One-up loading location: All the way down: whenever you encounter a big jump back, press F4 to jump to the next step, skip the loop section until a RETN return to: And then we continue to follow, always follow to a jmp if the F4 down a step, the program will run: So we're here the next breakpoint: and then press F9 to run , see how many times this cycle will run, about 9 times after the program runs again, then we reload the program, where we press 8 times after the F9, we track this loop: in the Nineth tracking time, we will find that there is a loop: if we F4 skip this jmp command, the program will still run, So let's take the same idea, place a breakpoint in this jmp, and see how many times the F9 is pressed: The answer is to press 5 times. So, after pressing 4 F9, we tracked the fifth cycle one step at a time. The fifth cycle of the process, if we F4 skip this sentence: Then the program will run up, so we still use the above method, the next breakpoint, to see if he will run the program after pressing N times F9, then we press N-1 times F9, Then start the single-step tracking of this loop: But here we press countless times F9 not want to end the loop meaning, we can only within the scope of this loop to find out what the key point we found: Here is a cross-section of the jump, we go to 401700 next breakpoint, See if the program will be executed here: after the execution of the breakpoint executes here, this is oep.
I love special topic shelling exercises----one of the compression shell exercises
