Exetools
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   how unpack this -> EXECryptor (https://forum.exetools.com/showthread.php?t=3563)

etienne 08-10-2005 02:27
hehe
crackme cracked

though gives enough ideas about the hardness of the stuff :D

Relayer 08-10-2005 14:57
But EXECryptor still not cracked :))

Lunar_Dust 08-10-2005 22:36
Question about the morphing, does it really matter?

Can you just make a DLL to inject which will scan the whole code section and dump it in 0x1000 blocks like how Arma can be attacked? Does the morphed code depend on the protector (like CALL instructions into protector code for example)

BTW I like those idea about patching CreateFile, but really you can debug CreateFile and do the same thing.

Really remember a debugger can use other things as breakpoints other than 0xCC. I have custom unpacker debugger code that uses other types of exceptions as its breakpoints...when exception comes thru it checks its internal table to see if it belongs to the debugger or not :) Perhaps this could be a improvement for Olly in the future, to allow the user to set custom exception breakpoints. Really in ring3 a debugger ownz azz over any program it just has to hide itself well and it can do this by debugging/emulating the instructions that the protector tries to use for detection.

-Lunar


All times are GMT +8. The time now is 23:09.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX