-
Member
Reputation: 16
Patching an ...
Hi Guys,
First off I am in no way a reverser.You guys are the pros..
My question is not an easy one at least for me...
I have a very popular "target x8" that has been patched and emulated by most if not all the big "groups"
I came across this on a Chinese site where I assume changes are done to the executable at the hexadecimal level..
In short "what does this mean......is this like the same way an ecc patcher works...
X5 version of the modified
cs: 414dfb 751f jne 414e1c change to cs: 414dfb eb1f jmp 414e1c
cs: 414e23 7422 jn 414e47 change to cs: 414e23 eb22 jmp 414e47
X5-mu1 version of the changes:
cs: 41519b 751f jne 4151bc change to cs: 41519b eb1f jmp 4151bc
cs: 4151c3 7422 jn 4151e7 change to cs: 4151c3 eb22 jmp 4151e7
Any help would be appreciated.
Last edited by Theislander; 2015-04-06 at 03:37 AM
-
2015-04-05 11:44 PM
# ADS
Circuit advertisement
-
Users Awaiting Email Confirmation
Reputation: 16
1 out of 1 members found this post helpful.
Re: Patching an ...
Originally Posted by
Theislander
In short "what does this mean......is this like the same way an ecc patcher works...
...
yes, it is very similar to the work of CSTpatcher11.
it patches 2 jumps near the end of function l_pubkey_verify().
you can see his work example here:
http://forum.exetools.com/showpost.p...4&postcount=30
-
Post Thanks - 4 Thanks
-
Member
Reputation: 16
Re: Patching an ...
Thanks for the info ufo_maniac...
I followed your link to Arlequim code..
But it's all a foreign language to me.....;(
-
Users Awaiting Email Confirmation
Reputation: 16
1 out of 1 members found this post helpful.
Re: Patching an ...
Originally Posted by
Theislander
Thanks for the info ufo_maniac...
don't say "thanks for info", better click the button "Thanks for this post"
I followed your link to Arlequim code..
But it's all a foreign language to me.....;(
what do you want to understand?
give me a clear question and i'll try to answer clearly.
Last edited by ufo_maniac; 2015-04-06 at 08:50 AM
-
Post Thanks - 1 Thanks
-
Member
Reputation: 56
1 out of 1 members found this post helpful.
Re: Patching an ...
Originally Posted by
Theislander
Thanks for the info ufo_maniac...
I followed your link to Arlequim code..
But it's all a foreign language to me.....;(
I think you should read the basics first and some assembly language before directly jumping to ecc patching and understanding disassembly.
Try watching first few lectures of lena tuts
https://tuts4you.com/download.php?list.17
-
Post Thanks - 3 Thanks
-
Member
Reputation: 16
Re: Patching an ...
Hey there is a start...
Originally Posted by
rohank
I think you should read the basics first and some assembly language before directly jumping to ecc patching and understanding disassembly.
Try watching first few lectures of lena tuts
https://tuts4you.com/download.php?list.17
-
Member
Reputation: 16
Re: Patching an ...
Ufo_Maniac,
I guess you don't understand what being a "newbie" is.....
Originally Posted by
ufo_maniac
don't say "thanks for info", better click the button "Thanks for this post"
what do you want to understand?
give me a clear question and i'll try to answer clearly.
-
Member
Reputation: 56
Re: Patching an ...
Theislander,
Ufo_maniac is a great guy and provided many useful tools.
I think he assumed you knew the basics because you were trying to patch ecc
-
Last edited by darsy; 2015-04-07 at 10:56 PM
-
Post Thanks - 1 Thanks
Silde thanked for this post
-
Member
Reputation: 16
Re: Patching an ...
Rohank...
READ MY FIRST POST IN THIS THREAD.....
I NEVER ASKED ABOUT ECC......
Originally Posted by
rohank
Theislander,
Ufo_maniac is a great guy and provided many useful tools.
I think he assumed you knew the basics because you were trying to patch ecc
Bookmarks