Contribute  :  Web Resources  :  Past Polls  :  Site Statistics  :  Downloads  :  Forum  
    BiW ReversingThe challenge is yours    
advanced search  
Topics
News (13)
Tutorials (115)
Crackmes (69)
Coding (23)
Challenges
Download
Hall Of Fame
User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User
Banners
 Welcome to BiW Reversing
 Monday, September 06 2010 @ 04:39 PM CEST
Unpacking NTKrnl Protect 0.1 | 5 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Unpacking NTKrnl Protect 0.1
Authored by: bpx on Saturday, January 27 2007 @ 12:20 AM CET
hrrm, I agree, rdtsc trick is too well known to steal?

Anyway, protector will crash if you just continue after breaking on ret, because normaly the memory protect would cause an exception when it tries to execute. Olly thinks that we set a memory breakpoint when it is this protect. By changing ret to int3, it forces on the exception that gets removed by olly's mem-break handler.
 Copyright © 2010 BiW Reversing
 All trademarks and copyrights on this page are owned by their respective owners.		 Powered By Geeklog 
Created this page in 0.19 seconds