52ky 发表于 2021-4-27 16:32:04

TheMida Spy

TheMida Spy,TheMida使用kernel32.dll、user32.dll和advapi32.dll的RAW来停止,在执行mida层时禁用api中的断点。成为为了突破API,我们必须在它们之间添加一个额外的层代码和API,这将使我们能够轻松地从k32和dvapi32.dll

(TheMida uses RAW of kernel32.dll, user32.dll and advapi32.dll to stop,
disable breakpoints in APIs while TheMida layer is executing. To be
able to break on APIs we have to add one extra layer between TheMida
code and API, which will allow us to easily break on APIs from k32 and
advapi32.dll)


页: [1]
查看完整版本: TheMida Spy