lena151 Posted December 22, 2007 Share Posted December 22, 2007 (edited) Hi to everybody. Here is a small old year - new year present to fill those empty moments in this dark time of the year. Happy living to all. The unpackme was protected by a stripped down version of lARP 2.0 (lena151's Anti Rip Protector). Unpack/deprotect the unpackme and the first to succeed gains a kiss on the forehead from me (or perhaps this is a good reason not to try it? ) Success to all, lena151. lARP_2.0_Unpackme.rar Edited December 23, 2007 by Teddy Rogers Corrected the topic title... Link to comment Share on other sites More sharing options...
revert Posted December 22, 2007 Share Posted December 22, 2007 Hi, Not sure but I think this should do it./>http://rapidshare.com/files/78361481/dump.rar.html Its not easy on Vista x64 Link to comment Share on other sites More sharing options...
pavka Posted December 22, 2007 Share Posted December 22, 2007 My variantlARP_2.0_Unpacked_.rar Link to comment Share on other sites More sharing options...
lena151 Posted December 22, 2007 Author Share Posted December 22, 2007 Good job guys.pavka even restored the stolen bytes but jstorme gets the kiss for being first!Thanks for your interest,lena151. Link to comment Share on other sites More sharing options...
ChupaChu Posted December 23, 2007 Share Posted December 23, 2007 Someone cares to write a walkthrough - tutorial for unpacking it? I'll start learning unpacking in new year, so.. I'd apreciate it BR, ChupaChu! Link to comment Share on other sites More sharing options...
lena151 Posted December 24, 2007 Author Share Posted December 24, 2007 Someone cares to write a walkthrough - tutorial for unpacking it?He ChupaChu,It's nothing special. I just used a couple tricks and some basic obfuscation which you will come across if you study the beginner series indepth from #20 and up. It would be repeating old material to make a walkthrough for it. Also, do take a special look in #37 about unpacking MSLRH.I wish you all success in your quest!lena151. Link to comment Share on other sites More sharing options...
ChupaChu Posted December 24, 2007 Share Posted December 24, 2007 Thanx for pointing me in the right direction, i have always avoided unpacking as much as i coud but i guess its time to dig my self into it..Happy hollidays!BR, ChupaChu! Link to comment Share on other sites More sharing options...
Apakekdah Posted December 24, 2007 Share Posted December 24, 2007 (edited) Its hard... i'm stuck in here... 0040F9B5 F7D8 NEG EAX0040F9B7 3D 706F6F6F CMP EAX,6F6F6F700040F9BC 75 06 JNZ SHORT lARP_2_0.0040F9C40040F9BE 8D9D 061A4000 LEA EBX,DWORD PTR SS:[EBP+401A06]0040F9C4 830424 02 ADD DWORD PTR SS:[ESP],20040F9C8 C3 RETN0040F9C9 75 00 JNZ SHORT lARP_2_0.0040F9CB how to skip this ? Edited December 24, 2007 by Apakekdah Link to comment Share on other sites More sharing options...
dR.cARBOn Posted December 25, 2007 Share Posted December 25, 2007 My unpacked! dr.carbon unlARP.zip Link to comment Share on other sites More sharing options...
dR.cARBOn Posted December 25, 2007 Share Posted December 25, 2007 here is the easiest medthod!for newbies!greetzdr.carbonunlena.zip Link to comment Share on other sites More sharing options...
pavka Posted December 25, 2007 Share Posted December 25, 2007 @Apakekdah 0040F9B5 F7D8 NEG EAX 0040F9B7 3D 706F6F6F CMP EAX,6F6F6F70 <---------chek if fill nop call 0040F9BC 75 06 JNZ SHORT lARP_2_0.0040F9C4 0040F9BE 8D9D 061A4000 LEA EBX,DWORD PTR SS:[EBP+401A06] 0040F9C4 830424 02 ADD DWORD PTR SS:[ESP],2 0040F9C8 C3 RETN 0040F9C9 75 00 JNZ SHORT lARP_2_0.0040F9CB Link to comment Share on other sites More sharing options...
Apakekdah Posted December 25, 2007 Share Posted December 25, 2007 @Apakekdah0040F9B5 F7D8 NEG EAX 0040F9B7 3D 706F6F6F CMP EAX,6F6F6F70 <---------chek if fill nop call 0040F9BC 75 06 JNZ SHORT lARP_2_0.0040F9C4 0040F9BE 8D9D 061A4000 LEA EBX,DWORD PTR SS:[EBP+401A06] 0040F9C4 830424 02 ADD DWORD PTR SS:[ESP],2 0040F9C8 C3 RETN 0040F9C9 75 00 JNZ SHORT lARP_2_0.0040F9CB when i nopped it app terminate but if i leave it alone, app wont start, he just looping in there... Link to comment Share on other sites More sharing options...
pavka Posted December 26, 2007 Share Posted December 26, 2007 @ApakekdahClean unnecessary call and it will be easier to you to investigate a code. Example:call ХХХХХХХADD DWORD PTR SS:[ESP],2 C3 RETNcall ХХХХХХХADD DWORD PTR SS:[ESP],1 C3 RETNcall ХХХХХХХADD DWORD PTR SS:[ESP],5 C3 RETNAnd so on Link to comment Share on other sites More sharing options...
What Posted December 26, 2007 Share Posted December 26, 2007 Yeah not really hard, nice little tricks here and there, but nothing really complex. If practice solving problems by yourself, you should be able to get this soon enough. Link to comment Share on other sites More sharing options...
kaksii Posted December 28, 2007 Share Posted December 28, 2007 Hehe, I'm glad lena is back. Keep reversing! Link to comment Share on other sites More sharing options...
Fungus Posted August 19, 2008 Share Posted August 19, 2008 Ok this took me a loooooong time, but I finally did it.larp2.0UnpackedMe.rar Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now