View Full Version : MEW 10 - OEP finder (my first script)
Anonymous
May 20th, 2004, 00:30
/*
// OEP FINDER FOR: Mew 10 exe-coder 1.0 by Northfox
// AUTHOR : SMoKE (smoke@freenet.am)
// OS : WinXP SP1, OllyDbg v1.10c, OllyScript v0.8
// INFOZ :\'@
psyCK0
May 20th, 2004, 01:38
Here it is... Will be added to site shortly.
/*
// OEP FINDER FOR: Mew 10 exe-coder 1.0 by Northfox
// AUTHOR : SMoKE (smoke@freenet.am)
// OS : WinXP SP1, OllyDbg v1.10c, OllyScript v0.8
// INFOZ : dump at OEP and simply fix import table by ImpRec
*/
var X
gpa "LoadLibraryA", "kernel32.dll"
bphws $RESULT, "x"
eob label1
run
label1:
bphwc $RESULT
mov X, [esp]
bp X
eob label2
run
label2:
bc X
findop eip, #C3#
bp $RESULT
eob label3
run
label3:
bc $RESULT
sto
cmt eip, "OEP Reached !"
ret
loveboom
June 1st, 2004, 05:29
another:
bp LoadLibraryA
run
bprm codebase,codesize
run
bpmc
findop c3
bp $result
run
sto
ok ,finished
Northfox
June 6th, 2004, 20:24
Or only use the new version of PEID->General Debugger and it will make the source nearly as the original.
Powered by vBulletin® Version 4.2.2 Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.