700个脱壳脚本, 可以放在在OD的ollyscript Plugin中.

				/*
				//////////////////////////////////////////////////
					DBPE 2.x OEP finder v0.2
					Author:	loveboom
					Email : bmd2chen@tom.com
					OS    : Winxp sp1,OllyDbg 1.1,OllyScript v0.85(latest)
					Date  : 2004-6-14
					Config: Ignore all Exceptions.
					Note  : If you have one or more question, email me please,thank you!
				//////////////////////////////////////////////////
				*/
				
				var cbase
				var csize
				var addr
				var addr1
				
				gmi eip,CODEBASE
				mov cbase,$RESULT
				gmi eip,CODESIZE
				mov csize,$RESULT
				
				lblset:
				  msgyn "Setting:Ignore all exceptions,require:Ollydbg1.1,ollyscript v0.85(latest),Continue?"
				  cmp $RESULT,0
				  je end
				
				start:
				  bprm cbase,csize
				  run
				
				lbl1:
				  bpmc
				
				lblfd:
				  find eip, #39BD????????76????????????89BD#         	//Found 'MOV DWORD PTR SS:[EBP+XXXX],EDI'
				  cmp $RESULT,0						//If not found go to abort
				  je lblabort
				  mov addr,$RESULT
				  add addr,D
				  fill addr,6,90					//Replace to 'NOP'
				
				lblsel:
				  find eip,#39BD????????73????????????89BD#		//Found 'MOV DWORD PTR SS:[EBP+XXXX],EDI'
				  cmp $RESULT,0
				  jne lbldb2x
				  find eip,#39BD????????73????????????????????????????????????????????????89BD#
				  cmp $RESULT,0
				  jne lbldb233
				  jmp lblabort						//If not found then script abort
				
				lbldb2x:						//dbpe2.2 dbpe2.32
				  mov addr,$RESULT
				  add addr,D
				  fill addr,6,90					//Replace to 'NOP'
				  go addr
				  jmp lbljmpoep
				
				lbldb233:						//dbpe2.33
				  mov addr,$RESULT
				  add addr,1F
				  fill addr,6,90
				  go addr
				
				
				lbljmpoep:
				  find eip,#890F#					//Found 'MOV DWORD PTR DS:[EDI],ECX'
				  mov addr,$RESULT
				  mov [addr],#8907#					//Replace to 'MOV DWORD PTR DS:[EDI],EAX'
				  find eip,#C20C00FFE0#					//Found 'jmp eax'
				  mov addr,$RESULT
				  add addr,3
				  bprm addr,FF
				  run
				
				lblsto:
				  bpmc
				  sto	
				
				lblask:
				  msgyn "FIX IAT(very slow)?"
				  cmp $RESULT,0
				  je lblend
				
				lblfixapi:
				  cmt eip,"Scaning,Please wait!"				//Fix IAT
				  find cbase,#FF25??????80#
				  cmp $RESULT,0
				  jne lbljmp
				  find cbase,#FF15??????80#
				  cmp $RESULT,0
				  jne lbljmp1
				  jmp lblend
				
				lbljmp:
				  mov addr,$RESULT
				  repl addr,#FF25??????80#,#FF25??????00#,6
				
				lblsub1:
				  find addr,#FF25??????80#
				  cmp $RESULT,0
				  je lblend
				  mov addr,$RESULT
				  repl addr,#FF25??????80#,#FF25??????00#,6
				  jmp lbljmp
				
				lbljmp1:
				  mov addr,$RESULT
				  repl addr,#FF15??????80#,#FF15??????00#,6
				
				lblsub2:
				  find addr,#FF15??????80#
				  cmp $RESULT,0
				  je lblend
				  mov addr,$RESULT
				  repl addr,#FF15??????80#,#FF15??????00#,6
				  jmp lbljmp1
				 
				lblend:
				  cmt eip,"OEP,Please dumped it,Enjoy!"
				  msg "Script by loveboom[DFCG],[FCG],Thank you for using my Scripts!"
				  jmp end
				
				lblabort:
				  msg "Error!Script aborted,Maybe target is not protect by DBPE or you forgot Ignore all Exceptions."
				
				end:
				  ret