|
Yes, I modified it while encountering some poor detections based on well known OllyDbg vulnerabilities (as I remember you can find these exploits even on ExeTools) or even so funny "tricks" like OllyDbg executable and/or window name. By "undetectable" I mean the actual methods used by protectors. Theoretically and practically it is still detectable but it seems no developer (protector developer) seriously tries to deal with it, luckily for us.
They just understimate Olly... people (devs) would be surprised seeing how much can be done under ring3... also that was the reason of my first post in this thread (I supposed some developer noticed the possibilities of ring3 and tools like OllyDbg).
Last edited by dyn!o; 04-09-2005 at 00:55.
|