Tw_Bnb_v110_ICS_移動復活
這大概是我最後一個轉 ICS 了,畢竟沒有每個 CRC 都能轉 ICS,有 CRC Bypass 也不需要 ICS,所以之後要來研究找數據了,
// Author: lingba_song
// 轉貼請附上本網址
Alloc(MoveLiveCheck,256)
Label(MoveLive)
00C312DC:
DD MoveLiveCheck
MoveLiveCheck:
cmp ,005AA36B
jne RtlAllocateHeap
mov ,MoveLive
jmp RtlAllocateHeap
MoveLive:
lea ecx,
test eax,eax
jne 005AA391
je 005AA372
00C312DC:
DD RtlAllocateHeap
DeAlloc(MoveLiveCheck)
頁:
[1]