Asnpack and Opera?

#1 03-31-2005, 01:02

firstly you need learn unpack aspack without IMPREC;
just dump in debugger @ good moment & locate original IT;
(btw, also there are dumpers for aspack..)

then,
join last 3 section (.rsrc .aspack .adata) under .rsrc section,
open in PExplorer & save as new file;

PExplorer will optimize joined .rsrc section..
(but sometimes bad~`)

#2 03-31-2005, 10:52

Quote:

Originally Posted by evaluator

firstly you need learn unpack aspack without IMPREC;
just dump in debugger @ good moment & locate original IT;
(btw, also there are dumpers for aspack..)

Well I can find the OEP. I don't want to use any dumper as I want to learn unpacking. Its was only when I read a very badly translated softwrap tut of Morales did I understand how much I have to learn more. I know program pretty well in win32asm, and also plain ASM(OS Dev). But I have never really looked at what all that unpacking code actually do. So can you give me some pointers to finding the IAT? Only Direct DWORD pointers allowed

Thomas Antony

#3 03-31-2005, 23:09

Well, to complement your knoledge you can take a look at pe structure, is always useful to understand how the code is structured and also how is determined the IAT.

here you have a link:
http://www.yates2k.net/peinfo.html

good luck

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Free registration codes-Opera Browser 10-year online anniversary party	Warren	General Discussion	3	09-02-2005 06:49