Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 12-25-2020, 05:42 AM
CodeRipper CodeRipper is offline
Member
 
Join Date: Mar 2009
Location: Romania
Posts: 24
Default Aspack OEP (simple)

Aspack OEP (simple)
an simple Olly script I've created:
// NtdllDefWindowProc_W is actually user32.DefWindowProcW

CMP [eip], 60 , 1
jne Finish_Nopushad
// pushad instruction at eip is there,
// so execute that instruction by sti
sti
mov temp,esp
bphws esp,"r"
run

Break:
bphwc temp
rtr
// Executes "Run to return" in OllyDbg, [Ctrl+F9] operation.
sto
// Execute F8 in OllyDbg. STep Over.
cmt eip, "This is the OEP! Found by script"
ret

Finish_Nopushad:
log "Error: NO pushad instruction"
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.