Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > .NET Reverse Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #11  
Old 04-04-2011, 08:25 AM
kao kao is offline
Senior Member
 
Join Date: Sep 2007
Posts: 184
Default

1) XHEO runtime contains (optional) protection against profilers, it checks Cor_Enable_Profiling environment variable. I believe it does not protect against Attach-Load profilers in .NET 4.0 ( hxxp://msdn.microsoft.com/en-us/library/ee471451.aspx )
2) It depends which JIT functions are being hooked by protector. I believe your statement is correct but I don't have much experience with profilers, I don't like that approach to unpacking.
Reply With Quote
  #12  
Old 04-04-2011, 03:03 PM
0lojz0 0lojz0 is offline
Junior Member
 
Join Date: Apr 2011
Posts: 3
Default

Hi and thanks again for explaining things.

And our firend google just provide some cool stuff about ".NET Internals and Code Injection" (http://www.codeproject.com/KB/dotnet...Injection.aspx)

Thanks,
Lojz
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.