Thread: Tweak XP Pro 3.04
View Single Post
  #6  
Old 07-02-2004, 23:36
mtw mtw is offline
Friend
  
Join Date: Feb 2003
Posts: 73
Rept. Given: 0
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
mtw Reputation: 2
Yes I dumped the demo version from the site, also remember that first call you stop on is the ThunRTMain, so below that just find the string VB5!6 this is the address for the push. As for the DLL, as I said before, just create a DLL named special.dll, make 1 function exported named SVKP_KillDebugger,
and make another function to grab the PID, get the address of CryptVerifySignature, and write to that address something like
mov eax, 01
retn 18.

Also a note .. if your dumped file isnt the same name as the org program, change it to it.
Last edited by mtw; 07-02-2004 at 23:38.
Reply With Quote