April 28, 200817 yr Good work, q You need writing an *internal* tut on this lol. If that's OK with Lena She's already planning an update lol..
April 28, 200817 yr Damn, I was beat to it. I guess there is 3 ways to go about doing this, I have tried them all. First, the obvious way is just straight up load under a debugger, which is possible, although I did have a problem with one anti debug where I would get caught sometimes and not others, even when using a script to bypass already found anti. Second way is to just attach and hope you can find the code that looks like the lower half the the oep (lame), plus I dont think most people know how to attach with its setup. The third way is more of what quosego used I guess. There is no crc check in the code, which is weird, I thought earlier versions had it, anyway with no crc you can write an inline patch up, then EBFE when you want to stop. Since your just going to run it real quick, you can half-azz the patch, bad habit, but whatever. Another enjoyable reverse. Edited April 28, 200817 yr by What
April 28, 200817 yr Impressive stuff mate, nice work Skillful & with a great sense of humor - lethal combination! Good work, q You need writing an *internal* tut on this lol. If that's OK with Lena She's already planning an update lol.. Thnx all, Just the result of a lot of free time and wanting to be the first.. :cool: Doubt if I could have waited much longer.. Will make something internal if it's allowed.. Including my scripts and api modder program.. quosego
April 29, 200817 yr lena do you start the app on pc with 256 mb or 128 mb ram for testingor start the app in 2 process and the second is crashing , on sp2but the protection is good
April 30, 200817 yr My variant unpacked & script fix import redirect hehe what this Pavka?? :happy: .....what the purpose from script if u can't pass the debugger detected .... r u sure it is usefull :dry: ......How we know if it work ...without testing it (pls just don't say test it :whistling: )
April 30, 200817 yr Pavka never said that the scripts helps you getting around the debugger checks.That
April 30, 200817 yr My variant unpacked & script fix import redirect hehe what this Pavka?? :happy: .....what the purpose from script if u can't pass the debugger detected .... r u sure it is usefull :dry: ......How we know if it work ...without testing it (pls just don't say test it :whistling: ) You can test so: Make dump programs and make dump region of memory push XXXXXXXX <---- dump region ret Load in Olly Dump & Load dump region and start a script
April 30, 200817 yr Load dump in Olly , end load dumped memory Script static, only edit a mask under the region of memory!
April 30, 200817 yr Load dump in Olly , end load dumped memory Script static, only edit a mask under the region of memory! I will give a try. after I back to my house ...because here i can't ..... but If i have any inquiry can i post it ..if this not bother u Many Thanks for u
April 30, 200817 yr And here"s my contribution Too late as usual And also my script to fix IAT redirection Very nice work lena ESSAI_.zip Scrip6.txt
April 30, 200817 yr Author O plaudite, o plaudite, gloria victis? Vae victis!!! Felix qui potuit rerum cognoscere causas. De facto errare humanum est et beati pauperes spiritu. Contraria contraiis curantur. O acta est fabula. Aaaaah! Para bellum si vis pacem! Aaaaaah! Morituri te salutant ... ita est! Victurus te saluto, lena151 te saluto, ... ita est!Ave atque vale.lena151.
April 30, 200817 yr Author Aio, quantitas magna frumentorum est. O tempora! Ipso facto, ira furor brevis est ... veritas odium parit. Audaces fortuna juvat. Non omnia possumus omnes ... o fortunates nimium, sua si bona norint reverseras! O mores! Ita est ... ita diis placuit. Aaaah! O mores! Ira furor brevis est. Ita est ... ita diis placuit. Aaaaah! Alea jacta est! Quod erat demonstrandum. Ave atque vale. lena151.
April 30, 200817 yr I 2nd Loki at that...If I could just speak Spanish as well as you speak Latin lol
April 30, 200817 yr Aaaah! .......Aaaaah! ......... lena151 Is it s.e.x.y conversation ? :biggrin: ( sorry ... was just a joke ! ) Edited April 30, 200817 yr by SUB Z3R0
April 30, 200817 yr Non omnia possumus omnes ... Aver... Is it s.e.x.y conversation ? :biggrin: LOLUS
April 30, 200817 yr Author Sorry guys ... some good family news made that I couldn't resist a small joke I hope I didn't insult anybody. lena151.
April 30, 200817 yr Actually i found it pretty amusing. Glad to hear about the good news for your family.
April 30, 200817 yr Damn I am dumb, the only thing that was keeping my anti debug script from working everytime was, a normal GetTickCount with a sleep in between (if you do not know what I mean by normal, compared to other, you obviously didnt get very far). Difference needs to be 1A or something like that. Now to find one more anti debug, which is the catching of the debugger when I dont use hide toolz to hide the debugger, I figured there was no need before, but might as well. Edited April 30, 200817 yr by What
Create an account or sign in to comment