View Single Post
  #1  
Old 12-25-2020, 17:41
CodeCracker CodeCracker is offline
VIP
 
Join Date: Jun 2011
Posts: 454
Rept. Given: 27
Rept. Rcvd 398 Times in 129 Posts
Thanks Given: 21
Thanks Rcvd at 1,824 Times in 349 Posts
CodeCracker Reputation: 300-399 CodeCracker Reputation: 300-399 CodeCracker Reputation: 300-399 CodeCracker Reputation: 300-399
Aspack OEP (simple)

Aspack OEP (simple)
an simple Olly script I've created:
// NtdllDefWindowProc_W is actually user32.DefWindowProcW

CMP [eip], 60 , 1
jne Finish_Nopushad
// pushad instruction at eip is there,
// so execute that instruction by sti
sti
mov temp,esp
bphws esp,"r"
run

Break:
bphwc temp
rtr
// Executes "Run to return" in OllyDbg, [Ctrl+F9] operation.
sto
// Execute F8 in OllyDbg. STep Over.
cmt eip, "This is the OEP! Found by script"
ret

Finish_Nopushad:
log "Error: NO pushad instruction"
Attached Files
File Type: txt AspackOEP.txt (459 Bytes, 12 views)
Reply With Quote
The Following User Gave Reputation+1 to CodeCracker For This Useful Post:
user1 (12-25-2020)
The Following 5 Users Say Thank You to CodeCracker For This Useful Post:
niculaita (12-25-2020), p4r4d0x (12-26-2020), sh3dow (05-15-2021), user1 (12-25-2020), Youtoo (02-01-2021)