DrPepUr Posted September 5, 2008 Posted September 5, 2008 Please follow and adhere to the topic title format - thank-you!
shellwolf Posted September 5, 2008 Author Posted September 5, 2008 Please follow and adhere to the topic title format - thank-you!ok.thank you
SunBeam Posted September 5, 2008 Posted September 5, 2008 Most anti-debug tricks use SEH handlers and stuff from other protectors Good stuff, but not hard to skip if you check the stack Anyway, point is.. I found "A Martian!" (check up on ECX with hardcoded value). Not gonna say where to look
shellwolf Posted September 5, 2008 Author Posted September 5, 2008 Most anti-debug tricks use SEH handlers and stuff from other protectors Good stuff, but not hard to skip if you check the stack Anyway, point is.. I found "A Martian!" (check up on ECX with hardcoded value). Not gonna say where to look GOOD! some anti is hide in function,so if u know it is a function of anti,just change returnvalue to false,then u will skip it.or u can nop it. i will post several crackmes that i had post in bbs.pediy.com before.Welcome to test .
SunBeam Posted September 6, 2008 Posted September 6, 2008 (edited) I didn't NOP or change anything. Let me show you what I mean tE!Lock PUSH DWORD PTR FS:[EAX] MOV DWORD PTR FS:[ESP],EAX ^ Makes the SEH handler in stack, to skip your code I would only need to break on SEH Well, need to also patch those Context copies from ring0 to ring3 VMProtect PUSHFD/POPFD INT3 Classic Edited September 6, 2008 by SunBeam
shellwolf Posted September 6, 2008 Author Posted September 6, 2008 (edited) I didn't NOP or change anything. Let me show you what I mean thanku. what OS you use?winxp or win2003? Edited September 6, 2008 by shellwolf
Sean the hard worker Posted April 14 Posted April 14 (edited) No need to bypass this anti debug in windows 11. It just runs well without any anti anti debug tricks. Regards. sean. Edited April 14 by Sean Park - Lovejoy 1
X0rby Posted April 14 Posted April 14 30 minutes ago, Sean Park - Lovejoy said: No need to bypass this anti debug in windows 11. It just runs well without any anti anti debug tricks. Regards. sean. bro, this post is 16 years old !!! 1
jackyjask Posted April 14 Posted April 14 @sean please test windows 121 as well! and dont forget to tell the forum about your try!! 1
CodeExplorer Posted April 14 Posted April 14 1 hour ago, jackyjask said: windows 121 windows 121 ??? I didn't know such thing exist! Maybe you are ironic. 1 1
MabunbuNgube Posted April 17 Posted April 17 On 4/13/2024 at 9:04 PM, Sean Park - Lovejoy said: No need to bypass this anti debug in windows 11. It just runs well without any anti anti debug tricks. Regards. sean. jesus christ my man, u got some crazy shovel to dig up this old of a topic 1 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now