Rompope Posted December 4, 2008 Posted December 4, 2008 (edited) Your Mission if you choose Unpack this file and tell me the original OEP and original File Size. some things to consider: anti olly if you can bypass this please tell me how;) , anti dumping and a few other things let me know! PS. most of the file size is the chiptune converted to c++ table array (adds to the encryption bigger the file = more encryption ps: attach to process example Sorry a little drunk right now maybe this is simple for you to bypass but let me know PS. I am Nefarious PS. The File size is higher now then it is Uncryptedme NefariousUnCryptMe.zip Edited December 4, 2008 by Rompope
sdy100 Posted December 4, 2008 Posted December 4, 2008 (edited) OEP :0040365E SIZE :61,440Unpack_NefariousUnCryptMe.rar Edited December 4, 2008 by sdy100
Rompope Posted December 4, 2008 Author Posted December 4, 2008 was it even a challenge or a peice of cake.. looking at the time stamp I think it took you more then 5 or 10 minutes?
sdy100 Posted December 4, 2008 Posted December 4, 2008 004050A0 D0 50 00 00 004050A4 00 F0 00 00 ?...?.?.004050D0 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 MZ?........004050E0 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ?......@.......004050F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................00405100 00 00 00 00 00 00 00 00 00 00 00 00 F0 00 00 00 ............?..00405110 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 ?.???L?Th00405120 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F is program canno00405130 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 t be run in DOS00405140 6D 6F 64 65 2E 0D 0D mode...004050A4 F000 ==Size
by:70 Posted December 4, 2008 Posted December 4, 2008 (edited) help bp SetHandleCount Edited December 4, 2008 by by:70
EvOlUtIoN Posted December 5, 2008 Posted December 5, 2008 (edited) here it is unpacked original one...4 simple steps.1. Get address of first unformatted (encrypted) resource data (here will be the file)2. Run program till resource is decrypted (or run totally no problem at all)3. Make a raw dump of whole program4. Dump with lordpe the first unformatted resource data, it is original file...runs perfectly untouched.Size and OEP are the ones exactly of attached fileThere are more than one method to unpack it, but this is undoubtely the easiest one.unpacked_ok.rar Edited December 5, 2008 by EvOlUtIoN
by:70 Posted December 5, 2008 Posted December 5, 2008 here it is unpacked original one...4 simple steps. 1. Get address of first unformatted (encrypted) resource data (here will be the file) 2. Run program till resource is decrypted (or run totally no problem at all) 3. Make a raw dump of whole program 4. Dump with lordpe the first unformatted resource data, it is original file...runs perfectly untouched. Size and OEP are the ones exactly of attached file There are more than one method to unpack it, but this is undoubtely the easiest one. thank you
blaCke Posted December 5, 2008 Posted December 5, 2008 (edited) help bp SetHandleCount What do you mean? lol Edited December 5, 2008 by CtF
EvOlUtIoN Posted December 6, 2008 Posted December 6, 2008 helpbp SetHandleCountFor me it doesn't take any sense.Help for what? It is not a real packer, just grab original file and dump it in any way you want, what else?Make a description of your difficulty so i can help...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now