- UID
- 21039
注册时间2006-9-10
阅读权限20
最后登录1970-1-1
以武会友
 
TA的每日心情 | 奋斗
2023-12-2 20:17 |
|---|
签到天数: 3 天 [LV.2]偶尔看看I
|
【文章标题】: ASProtcet2.11输入表加密
【文章作者】: 追杀
【作者邮箱】: [email protected]
【作者主页】: 没有
【作者QQ群】: 8809635
【软件名称】: SSC
【软件大小】: 479 KB
【下载地址】: 自己搜索下载
【加壳方式】: ASPR2.11
【保护方式】: 加密
【编写语言】: DELPH
【操作平台】: WinXp2
【软件介绍】: OD ImportREC Lordepe
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
B1020 OEP
CTRL+B 89,45,F0,B8,00,07,00,00
E3 我机子里的。ESI的三个值
ESI=000000DC
ESI=000000B5
内存插件申请一块空间
这里上我前几次脱的,跟据时间而变化的地址都在这里
01640000 - 0F84 F37584FF je 00E875F9
01640006 81FE E3000000 cmp esi,0E3
0164000C - 0F84 427684FF je 00E87654
01640012 BE E3000000 mov esi,0E3
01640017 - E9 387684FF jmp 00E87654
0F 84 F3 75 84 FF 81 FE E3 00 00 00 0F 84 42 76 84 FF BE E3 00 00 00 E9 38 76 84 FF
00EA7190 E8 B7B3FDFF CALL 00E8254C
01640000 - 0F84 F37586FF JE 00EA75F9
01640006 81FE E3000000 CMP ESI,0E3
0164000C - 0F84 427686FF JE 00EA7654
01640012 BE E3000000 MOV ESI,0E3
01640017 - E9 387686FF JMP 00EA7654
0F 84 F3 75 86 FF 81 FE E3 00 00 00 0F 84 42 76 86 FF BE E3 00 00 00 E9 38 76 86 FF
解码了,
004BE154 7C93188A ntdll.RtlDeleteCriticalSection
004BE158 7C9210ED ntdll.RtlLeaveCriticalSection
004BE15C 7C921005 ntdll.RtlEnterCriticalSection
004BE160 7C809EF1 kernel32.InitializeCriticalSection
004BE164 7C809AE4 kernel32.VirtualFree
004BE168 7C809A51 kernel32.VirtualAlloc
004BE16C 7C80992F kernel32.LocalFree
004BE170 7C80998D kernel32.LocalAlloc
004BE174 7C80929C kernel32.GetTickCount
004BE178 7C80A427 kernel32.QueryPerformanceCounter
004BE17C 7C8111DA kernel32.GetVersion
004BE180 7C809728 kernel32.GetCurrentThreadId
004BE184 7C80977A kernel32.InterlockedDecrement
004BE188 7C809766 kernel32.InterlockedIncrement
004BE18C 7C80B9D1 kernel32.VirtualQuery
004BE190 7C80A0D4 kernel32.WideCharToMultiByte
004BE194 7C809BF8 kernel32.MultiByteToWideChar
004BE198 7C80BDB6 kernel32.lstrlenA
004BE19C 7C810111 kernel32.lstrcpynA
004BE1A0 7C801D4F kernel32.LoadLibraryExA
004BE1A4 7C80A415 kernel32.GetThreadLocale
004BE1A8 7C801EEE kernel32.GetStartupInfoA
004BE1AC 7C80ADA0 kernel32.GetProcAddress
004BE1B0 7C80B6A1 kernel32.GetModuleHandleA
004BE1B4 7C80B4CF kernel32.GetModuleFileNameA
004BE1B8 7C80D262 kernel32.GetLocaleInfoA
004BE1BC 7C930331 ntdll.RtlGetLastWin32Error
004BE1C0 7C812F1D kernel32.GetCommandLineA
004BE1C4 7C80ABDE kernel32.FreeLibrary
004BE1C8 7C8137D9 kernel32.FindFirstFileA
004BE1CC 7C80EDD7 kernel32.FindClose
004BE1D0 7C81CDDA kernel32.ExitProcess
004BE1D4 7C810D87 kernel32.WriteFile
004BE1D8 7C862E62 kernel32.UnhandledExceptionFilter
004BE1DC 7C810B8E kernel32.SetFilePointer
004BE1E0 7C832044 kernel32.SetEndOfFile
004BE1E4 7C957A40 ntdll.RtlUnwind
004BE1E8 7C80180E kernel32.ReadFile
004BE1EC 7C812A09 kernel32.RaiseException
004BE1F0 7C812F39 kernel32.GetStdHandle
004BE1F4 7C810A77 kernel32.GetFileSize
004BE1F8 7C810E51 kernel32.GetFileType
004BE1FC 7C801A24 kernel32.CreateFileA
004BE200 7C809B47 kernel32.CloseHandle
004BE204 00000000
004BE208 77D3119B user32.GetKeyboardType
004BE20C 77D2DFA8 user32.LoadStringA
004BE210 77D5058A user32.MessageBoxA
004BE214 77D2DF50 user32.CharNextA
004BE218 00000000
004BE21C 77DA7883 advapi32.RegQueryValueExA
004BE220 77DA761B advapi32.RegOpenKeyExA
004BE224 77DA6BF0 advapi32.RegCloseKey
004BE228 00000000
004BE22C 770F4850 oleaut32.SysFreeString
004BE230 7711C99D oleaut32.SysReAllocStringLen
004BE234 770F4B59 oleaut32.SysAllocStringLen
004BE238 00000000
004BE23C 7C809BC5 kernel32.TlsSetValue
004BE240 7C809740 kernel32.TlsGetValue
004BE244 7C80998D kernel32.LocalAlloc
004BE248 7C80B6A1 kernel32.GetModuleHandleA
004BE24C 00000000
004BE250 77DAEBE7 advapi32.RegSetValueExA
004BE254 77DA7883 advapi32.RegQueryValueExA
004BE258 77DCC1B5 advapi32.RegQueryInfoKeyA
004BE25C 77DA761B advapi32.RegOpenKeyExA
004BE260 77DBB908 advapi32.RegFlushKey
004BE264 77DCC8C1 advapi32.RegEnumKeyExA
004BE268 77DAEDE5 advapi32.RegDeleteValueA
004BE26C 77DAEAF4 advapi32.RegCreateKeyExA
004BE270 77DA6BF0 advapi32.RegCloseKey
004BE274 00000000
004BE278 7C80BE01 kernel32.lstrcpyA
004BE27C 7C810D87 kernel32.WriteFile
004BE280 7C802520 kernel32.WaitForSingleObject
004BE284 7C80B9D1 kernel32.VirtualQuery
004BE288 7C809A51 kernel32.VirtualAlloc
004BE28C 7C802442 kernel32.Sleep
004BE290 7C80BC69 kernel32.SizeofResource
004BE294 7C81BBBA kernel32.SetThreadLocale
004BE298 7C810B8E kernel32.SetFilePointer
004BE29C 7C80A017 kernel32.SetEvent
004BE2A0 7C80AC0F kernel32.SetErrorMode
004BE2A4 7C832044 kernel32.SetEndOfFile
004BE2A8 7C86614B kernel32.SetCommTimeouts
004BE2AC 7C80A03B kernel32.ResetEvent
004BE2B0 7C80180E kernel32.ReadFile
004BE2B4 7C82FA46 kernel32.QueryPerformanceFrequency
004BE2B8 7C80A427 kernel32.QueryPerformanceCounter
004BE2BC 7C8097C6 kernel32.MulDiv
004BE2C0 7C80CC97 kernel32.SetHandleCount
004BE2C4 7C809FB5 kernel32.LoadResource
004BE2C8 7C801D77 kernel32.LoadLibraryA
004BE2CC 7C9210ED ntdll.RtlLeaveCriticalSection
004BE2D0 7C809EF1 kernel32.InitializeCriticalSection
004BE2D4 7C80FE82 kernel32.GlobalUnlock
004BE2D8 7C8123B9 kernel32.GlobalReAlloc
004BE2DC 7C834CB9 kernel32.GlobalHandle
004BE2E0 7C80FF19 kernel32.GlobalLock
004BE2E4 7C80FC2F kernel32.GlobalFree
004BE2E8 7C8360C3 kernel32.GlobalFindAtomA
004BE2EC 7C830BBB kernel32.GlobalDeleteAtom
004BE2F0 7C80FD2D kernel32.GlobalAlloc
004BE2F4 7C8360A9 kernel32.GlobalAddAtomA
004BE2F8 7C812ADE kernel32.GetVersionExA
004BE2FC 7C8111DA kernel32.GetVersion
004BE300 7C80929C kernel32.GetTickCount
004BE304 7C80A415 kernel32.GetThreadLocale
004BE308 7C812D56 kernel32.GetSystemInfo
004BE30C 7C814EEA kernel32.GetSystemDirectoryA
004BE310 7C8760CF kernel32.GetStringTypeExA
004BE314 7C812F39 kernel32.GetStdHandle
004BE318 7C80ADA0 kernel32.GetProcAddress
004BE31C 7C80B6A1 kernel32.GetModuleHandleA
004BE320 7C80B4CF kernel32.GetModuleFileNameA
004BE324 7C80D262 kernel32.GetLocaleInfoA
004BE328 7C80A7D4 kernel32.GetLocalTime
004BE32C 7C930331 ntdll.RtlGetLastWin32Error
004BE330 7C8138FC kernel32.GetFullPathNameA
004BE334 7C8302ED kernel32.GetDiskFreeSpaceA
004BE338 7C8361EE kernel32.GetDateFormatA
004BE33C 7C809728 kernel32.GetCurrentThreadId
004BE340 7C809920 kernel32.GetCurrentProcessId
004BE344 7C822128 kernel32.GetCommTimeouts
004BE348 7C812E76 kernel32.GetCPInfo
004BE34C 7C809915 kernel32.GetACP
004BE350 7C8260C2 kernel32.FreeResource
004BE354 7C80978E kernel32.InterlockedExchange
004BE358 7C80ABDE kernel32.FreeLibrary
004BE35C 7C82F7A0 kernel32.FormatMessageA
004BE360 7C80BE89 kernel32.FindResourceA
004BE364 7C8137D9 kernel32.FindFirstFileA
004BE368 7C80EDD7 kernel32.FindClose
004BE36C 7C80E866 kernel32.FileTimeToLocalFileTime
004BE370 7C83065D kernel32.FileTimeToDosDateTime
004BE374 7C838211 kernel32.EnumCalendarInfoA
004BE378 7C921005 ntdll.RtlEnterCriticalSection
004BE37C 7C93188A ntdll.RtlDeleteCriticalSection
004BE380 7C810637 kernel32.CreateThread
004BE384 7C801A24 kernel32.CreateFileA
004BE388 7C8308AD kernel32.CreateEventA
004BE38C 7C80D077 kernel32.CompareStringA
004BE390 7C809B47 kernel32.CloseHandle
004BE394 00000000
004BE398 77BD18BA version.VerQueryValueA
004BE39C 77BD19FF version.GetFileVersionInfoSizeA
004BE3A0 77BD1A50 version.GetFileVersionInfoA
004BE3A4 00000000
004BE3A8 77EFD85F GDI32.UnrealizeObject
004BE3AC 77EFBBDC GDI32.TextOutA
004BE3B0 77EFBAC2 GDI32.StretchBlt
004BE3B4 77EF8CFD GDI32.SetWindowOrgEx
004BE3B8 77F1BF4D GDI32.SetWinMetaFileBits
004BE3BC 77EF7B5C GDI32.SetViewportOrgEx
004BE3C0 77EF5D87 GDI32.SetTextColor
004BE3C4 77EF8B74 GDI32.SetTextAlign
004BE3C8 77EF9581 GDI32.SetStretchBltMode
004BE3CC 77EFD8F8 GDI32.SetROP2
004BE3D0 77EFB4C7 GDI32.SetPixel
004BE3D4 77F0717D GDI32.SetEnhMetaFileBits
004BE3D8 77F0C36D GDI32.SetDIBColorTable
004BE3DC 77EF86E4 GDI32.SetBrushOrgEx
004BE3E0 77EF5EEB GDI32.SetBkMode
004BE3E4 77EF5E39 GDI32.SetBkColor
004BE3E8 77EF832A GDI32.SelectPalette
004BE3EC 77EF5B80 GDI32.SelectObject
004BE3F0 77EF7AB0 GDI32.SelectClipRgn
004BE3F4 77EF8AD7 GDI32.SaveDC
004BE3F8 77F1BDCE GDI32.RoundRect
004BE3FC 77EF8A11 GDI32.RestoreDC
004BE400 77EFE649 GDI32.Rectangle
004BE404 77EF81CB GDI32.RectVisible
004BE408 77EFE6E6 GDI32.RealizePalette
004BE40C 77EFDD5D GDI32.Polyline
004BE410 77EFE714 GDI32.Polygon
004BE414 77F19777 GDI32.PlayEnhMetaFile
004BE418 77F1C81E GDI32.Pie
004BE41C 77EF8593 GDI32.PatBlt
004BE420 77EFADC3 GDI32.MoveToEx
004BE424 77EFAC6A GDI32.MaskBlt
004BE428 77EFD9BF GDI32.LineTo
004BE42C 77EFD4EF GDI32.LPtoDP
004BE430 77EF6A66 GDI32.IntersectClipRect
004BE434 77EFDA46 GDI32.GetWindowOrgEx
004BE438 77F2A085 GDI32.GetWinMetaFileBits
004BE43C 77EFDC1F GDI32.GetTextMetricsA
004BE440 77EFDF7A GDI32.GetTextExtentPointA
004BE444 77F0C2A7 GDI32.GetTextExtentPoint32A
004BE448 77EFD44F GDI32.GetTextAlign
004BE44C 77EFB2F1 GDI32.GetSystemPaletteEntries
004BE450 77EF61D1 GDI32.GetStockObject
004BE454 77EFB441 GDI32.GetPixel
004BE458 77EFBA42 GDI32.GetPaletteEntries
004BE45C 77EF8C0E GDI32.GetObjectA
004BE460 77F29B9A GDI32.GetEnhMetaFilePaletteEntries
004BE464 77F00325 GDI32.GetEnhMetaFileHeader
004BE468 77F192BE GDI32.GetEnhMetaFileBits
004BE46C 77EF5A7A GDI32.GetDeviceCaps
004BE470 77EFAABB GDI32.GetDIBits
004BE474 77EFAC3D GDI32.GetDIBColorTable
004BE478 77EFDA17 GDI32.GetDCOrgEx
004BE47C 77F0EAE3 GDI32.GetCurrentPositionEx
004BE480 77EF6AB1 GDI32.GetClipBox
004BE484 77EFA29D GDI32.GetBrushOrgEx
004BE488 77F03849 GDI32.GetBkMode
004BE48C 77EF93A5 GDI32.GetBkColor
004BE490 77EFA197 GDI32.GetBitmapBits
004BE494 77EF5996 GDI32.GdiFlush
004BE498 77EFD422 GDI32.ExtTextOutA
004BE49C 77EF7884 GDI32.ExtSelectClipRgn
004BE4A0 77F019F8 GDI32.ExtCreatePen
004BE4A4 77EF9536 GDI32.ExcludeClipRect
004BE4A8 77F0C48F GDI32.Ellipse
004BE4AC 77EF6C0A GDI32.DeleteObject
004BE4B0 77EFFE86 GDI32.DeleteEnhMetaFile
004BE4B4 77EF6E6F GDI32.DeleteDC
004BE4B8 77EF61B5 GDI32.CreateSolidBrush
004BE4BC 77EF7796 GDI32.CreateRectRgn
004BE4C0 77EFA1FB GDI32.CreatePolygonRgn
004BE4C4 77F04072 GDI32.CreatePenIndirect
004BE4C8 77EFB1F1 GDI32.CreatePalette
004BE4CC 77EFB2DD GDI32.CreateHalftonePalette
004BE4D0 77EFE2E3 GDI32.CreateFontIndirectA
004BE4D4 77EFA905 GDI32.CreateDIBitmap
004BE4D8 77EF9219 GDI32.CreateDIBSection
004BE4DC 77EF5FF0 GDI32.CreateCompatibleDC
004BE4E0 77EF701A GDI32.CreateCompatibleBitmap
004BE4E4 77EFD991 GDI32.CreateBrushIndirect
004BE4E8 77EF61FF GDI32.CreateBitmap
004BE4EC 77F074EA GDI32.CopyEnhMetaFileA
004BE4F0 77EF6F89 GDI32.BitBlt
004BE4F4 77F24308 GDI32.Arc
004BE4F8 00000000
004BE4FC 77D1FF33 user32.CreateWindowExA
004BE500 77D1BD8E user32.WindowFromPoint
004BE504 77D3EE25 user32.WinHelpA
004BE508 77D1940C user32.WaitMessage
004BE50C 77D1D7F9 user32.UpdateWindow
004BE510 77D21656 user32.UnregisterClassA
004BE514 77D1F21E user32.UnhookWindowsHookEx
004BE518 77D18BF6 user32.TranslateMessage
004BE51C 77D2FAEF user32.TranslateMDISysAccel
004BE520 77D650EE user32.TrackPopupMenu
004BE524 77D20762 user32.SystemParametersInfoA
004BE528 77D1D8A4 user32.ShowWindow
004BE52C 77D2F2B3 user32.ShowScrollBar
004BE530 77D55F86 user32.ShowOwnedPopups
004BE534 77D2FA2E user32.ShowCursor
004BE538 77D311D1 user32.SetWindowsHookExA
004BE53C 77D2F52B user32.SetWindowTextA
004BE540 77D1C01B user32.SetWindowPos
004BE544 77D2D84C user32.SetWindowPlacement
004BE548 77D1D60D user32.SetWindowLongA
004BE54C 77D18C2E user32.SetTimer
004BE550 77D2F95B user32.SetScrollRange
004BE554 77D2F710 user32.SetScrollPos
004BE558 77D19056 user32.SetScrollInfo
004BE55C 77D1B5C6 user32.SetRect
004BE560 77D2FFC0 user32.SetPropA
004BE564 77D1DCD2 user32.SetParent
004BE568 77D6AC36 user32.SetMenuItemInfoA
004BE56C 77D4F196 user32.SetMenu
004BE570 77D23D4D user32.SetForegroundWindow
004BE574 77D1DA60 user32.SetFocus
004BE578 77D1BF58 user32.SetCursor
004BE57C 77D30F5E user32.SetClipboardData
004BE580 77D2FE31 user32.SetClassLongA
004BE584 77D1D6CE user32.SetCapture
004BE588 77D23E85 user32.SetActiveWindow
004BE58C 77D2F383 user32.SendMessageA
004BE590 77D2FEF9 user32.ScrollWindow
004BE594 77D1BDC8 user32.ScreenToClient
004BE598 77D30054 user32.RemovePropA
004BE59C 77D28D3E user32.RemoveMenu
004BE5A0 77D1869D user32.ReleaseDC
004BE5A4 77D1D6EA user32.ReleaseCapture
004BE5A8 77D18E28 user32.RegisterWindowMessageA
004BE5AC 77D18E28 user32.RegisterWindowMessageA
004BE5B0 77D20A36 user32.RegisterClassA
004BE5B4 77D1BF6C user32.RedrawWindow
004BE5B8 77D1BD41 user32.PtInRect
004BE5BC 77D2E1D1 user32.PostQuitMessage
004BE5C0 77D1CB85 user32.PostMessageA
004BE5C4 77D1C96C user32.PeekMessageA
004BE5C8 77D30237 user32.OpenClipboard
004BE5CC 77D1B631 user32.OffsetRect
004BE5D0 77D30097 user32.OemToCharA
004BE5D4 77D5058A user32.MessageBoxA
004BE5D8 77D31F3B user32.MessageBeep
004BE5DC 77D1BB2F user32.MapWindowPoints
004BE5E0 77D2FEAA user32.MapVirtualKeyA
004BE5E4 77D2DFA8 user32.LoadStringA
004BE5E8 77D56002 user32.LoadKeyboardLayoutA
004BE5EC 77D208CE user32.LoadIconA
004BE5F0 77D1EF69 user32.LoadCursorA
004BE5F4 77D254F0 user32.LoadBitmapA
004BE5F8 77D18C42 user32.KillTimer
004BE5FC 77D1C2B2 user32.IsZoomed
004BE600 77D1C465 user32.IsWindowVisible
004BE604 77D1BDA2 user32.IsWindowEnabled
004BE608 77D1B933 user32.IsWindow
004BE60C 77D1BF26 user32.IsRectEmpty
004BE610 77D1BE27 user32.IsIconic
004BE614 77D3C651 user32.IsDialogMessageA
004BE618 77D1970E user32.IsChild
004BE61C 77D1B5F5 user32.InvalidateRect
004BE620 77D1B53F user32.IntersectRect
004BE624 77D4F4B0 user32.InsertMenuItemA
004BE628 77D3ECEE user32.InsertMenuA
004BE62C 77D1BEFD user32.InflateRect
004BE630 77D18A80 user32.GetWindowThreadProcessId
004BE634 77D3212B user32.GetWindowTextA
004BE638 77D1B6D4 user32.GetWindowRect
004BE63C 77D30387 user32.GetWindowPlacement
004BE640 77D1945D user32.GetWindowLongA
004BE644 77D19021 user32.GetWindowDC
004BE648 77D2F21C user32.GetTopWindow
004BE64C 77D18F9C user32.GetSystemMetrics
004BE650 77D1DB70 user32.GetSystemMenu
004BE654 77D18EAB user32.GetSysColorBrush
004BE658 77D18E78 user32.GetSysColor
004BE65C 77D20C8C user32.GetSubMenu
004BE660 77D2F747 user32.GetScrollRange
004BE664 77D2F6C4 user32.GetScrollPos
004BE668 77D20DA2 user32.GetScrollInfo
004BE66C 77D30002 user32.GetPropA
004BE670 77D1B72F user32.GetParent
004BE674 77D1BC7D user32.GetWindow
004BE678 77D4EFEE user32.GetMenuStringA
004BE67C 77D28F8F user32.GetMenuState
004BE680 77D21517 user32.GetMenuItemInfoA
004BE684 77D4EF68 user32.GetMenuItemID
004BE688 77D21386 user32.GetMenuItemCount
004BE68C 77D3147A user32.GetMenu
004BE690 77D3153A user32.GetLastActivePopup
004BE694 77D1EF29 user32.GetKeyboardState
004BE698 77D1C243 user32.GetKeyboardLayoutList
004BE69C 77D1C21E user32.GetKeyboardLayout
004BE6A0 77D1C505 user32.GetKeyState
004BE6A4 77D4F454 user32.GetKeyNameTextA
004BE6A8 77D1F052 user32.GetIconInfo
004BE6AC 77D1BE4B user32.GetForegroundWindow
004BE6B0 77D1BEF0 user32.GetFocus
004BE6B4 77D1EED5 user32.GetDesktopWindow
004BE6B8 77D1E875 user32.GetDCEx
004BE6BC 77D186C7 user32.GetDC
004BE6C0 77D1BD76 user32.GetCursorPos
004BE6C4 77D1D749 user32.GetCursor
004BE6C8 77D30D7A user32.GetClipboardData
004BE6CC 77D1B6AE user32.GetClientRect
004BE6D0 77D2F420 user32.GetClassNameA
004BE6D4 77D3EBC7 user32.GetClassInfoA
004BE6D8 77D194DA user32.GetCapture
004BE6DC 77D1D658 user32.GetActiveWindow
004BE6E0 77D2F8EA user32.FrameRect
004BE6E4 77D2DE87 user32.FindWindowA
004BE6E8 77D1C257 user32.FillRect
004BE6EC 77D1C4A9 user32.EqualRect
004BE6F0 77D1CD97 user32.EnumWindows
004BE6F4 77D2F4F9 user32.EnumThreadWindows
004BE6F8 77D1B61D user32.EndPaint
004BE6FC 77D1D8DB user32.EndDeferWindowPos
004BE700 77D1BE71 user32.EnableWindow
004BE704 77D67DDD user32.EnableScrollBar
004BE708 77D1F787 user32.EnableMenuItem
004BE70C 77D30D56 user32.EmptyClipboard
004BE710 77D3C6CA user32.DrawTextA
004BE714 77D4F43C user32.DrawMenuBar
004BE718 77D1EB4E user32.DrawIconEx
004BE71C 77D3D034 user32.DrawIcon
004BE720 77D3E907 user32.DrawFrameControl
004BE724 77D2F90F user32.DrawFocusRect
004BE728 77D2FBB6 user32.DrawEdge
004BE72C 77D196B8 user32.DispatchMessageA
004BE730 77D1DAEA user32.DestroyWindow
004BE734 77D1EFC8 user32.DestroyMenu
004BE738 77D1EF3D user32.DestroyIcon
004BE73C 77D1EF3D user32.DestroyIcon
004BE740 77D1FA55 user32.DeleteMenu
004BE744 77D1D929 user32.DeferWindowPos
004BE748 77D1D4EE user32.DefWindowProcA
004BE74C 77D4F754 user32.DefMDIChildProcA
004BE750 77D4F705 user32.DefFrameProcA
004BE754 77D28C29 user32.CreatePopupMenu
004BE758 77D2F2C7 user32.CreateMenu
004BE75C 77D56E8F user32.CreateIcon
004BE760 77D30225 user32.CloseClipboard
004BE764 77D1C188 user32.ClientToScreen
004BE768 77D31A7D user32.CheckMenuItem
004BE76C 77D1F642 user32.CallWindowProcA
004BE770 77D1F85B user32.CallNextHookEx
004BE774 77D1B609 user32.BeginPaint
004BE778 77D1D907 user32.BeginDeferWindowPos
004BE77C 77D2DF50 user32.CharNextA
004BE780 77D2E6F0 user32.CharLowerBuffA
004BE784 77D2E5C2 user32.CharLowerA
004BE788 77D1AE3F user32.CharUpperBuffA
004BE78C 77D1AEF1 user32.CharToOemA
004BE790 77D20272 user32.AdjustWindowRectEx
004BE794 77D2D32A user32.ActivateKeyboardLayout
004BE798 00000000
004BE79C 7C802442 kernel32.Sleep
004BE7A0 00000000
004BE7A4 7711C3A4 oleaut32.SafeArrayPtrOfIndex
004BE7A8 770F504F oleaut32.SafeArrayGetUBound
004BE7AC 770F509B oleaut32.SafeArrayGetLBound
004BE7B0 7711C2E9 oleaut32.SafeArrayCreate
004BE7B4 770F66D9 oleaut32.VariantChangeType
004BE7B8 7711D295 oleaut32.VariantCopy
004BE7BC 770F48C0 oleaut32.VariantClear
004BE7C0 770F4920 oleaut32.VariantInit
004BE7C4 00000000
004BE7C8 77195698 comctl32.ImageList_SetIconSize
004BE7CC 77195650 comctl32.ImageList_GetIconSize
004BE7D0 77195036 comctl32.ImageList_Write
004BE7D4 771989D9 comctl32.ImageList_Read
004BE7D8 77194E07 comctl32.ImageList_GetDragImage
004BE7DC 77194F63 comctl32.ImageList_DragShowNolock
004BE7E0 77194DB3 comctl32.ImageList_SetDragCursorImage
004BE7E4 77194F10 comctl32.ImageList_DragMove
004BE7E8 77194F3B comctl32.ImageList_DragLeave
004BE7EC 77194EE2 comctl32.ImageList_DragEnter
004BE7F0 77194E4C comctl32.ImageList_EndDrag
004BE7F4 77194E9A comctl32.ImageList_BeginDrag
004BE7F8 771955B7 comctl32.ImageList_GetIcon
004BE7FC 77195572 comctl32.ImageList_Remove
004BE800 771953B5 comctl32.ImageList_DrawEx
004BE804 77195323 comctl32.ImageList_Replace
004BE808 7719544D comctl32.ImageList_Draw
004BE80C 7719529A comctl32.ImageList_GetBkColor
004BE810 77195254 comctl32.ImageList_SetBkColor
004BE814 7719520D comctl32.ImageList_ReplaceIcon
004BE818 771951C6 comctl32.ImageList_Add
004BE81C 77195140 comctl32.ImageList_GetImageCount
004BE820 77195104 comctl32.ImageList_Destroy
004BE824 7719934B comctl32.ImageList_Create
004BE828 771FB5F9 comctl32.InitCommonControls
004BE82C 00000000
004BE830 72F77287 winspool.WritePrinter
004BE834 72F78367 winspool.StartPagePrinter
004BE838 72F841FB winspool.StartDocPrinterA
004BE83C 72F83AE1 winspool.SetPrinterA
004BE840 72F83767 winspool.OpenPrinterA
004BE844 72F859DE winspool.GetPrinterA
004BE848 72F7B051 winspool.EnumPrintersA
004BE84C 72F78043 winspool.EndPagePrinter
004BE850 72F774C8 winspool.EndDocPrinter
004BE854 72F75390 winspool.ClosePrinter
004BE858 00000000
004BE85C 7D5F0C79 shell32.Shell_NotifyIconA
004BE860 7D610EC0 shell32.ShellExecuteA
004BE864 00000000
004BE868 77DC3238 advapi32.StartServiceA
004BE86C 77DBB88C advapi32.OpenServiceA
004BE870 77DBADA7 advapi32.OpenSCManagerA
004BE874 77E07071 advapi32.CreateServiceA
004BE878 77DB5E4D advapi32.CloseServiceHandle
CTRL+B:89 45 F0 B8 00 07 00 00
这个CALL改
CALL 00E8254C
jmp 01640037
01640000 BA 00104000 MOV EDX,ssc_serv.<模块入口点>
01640005 803A E8 CMP BYTE PTR DS:[EDX],0E8
01640008 75 12 JNZ SHORT 0164001C
0164000A 8B42 01 MOV EAX,DWORD PTR DS:[EDX+1]
0164000D 03C2 ADD EAX,EDX
0164000F 83C0 05 ADD EAX,5
01640012 3D 00000F01 CMP EAX,10F0000 ; 处理变型CALL
01640017 75 03 JNZ SHORT 0164001C
01640019 EB 0C JMP SHORT 01640027
0164001B 90 NOP
0164001C 42 INC EDX
0164001D 81FA 00204B00 CMP EDX,4B2000 ; 数据段地址
01640023 ^ 72 E0 JB SHORT 01640005
01640025 - EB FE JMP SHORT 01640025
01640027 8915 00016401 MOV DWORD PTR DS:[1640100],EDX
0164002D 60 PUSHAD
0164002E FFE2 JMP EDX
01640030 90 NOP
01640031 90 NOP
01640032 90 NOP
01640033 90 NOP
01640034 90 NOP
01640035 90 NOP
01640036 90 NOP
01640037 60 PUSHAD
01640038 B8 54E14B00 MOV EAX,4BE154
0164003D 90 NOP
0164003E 3910 CMP DWORD PTR DS:[EAX],EDX
01640040 75 20 JNZ SHORT 01640062
01640042 8B0D 00016401 MOV ECX,DWORD PTR DS:[1640100]
01640048 C701 FF250000 MOV DWORD PTR DS:[ECX],25FF
0164004E 8941 02 MOV DWORD PTR DS:[ECX+2],EAX
01640051 61 POPAD
01640052 90 NOP
01640053 8B15 00016401 MOV EDX,DWORD PTR DS:[1640100]
01640059 90 NOP
0164005A 90 NOP
0164005B 90 NOP
0164005C ^ EB BE JMP SHORT 0164001C
0164005E 90 NOP
0164005F 90 NOP
01640060 90 NOP
01640061 90 NOP
01640062 83C0 04 ADD EAX,4
01640065 3D 78E84B00 CMP EAX,4BE878
0164006A ^ 7E D2 JLE SHORT 0164003E
0164006C ^ EB E3 JMP SHORT 01640051
BA 00 10 40 00 80 3A E8 75 12 8B 42 01 03 C2 83 C0 05 3D 00 00 0F 01 75 03 EB 0C 90 42 81 FA 00
20 4B 00 72 E0 EB FE 89 15 00 01 64 01 60 FF E2 90 90 90 90 90 90 90 60 B8 54 E1 4B 00 90 39 10
75 20 8B 0D 00 01 64 01 C7 01 FF 25 00 00 89 41 02 61 90 8B 15 00 01 64 01 90 90 90 EB BE 90 90
90 90 83 C0 04 3D 78 E8 4B 00 7E D2 EB E3
完毕后再F9
在最后一步请先打开LordPE与IR
请等待
你的机子配置高的话也无防
这里要耗很长时间。我的是本子不好意思
PATCH有错
OK了。拜拜,我是追杀
出错原因,OEP没填对。^_^再见 QQ交流群:8809635
动画请到:http://www.namipan.com/downfile/ ... e9813269bae36a6d200 下载
--------------------------------------------------------------------------------
【版权声明】: 转载请注明作者并保持文章的完整, 谢谢!
2008年04月26日 PM 01:47:46
[ 本帖最后由 enjon 于 2008-4-26 14:15 编辑 ] |
评分
-
查看全部评分
|
IP卡
发表于 2008-4-26 13:51:45
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2008-4-26 14:29:02
发表于 2008-4-26 14:40:55
发表于 2008-4-26 15:45:55
楼主
