每次复制汇编代码，就会呈现下面的样子：
00007FF95FDF11E6 | CC | int3 |
00007FF95FDF11E7 | CC | int3 |
00007FF95FDF11E8 | CC | int3 |
00007FF95FDF11E9 | CC | int3 |
00007FF95FDF11EA | CC | int3 |
00007FF95FDF11EB | CC | int3 |
00007FF95FDF11EC | 48:895C24 10 | mov qword ptr ss:[rsp+10],rbx | rbx:PEB.InheritedAddressSpace
00007FF95FDF11F1 | 48:897424 18 | mov qword ptr ss:[rsp+18],rsi |
00007FF95FDF11F6 | 55 | push rbp |
00007FF95FDF11F7 | 57 | push rdi |
00007FF95FDF11F8 | 41:56 | push r14 | r14:"minkernel\ntdll\ldrinit.c"
十分的不爽，还得活人手动替换掉 |
这个补丁 就是为了解决这个问题而为。

打完补丁后的:
0016DD32 68 A00F0000 push 0xFA0
0016DD37 68 ECB03500 push wnconfig.35B0EC
0016DD3C E8 486D1000 call 0x274A89
0016DD41 83C4 0C add esp,0xC
0016DD44 68 40CC2A00 push wnconfig.2ACC40 2ACC40:L"kernel32.dll"
0016DD49 FF15 8CB72A00 call dword ptr ds:[<&GetModuleHandleW>]

(Every time the assembly code is copied, it will look like the following:
00007FF95FDF11E6 | CC | int3 |
00007FF95FDF11E7 | CC | int3 |
00007FF95FDF11E8 | CC | int3 |
00007FF95FDF11E9 | CC | int3 |
00007FF95FDF11EA | CC | int3 |
00007FF95FDF11EB | CC | int3 |
00007FF95FDF11EC | 48:895C24 10 | mov qword ptr ss:[rsp+10],rbx | rbx:PEB.InheritedAddressSpace
00007FF95FDF11F1 | 48:897424 18 | mov qword ptr ss:[rsp+18],rsi |
00007FF95FDF11F6 | 55 | push rbp |
00007FF95FDF11F7 | 57 | push rdi |
00007FF95FDF11F8 | 41:56 | push r14 | r14:"minkernel\ntdll\ldrinit.c"
I am very upset, and have to be replaced manually by a living person |
This patch is to solve this problem.

After patching:
0016DD32 68 A00F0000 push 0xFA0
0016DD37 68 ECB03500 push wnconfig.35B0EC
0016DD3C E8 486D1000 call 0x274A89
0016DD41 83C4 0C add esp,0xC
0016DD44 68 40CC2A00 push wnconfig.2ACC40 2ACC40:L"kernel32.dll"
0016DD49 FF15 8CB72A00 call dword ptr ds:[<&GetModuleHandleW>])

Apowersoft Screen Recorder Pro.rar

2021-8-16 11:14 上传

文件大小: 2.1 MB
下载次数: 0

每次复制汇编代码，就会呈现下面的样子：
00007FF95FDF11E6 | CC | int3 |
00007FF95FDF11E7 | CC | int3 |
00007FF95FDF11E8 | CC | int3 |
00007FF95FDF11E9 | CC | int3 |
00007FF95FDF11EA | CC | int3 |
00007FF95FDF11EB | CC | int3 |
00007FF95FDF11EC | 48:895C24 10 | mov qword ptr ss:[rsp+10],rbx | rbx:PEB.InheritedAddressSpace
00007FF95FDF11F1 | 48:897424 18 | mov qword ptr ss:[rsp+18],rsi |
00007FF95FDF11F6 | 55 | push rbp |
00007FF95FDF11F7 | 57 | push rdi |
00007FF95FDF11F8 | 41:56 | push r14 | r14:"minkernel\ntdll\ldrinit.c"
十分的不爽，还得活人手动替换掉 |
这个补丁 就是为了解决这个问题而为。

打完补丁后的:
0016DD32 68 A00F0000 push 0xFA0
0016DD37 68 ECB03500 push wnconfig.35B0EC
0016DD3C E8 486D1000 call 0x274A89
0016DD41 83C4 0C add esp,0xC
0016DD44 68 40CC2A00 push wnconfig.2ACC40 2ACC40:L"kernel32.dll"
0016DD49 FF15 8CB72A00 call dword ptr ds:[<&GetModuleHandleW>]

(Every time the assembly code is copied, it will look like the following:
00007FF95FDF11E6 | CC | int3 |
00007FF95FDF11E7 | CC | int3 |
00007FF95FDF11E8 | CC | int3 |
00007FF95FDF11E9 | CC | int3 |
00007FF95FDF11EA | CC | int3 |
00007FF95FDF11EB | CC | int3 |
00007FF95FDF11EC | 48:895C24 10 | mov qword ptr ss:[rsp+10],rbx | rbx:PEB.InheritedAddressSpace
00007FF95FDF11F1 | 48:897424 18 | mov qword ptr ss:[rsp+18],rsi |
00007FF95FDF11F6 | 55 | push rbp |
00007FF95FDF11F7 | 57 | push rdi |
00007FF95FDF11F8 | 41:56 | push r14 | r14:"minkernel\ntdll\ldrinit.c"
I am very upset, and have to be replaced manually by a living person |
This patch is to solve this problem.

After patching:
0016DD32 68 A00F0000 push 0xFA0
0016DD37 68 ECB03500 push wnconfig.35B0EC
0016DD3C E8 486D1000 call 0x274A89
0016DD41 83C4 0C add esp,0xC
0016DD44 68 40CC2A00 push wnconfig.2ACC40 2ACC40:L"kernel32.dll"
0016DD49 FF15 8CB72A00 call dword ptr ds:[<&GetModuleHandleW>])

Apowersoft Screen Recorder Pro.rar

2021-8-16 11:14 上传

文件大小: 2.1 MB
下载次数: 0