<TR>
                <td width="624" bgcolor="#CCCCCC">當前位置:<a href=../../index.htm>首頁</a>--><a href=../../artical/78/1.htm>黑客攻防</a>--><a href=../../artical/98/1.htm>黑客編程</a>-->顯示文章內容</td><td width="176" bgcolor="#CCCCCC"><span id="liveclock"></span></td>
 </TR></TBODY></TABLE>
<table width="800" height="406"  border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
  <tr>
    <td width="166" height="200" valign="top" scope="col"><table width="100%" height="163"  border="0" cellpadding="0" cellspacing="0">
      <tr>
        <td height="119" valign="top" scope="col"><table width="180" border="0" cellspacing="0" cellpadding="0" align="center">
  <form action="../../search.asp" method="post" name="searchLeftForm">
    <tr bgcolor="CAF6F4" align="center"> 
      <td height="25" bgcolor="#CC9900"><font color="#cc0000"><b>□ 
        站 內 搜 索 □</b></font></td>
    </tr>
    <tr align="center"> 
      <td style="line-height:150%" height=60> 請輸入查詢的字符串:<br>
        <input name="search" type="text" class="button1" id="search" style="width:150">
        <select name="seaguan" size="1" class="button1" id="seaguan" style="width:150">
          <option value="">==&gt; 綜合查詢 &lt;==</option>
          <option value="title">標題</option>
          <option value="weiyi75">作者</option>
          <option value="artical">內容</option>
          <%call getNewsBoardTree()%>
        </select>
      </td>
    </tr>
    <tr align="center"> 
      <td> 
    
        <input type="SUBMIT" name="Action" value=" 查 詢 " class="button2">
        <input type="RESET" name="Clear" value=" 重 寫 " class="button2">
      </td>
    </tr>
    <tr align="center"> 
      <td height="10"></td>
    </tr>
  </form>
</table></td>
      </tr>
	  <tr>
	    <td height="20"><table width="181" height="20" cellpadding="0" cellspacing="0">
	      <tr><td width="181" height="20" align="center" bgcolor="#CC9900">分類最新文章</td>
	      </tr>
		  <tr><td><a href=20054282302.htm target=_blank>ffffffffffffff</a></td></tr><tr><td><a href=20054123551.htm target=_blank>使用C語言編寫提取通用she</a></td></tr><tr><td><a href=200541232242.htm target=_blank>拋磚引玉之自己動手學寫腳本</a></td></tr><tr><td><a href=20053302254.htm target=_blank>Windows XP SP2</a></td></tr>
        </table></td>
	  </tr>
	  <tr>
	    <td height="20"><table width="181" height="20" cellpadding="0" cellspacing="0">
	      <tr><td width="181" height="20" align="center" bgcolor="#CC9900">分類熱門文章</td>
	      </tr>
		  <tr><td><a href=20053302254.htm target=_blank>Windows XP SP2</a></td></tr><tr><td><a href=20054123551.htm target=_blank>使用C語言編寫提取通用she</a></td></tr><tr><td><a href=20054282302.htm target=_blank>ffffffffffffff</a></td></tr><tr><td><a href=200541232242.htm target=_blank>拋磚引玉之自己動手學寫腳本</a></td></tr>
        </table></td>
	  </tr>
    </table></td>
    <td width="628" valign="top" scope="col"><table width="100%" border="0" align="center" cellspacing="0" cellpadding="5" bordercolordark="#FFFFFF" bordercolorlight="#000000" style="word-break:break-all;">
              <tr> 
                <td width="100%"> 

                </td>
              </tr>
              <tr> 
                <td width="100%"> 
                  <div align="center">
                    <p class="style7"><SPAN class=style1>拋磚引玉之自己動手學寫腳本</SPAN></p>
                    <hr size="1" color="#0a778b" width="100%">                    
                    發布時間：2005-4-1  被閱覽數：<SCRIPT src="../../counter.asp?id=499"></SCRIPT>  次 作者：weiyi75					
				  </div>
                </td>
              </tr>
           
              <tr> 
                <td width="100%"><p class="style6"><P>OllyScript 是 OllyDbg調試器的一個插件。我個人認為，OllyDbg是目前最好的程序級調試器。<BR><BR>這個調試器的最大的特色之一就是她的插件體系，這是使得用戶能夠更為有效的擴展她的功能。<BR><BR>OllyScript 是一種通過類匯編語言的腳本，來控制OllyDbg自動運行的插件。<BR><BR>在調試程序時，常常都是僅僅為了要找到某幾個關鍵點，而不得不做大量的重復工作。 <BR><BR>而通過使用我的腳本，您就可以做到"寫一次腳本，無限使用" [write a script once and for all]。<BR><BR>具備這么多好處，你是否心動。<BR><BR>另外腳本運行可以繞過部分變態殼的時間差反跟蹤。<BR><BR>國產腳本大量都是loveboom寫的，壟斷! 這可不行，^-^<BR><BR>一起來學寫吧，需要<A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>，<A href="http://hackbase.com/network/zs" target=_blank>知識</A>。<BR><BR><A href="http://hackbase.com/network/zs" target=_blank>知識</A>&nbsp;&nbsp;Ollydbg 操作等級3級以上，各種斷點，按鍵<A href="http://hackbase.com/network/zs" target=_blank>知識</A>。<BR><BR>&nbsp; &nbsp;&nbsp; &nbsp;初級匯編，初級高級語言<A href="http://hackbase.com/hacker/program" target=_blank>編程</A>經驗<BR><BR>&nbsp; &nbsp;&nbsp; &nbsp;首先寫腳本自己得會手動脫這個殼<BR><BR><A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>&nbsp;&nbsp;Ollydbg1.10,OllyScript 0.92&nbsp;&nbsp;Oscedit -&gt; Loveboom的作品，Dfcg高級脫殼區下載<BR><BR>本<A href="http://hackbase.com/flash" target=_blank>動畫</A>以北斗程序壓縮1.3脫殼-簡單 作例子。<BR><BR>北斗程序壓縮1.3脫殼-簡單 <BR><BR>【破解作者】 №微笑一刀<BR><BR>【作者郵箱】 保密<BR><BR>【作者主頁】 保密<BR><BR>【使用<A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>】 OD,IMPR<BR><BR>【破解平臺】 <A href="http://hackbase.com/skill/XP" target=_blank>XP</A> SP2<BR><BR>【<A href="http://down.hackbase.com/" target=_blank>軟件</A>名稱】 北斗程序壓縮1.3<BR><BR>【下載地址】 <A href="http://www.onlinedown.com/soft/36182.htm" target="<a">_</A>blank&gt;<FONT color=#003366>http://www.onlinedown.com/soft/36182.htm</FONT></A><BR><BR>【<A href="http://down.hackbase.com/" target=_blank>軟件</A>簡介】 首款國產Win32(Windows95/98/2000/NT/<A href="http://hackbase.com/skill/XP" target=_blank>XP</A>/2003)EXE、DLL、OCX等PE文件壓縮<A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>，通過壓縮<A href="http://hackbase.com/hacker" target=_blank>代碼</A>、數據、相關資源使壓縮能達到60-70%。特點:（1）、本<A href="http://down.hackbase.com/" target=_blank>軟件</A>采用當前世界頂級的壓縮算法，其極高的壓縮率和極快的解壓速度，極大減少可執行文件大小(壓縮比通常高于Aspack、UPX等同類<A href="http://down.hackbase.com/" target=_blank>軟件</A>). 壓縮/加密后的程序無性能損失, 經壓縮/加密的程序可以用其它第三方壓縮/加密<A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>再加密/壓縮. 在內存中解壓/解密,提高了程序的安全性,本程序支持用其它第三方<A href="http://down.hackbase.com/" target=_blank>軟件</A>壓縮/加密后的繼續壓縮/加密。（2）、能夠正確處理PE文件中的共享數據、Windows<A href="http://hackbase.com/skill/XP" target=_blank>XP</A>下的向量化異常(Vectored Exception Handling，VEH).（3）、界面簡潔易用，支持中英文切換、右鍵功能、命令行。<BR><BR>【<A href="http://down.hackbase.com/" target=_blank>軟件</A>大小】 173KB<BR><BR>【加殼方式】 nSpack 1.3<BR><BR>【破解聲明】 我是一只小菜鳥，偶得一點心得，愿與大家分享：）<BR><BR>--------------------------------------------------------------------------------<BR><BR>【破解內容】<BR><BR>載入目標以后停在這里<BR>00484375 &gt;&nbsp;&nbsp;9C&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;PUSHFD &lt;-這里<BR>00484376&nbsp; &nbsp; 60&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;PUSHAD <BR>00484377&nbsp; &nbsp; E8 00000000&nbsp; &nbsp;&nbsp;&nbsp;CALL nSpack.0048437C &lt;-走到這里以后查看ESP.可以用ESP定律,<BR>在命令行下HR ESP,來到<BR>00484599&nbsp; &nbsp; 9D&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;POPFD &lt;-這里.<BR>0048459A&nbsp;&nbsp;- E9 8002FAFF&nbsp; &nbsp;&nbsp;&nbsp;JMP nSpack.0042481F &lt;-走過去看看^<A href="http://hackbase.com/hacker/tutorial/200501319757.htm#" target=_blank>_</A>^<BR><BR>0042481F&nbsp; &nbsp;&nbsp; &nbsp;55&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 55&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'U'<BR>00424820&nbsp; &nbsp;&nbsp; &nbsp;8B&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 8B<BR>00424821&nbsp; &nbsp;&nbsp; &nbsp;EC&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB EC<BR>00424822&nbsp; &nbsp;&nbsp; &nbsp;6A&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 6A&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'j'<BR>00424823&nbsp; &nbsp;&nbsp; &nbsp;FF&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB FF<BR>00424824&nbsp; &nbsp;&nbsp; &nbsp;68&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 68&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'h'<BR>00424825&nbsp; &nbsp;&nbsp; &nbsp;C8&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB C8<BR>00424826&nbsp; &nbsp;&nbsp; &nbsp;67&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 67&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'g'<BR>00424827&nbsp; &nbsp;&nbsp; &nbsp;44&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 44&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'D'<BR>00424828&nbsp; &nbsp;&nbsp; &nbsp;00&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 00<BR>00424829&nbsp; &nbsp;&nbsp; &nbsp;68&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 68&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'h'<BR>0042482A&nbsp; &nbsp;&nbsp; &nbsp;CC&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB CC<BR>0042482B&nbsp; &nbsp;&nbsp; &nbsp;3C&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 3C&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR '&lt;'<BR>0042482C&nbsp; &nbsp;&nbsp; &nbsp;42&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 42&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'B'<BR>0042482D&nbsp; &nbsp;&nbsp; &nbsp;00&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 00<BR>0042482E&nbsp; &nbsp;&nbsp; &nbsp;64&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB 64&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;CHAR 'd'<BR>0042482F&nbsp; &nbsp;&nbsp; &nbsp;A1&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;DB A1<BR><BR>怎么是這些東東,呵呵,CTRL+A分析一下<BR><BR>0042481F&nbsp;&nbsp;/.&nbsp;&nbsp;55&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH EBP &lt;-在此DUMP<BR>00424820&nbsp;&nbsp;|.&nbsp;&nbsp;8BEC&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp; MOV EBP,ESP<BR>00424822&nbsp;&nbsp;|.&nbsp;&nbsp;6A FF&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH -1<BR>00424824&nbsp;&nbsp;|.&nbsp;&nbsp;68 C8674400&nbsp; &nbsp;PUSH nSpack.004467C8<BR>00424829&nbsp;&nbsp;|.&nbsp;&nbsp;68 CC3C4200&nbsp; &nbsp;PUSH nSpack.00423CCC&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;SE handler installation<BR>0042482E&nbsp;&nbsp;|.&nbsp;&nbsp;64:A1 0000000&gt;MOV EAX,DWORD PTR FS:[0]<BR>00424834&nbsp;&nbsp;|.&nbsp;&nbsp;50&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH EAX<BR>00424835&nbsp;&nbsp;|.&nbsp;&nbsp;64:8925 00000&gt;MOV DWORD PTR FS:[0],ESP<BR>0042483C&nbsp;&nbsp;|.&nbsp;&nbsp;83EC 58&nbsp; &nbsp;&nbsp; &nbsp; SUB ESP,58<BR>0042483F&nbsp;&nbsp;|.&nbsp;&nbsp;53&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH EBX<BR>00424840&nbsp;&nbsp;|.&nbsp;&nbsp;56&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH ESI<BR>00424841&nbsp;&nbsp;|.&nbsp;&nbsp;57&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;PUSH EDI<BR>00424842&nbsp;&nbsp;|.&nbsp;&nbsp;8965 E8&nbsp; &nbsp;&nbsp; &nbsp; MOV DWORD PTR SS:[EBP-18],ESP<BR>00424845&nbsp;&nbsp;|.&nbsp;&nbsp;FF15 A0224400 CALL DWORD PTR DS:[4422A0]&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;;&nbsp;&nbsp;kernel32.GetVersion<BR><BR>出現了吧.嘿嘿.在0042481F 處DUMP.然后使用IMPR修復,在偶機器上有一個無效的.剪切掉就OK了.<BR>主程序VC編譯.這個殼是二哥推薦的.壓縮能力據說超過UPX和ASPACK哦<BR><BR>--------------------------------------------------------------------------------<BR>【版權聲明】 本文純屬<A href="http://hackbase.com/network" target=_blank>技術</A>交流, 轉載請注明作者并保持文章的完整, 謝謝!<BR><BR>Btw: 寫<A href="http://hackbase.com/flash" target=_blank>動畫</A>前，我也不會做腳本，但有前輩們無私的經驗和<A href="http://hackbase.com/hacker/tool" target=_blank>工具</A>，怒力就可以實現任何夢想。<BR><BR>第一次要熟讀<BR><BR>OllyScript0.92.txt&nbsp;&nbsp;//已經漢化<BR><BR>快速入手就是用別人寫好的腳本用OSEditor.exe逐句分析每句的意思，從而可以自己寫腳本。<BR><BR>脫殼腳本<BR><BR>開始<BR><BR>// NSpack 1.3 OEP Finder v0.1<BR>// by ★LOCKLOSE★&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;* //是腳本注釋，這些行不會執行 <BR>// <A href="http://bbs.pediy.com/" target="<a">_</A>blank&gt;<FONT color=#003366>http://bbs.pediy.com</FONT></A><BR><BR>&nbsp;&nbsp;var addr&nbsp; &nbsp;* VAR 在腳本中，聲明一個變量,必須在變量使用先聲明。這句什么用途呢，看第四行<BR>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;由于不同系統用Esp定律，Esp值不同，為了使腳本通用，就得用變量保存Esp值。<BR><BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;相當于在OllyDbg中按 F8，單步過<BR>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp; '我們看手動脫殼不也是F8兩次后利用Esp定律的<BR>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;是同樣的原理<BR><BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;相當于在OllyDbg中按 F8，單步過 <BR><BR>&nbsp;&nbsp;mov addr,esp *保存當前Esp值到變量addr中<BR><BR>&nbsp;&nbsp;bphws addr,"r" * 在指定地址，設置硬件斷點。有三種模式： "r" - 讀取, "w" - 寫入 或者 "x" - 執行.<BR>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp; 這里是硬件訪問<BR><BR>&nbsp;&nbsp;run&nbsp; &nbsp;&nbsp;&nbsp;* 相當于在OllyDbg中按 F9<BR>&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;<BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;相當于在OllyDbg中按 F8，單步過 <BR><BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;相當于在OllyDbg中按 F8，單步過 對比脫殼過程，是一樣的<BR><BR>&nbsp;&nbsp;an eip&nbsp;&nbsp;*&nbsp;&nbsp;指定處，對<A href="http://hackbase.com/hacker" target=_blank>代碼</A>進行分析。按Ctrl+A 整理<A href="http://hackbase.com/hacker" target=_blank>代碼</A><BR><BR>&nbsp;&nbsp;BPHWC addr&nbsp;&nbsp;* 刪除指定地址處的的硬件斷點 脫完殼，當然刪除臨時的硬件斷點了<BR><BR>&nbsp;&nbsp;MSG "You can dump it here!" * 將指定消息，顯示到一個對話框 廣告腳本作者,通常不建議寫。<BR>&nbsp;&nbsp;<BR>&nbsp; &nbsp;我先演示一下手動脫殼，然后腳本脫殼<BR><BR>最后將腳本命名，然后保存放到腳本庫里面<BR><BR>// NSpack 1.3 OEP Finder v0.1<BR>// by ★LOCKLOSE★&nbsp; &nbsp;&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;<BR>// <A href="http://bbs.pediy.com/" target="<a">_</A>blank&gt;<FONT color=#003366>http://bbs.pediy.com</FONT></A><BR><BR>&nbsp;&nbsp;var addr&nbsp; &nbsp;<BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;<BR>&nbsp;&nbsp;sto&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;<BR>&nbsp;&nbsp;mov addr,esp <BR>&nbsp;&nbsp;bphws addr,"r"<BR>&nbsp;&nbsp;run<BR>&nbsp;&nbsp;sto<BR>&nbsp;&nbsp;sto<BR>&nbsp;&nbsp;an eip<BR>&nbsp;&nbsp;BPHWC addr<BR>&nbsp;&nbsp;MSG "You can dump it here!"<BR><BR>看清楚沒有，再見!<BR></P></p>
                  <p><img src="http://www.koyee.com/images/dgg.gif" height="70" width="587">　</p></td>
              </tr>
              <tr>
                <td width="628" bordercolor="0" class="font1"><p>
                  <hr size="1" color="#0a778b" width="100%">
				  <table><tr><td width="269" align="center">上一篇:  <a href=../95/200541232013.htm title=簡單更改W2K的Telnet端口>簡單更改W2K的Telnet端口</a>  </td>
				  <td width="285" align="center">下一篇:  <a href=../90/200542823048.htm title=gew>gew</a></td>
				  </tr></table>

<hr size="1" color="#0a778b" width="100%">
<div align="right">  <a href="javascript:window.print()"><img src="../../images/printer.gif" width="16" height="14" border="0" align="absmiddle">打印本頁</a> |  <a href="javascript:window.close()"><img src="../../images/close.gif" width="14" height="14" border="0" align="absmiddle">關閉窗口</a> </div>
<p></p></td>
              </tr>
    </table></td>
  </tr>
</table>
<TABLE height=62 cellSpacing=0 cellPadding=0 width="800" 
            align=center background=../../images/webtop_bg.gif 
            border=0>
              <TBODY>
              <TR>
                <TD><div align="center" class="style4">Copyright @ 2004-2008&nbsp; http://www.koyee.com 可以網絡在線版權所有<br>
                    公司地址:江西南昌 電話:13879173467 郵編:330029<br>
                  email:chenxueyan9999@163.com</div></TD>
 </TR></TBODY></TABLE>
</BODY></HTML>