GOOD NEWS UPDATE: The mother of all cracks!

The data segment starts at 000ea608 in the dump, which corresponds to 00459000 in the exe. Subtract, and the offset is fb3d4. Add that to the exe and you get 5543D4, which is byte #5587924.

I'm going to try writing over the exe at those addresses and see if the counters default to that. It's possible they get zeroed over, but most likely they don't...

edited: Turns out the exe data sector starts at 59000 in the file. But that is probably not where it's loaded into memory. So 1543d4 we'll try... which falls outside the exe, so this is probably uninitialized data (defaults to zero)

Where exactly to go from here, I dunno~

Messages In This Thread
GOOD NEWS UPDATE: The mother of all cracks! - by HolyDiver - 2009-05-06, 10:22 PM

Users browsing this thread:
1 Guest(s)