#1
|
|||
|
|||
Can anyone help with softice and reverse eng..?
I have installed softice 4.05 nt/2000 ( SoftICE V4.05 For NT & Win2000.rar + cen-sicent_xp_patch.zip )
to C:\Program Files\NuMega\SoftIceNT i then add the xp patch to C:\WINDOWS\system32\drivers\ this makes the net driver start sucessfullyand i can cntl-d and add commands the winice.dat is located >> C:\WINDOWS\system32\drivers\Winice.dat (this seems weird as most guides and tutorials say it should be in the softice dir) everything seems to be ok Quote:
but, when i create a break point for a nag box (like so): bpx msvbvm60!rtcmsgbox then i want to list the break points to check its going to break on the correct function bl and it sometimes returns the msvbvm60!rtcmsgbox but mainly returns BPX #00FE:000E2096 or a similar address, this confuses me becuase it seems totally random wether it works or not, i have tried starting the program at differen times start the app, typeing the commands in at different times but it just doesnt always work and the si manual doesnt seem to help me (partly becuase i dont really know what to look for ???) essentially the problem is in this tutorial: To make it sure enter BL * Now you should see this: bpx msvbvm60!__vbastrcomp or bpx msvbvm50!__vbastrcomp if you see something else like bpx 017F:23878865 go back on the few occasions when it returns the correct number it sometimes breaks and shows a high address thats part of the vb dll how do i relate this to the address in wdsm, if i press F11 or try and trace it softice quites and the message box appears, this is even using a crack example so i know its not the program(im trying to modify) its softice. Basically it never goes back to the function thats calling it maybe im pressing the wrong thing but all the turials say F11. Then theres the final problem how to relate the offset from softice to wdsm to my hex editor (in most tutorials it says to look at the offset in wdsm e.g. 4016 and relate it to the hex editor, how ?), so confusing, i managed to crack the examples but only becuase they tell you the address (which kinda defeats the challenge heh) any help on the 1).configuration of softice or why it wownt add the breakpoint properly 2).why softice isnt moving moving back to the function thats calling the dll to produce the message box 3).realizing some kind of relasionship between the offsets would be greatly appreciated! btw: the exe is not pcode... |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Reverse CRC ... | debugasm | General Discussion | 6 | 01-25-2020 13:06 |
WinXP + Loaded SoftICE (NuMega DS 2.6 || SoftICE Suite 2.6) NOT SHOTDOWNING... | sky | General Discussion | 0 | 08-23-2002 06:24 |