|
Nice
Nice to see that you figured it out. But you write:
"now that I have problems with, then it brings up the error message, with an exception at 004052CB, which you can trace back to the call you mention, but many other calls lead to it too, so nopping the call you did doesn't fix that."
I'm not sure I understand you right about this. After I nop'ed the call at address 005807AA, the program runs fine. As far as I could see the call made from 005807AA is the only one. The code later on sure is called several times, but nop'ing the call still solved my problems. Getting the exception error at address 004052CB surely was the problem, but by nop'ing the call the exception wasn't triggered, and the program continues.
Another interesting problem pop's up later on. Run the program for a while and you get the code 411 error message. There is a "time bomb" in the program, probably triggered by the increased size of the unpacked file. To get around that you simply have to find the right call and put a ret instruction at the beginning of the called code.
regards,
hobgoblin
|