“INT3”断点指令的机器码是 “0xcch”
检测思路,取函数地址,判断第一个字节是不是 “CCh”
BYTE bFirst =
0;
ProcAddres = GetProcAddress(LoadLibrary(
"user32.dll",
"MessageBox"));
bFirst = *((BYTE*
)ProcAddress);
if(bFirst ==
0xCC)
{
return TRUE;
}
转载于:https://www.cnblogs.com/nightnine/p/5223605.html
