ctrl+A脚本编写窗口
Aob
[ENABLE]
aobscanmodule(INJECT)
alloc(newmem)
label(code)
label(return)
newmem:
code:
INJECT:
return:
[DISABLE]
普通标签:其后的指令位于内存的某个位置->标签获得对应地址
特殊标签:绝对地址->其后的指令位于内存的这个位置
Tutorial第九关
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
define(address,1000499ED)
define(bytes,08430F11F3)
[ENABLE]
alloc(newmem,2048,1000499ED)
label(code)
label(exit)
label(team1)
label(team2)
label(team1Value)
label(team2Value)
label(return)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
pushfq
cmp dword ptr [rbx+14],1
je team1
cmp dword ptr [rbx+14],2
je team2
exit:
popfq
code:
movss [rbx+08],xmm0
jmp return
team1:
movss xmm0,[team1Value]
jmp exit
team2:
movss xmm0,[team2Value]
jmp exit
team1Value:
dd (float)5000
team2Value:
dd 0
address:
jmp newmem
return:
[DISABLE]
address:
db bytes
dealloc(newmem)
|