|
|
#11
01-26-2004, 12:31
|
|||
|
|||
|
thanks ShaG for the improvement, much better!.
inlight of my post on this forum and the three steps I mentioned for unpacking asprotect , now this script will demonstrate this fact by locating the stolen bytes , to do that , do the following: 1-hide debugger 2- run this script below, and look for your stolen.(some time you may need to add to the stolen bytes the mov eax,xxxxxx), it is easy, I did clarify this some where in this forum) .[hint: F9 few times once script finshes, you will be at mov ebp,esp in programs that start: push ebp, mov ebp,esp] 3.- look for your oep as I noted in a thread in this forum. note: this script will work on most of the aspr. programs that have stolen bytes, in some it will not , so you need to trace once you are in the break point of the updated script "lastex", I will provide a script for such programs later on, if a need for it arises. scripts tested on registry cleaner expert. (this script is only to demonstrate steps I posted for unpacking asprotect. I didn't put any effort in it , I just added few codes to lastex script). Last edited by britedream; 01-26-2004 at 21:07. 
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Plugin+ Configuration for olly 2.01 | Conquest | General Discussion | 4 | 03-25-2013 00:04 |
Threaded Mode