📄 chap8-3-4.htm.primary
字号:
<html>
<head>
<title>Crack Tutorial</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="style/css.css" type="text/css">
<link rel="stylesheet" href="../STYLE/Css.css" type="text/css">
</head>
<body bgcolor="white" text="#000000" link="#004080" vlink="#004080" background="../image/Back.gif">
<p><a href="../catalog.htm">目录</a>>>第8章</p>
<p align="center" class="shadow1Copy"><b class="p3">第8章 压缩与脱壳</b></p>
<table width="80%" border="0" cellspacing="0" cellpadding="3" align="center" bgcolor="#bcbcbc" bordercolor="#111111" class="shadow1">
<tr>
<td class="shadow1" width="20%">
<div align="center"><a href="Chap8-1.htm"><font color="#FFFFFF">第一节 PE文件格式</font></a></div>
</td>
<td class="shadow1" width="20%">
<div align="center"><a href="Chap8-2.htm"><font color="#FFFFFF">第二节 认识脱壳</font></a></div>
</td>
<td class="shadow1" width="20%">
<div align="center"><a href="Chap8-3-1.htm"><font color="#FFFFFF">第三节 自动脱壳</font></a></div>
</td>
<td class="shadow1" width="20%">
<div align="center"><a href="Chap8-4.htm"><font color="#FFFFFF">第四节 手动脱壳</font></a></div>
</td>
<td class="shadow1" width="20%">
<div align="center"><a href="Chap8-5.htm"><font color="#FFFFFF">第五节 脱壳高级篇</font></a></div>
</td>
</tr>
</table>
<p align="center"><span class="p9"><b>第三节 自动脱壳</b></span></p>
<table border="1" width="80%" cellpadding="5" bordercolor="#111111" bgcolor="#efefef" align="center" cellspacing="0">
<tr>
<td width="50%" valign="middle" align="center" class="p9" height="23">
<div align="left"><span class="p9"><span class="p9"> <span class="p9"> </span> <span class="p9">1、<a href="Chap8-3-1.htm">工具介绍</a></span></span></span></div>
</td>
<td colspan="2" valign="middle" align="center" class="p9" height="23" width="50%">
<div align="left"><span class="p9"><span class="p9"> <span class="p9"> </span> </span></span>2、<a href="Chap8-3-2.htm">ProcDump应用文章一</a></div>
</td>
</tr>
<tr>
<td width="50%" valign="middle" align="center" class="p9" height="23">
<div align="left"><span class="p9"><span class="p9"> <span class="p9"> </span> </span></span>3、<a href="Chap8-3-3.htm">ProcDump应用文章二</a></div>
</td>
<td colspan="2" valign="middle" align="center" class="p9" height="23" width="50%">
<div align="left"><span class="p9"><span class="p9"> <span class="p9"> </span> </span></span>4、<a href="Chap8-3-4.htm">ProcDump中文说明书
</a> </div>
</td>
</tr>
</table>
<p align="center"><b>4、<font face="宋体" color="#000000"><span class="p9"><span class="p9"><span class="p9"><span class="p9">Procdump中文说明书</span></span></span></span></font><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000"></font>
</span></span></span></span></b><span class="p9"><span class="p9"><span class="p9"><span class="p9">
</span></span></span></span> <span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> </font>
</span></span></span></span></p>
<span class="p9"><span class="p9"><span class="p9"><span class="p9"> <font face="宋体" color="#000000"> <span class="p9">大家好!早两天放上了提高篇(</span></font>
<span class="p9"><font face="Times New Roman" color="#000000">10</font> <font face="宋体" color="#000000">)后,大家的反应还不错,不过对于一些朋友来</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">说,</font>
<font face="宋体" color="#000000">要想用好</font> <font face="Times New Roman" color="#000000">Procdump1.50</font>
<font face="宋体" color="#000000">,可能还有点问题,因为它的</font> <font face="Times New Roman" color="#000000">Script</font>
<font face="宋体" color="#000000">的说明书是英文的</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">,对于英文不是</font>
<font face="宋体" color="#000000">太好的朋友,这就成为一个很大的问题了。昨晚,在白菜的聊天室内,我</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">和</font>
<font face="Times New Roman" color="#000000">Ding Boy</font> <font face="宋体" color="#000000">等高手一</font>
<font face="宋体" color="#000000">起聊天,</font> <font face="Times New Roman" color="#000000">Ding Boy</font>
<font face="宋体" color="#000000">就建议我把</font> <font face="Times New Roman" color="#000000">Procdump1.50</font>
<font face="宋体" color="#000000">的说明书翻译成</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">中文,方便广大的朋友学习和使用</font>
<font face="Times New Roman" color="#000000">Procdump1.50</font> <font face="宋体" color="#000000">,本着我不入地狱,谁入地狱的决心,</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">我就着手了翻译工作,由于本人的英文也</font>
<font face="宋体" color="#000000">不是太好!所以在</font> <font face="Times New Roman" color="#000000">Procdump1.50</font>
<font face="宋体" color="#000000">的</font> <font face="Times New Roman" color="#000000">Script</font>
</span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">说明书的翻译过程中,难免会有一些错误的地方,同</font>
<font face="宋体" color="#000000">时我的语文水平也不见得好到那里去</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">,有时英文了解什么意思,中文也不知如何表达,所以也</font>
<font face="宋体" color="#000000">难免有一些词不达意,还有一些</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">地方,我只能根据意译的方法来完成了,因为如果一字一字的</font>
<font face="宋体" color="#000000">合并起来,句子的意思可能</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">不知它说什么。花了三个小时的时间,终于完成了,但为了有点记</font>
<font face="宋体" color="#000000">念意义,就把译文放进</font></span></span></span></span></span><span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">了提高篇(</font>
<font face="Times New Roman" color="#000000">11</font> <font face="宋体" color="#000000">)当中了,希望大家喜欢!</font>
</span></span></span></span></span>
<p> </p>
<p> <span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">读者要求:</font>
</span></span></span></span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><span class="p9"><span class="p9"><span class="p9"><font face="宋体" color="#000000">你可以阅读和传播本文章,但不能对文章的内容作任何的修改,请尊重作者(译)的劳动</font></span></span></span><font face="宋体" color="#000000">。</font></span></span></p>
<p><span class="p9"><font face="Times New Roman" color="#000000">*********************************</font>
</span></p>
<p> <span class="p9"><font face="Times New Roman" color="#000000"><span class="p9">ProcDump32</span></font>
<span class="p9"><font face="宋体" color="#000000">的</font> <font face="Times New Roman" color="#000000">Script</font>
<font face="宋体" color="#000000">扩展:</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">*********************************</font>
</span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> </font>
</span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">A) </font>
<font face="宋体" color="#000000">功能定义:</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">*************************</font>
</span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">1) Look</font>
<font face="宋体" color="#000000">功能:</font> </span></span></p>
<span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> </font>
<font face="宋体" color="#000000">这个</font> <font face="Times New Roman" color="#000000">Look</font>
<font face="宋体" color="#000000">功能是在被载入的程序中查找指定的</font> <font face="Times New Roman" color="#000000">HEX</font>
<font face="宋体" color="#000000">字串。它会把找到了的内存</font></span></span><span class="p9"><span class="p9"><font face="宋体" color="#000000">地址保存下来以便你可以方便在此内存地址设置断点。</font>
</span></span>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="宋体" color="#000000">例:</font>
</span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> Look OF,85</font>
<font face="宋体" color="#000000">将用于搜索一个</font> <font face="Times New Roman" color="#000000">JNE</font>
<font face="宋体" color="#000000">或一个长</font> <font face="Times New Roman" color="#000000">jump</font>
<font face="宋体" color="#000000">。你可以通过</font> <font face="Times New Roman" color="#000000">BP</font>
<font face="宋体" color="#000000">命令来设置断点。</font> </span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">2) ADD</font>
<font face="宋体" color="#000000">功能:</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> </font>
<font face="宋体" color="#000000">允许你在当前内存地址上加一个变址值(例:出现于</font> <font face="Times New Roman" color="#000000">look</font>
<font face="宋体" color="#000000">命令或</font> <font face="Times New Roman" color="#000000">POS</font>
<font face="宋体" color="#000000">命令之后)。</font> </span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">3) DEC</font>
<font face="宋体" color="#000000">功能:</font> </span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="宋体" color="#000000">猜测;)</font>
</span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">4) REPL</font>
<font face="宋体" color="#000000">功能</font> </span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> </font>
<font face="宋体" color="#000000">这个功能用于在当前内存中修改内码(连续的</font> <font face="Times New Roman" color="#000000">HEX</font>
<font face="宋体" color="#000000">)(注:它出现在</font> <font face="Times New Roman" color="#000000">look</font>
<font face="宋体" color="#000000">命令之后)。</font> </span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="宋体" color="#000000">例:</font>
</span></span></p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000"> REPL 90,90</font>
<font face="宋体" color="#000000">将会在你当前的内存位置开始连接放入两个</font> <font face="Times New Roman" color="#000000">NOP</font>
<font face="宋体" color="#000000">指令。</font> </span></span></p>
<p> </p>
<p> <span class="p9"><span class="p9"><font face="Times New Roman" color="#000000">5) BP</font>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -