|
there seems to be a weekness in crc checking of aspr'd programs in the protectd/encrypted data not the code.
some crackers enject code in that area, which makes a call to certain address in which they place the required instructions.you can trace the decompression/decryption routine to see what to enject to get the required call to that address.
examples of aspr'd targets that were attacked by that method are iso commander 1.5.052,1.50.060, reget deluxe 4.1.241 (twice by tsrh and digiratti).
|