自己用sysent实现openprocess返回3e6是什么错误啊,哪位大神告诉我啊
.386
.model flat, stdcall
option casemap :none
include windows.inc
include user32.inc
includelib user32.lib
include kernel32.inc
includelib kernel32.lib
.data?
lpLoadLibrary dd ?
lpGetProcAddress dd ?
lpGetModuleHandle dd ?
dwProcessID dd ?
dwThreadID dd ?
hProcess dd ?
lpRemoteCode dd ?
hd1 dd ?
.const
szErrOpen db '无法打开远程线程!',0
szDesktopClass db 'Progman',0
szDesktopWindow db 'My first Window !',0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_openprc proc @4,@2,@3
sub esp,20h
mov eax,dword ptr [ebp+10h]
mov dword ptr [ebp-8h],eax
mov eax,dword ptr [ebp+0Ch]
push esi
xor esi,esi
neg eax
sbb eax,eax
and eax,00000002
mov dword ptr [ebp-14h],eax
lea eax,[ebp-8h]
push eax
lea eax,[ebp-20h]
push eax
push dword ptr [ebp+8h]
lea eax,[ebp+10h]
push eax
mov dword ptr [ebp-4h],esi
mov dword ptr [ebp-20h],18h
mov dword ptr [ebp-1Ch],esi
mov dword ptr [ebp-18h],esi
mov dword ptr [ebp-10h],esi
mov dword ptr [ebp-0Ch],esi
push @1
mov edx,esp
mov eax,7Ah
db 0fh
db 34h
@1:
pop esi
mov eax,dword ptr [ebp+10h]
leave
ret 10h
_openprc endp
start:
invoke FindWindow,NULL,addr szDesktopWindow
invoke GetWindowThreadProcessId,eax,addr hd1
push hd1
push 0
push 1ff0fffh
call _openprc
.if !eax
mov hd1,eax
invoke TerminateProcess,hd1,0
invoke CloseHandle,hd1
.else
invoke MessageBox,NULL,addr szErrOpen,NULL,MB_OK or MB_ICONWARNING
.endif
invoke ExitProcess,NULL
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start
代码 开始都是自己写不行又照抄的还是一样的错误 sysent返回eax应该是0但是老是返回c0000005
[培训]科锐逆向工程师培训第53期2025年7月8日开班!
