over 3 years ago

要開學了,所以隨手記錄一下,不知道有沒有用
我不是高手,我什麼都不會(攤
懇求大大分享教學<(_ _)>

Game.bin+F25E6 - 8B 46 0C              - mov eax,[esi+0C]
Game.bin+F25E9 - 6A 00                 - push 00                           ; lpThreadId
Game.bin+F25EB - 6A 04                 - push 04                           ; dwCreationFlags
Game.bin+F25ED - 56                    - push esi                          ; lpParameter
Game.bin+F25EE - 68 10244F00           - push Game.bin+F2410               ; lpStartAddress
Game.bin+F25F3 - 50                    - push eax                          ; dwStackSize
Game.bin+F25F4 - 6A 00                 - push 00                           ; lpThreadAttributes
Game.bin+F25F6 - FF 15 24C3F200        - call dword ptr [Game.bin+B2C324]  ; CreateThread
Game.bin+F25FC - 89 46 20              - mov [esi+20],eax
Game.bin+11948F - 6A 00                 - push 00                          ; lpThreadId
Game.bin+119491 - 89 4C 07 04           - mov [edi+eax+04],ecx
Game.bin+119495 - 8B 56 24              - mov edx,[esi+24]
Game.bin+119498 - 6A 00                 - push 00                          ; dwCreationFlags
Game.bin+11949A - 8D 04 17              - lea eax,[edi+edx]
Game.bin+11949D - 50                    - push eax                         ; lpParameter
Game.bin+11949E - 68 508F5100           - push Game.bin+118F50             ; lpStartAddress
Game.bin+1194A3 - 68 FFFF0000           - push 0000FFFF                    ; dwStackSize
Game.bin+1194A8 - 6A 00                 - push 00                          ; lpThreadAttributes
Game.bin+1194AA - 89 45 E4              - mov [ebp-1C],eax
Game.bin+1194AD - FF 15 24C3F200        - call dword ptr [Game.bin+B2C324] ; CreateThread
Game.bin+1194B3 - 8B 4D E4              - mov ecx,[ebp-1C]
Game.bin+2E6D2E - 89 46 04              - mov [esi+04],eax
Game.bin+2E6D31 - FF D7                 - call edi                         ; CreateEventA
Game.bin+2E6D33 - 53                    - push ebx                         ; lpThreadId
Game.bin+2E6D34 - 53                    - push ebx                         ; dwCreationFlags
Game.bin+2E6D35 - 56                    - push esi                         ; lpParameter
Game.bin+2E6D36 - 68 605C6E00           - push Game.bin+2E5C60             ; lpStartAddress
Game.bin+2E6D3B - 68 FFFF0000           - push 0000FFFF                    ; dwStackSize
Game.bin+2E6D40 - 53                    - push ebx                         ; lpThreadAttributes
Game.bin+2E6D41 - 89 46 08              - mov [esi+08],eax
Game.bin+2E6D44 - FF 15 24C3F200        - call dword ptr [Game.bin+B2C324] ; CreateThread
Game.bin+2E6D4A - 8B 4D F4              - mov ecx,[ebp-0C]
← 逆向工程 Proxifier的序號驗證 C++Builder Define DLL Export Function Names Using DEF File →
 
comments powered by Disqus