Why can't I re-Dillo it?

you most clean up the sections and code armadillo mades into the app. or sure will read it as it was protected

Wicked stuff JMI

JMI I said "I wanted to know" and not "I want to know". That means I already found out using the big lesson in my signature

Regards,

[JMI]

Hi ferrari:

I actually "assumed" YOU already knew, but thought the "lesson" might be useful for those who hadn't "thought" about such things.

Regards,

Wow JMI thats the exact method I used to find the "SR" in Armadillo. I guess this should work for any protector.

Crk: The Armadillo's I worked with are 2.xx - 3.75, I don't know if what you say is true for newer Armadillo but the ones I played with all I had to do is change those two bytes. I don't know if cleaning up dillo code is really necessary but its not easy I don't think, same for the sections, you can't just delete them to introduce black holes. If you have any more info, I would appreciate it.

[JMI]

And just in case the full use of this comparison technique hasn't become clear, you can also "compare" cracked and uncracked versions of almost any software and discover all the changes which were made. This won't tell you "why" the changes were made, but knowing "where" would usually permit you to disassemble the code and try to figure out "why" it was changed at certain locations, such as to pass the "good boy/bad cracker" checks, etc.

For example, if you discover where version x.x.4 was patched, it is at least a good possibility that version x.x.5 might be made to work by patching in the same places. And in this instance, "same places" does NOT necessiarly mean the "same address," although it might be the same. It generally means "in the same routine" found in the previous version. The vendor may have moved that routine somewhere else in the code or an addition to the code might move it slightly forward or backward in the code, so one needs to actually "LOOK," rather than just blindly changing stuff at location 4XXXXXXX.

Regards,

Regards,