|
|
#1
02-20-2005, 10:27
|
||||
|
||||
Armadillo Environment Variables & Visual Basic
I appreciate all the input, that anyone can offer.
I unpacked a Visual Basic Application from Armadillo 4.x I defeated the Copymem, dumped at the OEP and rebuilt the IAT. So now the app is out of its shell, but its still checking Armadillo's variables. I can't call SetEnvironmentVariableA from within a VB app. Apparently I can't even have kernel32 as an import module in a VB app? I Manually added the SetEnvironmentVariableA Offset at the end of the exisiting table in memory as : 0453223: 67866767 ;MSVBVM60.Somfunction 0453227: 00000000 045322B: 78978977 ;SetEnvironmentVariableA 0453230: 00000000 Then I Fired up ImpREC and fetched and built the IAT, eveything went ok but when I ran the app it just crashed. It runs fine as long as I don't call try to call SetEnvironmentVariableA So if I were to code a loader, is it possible to call SetEnvironmentVariable within the context of the loaded process? I thought I would ask about this approach, I looked into Shub-Nigurrath's Oraculum Tutorial and read Tk0017 Armadillo 4.x tut and niether apply to VB. I have never created a loader before, I understand how to patch process memory, and set through a program using the debug API etc... Anyone have any suggestions? Comments? Cold Beer?  Thanks in advance.
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light. 
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Armadillo Environment Variables Finder 1.2 | rukov | Community Tools | 3 | 12-16-2015 01:59 |
| help with visual basic and API | Warren | General Discussion | 5 | 08-26-2005 13:48 |
Linear Mode
