Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[unpackme] UnPackMe Obsidium 1.4.6.0 DEMO

converse
converse
in UnPackMe

Featured Replies

Posted
Hello to all!

suggest to unpacked this unpaсkme

preferably with details and video

I did not get even hide the debugger(ollydbg) from detection

Thank you very much forward to the results

 


4480cd45818747ba5adb90bd586666d7.jpg

unpackme_obsidium_1.4.6.0.rar

    •
    • Like 1

    The [unpackme] tag has been added to your topic title.

    Please remember to follow and adhere to the topic title format - thankyou!

    [This is an automated reply]

    Hi,

    here my unpacked file.Just test and tell.So I see just some little changes but not much about the stuff which you have enabled [iAT only].Its also just a little more obfuscated [lots of jumps] etc.

    -----------------------

    level: 2 of 10

    -----------------------

    PS: Disable DRx / restart & run

    greetz

    unpackme_obsidium_1.4.6.0_Unpacked.rar

    •
    • Like 1

    is there any tut how to unpack obsidium cuz i cannot find


    • Author

    hi LCF-AT

    good

    Well, I wrote a demo version that is packed to the max

     

     

    PS: Disable DRx / restart & rungreetz

    can be more? what plugins to use? with what options, etc.

     

     

    add: As always very good, but I want to hear the details or video on manual unpacking.

    Edited by converse

    Just check the main page and search for it to find some tutorials.

    Plugins as always so just disable DRx and work with soft BPs.Remember that also CRC checkings are used.

    So you know that you only need to fix the IAT and there you can use 2 methods.Prevent writing the redirection or get IAT after you did stop at OEP.The second way is more simple and easy to handle so you only need to catch the place where it read the dll exports.Find the right code part [use mem bp / olly trace etc] and then check it and you find quickly the place where you see all APIs in register which you then can move into your IAT locations.

    Hint: If you found the right place then set also a BP at the end of the routine and if you break at the end and not at the place where it got the API then it means that your IAT ADDR [ADDR | >>IAT ADDR<<] is no API = 00 DWORD and then fill it with a 00 DWORD and as next comes the next module block.So for this you can write a very simple script.

    greetz

    greetz

    •
    • Like 2

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.