Teddy Rogers Posted March 10, 2008 Share Posted March 10, 2008 PeSpin 1.32 Nice to see PeSpin being updated again... http://tuts4you.com/download.php?view.2183 Ted. Link to comment Share on other sites More sharing options...
What Posted March 10, 2008 Share Posted March 10, 2008 Its DebugBlocker setup is very interesting. Its has its own nanomites, lea eax, eax. Its in compare jmps, 2 bytes, and when the exception occurs the parent process determines whether the jump would have been made, then sets the eip accordingly. I am not sure how to repair it yet, need to study it a little more. The rest is pretty easy, but the debugger blocker is a nuisance that must be killed. Link to comment Share on other sites More sharing options...
cyberbob Posted March 12, 2008 Share Posted March 12, 2008 as you will see not only jumps are "calculated" by second process;) I think it's quite nice, solid feature Link to comment Share on other sites More sharing options...
What Posted March 12, 2008 Share Posted March 12, 2008 Well I got all the protections unpacked by themselves, even for some reason found the crc calculation and patched it . As for doing all protection at once, I am going to say screw it, at least for a couple weeks, I want to see some straight forward code now. Maybe I will just sit and stare at some upx code, Link to comment Share on other sites More sharing options...
Apuromafo Posted March 31, 2008 Share Posted March 31, 2008 shoo in forum japanese, was unpacked the pespin 1.32 the principal packer..(maybe that are debug blocked?) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now