bigboss-62 Posted August 7, 2009 Share Posted August 7, 2009 Hello guys...Just after updating Yoda's Decrypter to v1.1, i'm proud to bring you my PE-Nightmare v1.3 decryptor.This crypter is very easy to study, but it has a bad file alignement, causing not working on NT Technology.If you've crypted a proggy that can't be run on NT, just decrypt it with this decrypter and it should work.I have also included source code in masm for those who are interested...See you soon in my next decrypter...Laurent aka BIGBOSS from COPsAny remarks are welcome...CPS!UnPENightmare.zipPENightmare_v13.zip Link to comment
Accede Posted August 7, 2009 Share Posted August 7, 2009 nice work only one error i found on you tool its not are valid win32 aplication,check you crypter next time after i unpacked it wight the unpacker it works.I thing if i pack are orther tool wight this packer the same error. Link to comment
bigboss-62 Posted August 7, 2009 Author Share Posted August 7, 2009 Hello accede,I know that the crypter is "invalid win32 application"...That's because it was already crypted (twice if i remember well) and when being decrypted, it works again.The problem remains with the crypter. When you try to run crypted win32 application on NT based systems (NT, 2K, XP, ...), it will result in invalid win32 application.That's not my fault, it is a bug in the original crypter that don't compute alignment correctly.When i will release sources of the crypter, i will "modify" it to recompute alignment...Laurent aka BIGBOSS from COPs...nice work only one error i found on you tool its not are valid win32 aplication,check you crypter next time after i unpacked it wight the unpacker it works.I thing if i pack are orther tool wight this packer the same error. Link to comment
Accede Posted August 7, 2009 Share Posted August 7, 2009 i hope you fix this on the next time yc have the same algo and dont run on win xp. Link to comment
bigboss-62 Posted August 10, 2009 Author Share Posted August 10, 2009 (edited) Hello again accede,my decrypter is fully working on Windows XP SP3 (Just the original crypter doesn't work, cause crypted files are not working on NT/2K.XP), but when you unpack it with my decrypter, they're working again...I have no problem with my Yoda's Crypter decrypter on Windows XP. May be you've got an antivirus that doesn't allow crypted files to be ran, because I have no problem with my Yoda's decrypter, nor with Yoda's Crypter **with** default options...There are some problems with original crypter on XP: "Erase PE Header" activated doesn't run proggy, and "Exit If SoftIce loaded" activated returns an error...That's not my fault, that's a problem with original crypter, don't blame me...Laurent aka BIGBOSS from COPs...i hope you fix this on the next time yc have the same algo and dont run on win xp. Edited August 10, 2009 by bigboss-62 Link to comment
Accede Posted August 11, 2009 Share Posted August 11, 2009 Her i make two pics frist is packed second is unpacked exe.Thta you see you packer dont work on xp pro sp3 wight all updates and no on the folder how i have you packer its on the allow list off my av.packed.bmpunpacked.bmp Link to comment
bigboss-62 Posted August 12, 2009 Author Share Posted August 12, 2009 That's what i said in my previous posts...Packed files are XP/2K incompatible (That's due to a bad alignment...), but the unpacker is XP/2K compatible... That's original crypter *bug*...That's why i wanna source the original crypter and correct alignment.You also said the same "bug" in Yoda's Crypter, but if you keep "default" checkboxes, it works...Laurent aka BIGBOSS from COPs...Her i make two pics frist is packed second is unpacked exe.Thta you see you packer dont work on xp pro sp3 wight all updates and no on the folder how i have you packer its on the allow list off my av. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now