Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page the big call >> mov eax,01 ret
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-04-2009, 07:33
pp2 pp2 is offline
Friend
  
Join Date: Jan 2002
Posts: 60
Rept. Given: 1
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 1
Thanks Rcvd at 16 Times in 12 Posts
pp2 Reputation: 2
Seems, that you need to patch (inline) and/or emulate Execryptor API, which is used to check registration, if program author have no more checks by its own code? Sometimes it is not just "mov eax, 1/retn" to bypass. What will you do, if some useful code is ciphered? It is impossible to reconstruct it without having a key, and even bypassing validation check will execute ciphered code and end with an unhandled exception.

Sure, all these tones of checks, loops, cipherings, virtual machines are intended to impede your work to find this magic code! But how you will be sure, that any program will get registered patching somewhere jne/je to jmp (or setting some variable to 0 or 1)?
Reply With Quote
The Following User Gave Reputation+1 to pp2 For This Useful Post:
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Call Recorder for Android mdj General Discussion 18 12-11-2019 12:07
UnPack.cn call to vote b30wulf General Discussion 8 08-26-2015 00:34
members roll call Rhodium General Discussion 4 05-04-2005 17:48
Fixing an EXE to not call a DLL? Barry General Discussion 11 06-03-2004 00:37


All times are GMT +8. The time now is 23:28.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )