27
04月
2023
摘要:
脚本文件memmove.txt
as /mu ${/v:tn2} esi;
.block
{
.if( $sicmp(@"${tn2}","NTDLL") == 0 ){.echo find; ad ${/v:tn2};}.else{.echo no;ad ${/v:tn2};gc}
}
//使用条件断点
bp ntdll!memmove+0xe "$><c:\\memove.txt"
非特殊说明,本文版权归HPay所有,转载请注明出处.
本文类型: Java工具