def Test_d(): code = '\xeb\xf0' n = ia32.promoteBranch_32( ia32.decode(code) ) if ''.join(n) == '\xe9\xed\xff\xff\xff': raise Success print repr(decode(code)), repr(n) raise Failure
def Test_d(): code = '\xeb\xf0' n = ia32.promoteBranch_32(ia32.decode(code)) if ''.join(n) == '\xe9\xed\xff\xff\xff': raise Success print repr(decode(code)), repr(n) raise Failure
77350113 5b pop ebx 77350114 59 pop ecx 77350115 6a00 push 0 77350117 51 push ecx 77350118 e873fd0000 call ntdll!ZwContinue (7735fe90) """ """ relocated ntdll!KiUserExceptionDispatcher+0xf: 7735010f e9fafe4e89 jmp 0084000e 77350114 59 pop ecx 77350115 6a00 push 0 77350117 51 push ecx 77350118 e873fd0000 call ntdll!ZwContinue (7735fe90) """ """ hook 00840000 0ac0 or al,al *00840002 0f841b01b176 je ntdll!KiUserExceptionDispatcher+0x23 (77350123) 00840008 5b pop ebx 00840009 e90601b176 jmp ntdll!KiUserExceptionDispatcher+0x14 (77350114) 0084000e 90 nop 0084000f e9ecffffff jmp 00840000 """ if True: currentaddress = 0x840002 sourceinstruction = ia32.decode('\x74\x0c') operand = 0x7735011f n = ia32.setRelativeAddress(currentaddress, sourceinstruction, operand) promoted = ia32.promoteBranch(n, 4)
77350115 6a00 push 0 77350117 51 push ecx 77350118 e873fd0000 call ntdll!ZwContinue (7735fe90) """ """ relocated ntdll!KiUserExceptionDispatcher+0xf: 7735010f e9fafe4e89 jmp 0084000e 77350114 59 pop ecx 77350115 6a00 push 0 77350117 51 push ecx 77350118 e873fd0000 call ntdll!ZwContinue (7735fe90) """ """ hook 00840000 0ac0 or al,al *00840002 0f841b01b176 je ntdll!KiUserExceptionDispatcher+0x23 (77350123) 00840008 5b pop ebx 00840009 e90601b176 jmp ntdll!KiUserExceptionDispatcher+0x14 (77350114) 0084000e 90 nop 0084000f e9ecffffff jmp 00840000 """ if True: currentaddress = 0x840002 sourceinstruction = ia32.decode('\x74\x0c') operand = 0x7735011f n = ia32.setRelativeAddress(currentaddress, sourceinstruction, operand) promoted = ia32.promoteBranch(n, 4)