|
Debug Me 0.2 (Another debugging protection)
2 Attachment(s)
Debug Me 0.2 by Teerayoot/ARTeam
Program Feature ********************************************** -Dynamic encrypt/decrypt code -Memory checking -Not allow to unpack with peid easily -Delay execution check -ollyDbg check -Make your cracking hobbie more harder :) ********************************************** *Only work on WindowXp (i'm working on XP Sp2) Any comment feel free to contact me on MSN : [email protected] Are u sure u hiding your ollydbg all well ?:) Try it maybe u will learn something form it. All source i will provide later if need. |
nice olly killer ;)
attachment removed |
MaRKuS-DJM: huh, isn't a little too fast? ;)
|
too fast? is something wrong with it? no probs debugging here...
|
I believe he was trying to gently suggest that you might have waited awhile for some of the other "less skilled" members to take a crack at the project before you claimed the "glory" of being first. Or you might have announced that you had solved the challenge, but not "posted" the result, to allow others to continue to work on it without having to "resist" peeking at your solution. :)
Regards, |
Good to know there is an overseer reading my minds :cool: .
Regards. |
I "knew" you were going to say that. :D
Regards, |
hmm. i think many of less skilled member can't download that file.
because it is hard to make 3 effective posts without being deleted. i didn't say it's impossible. but download privilege is hard to get for newbie. |
JMI: hmm....
Arkanoid: I know it's not the right place to talk about ExeTools rules here, but let me try it quickly... there were (are) many "unwanted" users of ExeTools using FTP only and downloading interesting attachements. The problem is they are doing actually nothing for other members. Just leeching - they are even worse than Emule freaks because Emule guys share their files (at least most of them) and "bad" ExeTools "members" just leech. Not to mention commercial developers who used (use) this place to be up-to-date with cracking stage of their protections and information (tutorials) concerning their work. So, in the past it was just enough to open ExeTools account and download everything you like. Now it's a little more exacting, but it can only help other honest (working / participating) users. If you are still confused then imagine it's some unique team (like US Special Forces, Startrek or X-Files - haha) and you have to prove your membership - it will taste much better then ;). |
deleted attachment + solution. hope there weren't too much who read this. but JMI... i'm only less skilled.
|
dyn!o // You're definitely right.
I didn't intend to offend you. I'm sorry if you felt like that. What I tried to mean is it would be better if there's an external link or something like that, so that other guys could download and take a look. (assuming that file is for less skilled people) |
I know all protection can be feated all ,but time in defeating is not same some too much some too fast cracked it.
New version i got idea from armadilo about encrypt some code before execute then decrypt it again and also protect some importance byte code :) but it's very simple encryption in my debug me. And another is memory patch checking it will replace with org byte when it modified . 0.2 i pack with PE compact ,i think it will not hard to unpack let enjoy :) FOr noobie cracker only :D |
unfucked :) but i really like this way of protection...
|
1 Attachment(s)
Thanks Teerayoot, I propose this solution but I am not sure it's you are waiting for :confused:
|
MaRKuS-DJM you are definately NOT "less skilled." :) And I hope your took my comments in the spirit of gentle ribbing in which they were intended.
A "challenge" is often hard for the competitive spirit to resist accepting, and a competitive spirit usually enjoys demonstrating that they have defeated the "challenge" and particularly if they can demonstrate that they have arrived at the finish line "first." There is nothing "wrong" with that concept and it is encouraged in most societies. ;) Sometimes, however, the really successful competitor can advance to the point where they come to enjoy more the encouragement of others to sharpen their competitive skills and in such games of skill they tend only to offer "hints," rather than "solutions." This form of encouragement is highly valued and, in truth, more useful than being the "first' to find a solution, because it represents a sharing of knowledge and the passing on of such knowledge to the next group, who, ultimately, will need to pass it on, and so on and so on. So take my comments as a compliment that I judge your "skill set" to be in that group "from whom" others can benefit and that as a mentor of "less skilled" you simply need to understand that the true value is not is giving the answer, but in teaching others how to find their own. Regards, |
to your post... very well & wise said :) but also from answers you can learn if you study them... earlier, when i started cracking, i looked at the differences... before patching, after patching. in this time i wasn't able to unpack any packer, this was really interesting what was done... why did a cracker that steps. and after that period, i figured out how to find my own solutions for everything. so much different ways to patch.
to be on the way you said... this target doesn't use a API to kill your olly. it has a way of anti-debug i never saw in other targets. |
Your comments that comparison of solutions are very helpful is certainly correct. The only point I am suggesting is that if a solution is released too early, it does tend to cut down on efforts of others to find their "own" solution. That result is not "caused" by your posting of a solution, but by the nature of some to stop their own efforts when anyone gives them a solution. :)
Regards, |
@JMI : You seem to be a very fine "mind-unwrapper" ! nice !
|
do you think so? but i think if you really want to learn how to do it you will do it... and following the steps done in this solution is also own effort ;)
|
But are you taking into full account the tendency of many to "settle" for the easy way out?? They may "want to do it," but just how hard are they willing to work at it themselves, especially if the going gets slow and they have little patience for a lack of "instant gratification." There are certainly many who are equally determined to "do it on their own" who would not want to look at someone else's solution until they had exhausted their own efforts and, hopefully, reached a solution on their own.
However, consider that it is often those who are not sufficiently skilled who discover a "new" way to accomplish the solution, simply because those more "trained" tend to think there is a "correct" way to do something, and the "less skilled" simply don't know that one is not "supposed" to be able to do it the way they finally figured out how to accomplish the task. So, I simply suggest that "hints" and "nudges" are of more assistance to such individuals at this early stage in their development. Asking them to exercise their brain with "original" though is usually of more benefit in the learning process, than asking them simply to analyze someone else��s solution to the problem. But clearly this also can be of great benefit, when one's own thought have seemed to hit a dead end or lack of inspiration. I don��t think we are really disagreeing on anything. ;) Regards, |
Hi,
There is a command INT 2E If I'm able to nop it all the ptotection is gone. But the problem is that I can't NOP it. Any Suggestion? Regards, Android. |
there's a function inside this program which overwrites your patch again and again... so maybe a memory-bp helps ;)
|
source code provided:)
*I love to provide all source code i made,hope for help some newbie coder* |
i think what Teerayoot did its very nice.. putting out exe and source so everyone cal learn from it ...there should be more ppl like him
Since now days not a lot of ppl are contributing to scene or reversing ..especially with their ideas and all .. A lot of good work stays priv.. and poor and more or less crap is comming out... So i am glad something nice came out for a change bye NeO |
1 Attachment(s)
IMHO, very easy protection :). The method of redirecting to OEP is old as my grandma - JMP EAX. As soon as it have been located, put there Hardware BP, step into and you are on OEP :D.
|
marcoden, what you did is unpacking the PeCompact. the goal is to remove the anti-debug protection :)
|
| All times are GMT +8. The time now is 03:57. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX