2018年1月29日
__readfsdword __readgsqword PEB TEB
摘要: To get 32-bit PEB from 32-bit process: BYTE* _teb = (BYTE*)__readfsdword(0x18); PEB32* _peb = *(PEB32**)(_teb + 0x30); To get 64-bit PEB from 64-bit p 阅读全文
posted @ 2018-01-29 16:16 m4sterx 阅读(1528) 评论(2) 推荐(0) 编辑