-
-
[旧帖] [求助]od在这种情况下如何下断? 0.00雪花
-
发表于: 2008-3-7 19:05
-
如下:
0070FB14 FF92 D8000000 call dword ptr [edx+D8]
0070FB1A C3 retn
0070FB1B 90 nop
0070FB1C 55 push ebp
0070FB1D 8BEC mov ebp, esp
0070FB1F 6A 00 push 0
0070FB21 6A 00 push 0
0070FB23 6A 00 push 0
0070FB25 33C0 xor eax, eax
0070FB27 55 push ebp
0070FB28 68 CBFB7000 push 0070FBCB
0070FB2D 64:FF30 push dword ptr fs:[eax]
0070FB30 64:8920 mov dword ptr fs:[eax], esp
0070FB33 68 E0FB7000 push 0070FBE0 ;
0070FB38 FF35 C0357E00 push dword ptr [7E35C0]
........
小弟希望od断在当前模块内的所有的“call 0070FB1B” 或者 “call 0070FB1C”处
恳请指教下 :)
0070FB14 FF92 D8000000 call dword ptr [edx+D8]
0070FB1A C3 retn
0070FB1B 90 nop
0070FB1C 55 push ebp
0070FB1D 8BEC mov ebp, esp
0070FB1F 6A 00 push 0
0070FB21 6A 00 push 0
0070FB23 6A 00 push 0
0070FB25 33C0 xor eax, eax
0070FB27 55 push ebp
0070FB28 68 CBFB7000 push 0070FBCB
0070FB2D 64:FF30 push dword ptr fs:[eax]
0070FB30 64:8920 mov dword ptr fs:[eax], esp
0070FB33 68 E0FB7000 push 0070FBE0 ;
0070FB38 FF35 C0357E00 push dword ptr [7E35C0]
........
小弟希望od断在当前模块内的所有的“call 0070FB1B” 或者 “call 0070FB1C”处
恳请指教下 :)
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
您好 谢谢您的指点先
弱弱的问句: 为什么我从主站上下的od 右击没看到“查看调用树” 或者 ”call tree “选项 ? 
|
|
|
|
|
|
|
