About .Net Packing and Introduction
 

Hi,

First of all i will like to say thanks for accepting me as a part of the community. I should start the conversation by introducing my self. My name is Malik and a am from Pakistan and i am learning Reverse Engineering.

I had been a part of other communities but no one replies properly at most of them, but this looks a solid community.

As a question i would like to ask, how can one detect packing on a .Net software, How many packings are there.

If you can refer to a tutorial or anything i would be grateful, i have read almost all the tuts on tuts4you but they where of no use.

Regards

Sorry for the spam but this place could be useful

http://board.b-at-s.info/

all forums are one big family :)

good luck

@BackTangent
try this
http://pid.gamecopyworld.com/ProtectionID_v6.4.0.rar

Hi there. You were a neighbor of Bin Laden... Welcome here.
 

Try Peid or RDG packer detector. They shows usefull information about the protection of the packed exe and the compiler also.

I had been a member at your forum, and asked a question on this thread http://board.b-at-s.info/index.php?showtopic=8131 but it is still un answered.

I knew about pied and RDG packer but do not know about the packer information they show, like for an exe RDG shows using DLL. Now what i do not know is that what does it mean.

what my intent to post at the forum is to look for a detailed guide on types of packing and how to counter them.

Regards

http://forum.exetools.com/showthread.php?t=13149&highlight=unpacking

BackTangent

You try DNid v0.12b & Dotnet ID 1.003 by RONGCHAUA.NET.
It is two tool for detect packing a .NET software.
I already attach they here:
Attachment 5848

or
DNid v0.12b
hxtp://www.mediafire.com/?gtj38dm60ddcmma
Dotnet ID v1.003 by Rongchaua.net
hxtp://rongchaua.net/Web/Tool/DotNet Id.zip

My Question is not still answered. Let me rephrase my question. What i am asking is how to debug a specific packer scheme. you people are understanding i am asking about how to find a packer scheme, i know about it, there are tons of tool out there which can do that. What i do not know is how to tackle a specific scheme. There would be some documents which discuss specific packing schemes and how to crack them.

If you can help in that, i would be thankful .

Check this link or this link or this.

AFAIK, there is no generic way to unpack/crack all types of protections. You need to detect first the packer (using suggestions above), then unpack the executable (manually or using special/generic tools available) and finally crack it (providing that there is any additional protection to the packer).

Perhaps it will help more if you provide more details on the protection scheme that you are trying to defeat. :)