Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page UPX Unpacking Issues
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #4  
Old 07-04-2006, 12:01
noltia
 
Posts: n/a
Thanks for both of your comments, the import address table was invalid because the process makes certain API calls only after modifying the kernel with a driver.

Imprec's level 1 trace worked, but it didn't seem like it was executing because "ExitProcess" gets called after it checks for a device/driver it unpacks and loads into the kernel on runtime.

It is an evil, piece of software.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
64bit Programming and Assembly Issues moro3391 x64 OS 1 01-18-2013 18:35
Anti-Piracy Company Issues $40k Hacker Challenge elephant General Discussion 9 02-24-2007 06:33
Syser Debugger 1.1 testing versions issues [ attention ] rockwu General Discussion 4 08-23-2005 18:09


All times are GMT +8. The time now is 11:51.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )