Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page How to identify the address where the test is done?
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #5  
Old 10-24-2016, 05:37
byvs's Avatar
byvs byvs is offline
Friend
  
Join Date: May 2002
Location: Brazil
Posts: 64
Rept. Given: 4
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 19
Thanks Rcvd at 8 Times in 7 Posts
byvs Reputation: 0
Quote:
Originally Posted by bongos_man View Post
assuming the program is otherwise unprotected and will not try to prevent or detect it, write a loader which injects a dll into the target process's memory and patches bytes in the appropriate place to call a function in your dll that changes the string however you wish. there are lots of tutorials on code injection, here are some good ones:

Three Ways to Inject Your Code into Another Process
A More Complete DLL Injection Solution Using CreateRemoteThread
Code Injection - A Generic Approach for 32bit and 64bit Versions
InjLib - A library that implements remote code injection for all Windows versions
But in practice how do I stop this test and change the string?
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Identify an unknown 64 bit Packer Kurapica General Discussion 1 07-06-2021 01:05
Help identify crypto The Old Pirate General Discussion 5 12-27-2014 04:15
Trying to identify crypto algorithm SiNTAX General Discussion 4 06-17-2010 03:23


All times are GMT +8. The time now is 10:33.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )