-
-
北斗星数据压缩 2.3快速脱壳脚本
-
发表于: 2005-6-4 13:55
-
北斗星数据压缩 2.3快速脱壳脚本
/*
/////////////////////////////////////////////////////////////////////////////////////
北斗程序压缩2.3 OEP finder
Author : kyc[DFCG][CZG]
Email : muyang008@163.com
Homepage: ef2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4&6k6%4y4C8P5h3y4Q4x3X3f1#2x3g2)9J5k6h3&6W2N6l9`.`.
OS : Win2003 ,OllyDbg 1.1c,OllyScript v0.92
Date : 2005-06-04
Config : Exceptions:uncheck all. you don't need to hide the DeBugger,i'll do for u!
Note : If you have one or more question, email me please,thank you!
//////////////////////////////////////////////////////////////////////////////////////
*/
var KYC
var addr
lblset:
cmp $VERSION, "0.9"
ja start
msgyn "Your ollyscript is too old,maybe have something wrong,Continue?"
cmp $RESULT,0
je end
jmp start
start:
dbh
gpa "GetVersion", "KERNEL32.dll"
mov addr,$RESULT //API断点GetVersion
bp addr
run
bc addr //Clear break point //取消断点
rtu //Alt+F9
jmp lblend
lblend:
cmt eip, "OEP 请看上面!"
sub eip,2c
cmt eip, "here is the OEP 北斗程序压缩2.3 -> SteelBytes!"
msg "Script by kyc[DFCG][CZG],Thank you for using my Scripts!"
jmp end
end:
ret
附件:nSpack2.3.rar
/*
/////////////////////////////////////////////////////////////////////////////////////
北斗程序压缩2.3 OEP finder
Author : kyc[DFCG][CZG]
Email : muyang008@163.com
Homepage: ef2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4&6k6%4y4C8P5h3y4Q4x3X3f1#2x3g2)9J5k6h3&6W2N6l9`.`.
OS : Win2003 ,OllyDbg 1.1c,OllyScript v0.92
Date : 2005-06-04
Config : Exceptions:uncheck all. you don't need to hide the DeBugger,i'll do for u!
Note : If you have one or more question, email me please,thank you!
//////////////////////////////////////////////////////////////////////////////////////
*/
var KYC
var addr
lblset:
cmp $VERSION, "0.9"
ja start
msgyn "Your ollyscript is too old,maybe have something wrong,Continue?"
cmp $RESULT,0
je end
jmp start
start:
dbh
gpa "GetVersion", "KERNEL32.dll"
mov addr,$RESULT //API断点GetVersion
bp addr
run
bc addr //Clear break point //取消断点
rtu //Alt+F9
jmp lblend
lblend:
cmt eip, "OEP 请看上面!"
sub eip,2c
cmt eip, "here is the OEP 北斗程序压缩2.3 -> SteelBytes!"
msg "Script by kyc[DFCG][CZG],Thank you for using my Scripts!"
jmp end
end:
ret
附件:nSpack2.3.rar
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
