Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Challenge 4 / At4re

Mouradpr
Mouradpr
in CrackMe

Featured Replies

  • Author

veryvery hard ,hhhh :huh:

  • 2 weeks later...

it's packed by BeRo :)

  • 3 weeks later...
  • Author
it's packed by BeRo :)

yes very good

get a valid serial for your name :rolleyes:

  • 2 weeks later...
  • Author

SC & Angel-55 & les autres ...essy

i try to defeat this very hard....nice move :thumbsup:

I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" section

for now i'am busy with studing so i can't challenge it + i have two challenges already :huh: it's the third i got and easy to get it but until i get a workign dump just wait if any wants to know oep it's at RVA: D148 or you can use D172 check them to know why you can use both :D !!

Cheers To All

wow... prety cool protecty friend...

:D

I Found OEP + IAT but i dunno why my dump isn't good is gets sections from inside the protection "inside Dj-Siba" section

dump it raw with IsDebuggerpresent plugin and set rvo = rva in sections, no prob.

how to defeating AntiDebug... ?

when i try to goto OEP my olly just close without permission...

and what is this protector ?

<_<

  • Author
B):P:P:P hhhhh

TLS CallBack idea might help you Apakekdah :D

if you have ever tried unpackign ExeCryptor you'll get the trick fastly as a first step !!

@ Zako

Lol i don't use that plugin at all bro' :D but i'll try dumping with usuall tools when i'am free it's damn easy to get OEP and info

the only thing left for me is having the Dump and Fixing Voila "shoudl work lol"..........!!

SPlayer 0.08 i think it's by Jibz or something ?!

why are you laughing Mourad :lol:

@Edit

just when i replayed here i got an idea for using PE Tools ;) works fine now lol UnPacked the file is attached for any one who wants to screw around with it and get his serial without unpacking it hope you enjoy................

Cheers To All

UnPacked.rar

Edited by Angel-55

  • Author

get a valid serial for your name.... B)

tres facile to unpack this chalenge

get a valid serial for your name.... B)

tres facile to unpack this chalenge

Very easy to unpack yes but the use of a relatively unknown protector in your challenge suggests intentionally trying to make it more difficult, else why not upx?.

@Angel-55

thx for great info... :wub:

@Mouradpr

what protector that you're using friend ?

and where you've download it ?

thx

Edited by Apakekdah

  • Author

add this with hex workshop or other hex editor

MZ@.....................@...................................@...PE..L...EJ.E...............C..........................@..................................................................................................................................................................................................dj-siba............................ ...................................................................................................................................................................6...........(...N.......................KERNEL32.DLL..f...x...................f...x.....................GetProcAddress....LoadLibraryA....UnmapViewOfFile...VirtualAlloc....VirtualFree.U..........................4.......a.11....1).=................=@......-..@...s^...@..v<.N4.VP.<..-.....................j@h.0..VW..Z.@...t..E....@......t.......i.@..}..-......e.U..........[..V...V.v<.N4.VP..RQ......M...^V.JT.............J..u.PQ......u............h....j...%....P.J(.M.Q..N...U..`.U..U.R.z..2..tN..u....M......B....8.u.@..P..F........t ....s.%.......E....RPR..J...Z...Z.....Za....U..`.M..U.Q.z..}..J..u..r...Y..(Iu.a....U..`.}..u...W..>...h....j.W..N...j@h.0..h....W..B.....t.......9.|.a....V.@.Z.@.R.@.N.@.^.@.....

save & Rebuild

:)

  • Author

open this challenge with Hex Workshop...... remove the code section

Anyone has the protector on his disk or knows were can i find it ??

it's a nice protections and packs well i see......... maybe could any member here help us findign it and posting in the tools section it would be really appreciated thanks in advanced !!

@ Apakekdah

Welcome bro' hope it helped :D

@Mouradpr

What do you mean by copy & paste the bytes ?? for what ?!

Anyone has the protector on his disk or knows were can i find it ??

I suspect its some maybe modified (private?) version of beroexepacker

http://bero.0ok.de/blog/projects/beroexepacker/
  • Author

no, :)

Loader integr

no, :)

Loader integr

no, :)

Loader integr

ok had more time to spend with this challenge, here's the unpacked file, you can check with peid to see that it's borland 4.0-5.0 programmed. Nice challengeme.

SC.

Unpacked_SC.zip

Hi

The challenge is Packed with BeRoEXEpacker

some stuff Added just to make it some Fun

PEiD say: SPLayer 0.08 -> Jibz

it's just Fake signature

Once you know what's going you can Unpack easily

As easy as using PEiD Generic Unpacker

But the Challenge is not Unpacking

it's to get a Valid Serial

Here a clue

name:dj-siba

Valid Serial: 8694BA257D9882E678C96CDB7C9177D7

GoOD Luck

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.