Author Topic: Reverse Engineering  (Read 5662 times)

0 Members and 1 Guest are viewing this topic.

October 24, 2008, 06:27:24 am
Read 5662 times

saranam7

  • Newbie

  • Offline
  • *

  • 3
Hi ,

when v debug a file in ollydbg, if v get a access violation error that says " Access Violation when writing to [7C835678], " what can v try next, when SEH is not set in this case.

October 24, 2008, 11:36:22 am
Reply #1

sowhat-x

  • Guest
Very generic question / depends on what the target is and does...generally though,first thing you should try out is:
Options > Debugging Options > Exceptions > Ignore (pass to program)...and tick most stuff there...

October 25, 2008, 04:28:08 am
Reply #2

saranam7

  • Newbie

  • Offline
  • *

  • 3
Thanks for ur reply... I am in beginners level... i hope the question i have asked  comes under antidebugging ... so can u advice on some antidebigging techniques or sites that would help me a lot...

October 25, 2008, 09:34:12 am
Reply #3

sowhat-x

  • Guest
...i'm not a guru either,way far from that point,he-he...regarding anti-debugging techniques,
ap0x has done really nice work documenting more than a few of the...tricks of the trade:
http://ap0x.jezgra.net/protection.html

To bypass anti-Olly tricks,there exist quite a few helper apps out there,
eg.OllyAdvanced mod,HideTools,HideDebugger or the Phantom plugin...
You can find all of them over at tuts4you board,under the modifications and plugins sections:
http://www.tuts4you.com/download.php?list.3

For IDA,I think that the best solution is by far:
http://newgre.net/idastealth

October 29, 2008, 09:04:48 am
Reply #4

saranam7

  • Newbie

  • Offline
  • *

  • 3
tnx a lot... i went thru the urls and found it very helpful... Now can you advice me on how to improve my debugging speed... like identifying codes that are used for VMWare check or something like RDTSC,SIDT,etc.,