|
|
|
|
#1
10-27-2003, 15:57
|
|||
|
|||
|
Hummm--
*** I'd love to undestand how in general it is possible (if it is indeed possible) to stop an application as soon as it has been completely unpacked. Could placing a breakpoint on the statement just before the OEP be a good general solution? *** Yes... You could code an R3 Tool that loads the App.. Then you have to search for Signatures you can set Breakpoints on,and hangle down this locations until you catch a Point were the Application is unpacked. Placing a Breakpoint on the Statement before the real OEP is indeed the Way to go.. Else you could hook some Api that gets called before the real OEP is executed... As i already told Radier before,play with some examples.. Its not that much Voodoo as u think off it ;-) 
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| DLL Injection | ldmd | Source Code | 2 | 10-07-2024 21:44 |
| Usermode APC Injection | WorldCrackersUnited | Source Code | 4 | 06-05-2017 15:42 |
Hybrid Mode
