채팅0
해외응디형들 crc 우회코드인데 참고해서 메랜꺼못만듬?
[Enable]
GlobalAlloc(CopyMemory,79691776)
CopyMemory:
readmem($00401000,79691776)
Define(RegionStart,00401000)
Define(RegionEnd,05000000)
Alloc(CRC1_Hook,1024)
Label(CRC1_Original)
Label(CRC1_Return)
04681AD1:
jmp CRC1_Hook
CRC1_Return:
CRC1_Hook: // sub crc
cmp edx,RegionStart
jb CRC1_Original
cmp edx,RegionEnd
ja CRC1_Original
sub edx,RegionStart
add edx,CopyMemory
CRC1_Original:
db 8b 12 01 10 9c
jmp CRC1_Return
Alloc(CRC2_Hook,1024)
Label(CRC2_Original)
Label(CRC2_Return)
0490C837: // main crc
jmp CRC2_Hook
nop
CRC2_Return:
CRC2_Hook:
cmp ecx,RegionStart
jb CRC2_Original
cmp ecx,RegionEnd
ja CRC2_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC2_Original:
db 02 01 59 53 b7 3d
jmp CRC2_Return
/*
Alloc(CRC3_Hook,1024)
Label(CRC3_Original)
Label(CRC3_Return)
047A4682: //0040000 / ngclient
jmp CRC3_Hook
nop
CRC3_Return:
CRC3_Hook:
cmp ecx,RegionStart
jb CRC3_Original
cmp ecx,RegionEnd
ja CRC3_Original
sub ecx,RegionStart
add ecx,CopyMemory
CRC3_Original:
db 66 8b 09 0f b7 c1
jmp CRC3_Return
Alloc(CRC4_Hook,1024)
Label(CRC4_Original)
Label(CRC4_Return)
0476A79B: //blackcall
jmp CRC4_Hook
nop 4
CRC4_Return:
CRC4_Hook:
cmp edx,RegionStart
jb CRC4_Original
cmp edx,RegionEnd
ja CRC4_Original
sub edx,RegionStart
add edx,CopyMemory
CRC4_Original:
db 66 8b 12 81 cf 00 00 00 80
jmp CRC4_Return
*/
/*
Alloc(CRC5_Hook,1024)
Label(CRC5_Original)
Label(CRC5_Return)
048C57A0: //00401000 crc 2
jmp CRC5_Hook
nop 5
CRC5_Return:
CRC5_Hook:
cmp eax,RegionStart
jb CRC5_Original
cmp eax,RegionEnd
ja CRC5_Original
sub eax,RegionStart
add eax,CopyMemory
CRC5_Original:
db 8a 00 31 d9 81 f6 00 08 00 00
jmp CRC5_Return
Alloc(CRC6_Hook,1024)
Label(CRC6_Original)
Label(CRC6_Return)
0487A91B: //00401000 crc 3
jmp CRC6_Hook
nop
CRC6_Return:
CRC6_Hook:
cmp eax,RegionStart
jb CRC6_Original
cmp eax,RegionEnd
ja CRC6_Original
sub eax,RegionStart
add eax,CopyMemory
CRC6_Original:
db 8a 00 88 06 89 e9
jmp CRC6_Return
*/
KERNEL32.ReadProcessMemory+5:
ret 0014
nop
nop
nop
nop
[Disable]
댓글0