jmp,je,jnzÔÚdelphiÖеÄд·¨
function myfun:integer;
var b:pointer;
begin
b:=pointer($6Bc3C6);
asm
mov eax,[eax]
xor eax,[ecx+4]
cmp eax,0
je @b
end;
ÕâÑùд±àÒë²»¹ýÈ¥¡£ÇëÎÊÈçºÎ²ÅÄÜд¡£»òÕßÓÐÆäËüʲô·½·¨
@b±¾À´¾ÍÊÇÒ»¸öÖ¸Õ룬ÄãÓÖ°ÑbÉè³ÉÖ¸Õ룬ÕâÊÇÖ¸ÏòÖ¸ÕëµÄÖ¸Õ룿ÄãµÄ±¾Òâ²»ÊÇÕâÑù°É
µÄÈ·ÊÇÕâÑù¡£µ«ÊÇΪʲôJMP B¿ÉÒÔ¡£ÓÃJE£¬JNZ¾Í²»ÐÐÁË¡£
»¹ÓÐÎÒÕâ¸öCALL¡£ÎÒ°ÑÎÒµÄDLL×¢ÈëÄ¿±ê½ø³Ìºó¡£edit.text:=inttohex(integer(@myfun),4);
µÃµ½µØÖ·¡£È»ºóÎÒ¸ú½øÕâ¸öCALLÈ¥¿´¡£Ôõô¸úÎÒDµÄCALLÀïÃæдµÄCALL²»Ò»ÑùÄØ£¿
Ïà¹ØÎÊ´ð£º
delphi ÊÖ¶¯×°ÔØÇý¶¯ÎļþÌáʾ£º
RROR (1058): The driver is marked as disabled (Start=4) in its service database entry.
ÊDz»ÊÇÕâ¸öÇý¶¯±ØÐèÒªÓÃINFÀ´°²×°¡£¡£ÓÃ×Ô´øµÄINFÀ´×°ÊÇÕý³£µÄ¡£ÓÃÊÖ¶¯×°ÔؾÍÌáʾÈçÉÏ¡ ......
hongqi162¡¢windindance
´Ë2È˳¤ÆÚ²»ÔÚÏߣ¬ÌرðÊÇwindindance
¸ü»»ÓÐÄÜÁ¦µÄÈËÉÏ
hongqi162»¹ÊǾ³£ÉÏÀ´×ª×ªµÄ
ÒýÓÃ
¸ü»»ÓÐÄÜÁ¦µÄÈËÉÏ
ÆäʵҲ²»ÊÇʲôÄÜÁ¦µÄÔÒò£¬Ö÷Òª¿ÉÄÜÊÇʱ¼äÎÊÌâ°É
¹¤×÷µÄ»¹ÒªÉÏ°à£¬Ñ§Ï ......
Ò»Ö±ÏëʹÓÃdll£¬µ«delphiµÄdll×Ó´°Ìå¾³£Óи÷ÖÖÎÊÌ⣬±ÈÈçÖ÷´°¿ÚÓëdll×Ó´°¿ÚµÄ½¹µãÎÊÌ⣬×Ó´°¿ÚÖпؼþµÄtab¼ü¡¢Èȼü¡¢enter¼üµÈµÄÎÊÌ⣬×Ó´°¿ÚÍ˳öµÄÎÊÌ⡢ƽÃæ°´Å¥ÎÊÌâµÈµÈ£¬ÍøÕ¾ÉϽøÐÐÁËËÑË÷£¬Ã»ÓбȽÏÍêÃÀµÄ½â¾ö· ......
(¼±)ÎÒÏëÓÃUDPʵÏÖ¿Í»§¶ËÓë·þÎñÆ÷Ö®¼äµÄÐÅÏ¢·¢ËÍ¡£¼´£¬¿Í»§¶Ë·¢ÐÅÏ¢¸ø·þÎñÆ÷¶Ë£¬·þÎñÆ÷ÄÜÕý³£µÄ½ÓÊÜ£¬²¢ÇÒÊÇ°´Ë³Ðò½ÓÊܵġ£Èç¿Í»§¶Ë·¢ËÍEdit1,Edit2,Edit3,Edit4....ºó£¬ÔÚ·þÎñÆ÷µÄEdit1,Edit2,Edit3,Edit4....ÒÀ´Î¶ ......
