Hi mr Crusssader,

recently i read your tut about arma. I can follow the tut until INT3 fixing. I'm stucked on this part.
I can see this code after loop process (few lines below)

005DFDD5 8D 95 28 F7 FF FF lea edx, [ebp+Context]
005DFDDB 52 push edx
005DFDDC A1 58 BA 5E 00 mov eax, ds:table_2
005DFDE1 03 85 20 F7 FF FF add eax, [ebp+relative_location] ; location in table_1 where eip is found
005DFDE7 8A 08 mov cl, [eax]
005DFDE9 51 push ecx
005DFDEA E8 24 12 00 00 call Get_Jump_Type ; determine which kind of Jump it is
005DFDEF 83 C4 08 add esp, 8
005DFDF2 25 FF 00 00 00 and eax, 0FFh
005DFDF7 85 C0 test eax, eax
bla..bla..bla....

My Q is how to reach to this line. I tried to F8 or F10 but I always got read process error. and the target is quit.

And please tell me how, where and when to dump the 4 tables cause in your tut you forgot to write about it. The how Q must be use /dump feature, am i right?
About where Q, i tried to look at ds:table_2 / ds:table_3 /ds:table4 but i only saw mostly 00 bytes. So it must be not the correct table which i looking for.

Sorry for my poor english mr Crus.


TIA,
kyrios