Posted June 7, 200619 yr Themida 1.5.0.0 UnPackMe's here:http://tuts4you.com/unpackme/index.php?path=PE32bit%2FThemida%2FThemida+1.5.0.0/Ted.
June 8, 200619 yr Hi Teddy !Is this unpackme packed by ( Registered Version of TheMida ) or ( Cracked Version And Demo Version ) ?my friends tells me : "Cracked Version" And "Demo Version" of this packer hasn't professional anti-dump / anti-debugging feutures; and just "Registered Version" has professional anti-dump / anti-debugging feutures ... are they right ? Edited June 8, 200619 yr by SUB Z3R0
June 8, 200619 yr Well put it this way, I can debug in olly and dump with LordPE. Which tends to suggest they arent present I have no idea what oreans are upto, they are making this easier than the earlier versions! Very inline patchable aswell, but unlike 1.0.0.5 there are alot more stages between hard code and program code. Edited June 8, 200619 yr by Whiterat
June 8, 200619 yr Author They were packed using the cracked version. I'm trying to get my hands on a full licence or in contact with someone with a valid licence to create some unpackme's and see if there is a difference in later Themida versions. If anyone can help please contact me...Ted.
June 8, 200619 yr Author There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...Ted.
June 10, 200619 yr TEDDY i found you a valid licence for these versions [posted by Celta68] works with versions 1.3.5.5 and 1.5.3.0works with versions 1.0.0.5 and 1.5.3.0 Edited June 10, 200619 yr by s0me0ne
June 10, 200619 yr Author Sure I do Please mail it to me at: teddyrogers@tuts4you.com Many thanks... Ted. I found it already... Ted.
June 10, 200619 yr i take it youve just been to unpack.cn so no need 2 mail you? Edited June 10, 200619 yr by s0me0ne
June 10, 200619 yr Author Someone already mailed it to me but I've just seen the topic over at Unpack China. I see it was a result of EMule - good find... Ted.
June 10, 200619 yr SUB Z3R0, I was wrong because Ring0 protections is disabled in newer version of Themida.I thought Ring0 protection is disbaled in demo versions.It's gone maybe because of M$ limitations to access low level of OS (Patching Policy for x64-Based Systems).
June 10, 200619 yr Author Ring-0 protection option is still there if you have the none demo version. It was not included in early Themida versions then reappeared at about version 1.2. You could even test Ring-0 functionality out using the demo versions up until version 1.3.5.0.In WinLicense the Ring-0 has never been used probably to provide better and reliable compatibility as a licensing tool...Ted.
June 10, 200619 yr what's up nima(SUB Z3R0) ?can you unpack this version?Can u c any professional Anti-Dump/Debugging protections in that protected UnpackMe?thanx alot.
June 10, 200619 yr Hey!Does anyone have a cracked version of the newest THEmida? Or if anyone has a full license?
June 10, 200619 yr Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water ! Edited June 10, 200619 yr by SUB Z3R0
June 11, 200619 yr Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water !Yeah, you're right, but not in VM case.
June 12, 200619 yr There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...Ted.Here is a program protected by themida(i don't know what version):http://www.apimonitor.com/download/APIMonitorTrial.exe
Create an account or sign in to comment