[teh ORiON]

Quote:

Originally Posted by Arkshine You answer yourself already. You can either use a signature which points to the related bytes start or getting a function address and adding n bytes to points where you want. Once you get your address, just a matter to NOP all related bytes with 0x90. I don't know the context and don't know much about assembly, so for a simple call in linux you will have E8 X X X X where X X X X is the function address. So you need to NOP these 5 bytes. There are probably tips to not necessary replace all to 90's but don't know. You may have to care about function with arguments, you will have some bytes before and you could corrupt the stack easily depending what you do/how is called the function.

Can you give an example on how you NOP the bytes in orpheu? Im not sure how to do it.