问题1
MACRO bpxgeta ="bpx GetDlgItemTextA DO \"argespc\"; bpx GetWindowTextA DO \"argesp8\""
这行总是说 symbol not defined(geta)
我把WINICE.DAT里的exp dll都看了 还是这样提示,
其他的像是MACRO bpxpe ="bpx LoadLibraryA DO \" D ESP->4 \""就不提示什么直接就断下了
MACRO argesp8 ="D esp->8 ; p ret "
MACRO argespc ="D esp->c ; p ret "
MACRO argesp14 ="D ESP->14; p ret "
MACRO bpxgeta ="bpx GetDlgItemTextA DO \"argespc\"; bpx GetWindowTextA DO \"argesp8\""
Symbol not defined(geta)
MACRO bpxgetw ="bpx GetDlgItemTextW DO \"argespc\"; bpx GetWindowTextW DO \"argesp8\""
这个倒是可以
MACRO bpxma ="bpx MessageBoxA ;bpx MessageBoxExA ;bpx MessageBeep DO \"p ret\""
Symbol not defined(ma)
MACRO bpxmw ="bpx MessageBoxExW ;bpx MessageBeep DO \"p ret\""
可以
MACRO bpxdiaa ="bpx DialogBoxParamA ; bpx CreateWindowExA ; bpx ShowWindow "
Symbol not defined(diaa)
MACRO bpxdiaw ="bpx DialogBoxParamW ; bpx CreateWindowExW ; bpx ShowWindow "
可以
MACRO bpxrega ="bpx RegQueryValueExA IF *(ESP->8) == '%1' DO \" D ESP->14 \""
Symbol not defined(rega)
MACRO bpxregw ="bpx RegQueryValueExW IF *(ESP->8) == '%1' DO \" D ESP->14 \""
Invalid dereference
MACRO regqva ="BPX RegQueryValueExA IF(*(ESP->8)=='%1')||(*(ESP->8)=='%2')DO \"argesp14 \""
Invalid dereference
MACRO regqvw ="BPX RegQueryValueExW IF(*(ESP->8)=='%1')||(*(ESP->8)=='%2')DO \"D ESP->14 \""
Invalid dereference
MACRO bpxpe ="bpx LoadLibraryA DO \" D ESP->4 \""
MACRO bpxfi ="bpx CreateFileA DO \" D ESP->4 \""
都正常
macro 1bpm ="bpm %1 x do \"bc bpindex\" "
invalid command
MACRO foepa ="bpx GetCommandLineA DO \"p ret\";bpx GetVersion DO \"p ret\";bpx GetModuleHandleA DO \"p ret\"; bpx GetStartupInfoA DO \"p ret\""
MACRO foepw ="bpx GetCommandLineW DO \"p ret\";bpx GetVersion DO \"p ret\";bpx GetModuleHandleW DO \"p ret\"; bpx GetStartupInfoW DO \"p ret\""
正常
MACRO vba="bpx msvbvm60!__vbastrcmp;bpx msvbvm60!__vbastrcomp; bpx msvbvm60!__vbaStrCopy; bpx msvbvm60!__vbaStrMove;bpx MultiByteToWideChar;"
MACRO bpxseh ="bpx KiUserExceptionDispatcher"
Symbol not defined(seh)问题2
有时拦截不到断点,重启下就好了,有时候一个程序分析的次数多了也会出现断点断不下的现象
问题3 拦截消息的时候
BMSG Window-Handle WM_GETTEXT
Invalid window handle ?
[课程]Linux pwn 探索篇!