1、var helper/set variables for usevar csectionvar csizegmi eip, CODEBASE/ get base of codemov csection,$RESULT/ save base of code to csectiongmi eip, CODESIZE/ get code-sizemov csize,$RESULT/ mov code-size to csizemov helper,eip/ set helper-variable to eipinc helper/ increase helper-variablemov helper
2、,helper/ mov helper-variable to the eax-value (B8XXXXXX)go helper/ execute Olly till we reach this adressrtr/ step till we hit a ret-instructionbprm csection,csize/ set a memory-breakpoint on code-sectioncob/ break if we hit breakpointrun/ runbpmc/ clear memory-breakpointsto/ step to next instructionfindop eip,#FFE0#/ find JMP EAXgo $RESULT/ execute till JMP EAXsto/ step to OEP (EAX-value)msg OEP found!/ print messageret/ end script
