Unpacking G6FTP 3.0

[bedrock]

Ok, i downloaded 3.0.1 and dumped and fixed IAT, but i am back to same situation as 3.0.0.

I also found the CORE have updated there crack for this new version with the dll injection to patch bytes.

TSRh released a crked exe for the previous version, so it must be possible to get a working dump of this target, but i am now lost, if anyone can help me pls? I just want to understand how to get this target dumped and working...

--
bedrock

@bedrock: I found an unpacker for exe32pack by you at the other forum.
If you're any good at unpacking that, unpack RaidenFTPD instead and crack that.
It's a much better ftpd, according to me at least

[bedrock]

@SvensK,

exe32pack is easy to unpack, but Louis made some silent updates to defeat my unpacker, i wrote that just cause SmartFTP client used to be packed, but now author is not packing anymore

But i want to lear aspr

Maybe i look at Raiden for you

EDIT:

Ok, i just looked at raidenftpd, unpacking is striaght forward, but it seems raiden exe has lots of anti debug tricks, including IsDebuggerPresent and int 2F, after running unpacked exe inside olly i keep ending upu at

Code:

hxxp://www.raidenftpd.com/en/pirate.htm

To unpack exe32pack with softice:

Load exe in SI, and set bpm esp-4 rw, on second break step down a couple of lines and you will be at jmp eax, where eax = OEP, dump here and fix IAT with Imprec... done
--
bedrock

@bedrock: I have unpacked it already, but it crashes on:
004E8CEC . CD 2F INT 2F

Guess I'll have to look into it some more later.

Edit: I'm working with build 1320 btw and the OEP was found at:
00570DD8 > $ 6A 70 PUSH 70

Regards
SvensK

[bedrock]

Gene6 FTP Server is now updated to 3.0.2 build 39

I have got following:

OEP: 4915C8
Stolen bytes: 558BEC83EC10B828104900

And attached imports, but i cant make it run

Can anyone help with this, i really want to get working dump?

Thanks

--
bedrock