Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
kacejot2017-12-27 23:39:50
reverse engineering
kacejot, 2017-12-27 23:39:50

How to remove function call in exe by patching it?

My goal is to disable TLSCallback in order for the debugger to work.
I need to patch the code, not bypass the callback.
actual code:

.text:00401AA0 TlsCallback_0   proc near               ; DATA XREF: .rdata:TlsCallbacks↓o
.text:00401AA0                 jmp     TlsCallback_0_0
.text:00401AA0 TlsCallback_0   endp

Expected code:
.text:00401AA0 TlsCallback_0   proc near               ; DATA XREF: .rdata:TlsCallbacks↓o
.text:00401AA0 TlsCallback_0   endp

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
R
Rou1997, 2017-12-28
@kacejot

So you need to watch what is returned in TlsCallback_0_0 .
If nothing, then simply replace the instruction from jmp to nop in the amount of 1 pc. (judging by the code, both weigh 1 byte).
In general, the question is taken out of context.

Similar questions
M
marusya80052018-08-11 12:30:09
How to get apk data? 0Reply
I
Ivan2018-08-27 09:08:25
Are there bug bounty programs for Windows PC applications? 1Reply
W
WhiteWolf09052016-04-10 18:59:17
How to disassemble a piece of code? 0Reply
S
Sergio241592018-10-18 18:47:56
Running radare2 debugger on android? 0Reply
N
numitus22016-05-25 17:02:15
How can a server detect a bot? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question