⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 mslrh 0.31 oep finder v6.txt

📁 700个脱壳脚本, 可以放在在OD的ollyscript Plugin中.
💻 TXT
字号:
🔍 
// MSLRH_031_unpacking_v6.txt// author: arnix (arnix@freenet.am)// ================================var startvar tvar t2mov start, eipmov t2, startrdtsc_label:find t2, #761BEB01#cmp $RESULT, 0je rdtsc_nextmov t, $RESULTmov [t], #EB1BEB01#mov t2, tadd t2, 10jmp rdtsc_labelrdtsc_next:mov t2, startrdtsc_label2:find t2, #3D7856341276#cmp $RESULT, 0je rdtsc_next2mov t, $RESULTmov [t], #3D78563412EB#mov t2, tadd t2, 10jmp rdtsc_label2rdtsc_next2:eoe exception1runexception1:eob bp1bphws 409593, "w"estobp1:bphwc 409593bphws 408BCB, "x"eob bp2runbp2:bphwc 408BCBmov t2, startrdtsc_label3:find t2, #761BEB01#cmp $RESULT, 0je rdtsc_next3mov t, $RESULTmov [t], #EB1BEB01#mov t2, tadd t2, 10jmp rdtsc_label3rdtsc_next3:mov t2, startrdtsc_label4:find t2, #3D7856341276#cmp $RESULT, 0je rdtsc_next4mov t, $RESULTmov [t], #3D78563412EB#mov t2, tadd t2, 10jmp rdtsc_label4rdtsc_next4:bphws 40AB7C, "w"eob bp3runbp3:bphwc 40AB7Cbphws 40A1D5, "x"eob bp4runbp4:bphwc 40A1D5mov t2, startrdtsc_label5:find t2, #761BEB01#cmp $RESULT, 0je rdtsc_next5mov t, $RESULTmov [t], #EB1BEB01#mov t2, tadd t2, 10jmp rdtsc_label5rdtsc_next5:mov t2, startrdtsc_label6:find t2, #3D7856341276#cmp $RESULT, 0je rdtsc_next6mov t, $RESULTmov [t], #3D78563412EB#mov t2, tadd t2, 10jmp rdtsc_label6rdtsc_next6:mov [40D3DA], #90909090909090909090909090#mov [40DDA7], #90909090909090909090909090909090909090#mov [40E76A], #909090909090909090909090909090909090909090909090909090909090909090#eoe exception2runexception2:bphws 410F4C, "x"eob bp5estobp5:bphwc 410F4Cmov t2,startrdtsc_back_label:find t2, #EB1BEB01#cmp $RESULT, 0je rdtsc_back_nextmov t, $RESULTmov [t], #761BEB01#mov t2, tadd t2, 10jmp rdtsc_back_labelrdtsc_back_next:mov [40D3DA], #E8050000002573257300FF5614#mov [40DDA7], #6A006A006A036A006A00680000008050FF561C#mov [40E76A], #506A006800040000FF56288BDC83EB046A006A006A04536A0750FF56405888460E#bphws 410FC9, "x"eob bp6runbp6:bphwc 410FC9mov t2, startrdtsc_label7:find t2, #761BEB01#cmp $RESULT, 0je rdtsc_next7mov t, $RESULTmov [t], #EB1BEB01#mov t2, tadd t2, 10jmp rdtsc_label7rdtsc_next7:mov t2, startrdtsc_label8:find t2, #3D7856341276#cmp $RESULT, 0je rdtsc_next8mov t, $RESULTmov [t], #3D78563412EB#mov t2, tadd t2, 10jmp rdtsc_label8rdtsc_next8:mov t2, startobf1:find t2, #E80A000000E8EB0C0000#cmp $RESULT, 0je obf_next1mov t, $RESULTmov [t], #83EC08909090#mov t2, tadd t2, 10jmp obf1obf_next1:mov t2, startobf2:find t2, #EB01#cmp $RESULT, 0je obf_next2mov t, $RESULTmov [t], #909090#mov t2, tadd t2, 3jmp obf2obf_next2:exit:ret// end

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -