thanks and I already noticed that isvname.set is encrypted, but I will give rlm.exe & vendor.exe a try.
nikkapedd, you mentioned in one of your posts that some new targets require besides pubkey injection also patching of the rlm_chekout routine. But if you you inject your own pubkey, rlm_checkout will yield the correct result, so why would you have to patch it?
secondly, rlm_checkout does not yield "0" in eax but an address pointer to the checkout result, and the address is different on each run, so how can you patch this?
rgds
|