Aspack OEP (simple)
Aspack OEP (simple)
an simple Olly script I've created:
// NtdllDefWindowProc_W is actually user32.DefWindowProcW
CMP [eip], 60 , 1
jne Finish_Nopushad
// pushad instruction at eip is there,
// so execute that instruction by sti
sti
mov temp,esp
bphws esp,"r"
run
Break:
bphwc temp
rtr
// Executes "Run to return" in OllyDbg, [Ctrl+F9] operation.
sto
// Execute F8 in OllyDbg. STep Over.
cmt eip, "This is the OEP! Found by script"
ret
Finish_Nopushad:
log "Error: NO pushad instruction"
|