SmilingWolf Posted September 5, 2012 Share Posted September 5, 2012 UnpackMe Language: MASM32 Packers: FastPack32 1.7 Have fun FastPack32.1.7.UnpackMe-STC.zip 1 Link to comment Share on other sites More sharing options...
Apuromafo Posted September 5, 2012 Share Posted September 5, 2012 (edited) unpack script for writefileA/resume... http://tuts4you.com/...d.php?view.2457 in the dumped.exe edit the oep to be 00401735 with lord pe or CFF explorer unpacked_file_unwrapped_idea_apuromafo.rar checking:post was unpacked, checking in the board the same name and was founded the script by LCF with tutorial, interesting reversing script+tut for version 1.2 (funtional in 1.7) http://forum.tuts4you.com/topic/29891-unpacking-fastpack32-12-extras/ Edited September 5, 2012 by Apuromafo Link to comment Share on other sites More sharing options...
SmilingWolf Posted September 5, 2012 Author Share Posted September 5, 2012 (edited) It works! Nice shot EDIT 1: Just as a "pro tip": The OEP is stored in EDX after these loops: 00401350 |> /AD /LODS DWORD PTR DS:[ESI]00401351 |. |2BD0 |SUB EDX,EAX00401353 |.^\E2 FB \LOOPD SHORT FastPack.0040135000401355 |. 8B03 MOV EAX,DWORD PTR DS:[EBX]00401357 |> 3B03 /CMP EAX,DWORD PTR DS:[EBX]00401359 |.^74 FC \JE SHORT FastPack.00401357 Greets EDIT 2: D'oh! Didn't notice the tut from LCF! Well, thanks fot the tip This way we have more solutions to one problem, which is great Edited September 5, 2012 by SmilingWolf Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now