ESP定律脱壳脚本
程序员文章站
2022-04-06 23:28:59
https://riusksk.blogbus.com/logs/38349396.html
var addr &n...
https://riusksk.blogbus.com/logs/38349396.html
var addr //声明变量
sto //F8单步
sto //F8单步
mov addr,esp //赋值操作
bphws addr,"r" //下断 hr esp
run //F9运行
bphwc addr //删除断点
sto //F8单步
sto //F8单步
cmt eip, "OEP地址! " //添加注释
ret //结束