Hello ppl,

I have been working with SafeDisc for a long time, and I realy canīt
come forward at this subject. Itīs the IAT (Importtable) that is the
big problem. I have traced alot, and I realy canīt find how to get the
adresses of the orginal API. Offcourse I could use Revirgin or Imprec,
as a lot of people has told me to do. But I wan to understand how it
works. Any tipps about How I easiest can rebuild it, or any other tipps
that could be useful I would appreciate.

Sorry for my bad english

Over and out // ZiruX

Hello,

Which version of SafeDisc are you working on ?

Im not sure Imprec will be of any help actually.

Also, IAT isn't the most difficult part of SafeDisc.
You will need to create a bunch of "call fixers" to rebuild IAT, but also
Calls to IAT, and also a bunch of other Code mangling features such as
call safedisc routines, that redirect you to somewhere else in the program.
(There are also jmps)

Finally, you may also need (depending of the version), to cope with Invalid Opcodes Decryption.

Basically, Bad opcodes triggering decryption routines.

I stopped looking at SD on version 2.80, therefore i can't tell you much about the new versions.

Cheers,

Hopcode

It was alot of information, but I wan to take one
thing at the moment, that means, I wanīt ideas
about how to rebuild the IAT. It must be alot of
ways to do it. Thanks for your ansver, I hope on
more

Regards
ZiruX

PS: if anyone wanīt contact me on IRC, My nick is ZiruX on Efnet.

Hello Zirux,

You should run http://www.yates2k.net/cd/TSD27p.txt through a translator. This document holds the information to rebuild the IAT for the most recent versions of SD.

I have already made that, and itīs realy good in many ways.
BUT itīs using pretty bad and old methods, like add info in
Adump. Offcourse I could take that info, and make an own
tool, and I have tried that, but I donīt get heīs method
working on newer versions.
Thanks for ansvering,
Regards
ZiruX