[unpackme] Themida 1.5.0.0...

[Teddy Rogers]

Themida 1.5.0.0 UnPackMe's here:

http://tuts4you.com/unpackme/index.php?path=PE32bit%2FThemida%2FThemida+1.5.0.0/

Ted.

[SUB Z3R0]

Hi Teddy !

Is this unpackme packed by ( Registered Version of TheMida ) or ( Cracked Version And Demo Version ) ?

my friends tells me : "Cracked Version" And "Demo Version" of this packer hasn't professional anti-dump / anti-debugging feutures; and just "Registered Version" has professional anti-dump / anti-debugging feutures ... are they right ?

Edited June 8, 2006 by SUB Z3R0

[Whiterat]

Well put it this way, I can debug in olly and dump with LordPE.

Which tends to suggest they arent present

I have no idea what oreans are upto, they are making this easier than the earlier versions!

Very inline patchable aswell, but unlike 1.0.0.5 there are alot more stages between hard code and program code.

Edited June 8, 2006 by Whiterat

[Teddy Rogers]

They were packed using the cracked version. I'm trying to get my hands on a full licence or in contact with someone with a valid licence to create some unpackme's and see if there is a difference in later Themida versions. If anyone can help please contact me...

Ted.

[timmy234]

There should not be any difference between cracked version and registered version!

[Teddy Rogers]

There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...

Ted.

[s0me0ne]

TEDDY

i found you a valid licence for these versions [posted by Celta68]

works with versions 1.3.5.5 and 1.5.3.0

works with versions 1.0.0.5 and 1.5.3.0

Edited June 10, 2006 by s0me0ne

[Teddy Rogers]

Sure I do Please mail it to me at: teddyrogers@tuts4you.com

Many thanks...

Ted.

I found it already...

Ted.

[s0me0ne]

i take it youve just been to unpack.cn so no need 2 mail you?

Edited June 10, 2006 by s0me0ne

[Teddy Rogers]

All I need now is some of the older none demo versions...

Ted.

[s0me0ne]

ill keep my eyes open

[Teddy Rogers]

Someone already mailed it to me but I've just seen the topic over at Unpack China. I see it was a result of EMule - good find...

Ted.

[Guest Newbie_Cracker]

SUB Z3R0, I was wrong because Ring0 protections is disabled in newer version of Themida.

I thought Ring0 protection is disbaled in demo versions.

It's gone maybe because of M$ limitations to access low level of OS (Patching Policy for x64-Based Systems).

[Teddy Rogers]

Ring-0 protection option is still there if you have the none demo version. It was not included in early Themida versions then reappeared at about version 1.2. You could even test Ring-0 functionality out using the demo versions up until version 1.3.5.0.

In WinLicense the Ring-0 has never been used probably to provide better and reliable compatibility as a licensing tool...

Ted.

[demon_da]

what's up nima(SUB Z3R0) ?

can you unpack this version?

Can u c any professional Anti-Dump/Debugging protections in that protected UnpackMe?

thanx alot.

[Guest G0TCHA]

Hey!

Does anyone have a cracked version of the newest THEmida?

Or if anyone has a full license?

[SUB Z3R0]

Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water !

Edited June 10, 2006 by SUB Z3R0

[Guest Newbie_Cracker]

Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water !

Yeah, you're right, but not in VM case.

[GaBoR]

There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...

Ted.

Here is a program protected by themida(i don't know what version):

http://www.apimonitor.com/download/APIMonitorTrial.exe