hook64位软件,通过mov的方式保存的15位寄存器。调用自己的函数后恢复寄存器来保持堆栈平衡。但是不知道为啥还是不稳定,也能正常用但是不知道几个小时后就有可能会崩溃。
32位有pushad指令,64位不知道要咋处理。 或者我如何定位到崩溃的原因? 正在学习,望指路。
[C++] 纯文本查看 复制代码 __asm {
mov hookReceiveMsgStruct.bufferRegister.cRdi, rdi
mov hookReceiveMsgStruct.bufferRegister.cRbp, rbp
mov hookReceiveMsgStruct.bufferRegister.cRsi, rsi
mov hookReceiveMsgStruct.bufferRegister.cRdx, rdx
mov hookReceiveMsgStruct.bufferRegister.cRcx, rcx
mov hookReceiveMsgStruct.bufferRegister.cRax, rax
mov hookReceiveMsgStruct.bufferRegister.cRbx, rbx
mov hookReceiveMsgStruct.bufferRegister.cR8, r8
mov hookReceiveMsgStruct.bufferRegister.cR9, r9
mov hookReceiveMsgStruct.bufferRegister.cR10, r10
mov hookReceiveMsgStruct.bufferRegister.cR11, r11
mov hookReceiveMsgStruct.bufferRegister.cR12, r12
mov hookReceiveMsgStruct.bufferRegister.cR13, r13
mov hookReceiveMsgStruct.bufferRegister.cR14, r14
mov hookReceiveMsgStruct.bufferRegister.cR15, r15
*/
call printLog
}
__asm {
mov rbp, hookReceiveMsgStruct.bufferRegister.cRbp
mov rdi, hookReceiveMsgStruct.bufferRegister.cRdi
mov rsi, hookReceiveMsgStruct.bufferRegister.cRsi
mov rdx, hookReceiveMsgStruct.bufferRegister.cRdx
mov rcx, hookReceiveMsgStruct.bufferRegister.cRcx
mov rax, hookReceiveMsgStruct.bufferRegister.cRax
mov rbx, hookReceiveMsgStruct.bufferRegister.cRbx
mov r8, hookReceiveMsgStruct.bufferRegister.cR8
mov r9, hookReceiveMsgStruct.bufferRegister.cR9
mov r10, hookReceiveMsgStruct.bufferRegister.cR10
mov r11, hookReceiveMsgStruct.bufferRegister.cR11
mov r12, hookReceiveMsgStruct.bufferRegister.cR12
mov r13, hookReceiveMsgStruct.bufferRegister.cR13
mov r14, hookReceiveMsgStruct.bufferRegister.cR14
mov r15, hookReceiveMsgStruct.bufferRegister.cR15
call qword ptr ds : [retAdd]
jmp qword ptr ds : [retCallAdd]
}
| 
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2024-6-8 15:02:02
主题置顶卡
沉默卡
变色卡
楼主
扫一扫,关注易界动态