Mouradpr Posted July 19, 2007 Share Posted July 19, 2007 hi all...!!!welcom a new challenge 2007(++++) (1) unpackMe----> & get a valid name & serialok good luck for allUnpackME.rar Link to comment Share on other sites More sharing options...
sdy100 Posted July 19, 2007 Share Posted July 19, 2007 akzxyzazz1111dcbcdefercc323dumped.rar Link to comment Share on other sites More sharing options...
Mouradpr Posted July 19, 2007 Author Share Posted July 19, 2007 nnnnnnnnnnnnn verry good :D:d:d:d (triple protect) Link to comment Share on other sites More sharing options...
Guest eta Posted July 24, 2007 Share Posted July 24, 2007 And in just 2 hours or something !Cool ! Link to comment Share on other sites More sharing options...
Ufo-Pu55y Posted July 24, 2007 Share Posted July 24, 2007 (edited) What 'triple protect'... ? ............ I dunno, how sdy100 went, but I say 'triple jump' ^^: 1) Olly attach to take a short sniff 2) WinHex to dump from 400000-405200 3) LordPE to take 3 mins for correcting/fixing Clean dump: Cleaned_Dump.rar Greets /EDIT Regarding Name&Pass.. nothing new since ur last keygenme... so Keep on Edited July 24, 2007 by Ufo-Pu55y Link to comment Share on other sites More sharing options...
Guest nick_name Posted July 25, 2007 Share Posted July 25, 2007 could some1 pls tell me why do i always get this warning abt LOCK CMPXCHG8B 'n cant proceed anymore, it keeps looping around the same instruction ... Link to comment Share on other sites More sharing options...
Ufo-Pu55y Posted July 25, 2007 Share Posted July 25, 2007 could some1 pls tell me why do i always get this warning abt LOCK CMPXCHG8B 'n cant proceed anymore, it keeps looping around the same instruction ...http://en.wikipedia.org/wiki/F00fI'm not sure about this, coz I never saw it before.I mean.. Olly gave me this warning, too.I only once started this UnpackMe in Olly.. saw that message and better left that crap alone.Then I simply attached to the running app.Choose a BP like PointH or GetDlgItem and you're in.But I would also like to hear, if this trick could really be dangerous.If yes... I'll feel quite p!ssed... :X Link to comment Share on other sites More sharing options...
Mouradpr Posted July 25, 2007 Author Share Posted July 25, 2007 (edited) simple to unpack this challenge tnks to roben... coded By MASM...protected by ExeCryptor 1.5.30 and Morphie and packed with winUpack... unpacking without Ollydbg... 1 ) run challenge 2 ) open LordPE & correct ImageSize 3 ) full dump 4 ) run file dumped with "winhex "or "Hex Workshop" search for " MZ....this program...." 5 ) delet a code section before this phrase ---> save file Good job so.. scan the final file with PEiD --->ExeCryptor...ok 6 ) open the final file & open LordPE --> CorrectImageSize ---> full dump... bravo all fine now...but the size of file ??? 40 kb (???????????) 7 ) Open File With LordPE (PE Editor) go to section and wipe lase section ---> save and ok. 8 ) Rebuild File... Edited July 25, 2007 by Mouradpr Link to comment Share on other sites More sharing options...
Mouradpr Posted July 26, 2007 Author Share Posted July 26, 2007 tutorial attached..@+ special thnks to RobenHoodArab.... Tutoial.rar Link to comment Share on other sites More sharing options...
Ufo-Pu55y Posted July 26, 2007 Share Posted July 26, 2007 tutorial attached..@+ special thnks to RobenHoodArab.... Thx, but why that unnecessary steps with LordPE and WinHex ?Or was it just meant for demonstrating something ? Link to comment Share on other sites More sharing options...
Mouradpr Posted July 27, 2007 Author Share Posted July 27, 2007 Thx, but why that unnecessary steps with LordPE and WinHex ?Or was it just meant for demonstrating something ? I do not know how to show you ... but merely draw Successional ... :D:d Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now