Other methods use somewhat more advanced techniques with data tainting, emulation etc. Several techniques can be used to do this, the easiest way is to modify the rights of the pages so that a write or a run generates an exception. Generic methods are often based on a history of the pages written and executed: if a memory page has been written and then executed, there is a good chance that it corresponds to a portion of code that has been decrypted / decompressed / decoded and thus potentially the original code. Several more or less generic techniques make it possible to find the OEP of a program, it is not the most complicated stage. by the beginning the detection of the OEP (Original Entry Point, the entry point of the game before 'It was packed). Today we start slowly in the unpacking of Just Cause 3 and we start. A (rough) attempt to translate in english, at least the main parts:
0 Comments
Leave a Reply. |