Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Packed executable, self modifiable? need help

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
kot1990
Expert Cheater
Reputation: 1

Joined: 06 Sep 2009
Posts: 131
Location: Greece
PostPosted: Mon Nov 14, 2011 1:07 pm    Post subject: Packed executable, self modifiable? need help Reply with quote
Well, I don't have a good understanding in asm and I'm trying to bypass some security in an app that seems to be encrypted, packed or whatever it is. What happens when I'm trying to debug is that a message that says "please close the debugger and try again pops" and I can't go further. I put a breakpoint at the entry point and started to analyze the asm to find out what happens. The asm code seems to be unaligned or something.

Code:

 00598843 - 78 05                      - js 0059884A  --> this jumps to            59884A but the debugger doesn't recognize it. It has to be run step-step to appear.
00598845 - 97                         - xchg eax,edi
00598846 - 97                         - xchg eax,edi
00598847 - 79 01                      - jns 0059884A
00598849 - E9 68D44857                - jmp 57A25CB6
0059884E - 00 68 C4                   - add [eax-3C],ch

the real instruction at 0059884A appears and is

0059884A - 68 D4485700                - push 005748D4 : [00000000]


All the code till the call to MessageBoxW that tell to close the debugger is confusing and can't be dissasebled easily. What can I do to make it more clear?
I found out that the debugger complain message appears only when I set a breakpoint.
Back to top
View user's profile Send private message
LeFiXER
Grandmaster Cheater Supreme
Reputation: 20

Joined: 02 Sep 2011
Posts: 1069
Location: 0x90
PostPosted: Wed Jan 11, 2012 4:04 pm    Post subject: Reply with quote
Use PEiD or exeinfo to find out if it's packed.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites