Jump to content
Tuts 4 You

[unpackme] The Enigma Protector v3.70

SReg

By SReg
in UnPackMe

 Share

Recommended Posts

LCF-AT

LCF-AT

Posted
Posted

Hello SReg,

nice to see that someone has created a new UnpackMe with this new Enigma protection.Thanks for this. :)

Ok I have checked the new version now and I see they changed something.... :) ...so the VM plugin by DizzY will no more work.Ok so the main change which I can see this that they used now a other VM Table + some more VM code routines.

So here my unpacked files.Test and tell whether its working for you.I have also rebuild the VM back to code [only the used code] so you will see it from OEP [also rebuilded] if you srcoll a bit down.

greetz

Enigma UnpackMe v3.70 Unpacked x2.rar

Link to comment
Share on other sites
DizzY_D

DizzY_D

Posted
Posted

Ok I have checked the new version now and I see they changed something.... :) ...so the VM plugin by DizzY will no more work.

That's why I released the source code of it. As far as I can see there are no major changes so it should not be that hard to fix that. I really hoped that someone will do this job as long as I don't have the time to do this anymore.

Link to comment
Share on other sites
LCF-AT

LCF-AT

Posted
Posted

@ DizzY_D

Yes thats right there are no major changes.Unfortunately I am no coder so I can't work with your C++ Soße so I hope it too that someone who can code can expand your plugin Soße which can handle the new version of VM push values and create a new version of your plugin. :) Lets see what happens.

greetz

Link to comment
Share on other sites
Raham

Raham

Posted
Posted

@ DizzY_D

I hope it too that someone who can code can expand your plugin Soße which can handle the new version of VM push values and create a new version of your plugin.

i did it;) now i wanna to test better.

well i didnt analysed Enigma VM at all, full creditz surely goes to DizzY_D.

just a stuff....

@LCF

whats new feature? i just fixed XOR Value stuff on PUSH the Offset. is there anything new (Except XOR)?

Link to comment
Share on other sites
LCF-AT

LCF-AT

Posted
Posted

Hi Raham,

cool nice to hear that you want to expand the plugin. :) So all in all there are nothing new about VM table process just the push values has changed where you need to calc the offsets.VMed commands values / table etc are same.If you need someone to test your fixed version of this plugin then you can send it to me if you want.

Oh so you can also try fix the other problem in this plugin...which I had post before some time about some wrong jmp fixing to the right routines.Just have a look on the DV plugin topic.Maybe you can fix this too.So for testing you can use this UnpackMe which I had post on the other topic + problem + video just if you want to check this of course.

greetz

Link to comment
Share on other sites
Raham

Raham

Posted
Posted (edited)

Hi

here is my Unpacked File.

i know im too late:D

but i analyzed Enigma recently;) (Not Deep, just for Fast Unpack)

Kind Regards

UnPacked.rar

Edited by Raham
  • Like 1
Link to comment
Share on other sites
  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...