FSG 2.0脱壳不能运行已解决
脱壳FSG 2.0 -> bart/xt方法1
00400154 >8725 A86F4100 XCHG DWORD PTR DS:,ESP
0040015A 61 POPAD
0040015B 94 XCHG EAX,ESP
0040015C 55 PUSH EBP
0040015D A4 MOVS BYTE PTR ES:,BYTE PTR DS:
0040015E B6 80 MOV DH,80
00400160 FF13 CALL DWORD PTR DS:
004001CC 40 INC EAX
004001CD^ 78 F3 JS SHORT 梨花UC密.004001C2
004001CF 75 03 JNZ SHORT 梨花UC密.004001D4
004001D1 FF63 0C JMP DWORD PTR DS:断点运行到这里到达oep
004001D4 50 PUSH EAX
00401178- FF25 00104000 JMP DWORD PTR DS: ; MSVBVM60.MethCallEngine
0040117E- FF25 64104000 JMP DWORD PTR DS: ; MSVBVM60.ProcCallEngine
00401184- FF25 78104000 JMP DWORD PTR DS: ; MSVBVM60.ThunRTMain
0040118A 0000 ADD BYTE PTR DS:,AL
0040118C 68 40474000 PUSH 梨花UC密.00404740 oep ; ASCII "VB5!6&vb6chs.dll"
00401191 E8 EEFFFFFF CALL 梨花UC密.00401184 ; JMP 到 MSVBVM60.ThunRTMain
方法二
0040015A 61 POPAD
0040015B 94 XCHG EAX,ESP ; 梨花UC密.00416FAC
0040015C 55 PUSH EBP
00416FAC 004001E8梨花UC密.004001E8
00416FB0 004001DC梨花UC密.004001DC
00416FB4 004001DE梨花UC密.004001DE
00416FB8 0040118C梨花UC密.0040118Coep 跟随断点运行到所选
00416FBC > 7C801D77kernel32.LoadLibraryA
00416FC0 > 7C80ADA0kernel32.GetProcAddress
826dbefe5acb7d880a5d656086f286f3 教程.exe
脱壳FSG2.0 http://www.namipan.com/d/%e8%84%b1%e5%a3%b3FSG%202.0.rar/2332212dfb34aa2021984236eb80965f82e9dea7ff023f00
页:
[1]