Jump to content
Tuts 4 You

[UnpackMe]My UnpackMe 1.8


Gladiator

Recommended Posts

Hello all masters.

Here we have an unpackme file that was protected with Hefaz Protector 1.8.0 ( Hefaz is a persian Protector ) , I have enabled all standard option to protect test file with std option ( no more difficulty ), please try to unpack it.

Thanks.

Best Regards.

Note:The main application was protected with VMProtect.

Edited by Gladiator
Link to comment
Share on other sites

Note:The main application was protected with VMProtect.

Well, if you're using VMProtect then its not exactly a test of the other 'protector' now is it?

HR,

Ghandi

  • Like 1
Link to comment
Share on other sites

Note:The main application was protected with VMProtect.

Well, if you're using VMProtect then its not exactly a test of the other 'protector' now is it?

HR,

Ghandi

No there is no test of VMProtector , one of the hefaz exploits is trace of x86 code to find something be useful to unpack , here used code mutation to block it. you would test other way to unpack it.there is no difficulty about VMProtector .;)

Thanks.

Best Regards.

Link to comment
Share on other sites

Forum Role: a CrackMe MUST be compiled of your OWN code. If it is a commercial target or of someone else's work you WILL be banned for crack requesting.

this also covered about UnPackMe.

you want to Publish Hefaz as Comercial Protector , but:

You used VMProtect its mean you cant protect yourself from Reverse engineering you used others protector to make it difficult to analyse your protector.

so when you dont trust yourself about protect you protector, how you can speak about protecting others target for e.g UnPackMe.

-----------------------------------------------------------------------------

one of the hefaz exploits is trace of x86 code to find something be useful to unpack here used code mutation to block it>>there is no difficulty about VMProtector

***************************************************************************

you told VMProtect implemented to block one of HeFaz Vulnerability, but there is no difficulty about Using VMprotect. so why you used it?

Regards

Edited by Raham
Link to comment
Share on other sites

Forum Role: a CrackMe MUST be compiled of your OWN code. If it is a commercial target or of someone else's work you WILL be banned for crack requesting.

this also covered about UnPackMe.

you want to Publish Hefaz as Comercial Protector , but:

You used VMProtect its mean you cant protect yourself from Reverse engineering you used others protector to make it difficult to analyse your protector.

so when you dont trust yourself about protect you protector, how you can speak about protecting others target for e.g UnPackMe.

-----------------------------------------------------------------------------

one of the hefaz exploits is trace of x86 code to find something be useful to unpack here used code mutation to block it>>there is no difficulty about VMProtector

***************************************************************************

Regards

about your note accross roles i can't accept you , becuase in this thread we have so many topics that was unpackme ( Protected with Enigma , WL , TM or ... ) but if you say all the unpackmes should be protect with own shell engine please first delete all this topics !

and about trust and ... for Hefaz protector , i sad VMProtector have nothing to fear about it's difficulty and i used it to block code trace and newbie crackers , i think you are professional so try to remove VMProtect ( it's easy to you ) and unpack second shell.

you told VMProtect implemented to block one of HeFaz Vulnerability, but there is no difficulty about Using VMprotect. so why you used it?

There is so many troubles for Newbi Crackers and no difficulty for professionals like you , so don't worry about it , here we have some thing to learn , please stop your Obsession and share you'r information.

I think Treat about roles and VMProtector used is so Futile , please stop off topics ( Raham ) and try to fix unpackme.

I hope all the masters excuse me and help to unpack this stuff.

Thanks.

Best Regards.

Edited by Gladiator
Link to comment
Share on other sites

There is so many troubles for Newbi Crackers and no difficulty for professionals like you , so don't worry about it , here we have some thing to learn , please stop your Obsession and share you'r information.

I think Treat about roles and VMProtector used is so Futile , please stop off topics ( Raham ) and try to fix unpackme.

I hope all the masters excuse me and help to unpack this stuff.

One major difference with the unpackme's posted that are using commercial protectors... They have it in the title of the unpackme and it is a major part of the unpackme. You're trying to tell me you're blocking a vulnerability in 'your' protector code with a commercial protector like VMProtect (which is just cake to reverse now, isn't it...) plus you have the audacity to try to gloss over it with a greyed out line of text (in your first post) or brushing it aside as if it is a simple wrapper...

HR,

Ghandi

Link to comment
Share on other sites

One major difference with the unpackme's posted that are using commercial protectors... They have it in the title of the unpackme and it is a major part of the unpackme. You're trying to tell me you're blocking a vulnerability in 'your' protector code with a commercial protector like VMProtect (which is just cake to reverse now, isn't it...) plus you have the audacity to try to gloss over it with a greyed out line of text (in your first post) or brushing it aside as if it is a simple wrapper...

HR,

Ghandi

I am sorry about it , i had to say it first that i used commerical protector for more security but i have not any Purpose for cheating.

VMProtect minimum SDK used to just block newbi level crackers for cover this exploit , in the next version this vulnerability will be fixed. ;)

Thanks for time you spend. :flowers:

Best Regards.

Edited by Gladiator
Link to comment
Share on other sites

Hi

as same as Ghandi noted, the Engima/Vm/Tm/WL unPackMe on this forum is entitled with their name!

for example a few topic below you can see Engima UnPackMe 2.05 by LCF-At:

it called Enigma UnPackMe and its just ENIGMA, she/he didnt protect ENigma Protected file with VMProtect for covering Enigma dark points!

------------------

About fixing your vulnerability, as i can remember hefaz 1.0 til 1.8 had been protected with VMProtect >> you didnt covered you Vuln.

Actually im not pro as you know. and this is not OffTopic as i & others know.

if you want, ok i will not post any thing.

Note: your UnPackme dont work on my PC.

Good Luck

Edited by Raham
Link to comment
Share on other sites

Hi

as same as Ghandi noted, the Engima/Vm/Tm/WL unPackMe on this forum is entitled with their name!

for example a few topic below you can see Engima UnPackMe 2.05 by LCF-At:

it called Enigma UnPackMe and its just ENIGMA, she/he didnt protect ENigma Protected file with VMProtect for covering Enigma dark points!

This unpackme is not a challenge , this is just a test so i covered my vulnerability with VMP to test it now not a mouth later.

About fixing your vulnerability, as i can remember hefaz 1.0 til 1.8 had been protected with VMProtect >> you didnt covered you Vuln.

It's not true , how you say this , did you buy it ??????

Edited by Gladiator
Link to comment
Share on other sites

Hi,

I have not fixed all int3 commands.Just so many til it starts and works correctly on my system.Maybe I fix the rest later then it should also work for you.

Anyway,all in all its a bad protection and the author does not win a flowerpot for this! :)

greetz

Link to comment
Share on other sites

I have not fixed all int3 commands.Just so many til it starts and works correctly on my system

Thanks again Dear LCF-AT but Without fixing int3 sections unpacked file make crash on all the systems.

hefaz is growing and i promise i will fix problems like speed and eth.

Thanks for spending your time on my unpackme , i will wait for full unpacked application.

Link to comment
Share on other sites

Eset detects it as a virus , you should fix this problem first :dunno:

In the new version of Eset this problem has fixed , just old version also detect it as riskware.

you can get newer version from Eset website , update don't effects.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...