• 0
GIV

Enigma Protector 5.2

Question

Difficulty : 3
Language : Delphi
Platform : Windows X86
OS Version : XP and above
Packer / Protector : Enigma Protector 5.2

Description :

Small unpackme for you guys to try.

Screenshot :

Clipboard01.jpg

Enigma Protector 5.2 unpackme.rar

Edited by Teddy Rogers
1 person likes this

Share this post


Link to post
Share on other sites

64 answers to this question

  • 0

Hi @ramjane

Script for finding OEP for keygenme v2.0 unpackme (Enigma 5.40) is working. 

But it doesn't work for last 2 unpackme (Original.rar).

 

Salam.

Share this post


Link to post
Share on other sites
  • 0

Yes,

This script is working only on Virtualized OEP targets.

I am currently working on that and trying to find a way to reach at OEP

1 person likes this

Share this post


Link to post
Share on other sites
  • 0

Any update on the scripts?

Share this post


Link to post
Share on other sites
  • 0

The scripts are updated but not available for public since the first release of the 5.xx version and updated to latest version (5.5).

I see that the price for the protector raised from 149 to 199 USD.

Maybe release of a unpack script will make the authors rethink their price policy.

:)

 

1 person likes this

Share this post


Link to post
Share on other sites
  • 0
52 minutes ago, GIV said:

The scripts are updated but not available for public since the first release of the 5.xx version and updated to latest version (5.5).

I see that the price for the protector raised from 149 to 199 USD.

Maybe release of a unpack script will make the authors rethink their price policy.

:)

 

Was thinking exactly the same thing ol' friend :)

Was mulling over the idea of releasing a couple of detailed tuts on unpacking the latest v5.xx versions in the coming weeks !

I also felt that that the Enigma guys were getting too cocky !

 

P.S : I do have the licensed versions of Enigma for my company. So in a way not a very wise step for me to release details on how to crack the protections but then again, feel that the Enigma guys should get not be getting too cocky either !

Edited by Techlord
1 person likes this

Share this post


Link to post
Share on other sites
  • 0

Sure. 

I have the scripts for version 5.xx back from 2014 (if i recall correct) written by myself based on public info and personal research, with some small parts taken from LCF-AT script (to avoid double work) where was the case, and yes i have a personal license for one of my software too (but is .NET so is not a great loss for me because for .NET platform the EP is next to nothing for protection). 

I have told the EP guys that is a bug regarding a XP issue of their software for .NET files, make a clear example (bug which scared many of my customers), and their reply was that they know and the bug will be solved. For 9 months of my subscription and some released versions the bug is still there. And they raises the prices now. lol

Maybe is not a wise ideea to show them how to bring in the knees the protector but small parts can be shown.

:)

 

1 person likes this

Share this post


Link to post
Share on other sites
  • 0

Hi @GIV

Can your script handle Enigma Online Registration?

I found 2 differences for unpacking Enigma. First one is how to reach OEP and second one is how to bypass online registration.

 

Salam.

Share this post


Link to post
Share on other sites
  • 0

Hi. No. EP is not a interest for me since one year ago. But i guess if you know how to do the feature could be added to any script easy.

1 person likes this

Share this post


Link to post
Share on other sites
  • 0
On 2016/4/28 at 10:27 PM, GIV said:

OK.

Last unpackme for this version:

HWID: C965A-EA6AB-81EB2-7D035-38C99-24D7E-04041-78A0E
USER: giv
KEY: F5X353-TRTFA3-LXAKLE-XDEED2-J4NMDN-AHP9DA-6VLGLP-PVJB5U-UUSNEN-7M8CUQ-UNEQTE-QATVWK-UBAKKZ-RYKMNQ-PB5CME-JQ8HSB-TUV7FL-7A3NB4-E3TJMU

 

Clipboard01.jpg

Enigma 5.2 unpackme 3_protected.rar

I am now working on this unpackme_3. I have been able to bypass the OS check and process check but stuck on the region check.

I have tried to trace (set hw access bp on) the return value of GetUserDefaultLCID/GetThreadLocale/GetUserDefaultUILanguage/GetACP, but it seems that the region check doesn't use the above APIs? Then I tried to put bp on some registry access APIs to see if Enigma retrives the region info from registry. Unforunately, I didn't get any useful info either. Can anyone give me a hint about what API(s) I should look into.

Thanks.

2 people like this

Share this post


Link to post
Share on other sites
  • 0

I still don't know what API EP uses to implement regional check, but anyway I found how to bypass it.

Here is the optimized file for unpack3.

optimized.exe

1 person likes this

Share this post


Link to post
Share on other sites
  • 0

Would you like to try a 5.5 unpackme?

Share this post


Link to post
Share on other sites
  • 0
On 13/02/2017 at 10:56 PM, GIV said:

Would you like to try a 5.5 unpackme?

Thanks. I own an official license of EP :).

Share this post


Link to post
Share on other sites
  • 0

Hi, @GIV

Would you like to add some Enigma API into your next UnpackMe?

 

Salam.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now