Jupiter2000 Posted January 16, 2011 Share Posted January 16, 2011 (edited) Hi A unpackme high and strong for you is crackers Files protected by Hefaz Protector Type protection = anti dump anti olly dongle lock Anti Debug Code Encryption / Decryption & Code Obfuscation :woot: O Security = 7 / 10 http://www.4shared.com/file/3Xuwmfmm/UnpackMe.html What do you see this file UnpackMe.zip Edited January 17, 2011 by Teddy Rogers Attached crackme to the board... Link to comment Share on other sites More sharing options...
LCF-AT Posted January 16, 2011 Share Posted January 16, 2011 (edited) Hi, ok I have patched the file fast. Just run and enter something. PS: I re-protected the file again to keep my patch hidden so far. greetz CrackMe_Patched_LCF-AT.rar Edited January 16, 2011 by LCF-AT 1 Link to comment Share on other sites More sharing options...
grizzmo Posted January 16, 2011 Share Posted January 16, 2011 Hi, ok I have patched the file fast. Just run and enter something. PS: I re-protected the file again to keep my patch hidden so far. greetz Sorry to intrude, but your patched file gives an exception with errorcode 00000013 on win7 32bit. Link to comment Share on other sites More sharing options...
LCF-AT Posted January 16, 2011 Share Posted January 16, 2011 @ grizzmoHhmmm,what about the original file?Did you download it too and test it on your win7 and if yes does this run without any problems?Try to run it again so I see also the original file does not run always correctly sometimes.Seems to be a unstable version.@ Jupiter2000Are you sure that this is a hefaz 2 version unpackme?Your's is named with 1.9 how you can see on my picture.Also you should better attach the unpackme on this board and not on a extern file host.greetz Link to comment Share on other sites More sharing options...
Syntax Posted January 17, 2011 Share Posted January 17, 2011 Patched file working fine here in XP SP3. Link to comment Share on other sites More sharing options...
HyperChem Posted January 17, 2011 Share Posted January 17, 2011 The exe file is a loader for the real executable, which is data.dat.A debugging cycle was built in loader, which was used for processing exceptions in child process. and the exceptions looked like nanomites in Armadillo. Link to comment Share on other sites More sharing options...
r0ket Posted January 17, 2011 Share Posted January 17, 2011 Patched works with w2k3 x64 Link to comment Share on other sites More sharing options...
Gladiator Posted January 17, 2011 Share Posted January 17, 2011 dongle lock there is no dongle checking , if dongle enabled the cracking goes impossible Link to comment Share on other sites More sharing options...
grizzmo Posted January 17, 2011 Share Posted January 17, 2011 @ grizzmo Hhmmm,what about the original file?Did you download it too and test it on your win7 and if yes does this run without any problems?Try to run it again so I see also the original file does not run always correctly sometimes.Seems to be a unstable version. greetz Hi LCF-AT, You are right, I am sorry. This crackme indeed doen't run on win7 32 bit!! Also noticed when running the crackme and the patched crackme in compatibility mode (winxpsp3) they all run fine! So, you cracked this one! I thought this was one of the newer protectors, so I assumed this would run automatically on win 7. Guess I better not assume too much. Seems like the uploader didn't test this properly, before uploading this, or wasn't able to include a proper readme. grizzmo Link to comment Share on other sites More sharing options...
Gladiator Posted January 17, 2011 Share Posted January 17, 2011 @Jupiter2000 :This Unpack-me that you have posted it was not version 2 , it is version 1.9.0please be careful.thanks. Link to comment Share on other sites More sharing options...
LCF-AT Posted January 17, 2011 Share Posted January 17, 2011 Hi, Thanks for your test so far. @ grizzmo Ah no problem. "So, you cracked this one!" <-- Yes Ok now I have it unpacked so far.Not fixed all Nanos at the moment but the most of them with a script.So I hope that it also runs for you now.If not then I need to fix the other nanos too later.Just test and tell. greetz CrackMe_Unpacked_LCF-AT.rar Link to comment Share on other sites More sharing options...
blackpirate Posted January 17, 2011 Share Posted January 17, 2011 @LCF both files work fine here on my 7 x86! patched and unpacked! even if i dont enter any name or serial, and just clik OK , tells that serial number its good! Link to comment Share on other sites More sharing options...
LCF-AT Posted January 17, 2011 Share Posted January 17, 2011 Ah ok blackpirate & thanks for testing. Ok here now my complete Nano Fixed Unpacked file. --------------------------------- Difficulty Level: 3 of 10 --------------------------------- greetz CrackMe_FULL_NanoFix_Unpacked_LCF-AT.rar Link to comment Share on other sites More sharing options...
Raham Posted January 17, 2011 Share Posted January 17, 2011 (edited) Hi any buddy.@jupitersecurity 7 / 10? Whats??? Nice joke!LoL......i wrote a tools(Raham Storm).... Which can fix any type of nanomites! Yes! Any! Its compeletly universal nanomites fixer.... Not just like armadillo... Jmp.... Even...push.pop.call.add.ret.mov and....and this unpackme that dear lcf ranked as 3 of 10 i dont rank higher than 2.... Its really quite easy.... my tool is algorithm independent! So its work on hefaz,sepanta!!!,strong bytes..., and most other nanomites.Im still work on it to makeit full auto. Because its semi auto now.Regards Edited January 17, 2011 by Raham Link to comment Share on other sites More sharing options...
EvOlUtIoN Posted January 17, 2011 Share Posted January 17, 2011 Good job! I know what to do to solve it, but unfortunately i'm not good in writing scripts, and fix all nanos manually requests some time...so i will not procedd since it is fully defeated Link to comment Share on other sites More sharing options...
Gladiator Posted January 18, 2011 Share Posted January 18, 2011 (edited) Hi any buddy. @jupiter security 7 / 10? Whats??? Nice joke! LoL...... i wrote a tools(Raham Storm).... Which can fix any type of nanomites! Yes! Any! Its compeletly universal nanomites fixer.... Not just like armadillo... Jmp.... Even...push.pop.call.add.ret.mov and.... and this unpackme that dear lcf ranked as 3 of 10 i dont rank higher than 2.... Its really quite easy.... my tool is algorithm independent! So its work on hefaz,sepanta!!!,strong bytes..., and most other nanomites. Im still work on it to makeit full auto. Because its semi auto now. Regards We will wait for your storm , have funny time ! Edited January 18, 2011 by Gladiator Link to comment Share on other sites More sharing options...
LCF-AT Posted January 18, 2011 Share Posted January 18, 2011 Yes the unpackme is not so hard but nice. Ah no problem Evo so I know that this is also no problem for you to unpack.Sure it pretty hard to fix all nanos manually so its better to create a small helper like a script or tool. Hey Raham,are you sure that your tool can handle all Nanos of xy protector?If yes then I am curious on it. Ok so now I have written a fast unpack & nano fix script for this unpackme which you can use now.Just run,wait a bit and follow my message at the end.Just dump it right - no iat fixing! PS: Script will maybe not work with win7 [+Enabled ASLR Feature!].Just a info for you if your loaded app in Olly has a dynamic ImageBase. greetz CrackMe Hefaz 1.9 UnpackMe - Fast Unpack Script by LCF-AT.rar 2 Link to comment Share on other sites More sharing options...
Gladiator Posted January 18, 2011 Share Posted January 18, 2011 Good job LCF-AT Very nice work , thank you so much to share script Link to comment Share on other sites More sharing options...
icezy170 Posted January 18, 2011 Share Posted January 18, 2011 i can't download this file. Link to comment Share on other sites More sharing options...
FuJ!N Posted January 18, 2011 Share Posted January 18, 2011 dear Gladiator is it full protection with hefaz 2 or some protection is not enable? Link to comment Share on other sites More sharing options...
Gladiator Posted January 19, 2011 Share Posted January 19, 2011 dear Gladiator is it full protection with hefaz 2 or some protection is not enable?No there is just some protection enabled like nanomits , all anti dumps , anti debugs , code obfuscation and .... disabled. Link to comment Share on other sites More sharing options...
FuJ!N Posted January 19, 2011 Share Posted January 19, 2011 @Gladiator Please upload a perfect protection sample Link to comment Share on other sites More sharing options...
Gladiator Posted January 19, 2011 Share Posted January 19, 2011 @Gladiator Please upload a perfect protection sample as soon 1 Link to comment Share on other sites More sharing options...
Raham Posted January 20, 2011 Share Posted January 20, 2011 Hi.im here with my storm;)With this tut you will learn how unpack hefaz.... Actually fix nanomites by Raham Storm.HEFAZ protector security:1.5 / 10www.4shared.com/file/AMKJ6aPh/Fix_Nano_By_Raham_Storm.htmlRegards. 1 Link to comment Share on other sites More sharing options...
LCF-AT Posted January 20, 2011 Share Posted January 20, 2011 @ Raham Hhmmm,looks good so far. I have seen your Hefaz movie and I have 3 questions. 1. Why do you need to break on the Set..API with a manually F9 / F12 loop? 2. Does your tool not fix the Nanos in realtime and automatic in memory? 3. I see you need to execute all the code manually.Press buttons to execute the code and then nanos will record by your tool.So this method is not so good so you cant fix all Nanos on this way.If you now enter a valid key.... ...then it will crash so this code you have not executed you know. 4. Tell me if I have seen something wrong etc you know. Anyway,so for the moment your beta tool looks very interesting for me!Would like to test it too. Test also this version with your tool./>http://forum.tuts4you.com/index.php?showtopic=23816&view=findpost&p=113437/>http://forum.tuts4you.com/index.php?app=core&module=attach§ion=attach&attach_id=6236 greetz Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now