hey everyone, just wanted to thank this wondefull forum for all his excellent info. i couldnt done it without you... i was messing with the magic jump for days untill i simply did a small search in the forums, and found the great post from SysCall (http://www.woodmann.net/forum/showthread.php?t=5891) which identifies the magic jump signature, which allowed me to easily trace it and patch quickly. tnx again

magic jump signature as taken from syscall :

cool hipu
and i like the scripts


heres another thing (for all) you can do with armadillo..

if you know how to unpack armadillo..
you can get teh EXACT ARMADiLL0 version.. very easy.. (which comes in handy) and i dont know if many people know about it.. i was gonna ask 'PEiD' makers if they could code something for arma exact version info

you can break on CreateThread or SetProcessWorkingSetSize..
k now most the code is decrypted..

scroll upto the top of olly debug..
whatever the address is, ctrl+s to search, and search for: armVersion>

when u search for armVersion> right click on the code.. and click> Follow in DUMP > then view in hex or text mode
and right after armVersion> ir shows EXACT armadillo compiler version

yay.
this will work with ALL v3.xx versions of armadillo.. and shows exact armadillo version.. seen it from arma 3.20c all the way upto arma 3.75a

i posted this info in here.. because i didnt want to start another armadillo thread.. there are alot of em

regards..

edited:
was just looking at some older armadillo.. v2.xx i think..
and i couldnt find the Armadillo Version infomation using this method above..

cool. good post, mephisto