Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page help patching apis
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #5  
Old 01-25-2006, 02:41
Messer
 
Posts: n/a
If you want to destroy OutputDebugString -> Just patch a retn 4 at the begining of this API.

Else follow Param1 and put 0x00 there. Then just execute OutputDebugString.

Both Methods should fix vulnerability of Olly.

You better just patch if the machine is Win2k/2k3/XP. On Win 9x/ME every application shares its system-dlls with every other process afaik.

When to patch: I think it's the best to patch at EP.
Where to patch: Kernel32.dll and other System-DLLs on runtime.
How to patch: Maybe just put a JMP <to your code> in every API that needs to get modified. You may use VirtualAlloc to get some free space to put your code somewhere. Just execute it on EP, put your code to handle APIs to new allocated space, put your JMPs in the APIs and then restore EP and jump back.
Last edited by Messer; 01-25-2006 at 02:57.
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
APIs in Olly jump General Discussion 3 09-25-2013 19:03
EXE files and apis Warren General Discussion 9 09-02-2005 16:59


All times are GMT +8. The time now is 05:25.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )