Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page SVKP 1.3x - Download Accelerator plus v7.5
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #4  
Old 12-30-2005, 18:35
DappA
 
Posts: n/a
Im not really an expert, but why can't you just add those allocated sections to the dump? Since the code is still static in the dump, you could just leave the unresolved APIs and let them be emulated by the added sections.

I've tested this on two different machines, and it seems to work. Dont know really, but you could test this one out.

http://rapidshare.de/files/10083923/test_.zip.html

OEP at 0052D1E4

Code:
0052D247      90            NOP ---- STOLEN CODE! etc
0052D24E   .  E8 CC47F7FF   CALL DAP.004A1A1F
Stolen Code starts at
Code:
Run trace, selected line
Back=630.
Thread=Main
Address=00EB05B3
Command=PUSH EAX -- STOLEN CODE!
Add this memory section to the dump, recover the IAT, rebuild PE, and set the EP to 00EB05B3-Imagebase = 00AB05B3

Is that what you've done? :-P
Anyways, good luck with it, you tha man!
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
svkp infern0 General Discussion 3 06-05-2011 18:34
SVKP 1.3x unpacking codeX General Discussion 10 01-28-2005 22:03
The new svkp 143 britedream General Discussion 3 09-19-2004 22:22


All times are GMT +8. The time now is 22:45.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )