Quote:
Originally posted by Krezack
Hmm, I tried this with a heaxeditor and it was extremely buggy, but maybe doing it in assembly may work better.
What offset exactly did you change?
|
Here's what my patch does:
At offset: 0000C355
Original data: 7451663D02
Patched data: E94E000000
After a CMP I changed the JE (Jump if equal - 74) to JMP (Jump - E9). This makes the JCS continue loading either the level is TSF or not.
The patch by Gogi does as follows:
At offset: 0000C357
Original data: 663D020274
Patched data: 9090909075
Gogi replaced the original data - the CMP operation (compare 2 values) to 90's. 90 = NOP = NOOP = NO OPERATION. After that the JE (Jump if equal - 74) was changed to JNE (Jump if not equal - 75). It does nearly the same as my patch.
__________________
<a href="http://nmap.org/"><img border="0" alt="Nmap Security Scanner" src="http://images.insecure.org/nmap/images/prop/nmap_bnr_matrix_pfos.gif"/></a>
Last edited by Cpp; May 22, 2002 at 04:31 AM.
|