Jump to content
Tuts 4 You

[UnpackMe] Enigma Protector 3.100

HellSpider

By HellSpider
in UnPackMe

 Share

Recommended Posts

HellSpider

HellSpider

Posted
Posted

Hi.


 


Attached an unpackme protected by Enigma Protector 3.100 - Build 20121010 .


 


The unpackme is coded in MASM.


 


:play_ball:


unpackme_enigma_3.100.rar

HellSpider

HellSpider

Posted
  • Author
Posted

Nothing to do just run a script by LCF-AT and ad VM's to the dump....

 

Yes, but that's purely a self made choice. People can choose to unpack it without LCF-AT's script. And the VMed functions (OEP + 1 PROC) are kinda short so someone might want to resolve them instead of just dumping them. :)

GIV

GIV

Posted
Posted

You can use Raham's tool for Enigma unvirtualize.


:)


HellSpider

HellSpider

Posted
  • Author
Posted

You can use Raham's tool for Enigma unvirtualize.

:)

 

I know, but I meant that unpackmes are sort of meant to be unpacked to understand the process of how the protector works and how it can be defeated. IMO it's kinda pointless to unpack stuff just with tools, because in the end only the author of the tool knows how to do things manually, when the tool stops working. :)

GIV

GIV

Posted
Posted

Agree but you have to focus on each protector and you must have lots of knowledge, time, and at least determination to do that... What about every man try to build a microwave when a already built one is in the store. What is the point? 


What you say is for specialists only..


IMHO specialists are under 1% from the crowd....


mudlord

mudlord

Posted
Posted

What about every man try to build a microwave when a already built one is in the store. What is the point?

 

*facedesk*

 

This is about improving yourself, learning something new OR refining your current skills.

 

I thought this stuff was an art, which takes time to learn.

 

This attitude of not lifting a finger and getting someone else (or some other thing) to do the work speaks volumes about the current state of things. It absolutely sickens me.

GIV

GIV

Posted
Posted

*facedesk*

 

This is about improving yourself, learning something new OR refining your current skills.

 

I thought this stuff was an art, which takes time to learn.

 

This attitude of not lifting a finger and getting someone else (or some other thing) to do the work speaks volumes about the current state of things. It absolutely sickens me.

 

Thank you for your wise and warm words !

The Trooper

The Trooper

Posted
Posted

@mudlord


Who in this board or other any board know everything in the art of reversing? The answer is simple: NOBODY, so, if you have a tool or script or anything that help you to get waht you intend, what's wrong in use it? In my opinion the true reverser is the man/woman that decide always learn, and know how to use his tools. I have a question for you: You never used any tool or script in your life of reverser?





If you have something that works, is pure waste of time begin to invent, if the author of the packer change the routine, what would I do? Simple I'm going to my arsenal of tools, scripts and Tut's and I'll try to figure out what was changed, but only if the author change your routine, otherwise, it's a waste of time trying to invent, there is no need to show to other reverser's what I know, you understand me?





This kind of attitude and comment, Yes, it causes me motion sickness.

  • Like 2
LordCoder

LordCoder

Posted
Posted

It's true that it's easier and more "clever" to use tools for unpacking the things. But it isn't the art of reversing. If you use tools is because you want to finish fast or because it's boring or any other reason, but not for enjoying.


mudlord

mudlord

Posted
Posted (edited)

 

@mudlord

You never used any tool or script in your life of reverser?

 

 

Correct. I don't use scripts I didn't write. Never have, never will.

 

 

so, if you have a tool or script or anything that help you to get waht you intend, what's wrong in use it?

Whats wrong is that it defeats the entire point of an crackme/unpackme. They are meant to test you. Not something to be unpacked in under 10 seconds.

Edited by mudlord
  • Like 3
HellSpider

HellSpider

Posted
  • Author
Posted

 

@mudlord

Who in this board or other any board know everything in the art of reversing? The answer is simple: NOBODY, so, if you have a tool or script or anything that help you to get waht you intend, what's wrong in use it? In my opinion the true reverser is the man/woman that decide always learn, and know how to use his tools. I have a question for you: You never used any tool or script in your life of reverser?

If you have something that works, is pure waste of time begin to invent, if the author of the packer change the routine, what would I do? Simple I'm going to my arsenal of tools, scripts and Tut's and I'll try to figure out what was changed, but only if the author change your routine, otherwise, it's a waste of time trying to invent, there is no need to show to other reverser's what I know, you understand me?

This kind of attitude and comment, Yes, it causes me motion sickness.

 

 

The point is not that using scripts would be in any way forbidden. The point is that using a script without knowing how it works is sort of futile. It accomplishes the task in most cases, true, but does it make the one that claims to be a real reverser any better? No it doesn't. I use scripts quite often, but only after I am able to unpack a certain thing without it.

 

Scripts are to me only an extension of myself, I can do my task without them, but they make repeated tasks so much faster.

 

Correct. I don't use scripts I didn't write. Never have, never will.

 

Whats wrong is that it defeats the entire point of an crackme/unpackme. They are meant to test you. Not something to be unpacked in under 10 seconds.

 

Exactly. Why unpack an unpackme, if not to learn how to do it.

  • 1 year later...
icarusdc

icarusdc

Posted
Posted

@pushxor 's dumped file runs fine in my Windows 7 but @GIV 's doesn't. I guess GIV didn't change ESP Pointer.


 


oh, sorry for bumping this thread. I just wanna learn about this unpackme. I can't handle the VMed OEP. I've tried to use Enigma DVM by Raham v1.5.1 but not succeed at OEP. It just handle one VMed function.


 


Is anybody know how to rebuild OEP manually or using any tools?


 


Salam.


Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...