Thread: Armadillo 1.xx - 2.xx -> Silicon Realms Toolworks [Overlay] < Unpackable??????
View Single Post
  #19  
Old 09-04-2004, 09:35
xastey
 
Posts: n/a
that means you didn;t dump it at the right oep.. had that same problem manytimes...

just saw your other post and reconized the app.. i'll give it a go and see if i can get the oep

Edit:
Code:
00B47097   E8 5F81FEFF      CALL 00B2F1FB <-- call you come out of
00B4709C   6A 00            PUSH 0
00B4709E   C705 7810B500 04>MOV DWORD PTR DS:[B51078],0B51C04        ; ASCII "RC"
00B470A8   E8 7122FEFF      CALL 00B2931E
00B470AD   59               POP ECX
00B470AE   59               POP ECX
00B470AF   E8 2F0AFFFF      CALL 00B37AE3
00B470B4   8BF8             MOV EDI,EAX
00B470B6   A1 6890B500      MOV EAX,DWORD PTR DS:[B59068]
00B470BB   8B48 14          MOV ECX,DWORD PTR DS:[EAX+14]
00B470BE   3348 10          XOR ECX,DWORD PTR DS:[EAX+10]
00B470C1   3348 0C          XOR ECX,DWORD PTR DS:[EAX+C]
00B470C4   03F9             ADD EDI,ECX
00B470C6   8B0E             MOV ECX,DWORD PTR DS:[ESI]
00B470C8   85C9             TEST ECX,ECX
00B470CA   75 2F            JNZ SHORT 00B470FB
00B470CC   8B78 10          MOV EDI,DWORD PTR DS:[EAX+10]
00B470CF   E8 0F0AFFFF      CALL 00B37AE3
00B470D4   8B0D 6890B500    MOV ECX,DWORD PTR DS:[B59068]            ; VideoReD.004BA2A0
00B470DA   FF76 14          PUSH DWORD PTR DS:[ESI+14]
00B470DD   8B51 14          MOV EDX,DWORD PTR DS:[ECX+14]
00B470E0   FF76 10          PUSH DWORD PTR DS:[ESI+10]
00B470E3   3351 0C          XOR EDX,DWORD PTR DS:[ECX+C]
00B470E6   FF76 0C          PUSH DWORD PTR DS:[ESI+C]
00B470E9   33D7             XOR EDX,EDI
00B470EB   03C2             ADD EAX,EDX
00B470ED   8B51 5C          MOV EDX,DWORD PTR DS:[ECX+5C]
00B470F0   3351 24          XOR EDX,DWORD PTR DS:[ECX+24]
00B470F3   33D7             XOR EDX,EDI
00B470F5   2BC2             SUB EAX,EDX
00B470F7   FFD0             CALL EAX
00B470F9   EB 25            JMP SHORT 00B47120
00B470FB   83F9 01          CMP ECX,1
00B470FE   75 22            JNZ SHORT 00B47122
00B47100   FF76 04          PUSH DWORD PTR DS:[ESI+4]
00B47103   FF76 08          PUSH DWORD PTR DS:[ESI+8]
00B47106   6A 00            PUSH 0
00B47108   E8 D609FFFF      CALL 00B37AE3
00B4710D   50               PUSH EAX
00B4710E   A1 6890B500      MOV EAX,DWORD PTR DS:[B59068]
00B47113   8B48 5C          MOV ECX,DWORD PTR DS:[EAX+5C]
00B47116   3348 24          XOR ECX,DWORD PTR DS:[EAX+24]
00B47119   3348 10          XOR ECX,DWORD PTR DS:[EAX+10]
00B4711C   2BF9             SUB EDI,ECX
00B4711E   FFD7             CALL EDI<-- bp here and step in
00B47120   8BD8             MOV EBX,EAX
00B47122   5F               POP EDI
00B47123   8BC3             MOV EAX,EBX
00B47125   5E               POP ESI
00B47126   5B               POP EBX
00B47127   C3               RETN
anyway i came up with the oep as 00452C84 .. but now rebuilding the iat is a different question :'(
Last edited by xastey; 09-04-2004 at 09:56.
Reply With Quote