Quote:
Originally Posted by Cowsheep
Yeah, i noticed that 1 for getlasterror means error_invalid_handle and 0 is needed for error_success.
Returning 1 is meant as replacement for the whole function where getlasterror is part of it. (Look at page 26 of "incomplete failing"  in order to see what i mean)
I cant locate that one in my dump, in Bioshock (same sr version) some antidumps are Xorred, maybe here too? |
no it doesnt.. invalid handle is a totally different code..
setting the value to 1 is... [System Translation] -> Incorrect function.
put simply the tutorial or whatever it is you're reading is inaccurate... if its the arteam one, i would bin it and do the research myself.
Quote:
Tracing takes too much time, crash happens in a function that is executed almost 1000 times before successfully. (Like another one, where crash happened also so late, fixing the one with the ADVAPI32.dll checksum solved that crash.)
The funniest thing of that tut is "Here you have binary copy of the patch you can paste in binary format:" with the fixed antidumps from the call table.
This can never works, since pid, window version, etc. are part of it.
About 200 hours i have worked on it already.
Do you know good tuts for coding asm?
The ones here by dabhand are about understanding asm, that i can do already.
|
to learn asm get masm32 (google for masm32), inside it are some sample code, help files etc, and there's also a good link on the main site to the forum where you can ask questions (read the rules of the forum first though..)
again, the method you're using from the tut is the wrong method, bin the tuts, do your own research (which will probably be more accurate than the tuts anyway.. ) and build up a clear picture of what the protection id doing.. i don't know how many times i'll say that before i simply stop replying to this thread.. so please, listen and do it.. you'll thank me later.