2012年3月31日
masm之hook api
摘要: 1 AddToTable proc uses ebx edx lpFunctionAddress:DWORD,lpNewFunc:DWORD 2 invoke VirtualAlloc,0,20,MEM_COMMIT,PAGE_READWRITE 3 4 ; FunctionAddr Head BYTE of Function New Head for Function 5 ;[00 00 00 00] [00 00 00 00 00 00 00 00] [B8 00 00 00 00 FF E0 00] 6 7 push ... 阅读全文
posted @ 2012-03-31 18:59 mez 阅读(247) 评论(0) 推荐(0) 编辑