Import OS Fixing

[MaRKuS-DJM]

Quote:

Originally Posted by evaluator

Markus, that unpacked PEC on ftp are your?

unpacked PEC is not mine... i didn't upload anything to ftp. and the PEC i released is inline-patched

Quote:

Originally Posted by britedream

Hi
400000+3c---> offset to pe signature, add to whatever there 80H, then there is an RVA to IMPORTDirectory.

regards.

britedream, what can i do there? i think LordPE point me to the same... but can i fix there something?

i had dld Pec2 & is sux to run on W98!
while on XP it runs well. What a shame, eh!?

[MaRKuS-DJM]

that's the reason why i inline-patched it... it's one of the easiest because the OEP-jump is very easy to find (you can do it with a tutorial) but i found easier way...
use hex-editor, go to end of file and there you will find OEP-jump (FFF0) and there you can put your code

well, redownloaded 04may release, now works on w9x.

duh! Pec2Gui now starts, but "Browse for files" button not works again;
"Again" - because I fixed previous Pec2Gui(29apr release), which not started at all

what a buggy soft! shame to author

yey, I found problem:)
btw, not bad exersize for newbies, try to find bug.
where is poor author, so we can help him.

But firstly, is he good boy!?

[MaRKuS-DJM]

oh i thought it is maybe because of wrong unpacking *lol* but i don't know, i have no access to ftp, so it doesn't matter. seems programmer doesn't do his job very well

what unpacking you are about??
i'm talking about bug in Pec2Gui.exe

[MaRKuS-DJM]

i am too

try to find this bug.

huh, another bug found when test-compressing big Exe..

[MaRKuS-DJM]

does it not work for windows 98 or for other systems too?

as above..on W9x you can't open File select dialog box.
on XP ok.

[MaRKuS-DJM]

seems i have to find windows ME or 98 CD-ROM

[britedream]

Quote:

Originally Posted by MaRKuS-DJM

i'm not searching comfort, but i thought there would be a easier way to get OriginalFirstThunk.

Hi ,
I am only responding to your quotation above, I don't have the target.but after adding 80h, you will have VA, at this Va , there is Rva pointing to importDirectory, where you can find the OriginalFirstThunk you are looking for.

[MaRKuS-DJM]

Quote:

Originally Posted by britedream

Hi ,
I am only responding to your quotation above, I don't have the target.but after adding 80h, you will have VA, at this Va , there is Rva pointing to importDirectory, where you can find the OriginalFirstThunk you are looking for.

oh thanks it looks interesting... i'll see what i can do with it