Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[unpackme] [Medium] Unpack me & Reverse Me

Ownage
Ownage
in UnPackMe

Featured Replies

Posted

Find a printable string that the program would print ultimately.

Have fun, firstly by unpacking :)

Unpack.zip

The [unpackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

my Win7 x64 says

"F_ILE.exe is not a valid Win32 application."

cc_confused.gif

@ Ownage

1. What is that for a BullSh..!?

2. Send a unpackme with a normal description etc or leave the house!

3. Why do you send a dll as exe?

4. And whats this... :) Some hidden BS again?

5. bin200.dll

6. Also there is not much to unpack!Simple OEP and some cheap API RD

10001167  MOV EDI,1000B030                       ; ASCII "netsvcs"1000122A  PUSH 1000B238                          ; ASCII "binary 200 problom"
1000122F  PUSH 1000B134                          ; ASCII "bin200"
10001234  PUSH 1000B030                          ; ASCII "netsvcs"100013BC  PUSH 1000B4B4                          ; ASCII "WinStationTerminateProcess"
100013C1  PUSH 1000B4A8                          ; ASCII "winsta.dll"10001537  PUSH 1000B4D8                          ; ASCII "b2"
1000153C  CALL DWORD PTR DS:[1000A018]           ; ADVAPI32.RegisterServiceCtrlHandlerA
0013F4E8   100019E4  /CALL to CreateServiceA from bin200.100019DE
0013F4EC   0017B640  |hManager = 0017B640
0013F4F0   1000B134  |ServiceName = "bin200"
0013F4F4   1000B238  |DisplayName = "binary 200 problom"
0013F4F8   000F01FF  |DesiredAccess = SERVICE_ALL_ACCESS
0013F4FC   00000010  |ServiceType = SERVICE_WIN32_OWN_PROCESS
0013F500   00000002  |StartType = SERVICE_AUTO_START
0013F504   00000001  |ErrorControl = SERVICE_ERROR_NORMAL
0013F508   0013F660  |BinaryPathName = "%SYSTEMROOT%\System32\svchost.exe -k netsvcs"
0013F50C   00000000  |LoadOrderGroup = NULL
0013F510   00000000  |pTagId = NULL
0013F514   00000000  |pDependencies = NULL
0013F518   00000000  |ServiceStartName = NULL
0013F51C   00000000  \Password = NULL

greetz

  • Author

Don't mark it as a bull****. You must find a password, that's all :). Obviously I made it a little bit tricky, not like all the rest.

What for a password and for what and how to use the password?If you unpack the dll then you can run it with loaddll.exe normaly so there comes no message with "enter pass" or something.So better you explain the sense of your dll file.Give some more infos why to find a password and for what you can use it etc. :)

greetz

@ Ownage

So where are you baby? smile.png

You did still not answer my question from my last reply!

So I think you got some bad conscience or?

So I see there are still some downloads of this Unpack.zip file from above....

@ others

Better do not download and execute this file anymore!Its a bad one.Full of virus and it changes your windows services [service kill] so that you can re-install or repair your windows after restart.So I had check this. smile.png

So lets say thank you together to schmoll.gif Ownage for sending some useless BS. fakenopic.gif

greetz

  • 4 weeks later...

@ Ownage

a little bit tricky " a little bit nasty"

drive1.gif

Edited by delldell

5. bin200.dll

Some CTF challenge?

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.