|
Oberon Game: Agatha Christie Murder on Nile
Hi all,
I've succesfully unpacked all Oberon Games, except this that is driving me and my olly crazy. No script works, olly often crashes and i can't manage to unpack the program. mr magic unpacker works but the purpose is learning, not automatically unpacking. The program is this: crk://gamecenter.oberon-media.com/exe/Agatha_Christie-setup.exe Did anyone succeed in unpacking? I tried to unpack other armadillo targets to ensure it was not a problem related to some settings, but this wasn't the case. I succesfully unpacked all the other titles. When i try to unpack with fly's standard unpacking script it even crashes ollyscript. Sometimes it does not even start and tries to write, with consequent access violations to things like 0000000B 0000008D and similar. New armadillo? Some ideas? :mad: |
Code:
004A0761 E8 A3E40000 call 004AEC09 ; This is the OEP! Found By: fly |
Try to use "Armadillo OpenMutexA"
If u use "Armadillo OpenMutexA" script , and u pass all Exceptions and after 2
CreateThread then go to RET and u will find this Call ;) 00D6036D FFD1 CALL ECX which go u to The OEP this Is : 004118D6 . 6A 60 PUSH 60 This is the OEP 004118D8 . 68 A8>PUSH 004326A8 004118DD . E8 56>CALL 00412238 004118E2 . BF 94>MOV EDI,94 004118E7 . 8BC7 MOV EAX,EDI 004118E9 . E8 32>CALL 00410720 004118EE . 8965 >MOV DWORD PTR SS:[EBP-18],ESP 004118F1 . 8BF4 MOV ESI,ESP 004118F3 . 893E MOV DWORD PTR DS:[ESI],EDI 004118F5 . 56 PUSH ESI ; /pVersionInformation 004118F6 . FF15 >CALL DWORD PTR DS:[42E298] ; \GetVersionExA use ArmInline then Dump the file ,and u wil find it by PEiD is Microsoft Visual C++ 7.0 [Debug] that all i have................................. |
| All times are GMT +8. The time now is 04:14. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX