[UnpackMe] FastPack 1.7

Posted September 5, 201212 yr

UnpackMe

Language: MASM32

Packers: FastPack32 1.7

Have fun

FastPack32.1.7.UnpackMe-STC.zip

September 5, 201212 yr

unpack script for writefileA/resume...

http://tuts4you.com/...d.php?view.2457

in the dumped.exe edit the oep to be 00401735 with lord pe or CFF explorer

unpacked_file_unwrapped_idea_apuromafo.rar

checking:post was unpacked, checking in the board the same name and was founded the script by LCF with tutorial, interesting reversing

script+tut for version 1.2 (funtional in 1.7)

http://forum.tuts4you.com/topic/29891-unpacking-fastpack32-12-extras/

Edited September 5, 201212 yr by Apuromafo

September 5, 201212 yr

Author

It works!

Nice shot

EDIT 1:

Just as a "pro tip":

The OEP is stored in EDX after these loops:


00401350 |> /AD        /LODS DWORD PTR DS:[ESI]
00401351 |. |2BD0    |SUB EDX,EAX
00401353 |.^\E2 FB    \LOOPD SHORT FastPack.00401350
00401355 |. 8B03    MOV EAX,DWORD PTR DS:[EBX]
00401357 |> 3B03    /CMP EAX,DWORD PTR DS:[EBX]
00401359 |.^74 FC    \JE SHORT FastPack.00401357

Greets

EDIT 2:

D'oh! Didn't notice the tut from LCF! Well, thanks fot the tip

This way we have more solutions to one problem, which is great

Edited September 5, 201212 yr by SmilingWolf

Create an account or sign in to comment

https://forum.tuts4you.com/topic/29916-unpackme-fastpack-17/

Followers

Go to topic listing

Sign In

[UnpackMe] FastPack 1.7

Featured Replies

Create an account or sign in to comment

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)