Archive for the ‘脱壳『Unpack』’ Category
六月 21st, 2010 | 
Author: 
Posted in 
Tags: 
程序的壳子:ASProtect 1.23 RC4 – 1.3.08.24 -> Alexey Solodovnikov
用od载入程序,忽略除内存以外的所有异常,如下图。
话说这个东西是前天拿到的,但是当时在家,东西也不全。平直接感觉是加壳了。去peid官方下载了个没有更新特征库的报了个什么都没发现,晕死。
今天重新查壳发现是Armadillo V6.X Minimum Protection -> Silicon Realms Toolworks * Sign.By.fly * 20081227 *,脱壳后发现程序是用bc++写的:
这个文章网上有的,这里只是做个类似笔记的东西,没别的用处(文章本身就是依样画葫芦。)。
Read the rest of this entry »
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 | ////////////////////////////////////////////////// // FileName : MEW 11 V1.0-V1.2.osc // Comment : MEW 11 V1.0-V1.2 OEP Find // Environment : WinXP SP2,OllyDbg V1.10,OllyScript V0.92 // Author : fly // WebSite : http://www.unpack.cn // Date : 2005-10-03 20:30 ////////////////////////////////////////////////// #log MSGYN "Plz Clear All BreakPoints And Set Debugging Option Ignore All Excepions Options !" cmp $RESULT, 0 je TryAgain //GameStart―――――――――――――――――――――――――――――――― sti find eip, #C30000# cmp $RESULT, 0 je NoFind eob Break bp $RESULT log $RESULT esto GoOn: esto Break: cmp eip,$RESULT jne GoOn bc $RESULT sto //GameOver―――――――――――――――――――――――――――――――― log eip cmt eip, "This is the OEP! Found By: fly" MSG "Just : OEP ! Dump and Fix IAT. Good Luck " ret NoFind: MSG "Error! Maybe It's not MEW 11 V1.0-V1.2 ! " ret TryAgain: MSG " Please Try Again ! " ret |
猛击此处下载文件! 
:)
2008-04-05 20:47 220 32Lite 0.03a OEP Finder v0.1.txt
2006-01-15 00:00 218 32Lite 0.03a OEP V0.1.txt
2008-05-18 00:33 218 32LITE 0.03A OEP-FINDER V.0.1.txt
2004-11-14 19:55 218 32Lite 0.03a.txt
2008-05-18 00:33 2,490 ActiveMark 5.4x Level 2 EP Finder + Fix CRC.txt
2008-05-18 00:33 1,380 ActiveMark 5.4x Remove Selfchecks.txt
2008-05-18 00:33 474 ActiveMark 5.xx Level 2 EP Finder.txt
2006-01-15 00:00 801 ActiveMark Level 2 EP Finder.txt
2006-01-15 00:00 441 ActiveMark Patching Script.txt
2008-04-05 20:50 2,648 activemark54x.txt
2008-04-05 20:50 4,919 AddrEnc.txt
2008-04-05 20:50 1,075 AHpack 0.1 OEP Finder .txt
2008-04-05 20:50 1,017 AHTeam EP Protector 0.3a.txt
2008-04-05 20:50 1,227 AHTeam EP Protector 0.3b.txt
2006-01-15 00:00 3,515 Alex Protector 1.0 Beta 2 Fix IAT + Remove Junk Code v0.1.txt
2008-04-05 20:50 3,515 ALEX PROTECTOR 1.0 BETA2 V0.1.txt
2006-01-15 00:00 3,515 ALEX Protector1.0.txt
2008-04-05 20:50 801 AM.level2.ep.finder.txt
2008-04-05 20:51 396 AM.patching.script.txt
Read the rest of this entry »
___________________________________________________________________________
ExeInfo PE ver. 0.0.2.4 by A.S.L ( c ) 2006.03 – 2009.xx
freeware version for Windows XP
Windows 32 PE executable file checker , compilators, exe packers ….
with solve hint for unpack / internal exe tools / rippers
___________________________________________________________________________
猛击此处下载!
Read the rest of this entry »
