Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page What's this?
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 03-04-2004, 00:49
Crk
 
Posts: n/a
What's this?
playing with Resource Builder 2.1 (2.1.0.3)

Dump at fake OEP which is the common calls to Getmodulehandle
that Delphi app. uses

original OEP : 00613654

Stolen bytes: 558BEC83C4F8B89C2D6100

set new OEP to 00213654 with your favorite PE Editor then fill the 000000 with stolen bytes ...

now i can't find any entries to resolve IAT using latest Imprec ..
the plugins don't work neither

is this A new ASpr. tricks??

i think this is Aspr. 1.3 which uses some IAT protection

Any ideas/tips ??

Regards
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT +8. The time now is 10:02.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )