久久SE精品一区二区,色偷偷偷久久伊人大杳蕉,欧美精品一区二区久久

½IÞZ¸çš„é±¼” åšå®¢åQŒå‡ºå¤?a >http://airfish.blog.51cto.com/358752/264819

˜q‘æœŸç”×ƒºŽä¸€ä¸ªé¡¹ç›®çš„éœ€è¦ï¼Œæˆ‘åˆæ¥æŽ¥è§¦äº†exe½E‹åºåæ±‡¾~–ã€‚æŠ˜è…¾äº†å¥½å‡ å¤©ç»ˆäºŽè§åˆîCº†é‚£ä¸ª½E‹åºä¸æ€¥éœ€çš„ç®—æ³•çš„çœŸé¢ç›®äº†ã€‚å›ž™å¾æ•´ä¸ªè¿‡½E‹ï¼Œž®æœ‰æ„Ÿæ‚Ÿã€‚äØ“è®°å¿µåˆè¯†½E‹åºåæ±‡¾~–çš„å¿ƒèµ\åŽ†ç¨‹åQŒç‰¹è®°å½•ä¸‹å¯¹½E‹åºåæ±‡¾~–è¿‡½E‹çš„¾_—æµ…æ„Ÿå—ã€?/font>

ä¸€ã€å·¥ä½œçŽ¯å¢ƒï¼š
ã€€ã€€1ã€?/span>æŸ¥å£³å·¥å…·åQ?span>PEiDåQˆç”¨äºŽåˆæ¥ç¡®å®?span>exe½E‹åºæ˜¯å¦åŠ å£³ä»¥åŠä½¿ç”¨ä½•ç§å¼€å‘èÊYä»¶ç¼–å†™ï¼‰åQ?/font>
ã€€ã€€2ã€?/span>åç¼–è¯‘å·¥å…øP¼šDeDeåQˆç»˜q‡æŸ¥å£›_·¥å…äh£€æŸ¥ï¼Œž®†è¦è¢«åæ±‡ç¼–çš„ç¨‹åºæ˜¯ç”?span>“BorlandC++ 1999”¾~–å†™çš„ï¼Œæ‰€ä»¥é€‰ç”¨ä¸“é—¨åç¼–è¯?span>Delphi½E‹åºçš?span>DeDeåQ›ç”¨äºŽåˆæ¥ç¡®å®šç¨‹åºæ¨¡å—ã€å‡½æ•°æ–¹æ³•åˆ’åˆ†å¯¹åº?span>exe½E‹åºç›¸åº”æ±‡ç¼–æŒ‡ä×oåœ°å€çš„ä½¾|®ï¼‰åQ?/font>
ã€€ã€€3ã€?/span>åæ±‡¾~–åŠ¨æ€è°ƒè¯•å·¥å…øP¼šOllyICEåQˆå³åQ?span>ODåQ›ç”¨äºŽåŠ¨æ€åæ±‡ç¼–è°ƒè¯•½E‹åºçš„ç›¸å…³ä»£ç é€»è¾‘åQ‰ï¼›
ã€€ã€€4ã€?/span>å¼€å‘çŽ¯å¢ƒï¼šVS.NET 2005åQ?/font>
ã€€ã€€5ã€?/span>å…¶ä»–å·¥å…·åQ?span>EditPlusã€è®°äº‹æœ¬ã€è®¡½Ž—å™¨½{‰è‹¥òqÔŒ¼›

äºŒã€åŸº¼‹€çŸ¥è¯†åQ?/font>
ã€€ã€€1ã€?/span>æ±‡ç¼–½E‹åºè®¾è®¡åQšä¸»è¦æ·±å…¥äº†è§£ç¨‹åºæ•°æ®å˜æ”¾ã€å †æ ˆä‹Éç”¨ã€å½E‹åºè°ƒç”¨½{‰æŠ€å·§ï¼›ä¸åŒ¾cÕdž‹æ•°æ®çš„åœ°å€è·Œ™{è§„åˆ™åQˆä¸€èˆ¬éƒ½æ˜¯èŸ©è½¬è¯¥¾cÕdž‹é•¿åº¦ä¸ªä½¾|®ï¼‰åQ?/font>
ã€€ã€€2ã€?/span>c++½E‹åºè®¾è®¡åQšåŸºæœ¬è¯æ³•ç»“æž„ï¼›æŒ‡é’ˆã€æ•°æ®ç±»åž‹çš„ä½¿ç”¨å’ŒæŽ§åˆÓž¼›
ã€€ã€€3ã€?/span>ç›¸å…³å·¥å…·è½¯äšgçš„åŸºæœ¬ä‹Éç”¨æ–¹æ³•ï¼›

ä¸‰ã€å·¥ä½œè¿‡½E‹ï¼š
æˆ‘çš„åæ±‡¾~–å¤§æ¦‚è¿‡½E‹æ˜¯åQ?/font>
æŸ¥å£³->è„±å£³ã€åˆ¤æ–å¼€å‘ç¨‹åºä‹Éç”¨çš„çŽ¯å¢ƒ->åç¼–è¯?/span>->åˆæ¥å®šä½ä¸»è¦åŠŸèƒ½æ¨¡å—æˆ–å‡½æ•°çš„æ±‡ç¼–æŒ‡ä×oèµ·å§‹ã€ç»ˆæ¢åœ°å€->åæ±‡¾~–å‡†å¤?/span>->æŸ¥æ‰¾½E‹åºä¸çš„ç‰¹å¾å—ç¬¦ä¸²æˆ–ç‰¹å¾å€û|¼Œ˜q›ä¸€æ¥ç¡®å®šéœ€è¦åæ±‡ç¼–çš„ä»£ç é€»è¾‘çš„ä½¾|?span>->å¼€å§‹åæ±‡ç¼–è°ƒè¯•˜qè¡ŒåQŒåˆ†æžéœ€è¦åæ±‡ç¼–çš„ä»£ç é€»è¾‘çš„å…·ä½“è¿‡½E?span>->ž®†åˆ†æžå‡ºæ¥çš„é€»è¾‘‹¹ç¨‹ä½¿ç”¨c++è¯è¨€å®žçŽ°ã€?/font>

1ã€?nbsp;æŸ¥å£³åQ?/span>
˜qè¡ŒPeiDåQŒæ‰“å¼€è¦åæ±‡ç¼–çš?span>exe½E‹åºåQŒåœ¨˜q™é‡Œå§‘ä¸”¿UîC¹‹ä¸ºï¼štest.exeå§ã€?/font>
å¦‚ç¤ºæ„å›¾1åQ?span>

“å¤šé¡¹æ‰«æ”ä¸Šé¢é‚£è¡Œ“Microsoft Visual C++ 7.0 Dll Method 3”ž®±æ˜¯è¯¥ç¨‹åºçš„å¼€å‘çŽ¯å¢ƒäº†ã€?/font>
æŽ¥ä¸‹æ¥ç”µå‡Èª—å£å³ä¸‹è§’çš?span>“>>”æŒ‰é’®åQŒå†æ¥çœ‹çœ‹è¯¥½E‹åºæ˜¯å¦åŠ å£³åQŒå¦‚½Cºæ„å›?span>2åQ?/font>

åˆ†åˆ«ç‚¹å‡»“ç†µå€?span>”ã€?span>“EPæ ¡éªŒ”ã€?span>“å¿«é€Ÿæ ¡éª?span>”˜q™ä¸‰è¡Œæœ€å³ä¾§çš?span>“-”æŒ‰é’®åQŒå°±å¯ä»¥çœ‹åˆ°æ˜¯å¦åŠ å£³çš„æ½CÞZº†ã€?/font>
å“ˆå“ˆåQ?span>test.exe½E‹åºå¤ªå¹²å‡€äº†ã€‚æ²¡æœ‰ä“Qä½•åŠ å£»I¼Œå¯ä»¥é€‰ç”¨ç›¸åº”çš„å¾~–è¯‘å·¥å…·˜q›è¡Œä¸‹ä¸€æ¥å•¦ã€?span> ^_^

2ã€?nbsp;åç¼–è¯‘ï¼š
“1ã€?span>”ä¸åªæ˜¯ç¤ºæ„å›¾åQŒæˆ‘å®žé™…åç¼–è¯‘çš„½E‹åºæ˜¯ç”±“BorlandC++ 1999”¾~–å†™çš„ï¼Œæ‰€ä»¥é€‰æ‹©DeDe 3.5ä½œäØ“åç¼–è¯‘å·¥å…øP¼›DeDe3.5çš„å…·ä½“ä‹Éç”¨æ–¹æ³•ï¼Œè¯¯‚‡ªè¡Œåœ¨¾|‘ä¸ŠæŸ¥é˜…ã€?/font>
½Cºæ„å›?span>3åQ?/font>

3ã€?nbsp;åˆæ¥å®šä½ä¸»è¦æ¨¡å—ã€å‡½æ•°å¯¹åº”çš„æ±‡ç¼–æŒ‡ä×oåœ°å€åQ?/font>
æ ÒŽ®åç¼–è¯‘å‡ºæ¥çš„éƒ¨åˆ†¾cÕd’Œæ–ÒŽ³•çš„ä»£ç æ¡†æžÓž¼Œ¼‹®å®šäº†ä¸¤¾l„å¯ç–‘çš„æ±‡ç¼–æŒ‡ä×oåœ°å€ŒDüc€?/font>
å¦‚ç¤ºæ„å›¾4åQ?/font>

æ³¨æ„é€‰æ‹©“˜q‡ç¨‹”æŒ‰é’®åQŒå¦‚ä¸Šå›¾æ‰€½Cºã€‚ç„¶åŽåŒå‡Õd³ä¸‹ä¾§åˆ—è¡¨ä¸çš„Button3ClickåQŒå°±å¯ä»¥æŸ¥çœ‹è¯¥æ–¹æ³•å¯¹åº”çš„å‡½æ•°ä½“äº†ã€‚å½“ç„Óž¼Œ˜q™æ ·çœ‹åˆ°çš„å‡½æ•îC½“ä¸ä¼šæ˜¯æˆ‘ä»¬ä¸€èˆ¬æ„ä¹‰ä¸Šçš„å‡½æ•îC½“åQŒè¿™å‡½æ•°ä½“åªæœ‰ä¸€ä¸ªæ¡†æž¶æ˜¯é«˜çñ”è¯è¨€çš„æ ·åï¼Œå‡½æ•°ä½“å†…éƒ¨éƒ½æ˜¯æ±‡¾~–ä»£ç ï¼Œä¸è¿‡˜q™å·²¾lèƒöå¤Ÿäº†åQŒåŽé¢æˆ‘ä»¬è¿˜è¦è¿›è¡Œè¯¦¾l†çš„åæ±‡¾~–è°ƒè¯•åˆ†æžå‘¢ã€‚å˜¿å˜Ñ€‚å‡½æ•îC½“½Cºæ„å›?span>5å¦‚ä¸‹åQ?/font>

å¥½ï¼Œè®îC¸‹˜q™æ®µå‡½æ•°çš„é¦–åœ°å€ã€å°¾åœ°å€åQŒå¼€å§‹å°è¯•åæ±‡ç¼–æ“ä½œã€?/font>

4ã€?nbsp;åæ±‡¾~–å‡†å¤‡ï¼š
ä½¿ç”¨ODåQ?span>OllyICEåQ‰æ‰“å¼€test.exe½E‹åºåQŒå¦‚½Cºæ„å›?span>6åQ?/font>

æ‰‘Öˆ°åˆšæ‰è®°å½•ä¸‹çš„é¦–åœ°å€ã€å°¾åœ°å€ã€‚å¦‚ä¸Šå›¾ä¸ä¸¤ä¸ªé»‘åœ†ç‚¹å¤„çš„¾U¢æ¡åQŒåˆ†åˆ«æ˜¯é¦–åœ°å€åQ?span>00401EC4ã€å°¾åœ°å€åQ?span>00401EF5ã€?/font>

5ã€?nbsp;åæ±‡¾~–è°ƒè¯•ï¼š
æ ÒŽ®æ¥éª¤4ä¸å®šä½çš„æ±‡ç¼–æŒ‡ä×oåœ°å€åQŒå†¾l“åˆ½Cºæ„å›?span>6ä¸?span>[ASCII”Hello OD”]ã€?span>[ASCII”this is OllyDbg DeAsm”]½{‰å…³é”®å—½W¦ä¸²åQŒè¿›è¡Œæ‰€æœ‰åŒ¹é…å—½W¦ä¸²çš„æ£€ç´¢ï¼Œž®±å¯ä»¥å¼€å§‹ä‹Éç”?span>OD˜q›è¡Œè°ƒè¯•äº†ã€‚å…·ä½“ä‹Éç”¨æ–¹æ³•è¯·å‚é˜…ODè‡ªå¸¦çš?span>helpæ–‡äšgã€?/font>
é€å¥åˆ†æžæ‰€éœ€éƒ¨åˆ†çš„æ±‡¾~–ä»£ç é€»è¾‘‹¹ç¨‹ã€‚å…¶é—´å¯ä»¥ç”¨å…¶ä»–ä¸€äº›è¾…åŠ©å·¥å…äh¥å¸®åŠ©è®°å½•åŠ¨æ€åˆ†æžè¿‡½E‹ä¸çš„æ•°å€ég¼ é€’è½¨˜q¹åŠå˜æ¢æ–ÒŽ³•ã€?/font>

6ã€?span> C++å®žçŽ°åQ?/font>

æ ÒŽ®åˆ†æžå‡ºçš„æ±‡ç¼–ä»£ç é€»è¾‘åQŒä‹Éç”?span>C++å®žçŽ°åŒæ ·çš„åŠŸèƒ½ã€?/font>

å¤‡æ³¨åQšåœ¨å®šä½åæ±‡¾~–æ‰€éœ€çš„ä»£ç ä½¾|®æ—¶åQŒé™¤äº†ä¸€äº?span>ASCIIå—ç¬¦ä¸²çš„å®šä½æ–ÒŽ³•åQŒè¿˜èƒ½é€šè¿‡½E‹åºä¸å£°æ˜Žçš„ä¸€äº›å¸¸é‡å—½W¦ä¸²ã€æ˜ ž®„æŽ§åˆ¶çŸ©é˜üc€è®¡æ•°å™¨½{‰å¸¸é‡æ¥˜q›è¡Œæ›´äØ“¾_„¡¡®çš„å®šä½ã€?/font>

ä»¥ä¸Šž®±æ˜¯æˆ‘åˆè¯†ç¨‹åºåæ±‡ç¼–ä¸»è¦˜q‡ç¨‹çš„è®°å½•ã€‚æ³¨æ„ï¼šç”×ƒºŽ“ä¿å¯†åè®®”çš„é™åˆÓž¼Œåœ¨æ¤ä¸ä¾¿˜q‡å¤šè®¨è®º™å¹ç›®ä»£ç ¾l†èŠ‚ã€‚è¿˜æœ›å¤§å®¶æ•¬è¯·åŽŸè°…ã€‚å†™çš„å¾ˆ¾_—æµ…åQŒå¸Œæœ›æœ‰åæ±‡¾~–ç»éªŒçš„å‰è¾ˆä¸åæŒ‡æ•™åQŒåœ¨æ¤ï¼Œå…ˆè°¢˜q‡å•¦ã€‚å“ˆå“?^_^

è·¯é’é£?/a> 2010-08-11 10:44 å‘è¡¨è¯„è®º

]]>