📄 upx find oep & dump.txt
字号:
/*
**
** UPX script by Bruce Lee with dump
**
*/
log " "
log " "
eob bp1
log "Search for address of GetProcAddress..."
gpa "GetProcAddress", "kernel32.dll"
cmp $RESULT, 0
jne nadjen
jmp error
nadjen:
log "OK!"
log $RESULT
bp $RESULT
log "bp on GetProcAddress."
log "Run!"
run
bp1:
bc eip
rtu
log "Clear breakpoint! Return to user code!"
log eip
log "Search for address of POPAD..."
findop eip, #61#
cmp $RESULT, 0
jne ok
jmp error
ok:
log "Run till POPAD."
go $RESULT
log eip
sto
log eip
sto
log eip
MSGYN "OEP! Dump?"
cmp $RESULT, 1
je dump
jmp kraj
error:
Msg "Error!"
jmp kraj
dump:
dpe "c:\bl_dumped.exe", eip
MSG "Your dump is in root of c: ! Start ImpREC and fix the IAT! Bye!"
kraj:
ret⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -