1. sys
2. exe
3. cpp
void test() { for (DWORD i = 90000; i <= 96000; i++) { // 140006151 + 4 BYTE data[] = { 0xE8, 0x59, 0x0D, 0x6D, 0x80, 0x3C, 0xA2, 0x78, 0x15, 0x87, 0x16, 0x16, 0x07, 0x26, 0x68, 0x55, 0x7F, 0x12, 0xF1, 0xEF, 0xF9, 0xA1, 0x9C, 0xE8, 0xEA, 0x9C, 0x90, 0xF4, 0x9F, 0x3A, 0xA8, 0x8C, 0x27, 0x47, 0x79, 0xF6, 0xDC, 0x20, 0x7F, 0x86, 0xED, 0x34, 0x7E, 0xF7, 0x1C, 0x55, 0x6B, 0xF6, 0xEF, 0xF2, 0x2A, 0x7A, 0xF0, 0x44, 0x50, 0x8A, 0x9B, 0xE1, 0xC4, 0xE1, 0x45, 0x90, 0x2B, 0x0E, 0xCF, 0xAF }; DWORD len = sizeof(data); x_decrypt_shellcode(data, len, i); DWORD v1 = *(PDWORD)data; if (v1 == len) { printf("pass: %d\n", i); // 91024 printf("%s\n", util::bin2hex(data, sizeof(data)).c_str()); break; } } }