Quote:
Hi,
my script is stopping at the right place, but please read the msg that it displays , it says" click on the 'k' at the toolbar , if it is not empty then duoble click on the last address you see there" , then the stolen bytes place and oep are above where you land. or follow the recent tut made by R@der.
Regards.
note:
here is the oep+stolen on my pc:
00418E78 55 PUSH EBP
00418E79 8BEC MOV EBP,ESP
00418E7B 83C4 F0 ADD ESP,-10
00418E7E B8 808D4100 MOV EAX,RegDefra.00418D80
Note2:
Please remove analysis if it is done , otherwise the address you will see inside the K, if any, will not be the correct one.
|
Starnge, but I've tried it quite a few times, and when I press on the K, I have a blank call stack window, no analysis done either.
