|
FEARHQ,
Your on the right track with your app ;-)
He is using import elimination. In a previous thread about zclient i attached 2 tutorials in spanish. one of them is about arma 3.X who's using code splicing and import elimination, there a recently posted 2 news tuts about arma
I used a ollyscript with OpenMutexA to run the app in one olly process
Run the app and break at the OEP (screenshot)
on the call GetVersionExA do a follow in dump memory address
put a hw on access dword breakpoint on a right import (screenshot)
restart olly, run the app in single olly instance (OpenMutexA) end after several
incorrect breaks you'll land at the end of the import loop (screenshot)
Hope this will bring you on the right track...
Lownoise
Last edited by lownoise; 05-30-2005 at 20:12.
|