so I was recently editing executable to load my own dll library and all I typed in Ollydbg to load library was "CALL LoadLibraryA".
In ollydbg it is translated to kernel32.LoadLibraryA and everything works great BUT! It's somehow a temporary solution - when OS is rebooted executable won't run anymore, it will just crash.
I'm pretty sure typing CALL LoadLibraryA is just making it somehow temporal address made by ollydbg and as far as it goes without restarting OS it works like charm.
I had to do "SUB ESP, 4" to make stack "uncorrupted" for later calls where I've added JMP to my part of code (located in codecave somewhere) but it doesn't matter since everything works fine, dll is loaded and everything seems to be cool until next system reboot - executable won't load anymore (wrong LoadLibraryA addr to call).
Any ideas guys?
.3liteMember Since 15 Oct 2011
Offline Last Active Mar 13 2016 11:28 PM
- Group Members
- Active Posts 10
- Profile Views 879
- Submitted Links 0
- Member Title Member
- Age Age Unknown
- Birthday Birthday Unknown