CrackMe® Practices for Newbies
VBCrackMe 6 by Eternal Bliss

Joseph's Thread
Saturday, 06-Mar-99 16:55:41

    Hi EB,

    Boy! you work fast.
    I tried your suggestion re the breaking SotIce using function names, but nothing seems to work. Yes I have MSVBVM60 installed and SoftIce opens it. I tried to use fanction names for the target and from within msvbvm60 ans always get the wron symbol message. The list of functions the target uses is below. I have the actual memory addresses for these functions so I am able to break on any I want, But I would like to know how to do that when I don't know the memory location and must place a pbx using the function name for these functions. Here is the list of functions:
    MSVBVM60.__vbaExceptHandler
    MSVBVM60.DllFunctionCall
    MSVBVM60.EVENT_SINK_AddRef
    MSVBVM60.EVENT_SINK_QueryInterface
    MSVBVM60.EVENT_SINK_Release
    MSVBVM60.MethCallEngine
    MSVBVM60.ProcCallEngine
    MSVBVM60.rtcAnsiValueBstr
    MSVBVM60.rtcMidCharVar
    MSVBVM60.rtcMsgBox
    MSVBVM60.rtcOctVarFromVar
    MSVBVM60.rtcRightCharVar
    MSVBVM60.rtcRound
    MSVBVM60.rtcShell
    MSVBVM60.rtcVarBstrFromAnsi
    MSVBVM60.ThunRTMain

    I spent sometime inside MSVBVM60.MethCallEngine, but did not learn any thing of value yet.

    Best regards,

    Joseph


    Joseph


Message thread:

Joseph's Thread (Joseph) (06-Mar-99 16:55:41)

Back to main board