- 注册时间
- 2011-7-29
- 最后登录
- 1970-1-1
该用户从未签到
|
发表于 2014-7-14 12:42:41
|
显示全部楼层
回复 1# 路飞
alloc(originalcall0,2048) //2kb should be enough
label(returnhere0)
6D904B14:
dd originalcall0
originalcall0:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere0
6CFCA064:
jmp 6D8F2070
returnhere0:
alloc(originalcall1,2048) //2kb should be enough
label(returnhere1)
6D904B10:
dd originalcall1
originalcall1:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere1
6CFDF251:
jmp 6D8F2030
returnhere1:
alloc(originalcall3,2048) //2kb should be enough
label(returnhere3)
6D904B18:
dd originalcall3
originalcall3:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere3
6CFA8DE0:
jmp 6D8F1E30
returnhere3:
alloc(originalcall4,2048) //2kb should be enough
label(returnhere4)
6D904B1C:
dd originalcall4
originalcall4:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere4
6CFAB6B1:
jmp 6D8F1E80
returnhere4:
alloc(originalcall5,2048) //2kb should be enough
label(returnhere5)
6D904B20:
dd originalcall5
originalcall5:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere5
6CFCE894:
jmp 6D8F1EE0
returnhere5:
alloc(originalcall6,2048) //2kb should be enough
label(returnhere6)
6D904B24:
dd originalcall6
originalcall6:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere6
6D07CA36:
jmp 6D8F1F30
returnhere6:
alloc(originalcall7,2048) //2kb should be enough
label(returnhere7)
6D904B28:
dd originalcall7
originalcall7:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere7
6D07C4E8:
jmp 6D8F1F90
returnhere7:
alloc(originalcall8,2048) //2kb should be enough
label(returnhere8)
6D904B2C:
dd originalcall8
originalcall8:
mov edi,edi
push ebp
mov ebp,esp
jmp returnhere8
6D07C78F:
jmp 6D8F1FE0
returnhere8:
alloc(originalcall14,2048) //2kb should be enough
label(returnhere14)
6D904B44:
dd originalcall14
originalcall14:
mov edx,[esp+04]
lea eax,[edx-2C]
jmp returnhere14
6D2D6490:
jmp 6D8F23C0
nop
nop
returnhere14:
alloc(originalcall15,2048) //2kb should be enough
label(returnhere15)
6D904B48:
dd originalcall15
originalcall15:
mov edx,[esp+04]
lea eax,[edx-2C]
jmp returnhere15
6D2D6500:
jmp 6D8F2410
nop
nop
returnhere15:
alloc(originalcall16,2048) //2kb should be enough
label(returnhere16)
6D904B4C:
dd originalcall16
originalcall16:
mov edx,[esp+04]
lea eax,[edx-2C]
jmp returnhere16
6D2D69B0:
jmp 6D8F2460
nop
nop
returnhere16:
alloc(originalcall17,2048) //2kb should be enough
label(returnhere17)
6D904B50:
dd originalcall17
originalcall17:
mov edx,[esp+04]
lea eax,[edx-2C]
jmp returnhere17
6D2D6A30:
jmp 6D8F24B0
nop
nop
returnhere17:
alloc(originalcall18,2048) //2kb should be enough
label(returnhere18)
6D904B54:
dd originalcall18
originalcall18:
mov edx,[esp+04]
lea eax,[edx-2C]
jmp returnhere18
6D2D7160:
jmp 6D8F2500
nop
nop
returnhere18: |
|