Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Armadillo Unpacking Plugin...
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #4  
Old 10-22-2003, 10:50
bunion bunion is offline
Friend
  
Join Date: Apr 2002
Posts: 227
Rept. Given: 45
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 0
Thanks Rcvd at 6 Times in 6 Posts
bunion Reputation: 11
Thanks Ohpen...heres one packed with dillo 2.5x - 2.6x

_http://etcai.com/digital4.exe

I tried doing it myself with Ricardo's tut BUT..instead of dillo unpacking code blocks of 1,000 byte chunks when i break on write process memory i see that it only writes 2 bytes at a time..ALSO in Ricardo's tut if you break on WaitForDebugEvent you,ll get the address of dillo's REPORT so that when you break on writeprocessmemory after you get to see the OEP..this worked on another target but on this one you dont get to see the OEP...The OEP was found another way but just shows you that this program does things slightly differently??

Good luck and thanks again

paul333
Last edited by bunion; 10-22-2003 at 10:53.
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT +8. The time now is 07:15.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )