|
ilyacr:
Instead of giving unpacked file it would be better to tell how to do it. otherwise will nobody learn anything. I see you played with IIDKing in sections. Could you please explain a little about this step ?
deephousederek:
Go to: Options -> Debugging options -> Exceptions , untick everything .
Load file and run target. You will stop at exception "Illegal instruction".
Press "shift+F9" to pass exception. Damn , now come another exception. Repeat with the previous step (shift+F9) untill you pass all exceptions. This is the last one (i you press shift+F9 once again , target run)
00A8053D 8DC0 LEA EAX,EAX ; Illegal use of register
00A8053F EB 01 JMP SHORT 00A80542
Now go to "Memory map" , Section : code and put "memory bp on access"
Pass the final exception and due memory bp you will land at OEP (at 005005D8) .
|