Posted April 22, 200718 yr it's a kegen written by a friend of mine at AT4RE get a valid serial for your name no patching http://www.4shared.com/file/14514895/246b9...Challenge4.html Challenge4.rar Edited April 26, 200718 yr by Teddy Rogers Attached keygenMe to authors original post...
June 5, 200718 yr I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" section for now i'am busy with studing so i can't challenge it + i have two challenges already it's the third i got and easy to get it but until i get a workign dump just wait if any wants to know oep it's at RVA: D148 or you can use D172 check them to know why you can use both !! Cheers To All
June 5, 200718 yr I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" sectiondump it raw with IsDebuggerpresent plugin and set rvo = rva in sections, no prob.
June 5, 200718 yr how to defeating AntiDebug... ? when i try to goto OEP my olly just close without permission... and what is this protector ?
June 5, 200718 yr TLS CallBack idea might help you Apakekdah if you have ever tried unpackign ExeCryptor you'll get the trick fastly as a first step !! @ Zako Lol i don't use that plugin at all bro' but i'll try dumping with usuall tools when i'am free it's damn easy to get OEP and info the only thing left for me is having the Dump and Fixing Voila "shoudl work lol"..........!! SPlayer 0.08 i think it's by Jibz or something ?! why are you laughing Mourad @Edit just when i replayed here i got an idea for using PE Tools works fine now lol UnPacked the file is attached for any one who wants to screw around with it and get his serial without unpacking it hope you enjoy................ Cheers To All UnPacked.rar Edited June 5, 200718 yr by Angel-55
June 5, 200718 yr get a valid serial for your name.... tres facile to unpack this chalenge Very easy to unpack yes but the use of a relatively unknown protector in your challenge suggests intentionally trying to make it more difficult, else why not upx?.
June 6, 200718 yr @Angel-55 thx for great info... @Mouradpr what protector that you're using friend ? and where you've download it ? thx Edited June 6, 200718 yr by Apakekdah
June 6, 200718 yr Author add this with hex workshop or other hex editor MZ@.....................@...................................@...PE..L...EJ.E...............C..........................@..................................................................................................................................................................................................dj-siba............................ ...................................................................................................................................................................6...........(...N.......................KERNEL32.DLL..f...x...................f...x.....................GetProcAddress....LoadLibraryA....UnmapViewOfFile...VirtualAlloc....VirtualFree.U..........................4.......a.11....1).=................=@......-..@...s^...@..v<.N4.VP.<..-.....................j@h.0..VW..Z.@...t..E....@......t.......i.@..}..-......e.U..........[..V...V.v<.N4.VP..RQ......M...^V.JT.............J..u.PQ......u............h....j...%....P.J(.M.Q..N...U..`.U..U.R.z..2..tN..u....M......B....8.u.@..P..F........t ....s.%.......E....RPR..J...Z...Z.....Za....U..`.M..U.Q.z..}..J..u..r...Y..(Iu.a....U..`.}..u...W..>...h....j.W..N...j@h.0..h....W..B.....t.......9.|.a....V.@.Z.@.R.@.N.@.^.@..... save & Rebuild
June 7, 200718 yr Anyone has the protector on his disk or knows were can i find it ?? it's a nice protections and packs well i see......... maybe could any member here help us findign it and posting in the tools section it would be really appreciated thanks in advanced !! @ Apakekdah Welcome bro' hope it helped @Mouradpr What do you mean by copy & paste the bytes ?? for what ?!
June 7, 200718 yr Anyone has the protector on his disk or knows were can i find it ??I suspect its some maybe modified (private?) version of beroexepackerhttp://bero.0ok.de/blog/projects/beroexepacker/
June 8, 200718 yr ok had more time to spend with this challenge, here's the unpacked file, you can check with peid to see that it's borland 4.0-5.0 programmed. Nice challengeme.SC.Unpacked_SC.zip
June 10, 200718 yr HiThe challenge is Packed with BeRoEXEpackersome stuff Added just to make it some FunPEiD say: SPLayer 0.08 -> Jibzit's just Fake signatureOnce you know what's going you can Unpack easilyAs easy as using PEiD Generic Unpacker But the Challenge is not Unpackingit's to get a Valid SerialHere a cluename:dj-sibaValid Serial: 8694BA257D9882E678C96CDB7C9177D7GoOD Luck
Create an account or sign in to comment