tazmanian
June 13th, 2003, 10:34
This is a very strange thing, that i'll explain...
I'm unpacking an ocx file, packed with not comercial packer, a selfmade one...
Each time the program (VB5) loads the OCX in a especific memory address range....see this:
OCX file info:
ImageBase: 1830000
Size : 410000
Each time the program loads the ocx in 1BC0000 or 1BE0000, not 1830000 address, so, the unpacking only will work here, not in other PC's...
Cause the "jmp dword [APIAddress]" will point to 183xxxx, not the right address, resulting a fault.
2 app uses the same ocx, but one loads at 1830000 addres (correct one) and the other loads at 1BC0000 address (wrong
)
Like this:
Correct one:
1825415 jmp dword ptr [183xxxx] <-- same range address
Wrong one:
1BC5415 jmp dword ptr [183xxxx] <-- different, causing a GPF, cause jumps out of file =\
How can i make a OCX to work in any memory range?
Thank you!
I'm unpacking an ocx file, packed with not comercial packer, a selfmade one...
Each time the program (VB5) loads the OCX in a especific memory address range....see this:
OCX file info:
ImageBase: 1830000
Size : 410000
Each time the program loads the ocx in 1BC0000 or 1BE0000, not 1830000 address, so, the unpacking only will work here, not in other PC's...
Cause the "jmp dword [APIAddress]" will point to 183xxxx, not the right address, resulting a fault.
2 app uses the same ocx, but one loads at 1830000 addres (correct one) and the other loads at 1BC0000 address (wrong
)Like this:
Correct one:
1825415 jmp dword ptr [183xxxx] <-- same range address
Wrong one:
1BC5415 jmp dword ptr [183xxxx] <-- different, causing a GPF, cause jumps out of file =\
How can i make a OCX to work in any memory range?
Thank you!