Mouradpr Posted April 22, 2007 Posted April 22, 2007 (edited) it's a kegen written by a friend of mine at AT4RE get a valid serial for your name no patching http://www.4shared.com/file/14514895/246b9...Challenge4.html Challenge4.rar Edited April 26, 2007 by Teddy Rogers Attached keygenMe to authors original post...
Mouradpr Posted May 24, 2007 Author Posted May 24, 2007 it's packed by BeRo yes very good get a valid serial for your name
Angel-55 Posted June 5, 2007 Posted June 5, 2007 I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" section for now i'am busy with studing so i can't challenge it + i have two challenges already it's the third i got and easy to get it but until i get a workign dump just wait if any wants to know oep it's at RVA: D148 or you can use D172 check them to know why you can use both !! Cheers To All
zako Posted June 5, 2007 Posted June 5, 2007 I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" sectiondump it raw with IsDebuggerpresent plugin and set rvo = rva in sections, no prob.
Apakekdah Posted June 5, 2007 Posted June 5, 2007 how to defeating AntiDebug... ? when i try to goto OEP my olly just close without permission... and what is this protector ?
Angel-55 Posted June 5, 2007 Posted June 5, 2007 (edited) TLS CallBack idea might help you Apakekdah if you have ever tried unpackign ExeCryptor you'll get the trick fastly as a first step !! @ Zako Lol i don't use that plugin at all bro' but i'll try dumping with usuall tools when i'am free it's damn easy to get OEP and info the only thing left for me is having the Dump and Fixing Voila "shoudl work lol"..........!! SPlayer 0.08 i think it's by Jibz or something ?! why are you laughing Mourad @Edit just when i replayed here i got an idea for using PE Tools works fine now lol UnPacked the file is attached for any one who wants to screw around with it and get his serial without unpacking it hope you enjoy................ Cheers To All UnPacked.rar Edited June 5, 2007 by Angel-55
Mouradpr Posted June 5, 2007 Author Posted June 5, 2007 get a valid serial for your name.... tres facile to unpack this chalenge
zako Posted June 5, 2007 Posted June 5, 2007 get a valid serial for your name.... tres facile to unpack this chalenge Very easy to unpack yes but the use of a relatively unknown protector in your challenge suggests intentionally trying to make it more difficult, else why not upx?.
Apakekdah Posted June 6, 2007 Posted June 6, 2007 (edited) @Angel-55 thx for great info... @Mouradpr what protector that you're using friend ? and where you've download it ? thx Edited June 6, 2007 by Apakekdah
Mouradpr Posted June 6, 2007 Author Posted June 6, 2007 add this with hex workshop or other hex editor MZ@.....................@...................................@...PE..L...EJ.E...............C..........................@..................................................................................................................................................................................................dj-siba............................ ...................................................................................................................................................................6...........(...N.......................KERNEL32.DLL..f...x...................f...x.....................GetProcAddress....LoadLibraryA....UnmapViewOfFile...VirtualAlloc....VirtualFree.U..........................4.......a.11....1).=................=@......-..@...s^...@..v<.N4.VP.<..-.....................j@h.0..VW..Z.@...t..E....@......t.......i.@..}..-......e.U..........[..V...V.v<.N4.VP..RQ......M...^V.JT.............J..u.PQ......u............h....j...%....P.J(.M.Q..N...U..`.U..U.R.z..2..tN..u....M......B....8.u.@..P..F........t ....s.%.......E....RPR..J...Z...Z.....Za....U..`.M..U.Q.z..}..J..u..r...Y..(Iu.a....U..`.}..u...W..>...h....j.W..N...j@h.0..h....W..B.....t.......9.|.a....V.@.Z.@.R.@.N.@.^.@..... save & Rebuild
Mouradpr Posted June 6, 2007 Author Posted June 6, 2007 open this challenge with Hex Workshop...... remove the code section
Angel-55 Posted June 7, 2007 Posted June 7, 2007 Anyone has the protector on his disk or knows were can i find it ?? it's a nice protections and packs well i see......... maybe could any member here help us findign it and posting in the tools section it would be really appreciated thanks in advanced !! @ Apakekdah Welcome bro' hope it helped @Mouradpr What do you mean by copy & paste the bytes ?? for what ?!
zako Posted June 7, 2007 Posted June 7, 2007 Anyone has the protector on his disk or knows were can i find it ??I suspect its some maybe modified (private?) version of beroexepackerhttp://bero.0ok.de/blog/projects/beroexepacker/
Mouradpr Posted June 7, 2007 Author Posted June 7, 2007 tut for protect this challenge ;p Protection_Challenge_2007____tut.rar
SuperCRacker Posted June 8, 2007 Posted June 8, 2007 ok had more time to spend with this challenge, here's the unpacked file, you can check with peid to see that it's borland 4.0-5.0 programmed. Nice challengeme.SC.Unpacked_SC.zip
Guest dj-siba Posted June 10, 2007 Posted June 10, 2007 HiThe challenge is Packed with BeRoEXEpackersome stuff Added just to make it some FunPEiD say: SPLayer 0.08 -> Jibzit's just Fake signatureOnce you know what's going you can Unpack easilyAs easy as using PEiD Generic Unpacker But the Challenge is not Unpackingit's to get a Valid SerialHere a cluename:dj-sibaValid Serial: 8694BA257D9882E678C96CDB7C9177D7GoOD Luck
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now