能力值:
( LV2,RANK:10 )
|
-
-
51 楼
顶!!好好研究一下,OD直接就挂了。
|
能力值:
( LV2,RANK:10 )
|
-
-
52 楼
无码?什么意思?
|
能力值:
( LV4,RANK:45 )
|
-
-
53 楼
无码就是没有马赛克吧(看前面发言好象是输入表被马赛克了),不过不多,所以叫薄码.无码就是没有马赛克的输入表吧,我其实想要BC++源码,这样子才爽啊,----------纪念灌水500贴,今年目标2000+ 1精华.
|
能力值:
( LV4,RANK:50 )
|
-
-
54 楼
void __usercall start(int a1<eax>)
{
signed int v1; // eax@4
int v2; // eax@6
unsigned int v3; // eax@1
int v4; // ST0C_4@6
CHAR *v5; // ST08_4@6
HMODULE v6; // eax@6
signed int v7; // [sp+64h] [bp-4h]@1
_UNKNOWN *v8; // [sp+60h] [bp-8h]@1
int (__cdecl *v9)(int, int, int); // [sp+5Ch] [bp-Ch]@1
int v10; // [sp+58h] [bp-10h]@1
int v11; // [sp-Ch] [bp-74h]@1
int *v12; // [sp+50h] [bp-18h]@1
struct _STARTUPINFOA StartupInfo; // [sp+Ch] [bp-5Ch]@3
LPSTR lpCmdLine; // [sp+4h] [bp-64h]@3
int v15; // [sp+8h] [bp-60h]@7
v7 = -1;
v8 = &unk_405ED8;
v9 = unknown_libname_1;
v10 = a1;
v12 = &v11;
v3 = GetVersion();
dword_4074C4 = BYTE1(v3);
dword_4074C0 = (_BYTE)v3;
dword_4074BC = BYTE1(v3) + ((_BYTE)v3 << 8);
dword_4074B8 = v3 >> 16;
if ( !_heap_init(0) )
fast_error_exit(0x1Cu);
v7 = 0;
_ioinit();
dword_4079B8 = (int)GetCommandLineA();
Memory = (void *)__crtGetEnvironmentStringsA();
_setargv();
_setenvp();
_cinit();
StartupInfo.dwFlags = 0;
GetStartupInfoA(&StartupInfo);
lpCmdLine = (LPSTR)_wincmdln();
if ( LOBYTE(StartupInfo.dwFlags) & 1 )
v1 = StartupInfo.wShowWindow;
else
v1 = 10;
v4 = v1;
v5 = lpCmdLine;
v6 = GetModuleHandleA(0);
v2 = WinMain(v6, 0, v5, v4);
v15 = v2;
exit(v2);
}
|
能力值:
( LV4,RANK:50 )
|
-
-
55 楼
Ye 搞定! 可以用OD装入了!
用HEXEDIT 找出ntdll 在后面改成.dll\0 在ZwSetInformationProcess后面改为\0
也就是改成00 表示字符串结束 ps:干嘛我直接上传附近总是不成功??
[ATTACH]anti.rar[/ATTACH]
|
|
|
|
