PCDVD¼Æ¦ì¬ì§Þ°Q½×°Ï
PCDVD¼Æ¦ì¬ì§Þ°Q½×°Ï   µù¥U ±`¨£°ÝÃD ¼Ð°O°Q½×°Ï¬°¤wŪ

¦^¨ì   PCDVD¼Æ¦ì¬ì§Þ°Q½×°Ï > ¨ä¥L¸s²Õ > ¤C¼L¤K¦Þ²§¨¥°ó
­«·s¸ü¤J¦¹­¶ ½Ð±Ð¤@­ÓVC++ªº°ÝÃD
±b¤á
±K½X
 

 
²Ä2­¶ ¦@2­¶ ¤W¤@­¶ 1 2
¦^À³
 
¥DÃD¤u¨ã
wkm
Senior Member
 

¥[¤J¤é´Á: May 2002
¤å³¹: 1,128
ª½±µ§ï½sĶ«áªºexe·|¤£·|¤ñ¸û²³æ?
     
      
__________________
¬°¤F¨ê¦s¦b·P¡A­n·Q³o»ò¦h¼o¤å¥X¨Óµo¡A§Ú¯u¬OªA¤F§A¡C
ÂÂ 2021-03-23, 09:14 PM #11
¦^À³®É¤Þ¥Î¦¹¤å³¹
wkmÂ÷½u¤¤  
¦Bªº°ÕÅ]¤ý¤j¤H
Senior Member
 
¦Bªº°ÕÅ]¤ý¤j¤Hªº¤jÀY·Ó
 

¥[¤J¤é´Á: Apr 2017
±zªº¦í§}: (¢£-_-)¢£ ~ ùäùä
¤å³¹: 1,428
...
·Qª¾¹D³Ì«á«ç»ò©Þ?
§óµy¦­ªº¾ã¬qc§ï¦¨asm ?
.
 
__________________
------------------------------------------------------
³o´N¬O Elon Musk Ãö°±USAIDªº¯u¬Û:


COVID-19¬O¬ü°êUSAID³yªº¥Íª«ªZ¾¹ !!!

¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ¢æ
(Youtube¼v¤ù)§¹³J¤F¨S·dÀY¤F ³£¸Ó©Ç¦ò©_¦h¸Ü
---¦ò©_ªº¼v¤ù³ºµM³Q©Þ±¼? ¤F¸É¤W ¿ûÅK¤Hªº "DOGE" ¤£¿ù¬Ý!

1

2

3

¦¹¤å³¹©ó 2021-03-23 09:27 PM ³Q ¦Bªº°ÕÅ]¤ý¤j¤H ½s¿è.
ÂÂ 2021-03-23, 09:23 PM #12
¦^À³®É¤Þ¥Î¦¹¤å³¹
¦Bªº°ÕÅ]¤ý¤j¤HÂ÷½u¤¤  
chou124
New Member
 

¥[¤J¤é´Á: Jun 2008
¤å³¹: 3
§ï¦¨³o¼Ë¡A¨Ã¥Îrelease mode½sĶ¬Ý¬Ý
void __stdcall Fun()
ÂÂ 2021-03-23, 11:12 PM #13
¦^À³®É¤Þ¥Î¦¹¤å³¹
chou124Â÷½u¤¤  
©_¤ì©Ô
*°±Åv¤¤*
 
©_¤ì©Ôªº¤jÀY·Ó
 

¥[¤J¤é´Á: Sep 2020
¤å³¹: 7
¤Þ¥Î:
§@ªÌchou124
§ï¦¨³o¼Ë¡A¨Ã¥Îrelease mode½sĶ¬Ý¬Ý
void __stdcall Fun()


³o¼Ë´N¦³¿ìªk³B²z¤F...

Debug:
¥N½X:
void Fun()
1000100A      E9 51000000         jmp 10001060 (¸õ¨ìFUN)
....
10001060      55                  push ebp
10001061      8BEC                mov ebp,esp
10001063      83EC 40             sub esp,0x40
10001066      53                  push ebx
10001067      56                  push esi
10001068      57                  push edi
10001069      8D7D C0             lea edi,dword ptr ss:[ebp-0x40]
1000106C      B9 10000000         mov ecx,0x10
10001071      B8 CCCCCCCC         mov eax,0xCCCCCCCC
10001076      F3:AB               rep stos dword ptr es:[edi]
10001078      81F9 00400000       cmp ecx,0x4000                                  ;  ASM ¶}©l³B
1000107E      0F85 B9000000       jnz 1000113D
10001084      6A 1E               push 0x1E
10001086      68 0CDE0210         push Trinity.1002DE0C                           ;  ASCII "RANDOM_PORTAL_TRINITY_Tutorial"
1000108B      8D4D E0             lea ecx,dword ptr ss:[ebp-0x20]
1000108E      C705 B0FA0210 E0404 mov dword ptr ds:[0x1002FAB0],0x4040E0
10001098      FF15 B0FA0210       call dword ptr ds:[0x1002FAB0]


(DWORD)FUN ªº¦ì¸m·|¦b 0x1000100A jmp «ü¥O¤W­±¡A¦Ó¥B¶}³õ Push ¥N½X ¤ñ¸û¦h, ªø«×©T©w¬O 0x18 byte¡C

Release:
¥N½X:
void Fun()
10001000      55                  push ebp
10001001      8BEC                mov ebp,esp
10001003      53                  push ebx
10001004      56                  push esi
10001005      57                  push edi
10001006      81F9 00400000       cmp ecx,0x4000                                  ;  ASM ¶}©l³B
1000100C      0F85 B9000000       jnz Trinity.100010CB
10001012      6A 1E               push 0x1E
10001014      68 FC720010         push Trinity.100072FC                           ;  ASCII "RANDOM_PORTAL_TRINITY_Tutorial"
10001019      8D4D E0             lea ecx,dword ptr ss:[ebp-0x20]
1000101C      C705 40780010 E0404>mov dword ptr ds:[0x10007840],0x4040E0
10001026      FF15 40780010       call dword ptr ds:[0x10007840]

(DWORD)FUN ª½±µ´N¦b 0x10001000 ¨S¦³ jmp ¸õ¨ì FUN¡A¦Ó¥B¶}³õ Push ¥N½X ¤ñ¸û¤Ö¡Aªø«×©T©w 6 byte¡C

©Ò¥H§Ú²{¦bHook¼gªk§ï¦¨¡G

¥N½X:
SIZE = 5;
Target_Address = 0x006A7871;
Proc_Address = (DWORD)Fun + 6;

// ­pºâ¸õÂà¶ZÂ÷
Distance = ((DWORD)Proc_Address - (DWORD)Target_Address - SIZE);


(DWORD)Fun + ¤W 6 byte ¥h­pºâJMP¶ZÂ÷¡A Hook ¦n´Nª½±µ¬O§Ú­nªºASM¶}©l³¡¥÷¡AµM«á¥Î Release ¼Ò¦¡½sĶ´N§¹¤u¤F¡C

¥t¥~§Ú·Q½Ð±Ð¡AVC++ 6.0 ­n«ç»ò¼Ë¤~¯à¥Î uint8_t uint16_t uint32_t .... ¥h©w¸qªø«×
¹w³]¥u¯à¥Î char short int ... §Ú¥Îuint8_t int8_t ¤ñ¸û²ßºD¡C
¬O¤Ö¤F Header ¨S¥[¶Ü¡H

§Ú¥Îªº¬O VC++ 6.0 §K¦w¸Ëª©¡C
¦¹¤å³¹©ó 2021-03-24 08:24 AM ³Q ©_¤ì©Ô ½s¿è.
ÂÂ 2021-03-24, 08:20 AM #14
¦^À³®É¤Þ¥Î¦¹¤å³¹
©_¤ì©ÔÂ÷½u¤¤  
X_Tiger
Major Member
 
X_Tigerªº¤jÀY·Ó
 

¥[¤J¤é´Á: Jul 2000
±zªº¦í§}: ·s¥_¥«¤g«°°Ï
¤å³¹: 200
¤Þ¥Î:
§@ªÌ©_¤ì©Ô
uint8_t uint16_t uint32_t


typedef unsigned char uint8_t;
typedef unsigned short int uint16_t;
typedef unsigned int uint32_t;

§AÁÙ¥²¶·ª`·Nªº§A½sĶ¾¹¬O 32 ÁÙ¬O 64 ¦ì¤¸ªº¡A¤£µM¦³¨Ç¹w³] int ¬O 64bits

¦ý¬O§A¥Î VC6 °ò¥»¤W¨S³o­Ó°ÝÃD
__________________
......
ÂÂ 2021-03-25, 09:05 AM #15
¦^À³®É¤Þ¥Î¦¹¤å³¹
X_TigerÂ÷½u¤¤  
©_¤ì©Ô
*°±Åv¤¤*
 
©_¤ì©Ôªº¤jÀY·Ó
 

¥[¤J¤é´Á: Sep 2020
¤å³¹: 7
¤Þ¥Î:
§@ªÌX_Tiger
typedef unsigned char uint8_t;
typedef unsigned short int uint16_t;
typedef unsigned int uint32_t;

§AÁÙ¥²¶·ª`·Nªº§A½sĶ¾¹¬O 32 ÁÙ¬O 64 ¦ì¤¸ªº¡A¤£µM¦³¨Ç¹w³] int ¬O 64bits

¦ý¬O§A¥Î VC6 °ò¥»¤W¨S³o­Ó°ÝÃD


³o­Ó­n¦Û¤v¥[¶i¥hªü VC6 ¥»¨­¤£¤ä´© int uint ©w¸qªø«×´N¹ï¤F ?
¦¹¤å³¹©ó 2021-03-25 12:12 PM ³Q ©_¤ì©Ô ½s¿è.
ÂÂ 2021-03-25, 12:09 PM #16
¦^À³®É¤Þ¥Î¦¹¤å³¹
©_¤ì©ÔÂ÷½u¤¤  
X_Tiger
Major Member
 
X_Tigerªº¤jÀY·Ó
 

¥[¤J¤é´Á: Jul 2000
±zªº¦í§}: ·s¥_¥«¤g«°°Ï
¤å³¹: 200
¤Þ¥Î:
§@ªÌ©_¤ì©Ô
³o­Ó­n¦Û¤v¥[¶i¥hªü VC6 ¥»¨­¤£¤ä´© int uint ©w¸qªø«×´N¹ï¤F ?


VC6 ¥u¦³ int ¨S¦³ uint

´N¦Û¤v©ñ¦b header file ´N¦n
__________________
......
ÂÂ 2021-03-25, 12:16 PM #17
¦^À³®É¤Þ¥Î¦¹¤å³¹
X_TigerÂ÷½u¤¤  


 
²Ä2­¶ ¦@2­¶ ¤W¤@­¶ 1 2
  ¦^À³

« ¤W¤@¥DÃD | ¤U¤@¥DÃD »

POPIN
¥DÃD¤u¨ã

µoªí¤å³¹³W«h
±z¤£¥i¥Hµo°_·s¥DÃD
±z¤£¥i¥H¦^À³¥DÃD
±z¤£¥i¥H¤W¶Çªþ¥[ÀÉ®×
±z¤£¥i¥H½s¿è±zªº¤å³¹
vB ¥N½X¥´¶}
[IMG]¥N½X¥´¶}
HTML¥N½XÃö³¬



©Ò¦³ªº®É¶¡§¡¬°GMT +8¡C ²{¦bªº®É¶¡¬O02:06 PM.

Ápµ¸§Ú­Ì - PCDVD¼Æ¦ì¬ì§Þ°Q½×°Ï - ¦^¨ì³»ºÝ

vBulletin Version 3.0.1
powered_by_vbulletin 2025¡C