Busted Posted September 23, 2007 Share Posted September 23, 2007 Hey all, I am searching for an unpacker source code coded in assembly , the reason for this is I want to start coding unpackers you know teach myself. I havn't found any tutorials on coding unpacker's if you happen to come across any let me know , anyways... your help is appreciated! Tipidy Link to comment
Killboy Posted September 23, 2007 Share Posted September 23, 2007 There was source code shipped with human's Safecast unpacker, if I remember correctly. Just search the forums There are other (mostly MASM) sources, e.g. for yoda's protector, pec2 (also one by human I think), mew, ... Couldnt find them that quickly, but I'll look for it if you cant find it yourself via google etc. Link to comment
s0me0ne Posted September 23, 2007 Share Posted September 23, 2007 ap0x Unpacker Engine SDK Link to comment
Busted Posted September 24, 2007 Author Share Posted September 24, 2007 Thank you Killboy and s0me0ne for anyone else interested in this subject visit: http://exetools.com/unpackers.htm most of the unpacker's here come with source code Link to comment
human Posted September 24, 2007 Share Posted September 24, 2007 first to code unpackers you need to know how packer works, next you need to know how PE format is designed, then how IAT works.without it no luck. Link to comment
metr0 Posted September 24, 2007 Share Posted September 24, 2007 Tipidy Check deroko's site, he has that DreamOfEveryReverser-Unpacking-Engine (huh, what a word), _really_ nice: http://deroko.phearless.org. Have fun. Link to comment
Busted Posted September 26, 2007 Author Share Posted September 26, 2007 Thank you metr0, appreciated! Link to comment
zipera Posted September 29, 2007 Share Posted September 29, 2007 Here's the source for pecompact unpacker. nice one to start. Also attached the binary code.;prosty unpacker dla pecompact napisany przez mirz;wszystkie uwagi, bledy itp. wysylaj na e-mail:;mirz@o2.pl.386.model flat,stdcallOPTION CASEMAP:NONE;bibliotekiinclude windows.incinclude user32.incincludelib user32.libinclude kernel32.incincludelib kernel32.libinclude comdlg32.incincludelib comdlg32.libSetBreakpoint PROTO :DWORD ;procedura do stawiania breakpointSprawdzPE PROTO ;procedura do sprawdzania PESyganturaPeCompact PROTO ;procedura do sprawdzania czy jest PeCompact2.XSzukajOEP PROTOUsunBreakpoint PROTO :DWORD,:BYTE ;procedura sluzacza do usuwania breakpointaSzukajIID PROTODump PROTOZapisz PROTO.CONST.DATA ofn OPENFILENAME <> FilterString db "Pliki (*.exe)",0,"*.exe",0,0 szTitle db "[Un-PeCompact 0.1b] by mirz - Wybierz cel...",0 blad db "B│╣d",0 bladPlik db "Niemogŕ uzyskaun_pecompact_0.1b.zip Link to comment
zako Posted September 29, 2007 Share Posted September 29, 2007 Here's the source for pecompact unpacker. nice one to start. excellent, I do like it when it does what it says on the box cheers. Link to comment
ragdog Posted October 1, 2007 Share Posted October 1, 2007 hi guyshere is a another PECompact 2.64/2.78a/2.79 (beta) Unpacker source in masmgreetsragdogUn2Pec.zip Link to comment
Busted Posted October 2, 2007 Author Share Posted October 2, 2007 ragdog my man, this is exactly what I'm after. A straight forward, easy to follow unpacker . Thanks a million, now I can study and code ! Link to comment
CDW Posted November 13, 2007 Share Posted November 13, 2007 (edited) ragdog my man, this is exactly what I'm after. A straight forward, easy to follow unpacker . Thanks a million, now I can study and code ! And if you look for "about" in Un2Pec, you will see all the sources you need: ---------------------------About --------------------------- Especially thanks to: Iczelion and his PE-Tutorials (http://win32assembly.online.fr/) dzzie's 'Unterstanding IAT' (http://sandsprite.com/papers.html) and Shub Nigurrath for some hints how to use ThreadContext in the right way http://www.codebreakers-journal.com/index....Magazine/index/ and y0da (http://y0da.cjb.net/) - for the Lord PE I don't think you can learn a lot from the horrible un2pec source . Of course you see how to make BPs, restore IAT or dump, but if you aren't very familiar with PE and IAT formats you would not understood, _why_ it works. I think, the main (and hardest) point of "coding an unpacker" is to find out the "generic" way of unpacking the protection. btw. unpackers for ExeStealth(+ExeShield+Yoda'sCrypter), Yoda's Protector 1.03, MEW, SoftwareCompress Y0daUnProtector.zip UnExeStealth.zip SoftwareDeCompress.zip MEWunpacker.zip Edited November 13, 2007 by CDW Link to comment
Xylitol Posted March 24, 2008 Share Posted March 24, 2008 http://ap0x.jezgra.net/SDK.rar Link to comment
kylls Posted September 9, 2008 Share Posted September 9, 2008 hi guyshere is a another PECompact 2.64/2.78a/2.79 (beta) Unpacker source in masmgreetsragdogtanks ! Link to comment
Hageneesjuh Posted October 2, 2008 Share Posted October 2, 2008 ThnQ for the codes guys!! Link to comment
RmK-FreE Posted March 17, 2009 Share Posted March 17, 2009 hi guyshere is a another PECompact 2.64/2.78a/2.79 (beta) Unpacker source in masm greets ragdog ThX Link to comment
born2download Posted July 7, 2009 Share Posted July 7, 2009 (edited) Was searching the net for a PECompact Unpacker. Found a few sites, but wouldn't let me register.. until i found Tuts 4 You Thanks a lot for the amazing tools. They helped me unpack an important file Great site BTW 'till later, B2D // from The Netherlands Edited July 7, 2009 by born2download Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now