|
I was able to get the new 2.11 version to run properly within Olly.
If I used the OllyScript I had to finding the Arm OEP, the program would not work properly within Olly.
If I used the manual bp CreateThread method to find the CALL ECX then I was able to get the the OEP. This time around all routines worked as expected within Olly.
So I modified the TEAM RES script to allow it to work with my application. You may want to try it.
Also I found that using the bp Virtual Protect method is not working this time around. There are actually 17 occurances of PUSH 14 all at the same address. If I follow the code below the PUSH 100 and bp on the next CALL... then step into the CALL and place a RETN... then SHIFT+F9... the program runs then terminates.
Any ideas?
Last edited by Maltese; 07-05-2005 at 11:39.
|