EXECryptor

Has anyone messed with it? It claims to be able to metamorph any protected code (in addition to "normal" anti-whatever). However, I was unable to even run it (without any debugger), the downloadable installer crashed during setup
strongbit.com/execryptor.asp

[softworm]

Do you have any target or unpackme protected by Execryptor2.0?
I tried it on my pc and always get a crashed result with the protected
program.

Unpacking the packer itself is too time-comsuming and difficult to me.
It used TLS callback function to get control before reaching the EP,so
you must set the breakpoint at right time.

I had posted a unpackme in kanxue studio,but no one can unapck it

try

http://bbs.pediy.com/showthread.php?s=&threadid=3707

this one is packed by full version

[softworm]

OK,I'll try,I hope i'm lucky enough.

And the guy named moon seemed to
have got it?

[softworm]

I can trace it only with spare time and it might cost
a long time for me. I'm not sure if i can do it.

At first i wish to unpack it rapidly with some
trick like memory access breakpoint and failed. It
seemed that the whole entry codes have
been moved into the packer.

My target now is to find out how the control
was given to the original program,and did not pay
attention to the IAT yet.

I ignored TLS callback function 0 now. I'm tracing
function 1 but not finished. It's not difficult to
write a script to pass through function0,function1
and stop at packer's EP,it can run happily under
OllyDbg,so the problem is patience and time.
and it has no any junk code,good news.

I'll spend my holiday soon. But I won't give up.

regards.

[softworm]

Got it.

[memo-5]

Hi all
I have test the ExeCrypt 2.26 on MS Notepad and the result was very bad result
I need to use only the code morphing feature on the code segments so I disabled all the features except the Antidebug checkbox and raise the code visualization percent to 100% No compression no antitrack no entry point protection... .
The changes that I found Is just two long jumps to the original entry point.
Is that possible or not.
any one have similare experience can help.
I need a tool that can generate confusion code with code junks from the original code segments any one have an Idia.
Thanks

[memo-5]

I found that you have to add some marks around the critical blocks of your code the re-compile your application before using Execrypt to get your code "morphined".

[TmC]

Quote:

Originally Posted by memo-5

I found that you have to add some marks around the critical blocks of your code the re-compile your application before using Execrypt to get your code "morphined".

Hum...i think you mean morphed....morphine is antoher pe packer that does not have anything to do with execryptor.

[NeOXOeN]

guys check on crackmes.de... you will find solutions there.. its not perfect it ,,.it will help you in way of defeting it...


bye