|
|
|
|
#1
09-10-2004, 21:15
|
|||
|
|||
|
i found that abel loader generator v2.30 and DAZAPATCHER work great when you need to patch a protected .dll file.
how? if loaders run an exe target .. how you patch those dll in mem. with a loader... 
|
|
#2
09-10-2004, 22:16
|
|||
|
|||
|
i just set it to load the exe and then set the patch data to the offest of the .dll
|
|
#3
09-11-2004, 01:17
|
|||
|
|||
|
Hello,
I don't understand the problem here. The dll will be loaded in the SAME context than the EXE file. Therefore, you could patch the dll if you could control the EXE file code. But what you can just do, is CreateProcess the EXE file, and then, instead of providing a VA inside the Target EXE (which you don't want to do, since you want to patch the dll), you just provide a VA inside the DLL to WriteProcessMemory, and since , the dll is in the same Address space (context) than the EXE file, you writeprocessmemory will work, and thus, you will be patching your protected dll without problems. Cheers.
|
|
#4
09-12-2004, 03:09
|
|||
|
|||
|
I just use this trick
just use Process Patcher v3.60 Search memory address you want to patch and create Process Patcher v3.60 it's will patch memory on the fly. see my attachment in powerbasic source (to enable official counter-strike 1.6 bots.) I use this trick, convert Process Patcher v3.60 to hex and store inside the source code. see the source for detail. this how i create loader/launcher.
|
|
#5
10-04-2004, 02:46
|
|||
|
|||
|
...
You can use CreateProcess to create The Process itself..Depending on the OS the Dlls are loaded by then,or arent. For an NT based OS i would Create the Process, put an EBFE on the Entrypoint, execute it and catch it to make sure all Dlls are proper loaded. The you loop the loaded Modules with the ToolHelp Functions and compare the Dllnames with the Name of the Dll you seek. The Toolhelp Functions will also return the BaseAdress, so you can use that with a Distance Value to patch your Stuff.
|
|
#6
10-05-2004, 14:02
|
|||
|
|||
|
Interesting articles
There are also some interesting articles on this subject in:
help://bib.universitas-virtualis.org Sorry, not in the library but part of the CodeBreaker Mag. at same location Last edited by vrclr27; 10-06-2004 at 13:59. Reason: Update
|
|
#7
03-11-2005, 14:02
|
||||
|
||||
|
OK guys, lets ask the question a little different.
Think we have a program and its serial-check routine, is in a DLL which is in its resource. Program runs and after a few seconds, loads the DLL and read a function from it. Using constant address for writing to memory is not possible. Because the addresses change. Now, how could we get some RVA in DLL to calculate the patch address? I can get DLL ProcessID after showing some window, but couldn't get one of its fucntion address or its OEP in memory. 
Last edited by Newbie_Cracker; 03-11-2005 at 16:25.
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Loader and Patch Dll file in C# | mcr4ck | Source Code | 0 | 06-19-2022 23:59 |
| Creating a Loader for DotNet Apps? | bball0002 | General Discussion | 2 | 09-24-2009 22:06 |
Hybrid Mode
