Quote:
Originally posted by DCZ
Patching in memory with ollydbg works, but when i try to inline patch it doesn`t work.Maybe my patch gets overwritten by unpacker code..i suppose. Is there any cool method to find blank space to inject code? I usually inject code at the end of any section.
|
i think it's the same as with aspack... the jump to the oep is written while unpacking... set a "memory on write" breakpoint in ollydbg on the oep-jump. then you will see the "bad code".
if you have no space for inline-patching, use this litte tool (attachment) zeroadd... it adds an empty section where you can write your inline-patch.
i hope this helps.
MaRKuS TH-DJM