Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Search Forums
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Showing results 1 to 25 of 42
Search took 0.01 seconds.
Search: Posts Made By: AndreaGeddon
Forum: General Forum 04-28-2006, 02:48 PM
Replies: 9
Views: 13,957
Posted By AndreaGeddon
wait, you should be able to free it with...

wait, you should be able to free it with FreeLibrary, but the problem is that the system needs it because it is a shell extension. You should first delete the CLSID value from the registry key, then...
Forum: General Forum 04-27-2006, 01:32 PM
Replies: 9
Views: 13,957
Posted By AndreaGeddon
good nice icesword, i often use it and i didnt...

good nice icesword, i often use it and i didnt know it cann free dlls :P
However why you cant use FreeLibrary to free the dll? If it has been loaded normally then Freelibrary must work, you just need...
Forum: General Forum 04-24-2006, 04:51 PM
Replies: 9
Views: 13,957
Posted By AndreaGeddon
Don't know if there is a tool to free dlls in...

Don't know if there is a tool to free dlls in other processes, however if you want to do it yourself you can try to inject a thread in the target process, and this thread will have to make a call...
Forum: File Unpacking 02-10-2006, 03:56 PM
Replies: 1
Views: 12,116
Posted By AndreaGeddon
armadillo uses 2 processes, so if you are running...

armadillo uses 2 processes, so if you are running the parent process you are never executing the real oep. You can find
it analizing the debug loop, or the child itself.
You should try to analize the...
Forum: Reverse Code Engineering 01-22-2006, 11:23 AM
Replies: 3
Views: 9,769
Posted By AndreaGeddon
I think softice age is dead :( Now i usually use...

I think softice age is dead :( Now i usually use ollydgb to debug code, since for normal application debugging it's enough. When i must debug kernelmode code i just use remote debugging with...
Forum: Reverse Code Engineering 01-13-2006, 03:43 PM
Replies: 1
Views: 8,158
Posted By AndreaGeddon
as far as i know starforce is really strong and...

as far as i know starforce is really strong and there are some games still uncracked, but i dont know which games, also i did not have the chance to reverse starforce hehe. However they talked a lot...
Forum: Reverse Code Engineering 01-13-2006, 03:41 PM
Replies: 2
Views: 7,169
Posted By AndreaGeddon
programs may make normal access violations, for...

programs may make normal access violations, for example if they use a pointer to access memory regions they could set up a tray-catch block to see if the pointer is valid or not. With your debugger...
Forum: General Forum 01-13-2006, 03:36 PM
Replies: 6
Views: 17,102
Posted By AndreaGeddon
ops sorry i forgot to finish it! I wrote it...

ops sorry i forgot to finish it!
I wrote it in italian and translated a bit. I stopped the translation because i had to move for work, however it will come soon!
Bye!
ANdreaGeddon
Forum: Reverse Code Engineering 09-17-2005, 05:42 AM
Replies: 0
Views: 8,715
Posted By AndreaGeddon
http://www.anticracking.sk/EliCZ/import/Build3.rar...

http://www.anticracking.sk/EliCZ/import/Build3.rar

includes very good sources!
Thanks to elicz!
Bye!
AndreaGeddon
Forum: File Unpacking 08-23-2005, 11:43 AM
Replies: 1
Views: 15,609
Posted By AndreaGeddon
I am reversing armadillo 4.20, as you correctly...

I am reversing armadillo 4.20, as you correctly say detaching the father is not really useful, unless you have a loader that can emulate armadillo debugging loop. The 0xCC you find in the child are...
Forum: Reverse Code Engineering 06-11-2005, 07:46 AM
Replies: 2
Views: 7,962
Posted By AndreaGeddon
Well some apis you can spy are SetWendowTextA...

Well some apis you can spy are SetWendowTextA SetDlgItemTextA or even SendMessage with WM_SETTEXT message. Just try them :)
Bye!
AndreaGeddon
Forum: Reverse Code Engineering 06-06-2005, 08:13 AM
Replies: 15
Views: 18,999
Posted By AndreaGeddon
yes it could be an explanation hehe i don't...

yes it could be an explanation


hehe i don't think so, since the boot code works really well :)


well you could use fat32, it's very easy :) However reading ntfs is not difficult, the hard...
Forum: Reverse Code Engineering 06-05-2005, 09:30 AM
Replies: 2
Views: 8,499
Posted By AndreaGeddon
GetWindowText(a) ? you can also try...

GetWindowText(a) ?
you can also try bmsg
bye!
AndreaGeddon
Forum: Reverse Code Engineering 06-05-2005, 09:29 AM
Replies: 15
Views: 18,999
Posted By AndreaGeddon
maybe you can find the ebook :P which os are...

maybe you can find the ebook :P


which os are you looking at? My code is different, thats why i couldnt understand your problem. That is, in your code i see what you say, my code (nt4) instead looks...
Forum: Reverse Code Engineering 06-04-2005, 07:18 AM
Replies: 15
Views: 18,999
Posted By AndreaGeddon
well first i would advise you to consult the book...

well first i would advise you to consult the book "File system internals" of Rajeev Nagar, it's a good book. Unluckily linux ntfs documentation is poor and imprecise, Nagar's book is better...
Forum: Reverse Code Engineering 05-10-2005, 10:54 AM
Replies: 1
Views: 9,662
Posted By AndreaGeddon
if you use Ida, it will resolve parameters for...

if you use Ida, it will resolve parameters for you :)
you can see which parameters are passed simply by looking the code in the procedure.
That is, in the disassembly you see various references to...
Forum: Reverse Code Engineering 04-21-2005, 07:28 AM
Replies: 2
Views: 9,231
Posted By AndreaGeddon
LordPe allows you to add every dll/import...

LordPe allows you to add every dll/import function you want. If you want to do it by hand you should study documents about the PE structure. I've found a nice...
Forum: Reverse Code Engineering 04-17-2005, 07:24 AM
Replies: 2
Views: 7,780
Posted By AndreaGeddon
>and the core sub ,i think this is for...

>and the core sub ,i think this is for decryption but dont understand what it's realy do

i add some comments

.yP:004602E7 pusha ; push all registers
.yP:004602E8 ...
Forum: Reverse Code Engineering 03-23-2005, 07:13 AM
Replies: 0
Views: 7,282
Posted By AndreaGeddon
hxxp://www.syser.net/ here you can find a new km...

hxxp://www.syser.net/
here you can find a new km debugger in softice style. It seems nice from the screenshots, some friends of mine tried it and had several problems (instability, compatibility...
Forum: File Unpacking 02-10-2005, 12:33 PM
Replies: 1
Views: 15,237
Posted By AndreaGeddon
asprotect does not allow you to use breakpoints...

asprotect does not allow you to use breakpoints (execution or hardware), you landed in a piece of code that has not been decrypted (or that has been decrypted badly!). You should trace inside the...
Forum: Reverse Code Engineering 01-27-2005, 06:32 AM
Replies: 1
Views: 8,634
Posted By AndreaGeddon
IDA vulnerability

http://www.idefense.com/application/poi/di...vulnerabilities (http://www.idefense.com/application/poi/display?id=189&type=vulnerabilities)

hope they fix it soon :)
Bye!
AndreaGeddon
Forum: Reverse Code Engineering 05-06-2004, 08:20 AM
Replies: 2
Views: 9,582
Posted By AndreaGeddon
is the application using multiple threads? Does...

is the application using multiple threads? Does it use long instructions cycles? The processor usage is not 100% reliable, do you see that effectively the system slows down? The process usage was...
Forum: File Unpacking 04-11-2004, 02:51 PM
Replies: 4
Views: 17,533
Posted By AndreaGeddon
xprotector is really a hard challenge! What...

xprotector is really a hard challenge! What version is applied to the programs you posted? The last version is really hard to dump, a friend of mines told me that via driver it hooks normal ipc...
Forum: Steganography + Cryptography 03-08-2004, 10:28 AM
Replies: 1
Views: 22,037
Posted By AndreaGeddon
Steganalisys programs

I am working on steganograpfy for a project for the university, so i am searching some programs that make you analyze entities like file entropy, mutual information etc etc. Do you know some good...
Forum: General Forum 12-25-2003, 11:01 AM
Replies: 7
Views: 15,795
Posted By AndreaGeddon
Merry Crhistmas!

Merry Christmas ppl!
AndreaGeddon
!lpp samtsirhC yrreM
Showing results 1 to 25 of 42

 
Forum Jump




Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.