|
|
|
|
#1
01-01-2004, 02:14
|
||||
|
||||
|
ok, zlatko, i came to the following with your program.
your IAT is correct. now the parts to edit: 0056901C 55 PUSH EBP 0056901D 8BEC MOV EBP,ESP 0056901F 83C4 F0 ADD ESP,-10 00569022 B8 848B5600 MOV EAX,MsDataGe.00568B84 00569027 E8 00DFE9FF CALL MsDataGe.00406F2C 0056902C A1 B4C65600 MOV EAX,DWORD PTR DS:[56C6B4] 00569031 8B00 MOV EAX,DWORD PTR DS:[EAX] 00569033 E8 C0B2EFFF CALL MsDataGe.004642F8 00569038 FF15 E8C15600 CALL DWORD PTR DS:[56C1E8] 0056903E A1 B4C65600 MOV EAX,DWORD PTR DS:[56C6B4] 00569043 8B00 MOV EAX,DWORD PTR DS:[EAX] 00569045 E8 46B3EFFF CALL MsDataGe.00464390 0056904A E8 05B6E9FF CALL MsDataGe.00404654 Edit to: 0056901C > $ 55 PUSH EBP 0056901D . 8BEC MOV EBP,ESP 0056901F . 83C4 F0 ADD ESP,-10 00569022 . B8 848B5600 MOV EAX,dumped_.00568B84 00569027 . E8 00DFE9FF CALL dumped_.00406F2C 0056902C . A1 B4C65600 MOV EAX,DWORD PTR DS:[56C6B4] 00569031 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 00569033 . E8 C0B2EFFF CALL dumped_.004642F8 00569038 . E8 8FFAFFFF CALL dumped_.00568ACC 0056903D . 90 NOP 0056903E . A1 B4C65600 MOV EAX,DWORD PTR DS:[56C6B4] 00569043 . 8B00 MOV EAX,DWORD PTR DS:[EAX] 00569045 . E8 46B3EFFF CALL dumped_.00464390 0056904A . E8 05B6E9FF CALL dumped_.00404654 and this: 00568AD4 68 378B5600 PUSH MsDataGe.00568B37 00568AD9 64:FF30 PUSH DWORD PTR FS:[EAX] 00568ADC 64:8920 MOV DWORD PTR FS:[EAX],ESP 00568ADF A1 5CE25600 MOV EAX,DWORD PTR DS:[56E25C] 00568AE4 50 PUSH EAX 00568AE5 E8 B6FFFFFF CALL MsDataGe.00568AA0 00568AEA 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4] 00568AED A1 5CE25600 MOV EAX,DWORD PTR DS:[56E25C] 00568AF2 E8 7D13EAFF CALL MsDataGe.00409E74 00568AF7 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4] 00568AFA A1 30C65600 MOV EAX,DWORD PTR DS:[56C630] 00568AFF E8 94BCE9FF CALL MsDataGe.00404798 00568B04 A1 30C65600 MOV EAX,DWORD PTR DS:[56C630] 00568B09 8B00 MOV EAX,DWORD PTR DS:[EAX] 00568B0B E8 FCBEE9FF CALL MsDataGe.00404A0C 00568B10 85C0 TEST EAX,EAX 00568B12 7E 08 JLE SHORT MsDataGe.00568B1C 00568B14 A1 44C35600 MOV EAX,DWORD PTR DS:[56C344] 00568B19 C600 01 MOV BYTE PTR DS:[EAX],1 00568B1C E8 4BFFFFFF CALL MsDataGe.00568A6C 00568B21 33C0 XOR EAX,EAX to: 00568AD4 |. 68 378B5600 PUSH dumped_.00568B37 00568AD9 |. 64:FF30 PUSH DWORD PTR FS:[EAX] 00568ADC |. 64:8920 MOV DWORD PTR FS:[EAX],ESP 00568ADF 90 NOP 00568AE0 90 NOP 00568AE1 90 NOP 00568AE2 90 NOP 00568AE3 90 NOP 00568AE4 |. 50 PUSH EAX ; /Arg1 => 00C23405 00568AE5 |. E8 B6FFFFFF CALL dumped_.00568AA0 ; \dumped_.00568AA0 00568AEA |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4] 00568AED |. A1 5CE25600 MOV EAX,DWORD PTR DS:[56E25C] 00568AF2 |. E8 7D13EAFF CALL dumped_.00409E74 00568AF7 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4] 00568AFA |. A1 30C65600 MOV EAX,DWORD PTR DS:[56C630] 00568AFF |. E8 94BCE9FF CALL dumped_.00404798 00568B04 |. A1 30C65600 MOV EAX,DWORD PTR DS:[56C630] 00568B09 |. 8B00 MOV EAX,DWORD PTR DS:[EAX] 00568B0B |. E8 FCBEE9FF CALL dumped_.00404A0C 00568B10 |. 85C0 TEST EAX,EAX 00568B12 |. 7E 08 JLE SHORT dumped_.00568B1C 00568B14 |. A1 44C35600 MOV EAX,DWORD PTR DS:[56C344] 00568B19 |. C600 01 MOV BYTE PTR DS:[EAX],1 00568B1C |> E8 4BFFFFFF CALL dumped_.00568A6C 00568B21 |. 33C0 XOR EAX,EAX 
|
 |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Asprotect 2.1x SKE target | taos | General Discussion | 2 | 12-12-2005 17:04 |
Hybrid Mode
