Posted September 16, 2024Sep 16 ASProtect SKE 2.56 SDK Sample (x32) Coded by boot / Tuts4you, ASProtect SKE 2.56 | UnPackMe x86 32-bit Medium Protections + SDK September 16, 2024 If you unpack it write a tutorial... ------------------------ HWID: FBFFC7AD-5EF5 USER: boot SN: YHRQ6C-WVDZ3-4X673-R6QSB-S7PBF-C52DP-WYDXK-RWJAB-2ZXJR-B4MY9-G5VUQ File Information Submitter boot Submitted 09/16/2024 Category UnPackMe View File
November 3, 2024Nov 3 The easy way with "CodeDoctor" plugin ==>> Unpack Asprotect .... & you just need to add aspr_ide.dll file Edited November 3, 2024Nov 3 by TeRcO
November 3, 2024Nov 3 @TeRcO I can't repro your success, any pre-conditions to reach this out? Got this when trying "Unpack AsProtect" in CodeDoctor menu
November 3, 2024Nov 3 Solution 4 hours ago, jackyjask said: I can't repro your success, any pre-conditions to reach this out? i made a video for unpacking with tools .... Quote "Reverse Engineering Tips": Sometimes, after unpacking an asprotect target, the application may still rely on the functions and procedures provided by asprotect in its aspr_ide.dll. While the sdk allows for custom functions to be added to it, the generic functions include CheckKeyAndDecrypt, SetUserKey, GetHardwareID, GetTrialExecs, GetExpirationDate, GetRegistrationKeys, CheckKey, GetModeInformation, GetRegistrationInformation, GetTrialDays, GetKeyDate, and GetKeyExpirationDate. The aspr_ide.dll simulate all of these functions and return the correct values to register the application. asprotect_unpack_by_terco.txt Edited November 3, 2024Nov 3 by TeRcO update link
November 3, 2024Nov 3 Quote Edition Windows 11 Home Version 23H2 Installed on 2024-10-07 OS build 22631.4317 Experience Windows Feature Experience Pack 1000.22700.1041.0 Ollydbg 110 settings. Without this scyllahide selection, you will get errors to load the application. Then use the CodeDoctor Unpack ASProtect feature. No need to use StrongOD plugin. Regards. sean.
November 3, 2024Nov 3 3 minutes ago, The Binary Expert said: No need to use StrongOD plugin. No need scyllahide plugin .... in my case i had only 2 plugins and raw ollydbg ...... and the tut of course
November 3, 2024Nov 3 6 minutes ago, TeRcO said: No need scyllahide plugin .... in my case i had only 2 plugins and raw ollydbg ...... and the tut of course @TeRcO Maybe both Scyllahide and old StrongOD have simillar features. And notice that your OS is different from mine. Your setting doesn't work in my machine. Regards. sean. Edited November 3, 2024Nov 3 by The Binary Expert
November 3, 2024Nov 3 26 minutes ago, The Binary Expert said: Maybe both Scyllahide and old StrongOD have simillar features I used the least available resources to solve the exercise & of course there are many methods and modified versions to bypass exceptions or detection, but what I focused on is How to unpack the target Best Regard Bro Edited November 3, 2024Nov 3 by TeRcO
November 3, 2024Nov 3 10 minutes ago, TeRcO said: I used the least available resources to solve the exercise & of course there are many methods and modified versions to bypass exceptions or detection, but what I focused on is How to unpack the target Best Regard Bro @TeRcO Yes, I learned to unpack this application from your easy solution. Regards, sean.
November 3, 2024Nov 3 @TeRcO I was able to reach the same success as in your flash tut, thanks a lot! PS I was using Olly v1 + CodeDoctor 0.90beta + Phantom 1.20 with minimal anti-dbg features: I was really impressed how much work was done by the CodeDoctor plugin! (inside the ASPRSDK_protected.exe__info.txt generated file) the sad thing is that it looks & feels like black magic and there is no understanding what was really done under the hood... Do you think it makes sense to try the same approach for newer builds? I"'ve got SKE 2.56 and 2.58
November 11, 2024Nov 11 13 hours ago, ziyoulang168 said: What's wrong with the different interfaces wrong file.... use one of :DecomAS and change name => aspr_api.dll to aspr_ide.dll
November 12, 2024Nov 12 5 hours ago, TeRcO said: wrong file.... use one of :DecomAS and change name => aspr_api.dll to aspr_ide.dll Thank you.such is the case
November 12, 2024Nov 12 21 hours ago, ziyoulang168 said: What's wrong with the different interfaces @ziyoulang168 Use this. aspr_api.zip Regards. sean.
November 14, 2024Nov 14 Author Hi, does anyone have 64-bit offline version of ASProtect (Demo version is also available). I want to try using the 64-bit SDK and publish a sample here.
Create an account or sign in to comment