msg "请设定忽略"整数除零"与"非法访问内存"以外的所有异常,另外:脚本执行需要一点时间,请耐心等候!!"
var addr
var iatstart
var iatlast
var iatrva
var iatsize
var counter
mov counter,11
dbh
lblesto:
cmp counter,0
je lblstart
esto
dec counter
jmp lblesto
lblstart:
mov $RESULT,[esp+4]
mov addr,$RESULT
bp addr
esto
bc addr
findop eip,#018FB8000000#
cmp $RESULT,0
je lblerr
mov addr,$RESULT
go addr
sti
mov $RESULT,[edi+b8]
mov addr,$RESULT
bp addr
esto
bc addr
lbliat:
find eip,#8919#
cmp $RESULT,0
je lblerr
mov addr,$RESULT
go addr
mov iatstart,ecx
mov iatlast,ecx
lbl0:
mov [addr],#8901#
sti
mov [addr],#8919#
cmp iatstart,ecx
ja lbliatstart
cmp iatlast,ecx
jb lbliatlast
lbliatover:
find eip,#0F8585FBFFFF#
cmp $RESULT,0
je lblerr
go $RESULT
sti
cmp eip,$RESULT
jb lbl2
find eip,#0F8451180000#
cmp $RESULT,0
je lblerr
go $RESULT
sti
cmp eip,$RESULT+6
je lbl2
jmp lblend
lbliatstart:
mov iatstart,ecx
jmp lbliatover
lbliatlast:
mov iatlast,ecx
jmp lbliatover
lbl2:
go addr
jmp lbl0
lblend:
mov addr,esp-18
bphws addr,"r"
esto
esto
esto
cgehex:
bphwc addr
findop eip,#c602e9#
cmp $RESULT,0
je lblerr
go $RESULT
mov addr,eip
mov [addr],#803E06772766817E0181F87425608BC78BFA2BC283E8058A06460FB6C883E003C1E902F3A58BC8F3A48A0661807E018D7503C602E98BC72BC283E805803AE975038942018A06460FB6C883E003C1E902F3A58BC8F3A48A064603D0C607E92BD783EA0589570183C7058BCA2BC803CF8039E974124B7405E97CFFFFFF5F8D4D662BCFF3AA61C3608BD103490183C105B8000000008BF903470283C706803FE975F5E98400000080790105742A8079010D742D8079011574308079011D74338079012574368079012D743C8079013574428079013D7448C602B889420161EB95C602B989420161EB8CC602BA89420161EB83C602BB89420161E977FFFFFF89420161E96EFFFFFFC602BD89420161E962FFFFFFC602BE89420161E956FFFFFFC602BF89420161E94AFFFFFF66813981F80F8571FFFFFFC6023D89420161E933FFFFFF#
findop eip,#c3#
cmp $RESULT,0
je lblerr
mov addr,$RESULT
bp addr
esto
bc addr
sti
lastesto:
esto
mov addr,[esp+4]
bp addr
esto
bc addr
findop eip,#8380B800000002#
cmp $RESULT,0
je lblerr
mov addr,$RESULT
go addr
sti
mov addr,[eax+b8]
bp addr
esto
bc addr