#1
|
|||
|
|||
Paltalk
It seems that any changes you make to Paltalk.exe, even just unpacking it, and it then lets you sign in, but once in it wont list the chatrooms unless you hit the refresh button a couple of times, then when you click on a group, it works for a few seconds, then the audio and text stops working, but it doesn't give you any error messages, so it really doesn't give you much idea what strings to look for in your debugger, it also doesn't seem to like to run for long in Olly Debug.
What logical reason can their be for a program not functioning, just because it has been unpacked? |
#2
|
||||
|
||||
i don't think unpacking has effects to the functionality... only WRONG unpacking (invalid IAT, etc.)
|
#3
|
|||
|
|||
MaRKuS-DJM
Just to say some bla-bla-bla. In general case you are right, but consider the application that calculates its CRC and, if unpacked, CRC will change and this CRC is involved in come computaions, not just in idiotic cmp eax, CRC jnz ok_lets_go_and_kick_their_asses I met such examples. One was packed with Aspack and after unpacking (really clear one - IAT, TLS, etc) stopped working. |
#4
|
||||
|
||||
don't thought about that fact... but maybe the crc is easy to find if it is plain, or a bpx on TerminateProcess or PostQuitMessage will help (in general, not for this program)
|
#5
|
|||
|
|||
But wouldn't the CRC check stop the program from functioning totally, as it stands with this program, you have partial functionality.
|
#6
|
|||
|
|||
volodya is suggesting that the CRC check may only prevent the operation of a specific portion of the code and not JMP to an exit process of the code. In other words, your team is a man short, but still able to attempt to play the match.
Otherwise, it is most likely that you have one or more of the imports incorrectly identified and fixed and that is preventing all of the programs features from operating correctly, although it does run. Another possibility is that you forgot to adjust for the unpacking and the virtual vs physical addresses changes. Regards,
__________________
JMI |
#7
|
||||
|
||||
Pompeyfan:
some program don't stop functioning totally but continue with less features when bad CRC... |
#8
|
|||
|
|||
Quote:
|
#9
|
||||
|
||||
Are there any tutorials on stripping VM detection from the latest Paltalk executable (11.7.640.17816)? That is to say, either preventing Paltalk from shutting down upon detecting itself running inside a VM, or fooling the program into thinking that it isn't running inside a VM?
|
Thread Tools | |
Display Modes | |
|
|