|
|
|
|
#1
03-21-2004, 11:33
|
|||
|
|||
|
Hi,
I was going okay with your instructions until here: "the next call checks if target ep start at 1000, inside the call change the last two je to jmp, next call, put retn inside" How do you mean put a retn inside the next call, inside this call I have: 0041040C /$ 55 PUSH EBP 0041040D |. 8BEC MOV EBP,ESP 0041040F |. 51 PUSH ECX 00410410 |. 53 PUSH EBX 00410411 |. 8B05 C6554000 MOV EAX,DWORD PTR DS:[4055C6] ; <&kernel32.GetModuleHandleA> 00410417 |. 8B18 MOV EBX,DWORD PTR DS:[EAX] 00410419 |. FF33 PUSH DWORD PTR DS:[EBX] 0041041B |. 895D FC MOV DWORD PTR SS:[EBP-4],EBX 0041041E |. 8F03 POP DWORD PTR DS:[EBX] 00410420 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4] 00410423 |. 5B POP EBX 00410424 |. 59 POP ECX 00410425 |. 5D POP EBP 00410426 \. C3 RETN and if I F8 from here, I hit an access violation, and the file corrupted message comes up soon after. What should I change in this call, and why? I really appreciate your help. 
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Help with ASProtect 1.23 RC4 | Perdition | General Discussion | 7 | 06-09-2004 01:48 |
| New Asprotect?? | loman | General Discussion | 7 | 02-04-2004 20:34 |
Hybrid Mode
