vmp2.05 跳黑名单lpk源代码
lpk完整模板自己随便去找个吧,这里只贴跳黑名单的部分LPVOID WINAPI MyVirtualAlloc(LPVOID lpAddress,SIZE_T dwSize,DWORD flAllocationType,DWORD flProtect){
LPVOID lpRet;
lpRet = VirtualAllocEx((HANDLE)-1,lpAddress,dwSize,flAllocationType,flProtect);
if (*(BYTE *)0x87B657 == 0x73)
{
*(BYTE *)0x87B657 = 0x77;
}
return lpRet;
}
void OnDllProcessAttach()
{
DWORD prot;
DWORD dwTmp;
if (GetModuleHandle("VMProtect.exe"))
{
dwTmp = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"),"VirtualAlloc");
VirtualProtect((LPVOID)dwTmp,5,PAGE_EXECUTE_READWRITE,&prot);
*(BYTE *)dwTmp = 0xE9;
*(DWORD *)(dwTmp+1) = (DWORD)MyVirtualAlloc - dwTmp - 5;
VirtualProtect((LPVOID)dwTmp,5,prot,&prot);
}
} 就那么几行 !没看头
页:
[1]