|
Interesting thread, i'd been looking at this target myself, but the CORE crack seems to be working fine here. Also i've been looking at how CORE crack works, and i like the way they have used dll injection to change a jmp in the service and also write out a 02 byte to set from trial to standard mode.
What i couldn't figure was the memory address that this 02 byte is written to didn't seem to be read by service? (at least my bpm 0xadress rw in softice didn't seem to be hit) I assume this is some kind of aspr variable that main program access.
Also stripper worked fine on remote admin exe for me, but like OP said it didn't work on service (but as black_out says it only fails on stolen bytes), so it was enough for dissasembly...
--
bedrock
|