Go Back   EXETOOLS FORUM > General > Community Tools


Thread Tools Display Modes
Old 07-28-2017, 02:48
CodeCracker CodeCracker is offline
Join Date: Jun 2011
Posts: 179
Rept. Given: 14
Rept. Rcvd 191 Times in 45 Posts
Thanks Given: 8
Thanks Rcvd at 508 Times in 117 Posts
CodeCracker Reputation: 100-199 CodeCracker Reputation: 100-199

Will find old entry point on packed programs by searching some instructions patterns,
obviously will not always work, but in most of cases yes.
Will not work for stolen entry point or some other advanced protections.
Step1: Execute the packed (protected) program
Step2: Start EPFinder select Process checkbox
Step3: Select the process from the list
Step4: Selected the module from list or mark "Main mod" checkbox to specify that it is about main module
Step5: Click on Get button to get the result
Attached Files
File Type: zip EPFinder-Src.zip (43.7 KB, 14 views)
File Type: zip EPFinder.zip (9.5 KB, 15 views)
Reply With Quote
The Following 2 Users Gave Reputation+1 to CodeCracker For This Useful Post:
MarcElBichon (07-28-2017), papi (07-28-2017)
The Following 6 Users Say Thank You to CodeCracker For This Useful Post:
an0rma1 (08-04-2017), besoeso (07-28-2017), hors (08-31-2017), ontryit (07-28-2017), sh3dow (07-28-2017), zeffy (07-28-2017)

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

All times are GMT +8. The time now is 16:45.

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX