 xor ebx,eax
00407195 A3 A4906C00 dword ptr[6C90A4],eax
0040719A 6A 00 push 0
0040719C E8 2BFFFFFF call 004070CC
004071A1 A3 68166E00 mov dword ptr[6E1668],eax
004071A6 A1 68166E00 mov eax,dword ptr[6E1668]
004071AB A3 B0906C00 mov dword prt [6C90B0],eax
004071B0 33C0 xor eax,eax
004071B2 A3 B4906C00 mov dword ptr [6C90B4],eax
004071B7 33C0 xor eax,eax
004071B9 A3 B8906C00 mov dword ptr [6C90B8],eax
004071BE E8 C1FFFFFF call 00407184
004071C3 BA AC906C00 mov edx, 006C90AC
007071C8 8BC3 mov eax,ebx
004071CA E8 F9D4FFFF call 004046C8
004071CF 5B pop ebx
004071D0 C3 retn
004071D1 8D40 00 lea eax,dword ptr [eax]
004071D4 55 push ebp
004071D5 8BEC mov ebp,esp
004071D7 33C0 xor eax,eax
[课程]Android-CTF解题方法汇总!