Jump to content
Tuts 4 You

[UnpackMe] FastPack 1.7


Recommended Posts

unpack script for writefileA/resume...


in the dumped.exe edit the oep to be 00401735 with lord pe or CFF explorer


checking:post was unpacked, checking in the board the same name and was founded the script by LCF with tutorial, interesting reversing :D

script+tut for version 1.2 (funtional in 1.7)


Edited by Apuromafo
Link to comment
Share on other sites

It works!

Nice shot :)


Just as a "pro tip":

The OEP is stored in EDX after these loops:

00401350 |> /AD /LODS DWORD PTR DS:[ESI]
00401351 |. |2BD0 |SUB EDX,EAX
00401353 |.^\E2 FB \LOOPD SHORT FastPack.00401350
00401355 |. 8B03 MOV EAX,DWORD PTR DS:[EBX]
00401357 |> 3B03 /CMP EAX,DWORD PTR DS:[EBX]
00401359 |.^74 FC \JE SHORT FastPack.00401357

Greets :)


D'oh! Didn't notice the tut from LCF! Well, thanks fot the tip :D

This way we have more solutions to one problem, which is great :D

Edited by SmilingWolf
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...