 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|
|
|
|
||||||||||
|
||||||||||||||
|
||||||||||||||
|
#1
12-25-2020, 05:42 AM
|
|||
|
|||
Aspack OEP (simple)
Aspack OEP (simple)
an simple Olly script I've created: // NtdllDefWindowProc_W is actually user32.DefWindowProcW CMP [eip], 60 , 1 jne Finish_Nopushad // pushad instruction at eip is there, // so execute that instruction by sti sti mov temp,esp bphws esp,"r" run Break: bphwc temp rtr // Executes "Run to return" in OllyDbg, [Ctrl+F9] operation. sto // Execute F8 in OllyDbg. STep Over. cmt eip, "This is the OEP! Found by script" ret Finish_Nopushad: log "Error: NO pushad instruction" 
|
Linear Mode
