用ida查看NtReadFile的汇编代码
//参数注释
PAGE:0049D117 var_78 = dword ptr -78h
PAGE:0049D117 var_74 = dword ptr -74h
PAGE:0049D117 var_70 = dword ptr -70h
PAGE:0049D117 var_6C = dword ptr -6Ch
PAGE:0049D117 Irp = dword ptr -68h
PAGE:0049D117 var_64 = dword ptr -64h
PAGE:0049D117 MemoryDescriptorList= dword ptr -60h
PAGE:0049D117 var_5C = dword ptr -5Ch
PAGE:0049D117 var_58 = dword ptr -58h
PAGE:0049D117 var_54 = dword ptr -54h
PAGE:0049D117 var_50 = dword ptr -50h
PAGE:0049D117 var_4C = dword ptr -4Ch
PAGE:0049D117 var_48 = dword ptr -48h
PAGE:0049D117 var_44 = dword ptr -44h
PAGE:0049D117 var_40 = dword ptr -40h
PAGE:0049D117 var_3C = dword ptr -3Ch
PAGE:0049D117 var_38 = dword ptr -38h
PAGE:0049D117 var_34 = dword ptr -34h
PAGE:0049D117 Object = dword ptr -30h
PAGE:0049D117 AccessMode = byte ptr -2Ch
PAGE:0049D117 DeviceObject = dword ptr -28h
PAGE:0049D117 var_24 = dword ptr -24h
PAGE:0049D117 var_20 = dword ptr -20h
PAGE:0049D117 var_19 = dword ptr -19h
PAGE:0049D117 FileHandle = dword ptr 8
PAGE:0049D117 Event = dword ptr 0Ch
PAGE:0049D117 ApcRoutin
最低0.47元/天 解锁文章
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
