Ó¦¡¶ÍøÂ簲ȫ·¨¡·ÒªÇó£¬×Ô2017Äê10ÔÂ1ÈÕÆð£¬Î´½øÐÐʵÃûÈÏÖ¤½«²»µÃʹÓû¥ÁªÍø¸úÌû·þÎñ¡£Îª±£ÕÏÄúµÄÕʺÅÄܹ»Õý³£Ê¹Óã¬Ç뾡¿ì¶ÔÕʺŽøÐÐÊÖ»úºÅÑéÖ¤£¬¸ÐлÄúµÄÀí½âÓëÖ§³Ö£¡

24СʱÈÈÃÅ°æ¿éÅÅÐаñ    

Znn3bq.jpeg
Сľ³æÂÛ̳-ѧÊõ¿ÆÑл¥¶¯Æ½Ì¨ » רҵѧ¿ÆÇø » ÐÅÏ¢¿Æѧ » [תÌù]Óõ¥²½¸ú×ÙAnti-Debugger
ÉÇÍ·´óѧº£Ñó¿Æѧ½ÓÊܵ÷¼Á
11/1·µ»ØÁбí
²é¿´: 233  |  »Ø¸´: 0
Ö»¿´Â¥Ö÷ @ËûÈË ´æµµ лظ´ÌáÐÑ (ºöÂÔ) ÊÕ²Ø    ÔÚAPPÖв鿴
µ±Ç°Ö÷ÌâÒѾ­´æµµ¡£

sdlj8051

½ð³æ (ÖøÃûдÊÖ)

[½»Á÷] [תÌù]Óõ¥²½¸ú×ÙAnti-Debugger

ÔÚµ÷ÊÔÆ÷ÖУ¬×¾ÁÓµÄdebuggerÊÇÓÃ0xcc À´¸ú×Ù´úÂ룬µ«od¾ÍÊÇÓñê־λ½øÐе¥²½¸ú×Ù,¼òµ¥µÄ˵¾ÍÊÇ°ÑTFÖÃ룬Èç¹ûÎÒÃÇÓÐ×Ô¼ºµÄµ¥²½¸ú×Ù´úÂ룬odÈç¹ûͬʱҲ¸ú×ÙÁË£¬¾Í»á¡°ÎÞÊÓ¡±ÎÒÃÇ×Ô¼ºµÄ´úÂë....´ïµ½antiµÄÄ¿µÄ
´úÂëÈçÏÂ:
;===============================cut==============================
;Author:Comic.Liu
  .386
  .model  flat,stdcall
  option  casemap  :none

  include    windows.inc
  include    user32.inc
  includelib  user32.lib
  include    kernel32.inc
  includelib  kernel32.lib
  .const

  .data
    szT    db  'Title',0
    szM    db  'You Are Passed',0
  .code
SEH  proc  pExceptWORD,pFrameWORD,pContextWORD,pDispatchWORD
    pushad
    assume  esi:ptr EXEPTION_RECORD,edi:ptr CONTEXT

    mov  esi,[pExcept]
    mov  edi,[pContext]

    mov  ebx,[edi].regEip
    inc  ebx
    cmp  byte ptr[ebx],0
    org  $-1
    popfd
    jz  fin
    or  [edi].regFlag,100h
    jmp  fin1
fin:    inc  [edi].regEip
fin1:    popad
    mov  eax,ExceptionContinueExecution
    ret



SEH  endp

start:
    assume  fs:nothing
    push  offset SEH
    push  fs:[0]
    mov  fs:[0],esp

    pushfd
    pushfd
    or  dword ptr[esp],100h
    popfd
    ;½øÈëÕâÒ»¶Î´úÂë¾ÍÇÌÇÌÁË
    nop
    ret
    ;=======End============
    ;²»¹ý¿ÉÒÔÓÃODÀïµÄF4Ö±½ÓÌø¹ýÉÏÃæÄÇÒ»¶Î,µ½ÏÂÃæ
    popfd
    invoke  MessageBox,NULL,offset szM,offset szT,NULL

    pop  fs:[0]
    add  esp,4
    invoke  ExitProcess,0
  
  end  start
;==========================finish===========================
³ÌÐòÔÚnop´¦ÒÔSingle Stepʼþ½øÈëseh
ÔÚsehÀïÃ棬ÐÞ¸ÄeipÌø¹ý´úÂë:ret

Èç¹ûod¸ú×Ù,¾Í½Ø¶ÏÁËsingle step,seh¾Í²»»áÔËÐÐÁË£¬È»ºó¾Í³ö´í

[ Last edited by sdlj8051 on 2006-10-6 at 11:26 ]
»Ø¸´´ËÂ¥

» ²ÂÄãϲ»¶
1Â¥ 2006-08-23 10:39:39
ÒÑÔÄ   »Ø¸´´ËÂ¥   ¹Ø×¢TA ¸øTA·¢ÏûÏ¢ ËÍTAºì»¨ TAµÄ»ØÌû
Ïà¹Ø°æ¿éÌøת ÎÒÒª¶©ÔÄÂ¥Ö÷ sdlj8051 µÄÖ÷Ìâ¸üÐÂ
11/1·µ»ØÁбí
ÆÕͨ±íÇé Áú Íà »¢ è ¸ß¼¶»Ø¸´ (¿ÉÉÏ´«¸½¼þ)
×î¾ßÈËÆøÈÈÌûÍƼö [²é¿´È«²¿] ×÷Õß »Ø/¿´ ×îºó·¢±í
[¿¼ÑÐ] »¯¹¤Ñ§Ë¶ 285Çóµ÷¼Á +29 Wisjxn 2026-04-07 29/1450 2026-04-13 13:47 by floriea
[¿¼ÑÐ] Ò»Ö¾Ô¸085802 323·ÖÇóµ÷¼Á +13 drizzle_9 2026-04-12 14/700 2026-04-13 10:26 by Faiz5552
[¿¼ÑÐ] ÉúÎïѧ308·ÖÇóµ÷¼Á£¨Ò»Ö¾Ô¸»ª¶«Ê¦´ó£©×ö¹ý·Ö×ÓʵÑé +9 ÏàÐűػá¹ââÍòÕ 2026-04-07 10/500 2026-04-13 10:20 by ¿Éµ­²»¿ÉÍü
[¿¼ÑÐ] µç×ÓÐÅÏ¢270Çóµ÷¼Á +18 terminal469 2026-04-07 18/900 2026-04-12 16:23 by ajpv·çÀ×
[¿¼ÑÐ] 295·ÖÇóµ÷¼Á +13 ?ÒªÉÏ°¶? 2026-04-10 13/650 2026-04-12 15:37 by laoshidan
[¿¼ÑÐ] 291Çóµ÷¼Á +8 ¹ØÒä±±. 2026-04-11 8/400 2026-04-12 09:32 by ÄæË®³Ë·ç
[¿¼ÑÐ] ²ÄÁϹ¤³ÌÈÕÓÉúÇóµ÷¼Á +7 0856?µ÷¼Á 2026-04-10 7/350 2026-04-11 21:33 by À¶ÔÆ˼Óê
[¿¼ÑÐ] Çóµ÷¼Á£¬Ò»Ö¾Ô¸´óÁ¬Àí¹¤´óѧ354·Ö +5 ÓêÉùÓàÉú 2026-04-11 6/300 2026-04-11 16:12 by ÓêÉùÓàÉú
[¿¼ÑÐ] µ÷¼Á +5 ÎĵÀÐÇ̨ 2026-04-11 5/250 2026-04-11 15:01 by ¿­¿­Òª±ä˧
[¿¼ÑÐ] Çóµ÷¼Á +3 θ¾·ÂÎÀÛÁË 2026-04-11 5/250 2026-04-11 14:13 by luhong1990
[¿¼ÑÐ] Ò»Ö¾Ô¸211£¬»¯Ñ§310·Ö£¬±¾¿ÆÖصãË«·Ç£¬Çóµ÷¼Á +23 ŬÁ¦·Ü¶·112 2026-04-08 23/1150 2026-04-10 23:29 by 314126402
[¿¼ÑÐ] Çóµ÷¼Á +5 ²»»á·ÉµÄÓã@ 2026-04-10 5/250 2026-04-10 19:07 by chemisry
[¿¼ÑÐ] 301Çóµ÷¼Á +5 149. 2026-04-10 5/250 2026-04-10 15:45 by ²ñС°×
[¿¼ÑÐ] 348Çóµ÷¼Á +3 candyyyi 2026-04-09 3/150 2026-04-09 17:20 by ¶ÎΰÑÞ
[¿¼ÑÐ] »¯Ñ§¹¤³ÌÓë¼¼Êõרҵһ־Ը¹þ¹¤³Ì 291·ÖBÇø ¹ú¼Ò¼¶´ó´´¸ºÔðÈË ÓÐÒ»×÷ÂÛÎÄ +13 Emmy~ 2026-04-09 13/650 2026-04-09 14:47 by onlyÖÜ
[¿¼ÑÐ] 265Çóµ÷¼Á +4 ·ç˵ËýÔçÍüÁË 2026-04-07 4/200 2026-04-09 13:59 by onlyÖÜ
[¿¼ÑÐ] Ò»Ö¾Ô¸Î÷ÄÏ´óѧÉúÎïѧѧ˶344 ÇóÉúÎïѧÏà¹Øµ÷¼Á/ÉúÎïÓëÒ½Ò© +7 ³¬È˲»»á·É@ 2026-04-08 7/350 2026-04-09 09:35 by gong120082
[¿¼ÑÐ] 327Çóµ÷¼Á +10 Xxjc1107. 2026-04-06 11/550 2026-04-09 01:21 by lature00
[¿¼ÑÐ] 264Çóµ÷¼Á +11 ÂóС¶£µ± 2026-04-07 11/550 2026-04-08 16:05 by Ò»Ö»ºÃ¹û×Ó?
[¿¼ÑÐ] 277Çóµ÷¼Á +4 ¿¼Ñе÷¼Álxh 2026-04-06 6/300 2026-04-08 10:40 by ÄæË®³Ë·ç
ÐÅÏ¢Ìáʾ
¹Ø±Õ
ÇëÌî´¦ÀíÒâ¼û
¹Ø±Õ