BruceLee
September 23rd, 2002, 21:18
Hi!
Anybody have idea? Which API Should I used?
Thx, Bruce Lee
Anybody have idea? Which API Should I used?
Thx, Bruce Lee
View Full Version : How to write program for tracing OEP?
SiNTAX
September 23rd, 2002, 22:53
There are 2 ways that I can think of... the easy way and the good way..
* easy way
write a program that single-step debugs your target until the EIP reaches a certain address (range).
* good way
same as above, but emulate 'dangerous' instructions that might take control away from your program.
Both have been done before.. OllyDbg has a tracer that can even log each and every instruction executed.
For the second case.. have a look at the IceDump source.
* easy way
write a program that single-step debugs your target until the EIP reaches a certain address (range).
* good way
same as above, but emulate 'dangerous' instructions that might take control away from your program.
Both have been done before.. OllyDbg has a tracer that can even log each and every instruction executed.
For the second case.. have a look at the IceDump source.
username
September 25th, 2002, 20:08
Quote:
| Originally posted by SiNTAX write a program that single-step debugs your target until the EIP reaches a certain address (range). * good way same as above, but emulate 'dangerous' instructions that might take control away from your program. |
It's not only about 'taking control away' but also about 'detection of being traced'.
Quote:
Both have been done before.. OllyDbg has a tracer that can even log each and every instruction executed. |
Last time i checked, icedump could do that too.
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.