#16
|
|||
|
|||
I could not upload it here. It times out in 30 seconds tried 5 times no luck. I will give U the link hxxp://www.extremesenses.com/iupdate/iupdatefull.zip you can do a zip preview in download manger eg mass downloader and get only the dll U need 451.5kb actual size but compressed to ~42%.
It is strange U got a different OEP. I checked my dll again. it works well in Xp. So is another dll in 98. thanks for taking the trouble Last edited by drasd_20002; 05-04-2003 at 11:07. |
#17
|
|||
|
|||
Hi!
Probably your version of the DLL differs from my version. Code:
pec1:00B61160 public start pec1:00B61160 start: pec1:00B61160 push ebp pec1:00B61161 mov ebp, esp pec1:00B61163 add esp, 0FFFFFFC4h pec1:00B61166 mov eax, offset dword_B60ED8 pec1:00B6116B call sub_A96C0C pec1:00B61170 mov eax, ds:dword_B63DA0 pec1:00B61175 mov eax, [eax] pec1:00B61177 call sub_AEC494 pec1:00B6117C mov eax, ds:dword_B63DA0 pec1:00B61181 mov eax, [eax] pec1:00B61183 xor edx, edx pec1:00B61185 call @Forms@TApplication@SetTitle$qqrx17System@AnsiString ; Forms::TApplication::SetTitle(System::AnsiString) pec1:00B6118A mov ecx, ds:dword_B63ADC pec1:00B61190 mov eax, ds:dword_B63DA0 pec1:00B61195 mov eax, [eax] pec1:00B61197 mov edx, ds:dword_B41980 pec1:00B6119D call sub_AEC4AC pec1:00B611A2 call sub_A944B8 pec1:00B611A7 nop |
#18
|
|||
|
|||
You R right.
I downloaded and checked the "new" version. Version number is sme but dll is different. OEPs 000D1160 - new one 000D5C58 - old one( the one I have). Could the author be an active member of this forum OR is it coincidental. i donot know does your dll work on both win98/XP. |
#19
|
|||
|
|||
I changed the image base from 00400000 to image base when it works in one situation inside IDE. Now it works in all envirinments in a Single OS but not across different OS.
Looks like the OEP is correct because all the functions of the dll are working and no errrors occur once the dll is loaded. I tried relox - relocation fixer by mact but then it crashes. dont know how to do it manually Yet. ... have to learn. may be some experts give a proper hint. Also when i use revirgin 1.5 "publivc version" enter the oep and click fetch IAt says "found nothing" using IAT resolver gives junk values with 0 references for all. It happens with all apps which are compressed/ crypted. I can get imports at same oep by imprec . something wrong with that version of revirgin?? or something else. Last edited by drasd_20002; 05-07-2003 at 23:47. |
#20
|
|||
|
|||
This is my small example which shows how make patch
for packed DLL by PECompact 1.84. Enjoy! hxxp://www.exetools.com/forum/showthread.php?s=&threadid=2178 Last edited by asterix; 05-20-2003 at 03:34. |
#21
|
|||
|
|||
thank U very much.
I will go through it today. U R great. Last edited by drasd_20002; 05-23-2003 at 15:34. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Inline Patching | MaRKuS-DJM | General Discussion | 1 | 01-24-2004 23:03 |
Inline patching for armadillo | annibal | General Discussion | 1 | 09-04-2003 14:24 |