Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Obsidium protection scheme as a target!
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #4  
Old 10-12-2014, 07:48
mm10121991 mm10121991 is offline
VIP
  
Join Date: Feb 2011
Posts: 136
Rept. Given: 29
Rept. Rcvd 56 Times in 34 Posts
Thanks Given: 7
Thanks Rcvd at 24 Times in 13 Posts
mm10121991 Reputation: 58
Yes, obsiduim has a custom way to detect hwbp. If I remember well, It sets the hwbp to some specific location in the code to trigger the seh and the seh will set some values in memory.
after returning from the seh, those values will be tested to detect if hwbps were modified.

if you want to get near oep on 4.x targets, you can use this script.
It worked on many targets but I don't guarantee that it will work always.
Use a hidden olly.No hwbp and start it from entrypoint.
Attached Files
File Type: txt ObsiduimOEP.txt (1.6 KB, 32 views)
Last edited by mm10121991; 10-12-2014 at 08:23.
Reply With Quote
The Following User Gave Reputation+1 to mm10121991 For This Useful Post:
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Adobe protection scheme Dark Intentions General Discussion 0 07-09-2015 03:35
Request for a good protection scheme in Java DaGoN General Discussion 7 02-20-2014 04:42


All times are GMT +8. The time now is 05:39.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )