|
|
|
|
#1
04-20-2005, 19:21
|
|||
|
|||
|
this not true for execryptor. you dont reach a OEP. you exe is descrambled bits at a time. i know OEP, and dumped their, execcryptor is still present, so obviously was to early, i only get so far before it locks up olly. any pointers. also.. IAT.... this one seems like a tough one. but not impossible.
|
|
#2
04-21-2005, 02:32
|
||||
|
||||
|
it has an OEP, but it's morphed. so you can say execryptor is still there. unfortunately the morphing is done by the protector before it packs the exe, this means there's no way to patch it and dump it correctly without morphing. morphing needs to be done manually. the question is just how. it looks very ugly to demorph this.
|
|
#3
04-21-2005, 04:27
|
|||
|
|||
|
markus
 nice to see you again. as far as patching i think it is very possible. i found a way to do it, where the cryptor writes my bytes for me, but alas.. crc check.. i need to find a way around the check, or else patch it out somehow. i think this one is far superior to many other protectors out there at the moment. lets say i know my oep is (eg. 00401000) if you try to break there olly either hangs or crashes. A full version key for the protector would prove very useful.. if anyone reading this has one please PM me, i will not give it out, will stay safe on my HD. i just want to pack a few exe's i have.. see what a generic approach there is. thanks -H3rCuL3s
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| EXECryptor | omega_red | General Discussion | 12 | 11-02-2005 08:34 |
Hybrid Mode
