Thread: How to debug a program spawned by another program?
View Single Post
  #2  
Old 10-18-2012, 17:19
Av0id Av0id is offline
VIP
  
Join Date: Jan 2006
Posts: 399
Rept. Given: 112
Rept. Rcvd 111 Times in 69 Posts
Thanks Given: 0
Thanks Rcvd at 15 Times in 15 Posts
Av0id Reputation: 100-199 Av0id Reputation: 100-199
what kind of software is it? what peid said about main executable?

if you mean armadillo debug-blocker, then catch moment when WriteProcessMemory writing memory at OEP and put EB FE there

if you mean simple CreateProcess then modify process creation flags to CREATE_SUSPENDED
Reply With Quote
The Following User Gave Reputation+1 to Av0id For This Useful Post:
bunion (11-17-2012)