|
I would like more info on this target also. If this is a reversing project then I think a valid key would be supplied. If no key then its more like a cracking project to me. I went through few targets protected with Armadillo 3.75 and when it asks for the code, it doesn't say "Armadillo" anywhere but you can tell its Armadillo after seeing few message boxes from other targets that are protected by Arma.
What I learned about Armadillo is, you first must get passed the Code that validates the code. If the target is protected correctly, the code that you want to dump is not even decrypted yet until you enter a valid code. I was never able to crack/bypass this myself but I seen a Loader that was specifically written for a program that fakes your hardware id to one that you have the key for. So this explains why your breakpoints don't work because the code flow never gets to the OEP.
Your first step is to deal with the Window asking for the Code. Then you can go about dumping.
I also noticed that some targets I messed with got a strange Error in Ollydbg that said "Don't know how to bypass command at address xxxxxxxx..." If you get this message to bypass it press Shift + F9. And also remove all breakpoint on such targets before your first run (F9). Once you get that Error, then place the breakpoint (bp IsDebuggerPresent) and Shift + F9.
I hope this helped a little.
|
07-30-2004, 07:17
Similar Threads
Threaded Mode