Thread: Creating a Loader for DotNet Apps?
View Single Post
  #3  
Old 09-24-2009, 22:06
nanobit nanobit is offline
Curious reverseR
  
Join Date: Nov 2008
Location: Cyberspace
Posts: 226
Rept. Given: 7
Rept. Rcvd 111 Times in 55 Posts
Thanks Given: 3
Thanks Rcvd at 30 Times in 14 Posts
nanobit Reputation: 100-199 nanobit Reputation: 100-199
as what you said "...I'm not sure how to patch the 'nop' to a 'br', since it appears to overwrite some IL instructions...", isn't this a common problem in all patchings, not just the .NET targets!? the normal procedure to pass this problem is:

1) you have to find a code cave
2) patch where-you-want-to-patch to jump to that code cave
3) insert the bytes you want to be executed and take care of the damaged instructions because of #2
4) resume the program control flow

and as NoneForce said:
Quote:
Originally Posted by NoneForce View Post
When you're making a loader for a .Net app with dUP make sure that "Target is a compressed PE file" is checked.
P.S: are you certain that the file is not protected against tampering?
Reply With Quote