private exe protector unpacking? - Page 3

0xall0c · #1 03-06-2020, 02:35

previous oep is wrong, i am very sure it is 0x004BF9C0 but still contains all 0s. its hard!

0xall0c · #2 03-06-2020, 19:45

little more debugging and i get to know that the pattern function in some way compares some bytes with another bytes generated from the same function, so right now i am patching the function to contain [ebp-1] = 0, what if i make [ebp-1]=0 with valid data not patching then i think i would not get the exception as the same data is later getting xored with the real oep section? is this correct?

0xall0c · #3 03-13-2020, 03:52

ok i give up, can anyone hand me the solution? so that i can actually see whats happening?

0xall0c · #4 07-13-2020, 00:47

i didnt create any notes! although yea it crashes because of wrong decryption, you have to get the key!

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode