ExeCryptor 2.3x Bypass AntiDbg
data:var hInstance
var codeseg
var vmseg
var ep
var oep
var temp
code:
gpa "VirtualFree","kernel32.dll"
bphws $RESULT,"x"
run
bphwc $RESULT
rtu
gmi eip,MODULEBASE
mov hInstance,$RESULT
mov temp,$RESULT
add temp,3c
mov temp,
add temp,hInstance
add temp,28
mov temp,
add temp,hInstance
bc temp
mov ep,temp
gmemi eip,MEMORYBASE
mov codeseg,$RESULT
find $RESULT,#2ECC9D#
mov [$RESULT],#2ECC90#
gpa "EnumWindows","user32.dll"
mov [$RESULT],#8BC09C85C09D0578563412C20800#
gpa "CreateThread","kernel32.dll"
find $RESULT,#FF7518#
mov [$RESULT],#6A0490#
gpa "ZwCreateThread","ntdll.dll"
bp $RESULT
loop1:
run
cmp eip,$RESULT
jne loop1
bc $RESULT
bp ep
loop2:
run
cmp eip,ep
jne loop2
bc ep
mov temp,codeseg
sub temp,1
gmemi temp,MEMORYBASE
mov vmseg,$RESULT
gmemi temp,MEMORYSIZE
bprm vmseg,$RESULT
run
bpmc
mov oep,eax
sti
bprm oep,1
loop3:
run
cmp eip,oep
jne loop3
bpmc
ret 感谢人妖大妞分享这么多好脚本~ 谢谢淫荡H牛 :dizzy::L看不懂 ```` 对 2.4.1.0版本有效果不?=。=
页:
[1]