티스토리 뷰
반응형
Sometimes we want to find out where in a module the code parsing is done. In the example below, we want to find the code that parses the QuickTime video codecs that are in Windows media player. We know that the codecs support the raw, rle, jpeg, mjpb, and rpza tags, so all we need to do is to search for those tags in our module--in this case, the "quartz.dll" module.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
OllyEyev0.1.rar'Reversing tools > 올리 플러그인' 카테고리의 다른 글
| FullDisasm v2.1 (2) | 2009.02.28 |
|---|---|
| StrongOD 0.2.3.322 (0) | 2009.02.28 |
| StrongOD 0.2.3.305 (0) | 2009.02.15 |
| FullDisasm_OllyDbg v2.0 (0) | 2009.02.15 |
| advancedolly1.28 (0) | 2009.01.29 |
| X_CRYPTO v1.2 (0) | 2009.01.17 |
| ODbgScript.1.66.3.VC6 (0) | 2009.01.11 |
댓글
반응형
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
TAG
- 리버싱은 내운명
- ProtectionID
- Memory Hacking Software
- ollydbg ScriptEditor
- DUP2
- 미니 노트북
- 미친소 수입반대
- StrongOD
- TTprotect
- OllyDbg
- Unpacker
- ollydbg scripts
- ODbgScript
- ollydbg mup
- 한글화
- 언패킹
- OllyDbg Plugins
- ASProtect 1.32 - 1.41
- OllyScriptEditor
- vmprotect
- PECompact
- 패처
- plugin
- 리버스 엔지니어링
- exeinfo pe
- Unpacking
- ollydbg PLUGIN
- Reverse Engineering
- Themida
- crack
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
글 보관함