Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page dvr studio99d yoda cryptet after unpack not run :-(
Register Forum Rules FAQ Calendar

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 05-06-2004, 21:21
the_beginner the_beginner is offline
Friend
  
Join Date: Feb 2004
Location: Germany
Posts: 85
Rept. Given: 114
Rept. Rcvd 13 Times in 7 Posts
Thanks Given: 97
Thanks Rcvd at 16 Times in 9 Posts
the_beginner Reputation: 13
dvr studio99d yoda cryptet after unpack not run :-(
Hi

I have here a proggie its packet with yoda modified ,I can unpack this file but its will not run (the 99c version no probs)
can anybody help me with this file

thanks

Btw I have a loader written it work fine but patching it better

the_beginner I'm still lean :-)
Attached Files
File Type: zip DVR-Studio.zip (587.2 KB, 17 views)
Reply With Quote
  #2  
Old 05-06-2004, 23:21
MaRKuS-DJM's Avatar
MaRKuS-DJM MaRKuS-DJM is offline
Cracker + Unpacker
  
Join Date: Aug 2003
Location: Virtual World / Network
Posts: 553
Rept. Given: 7
Rept. Rcvd 6 Times in 4 Posts
Thanks Given: 3
Thanks Rcvd at 16 Times in 10 Posts
MaRKuS-DJM Reputation: 6
OEP: 44B6E9

IAT attached

please compare... is your OEP wrong or your IAT? ImportRec can resolve every import of y0das cryptor through trace level 1

Regards
Reply With Quote
  #3  
Old 05-07-2004, 02:40
the_beginner the_beginner is offline
Friend
  
Join Date: Feb 2004
Location: Germany
Posts: 85
Rept. Given: 114
Rept. Rcvd 13 Times in 7 Posts
Thanks Given: 97
Thanks Rcvd at 16 Times in 9 Posts
the_beginner Reputation: 13
hmmm ???

my oep is the same but my iat is not the same ,I cant understand why

may i have some wrong options on my olly ?? I dont know what the right options for debugging ,because I have use ever sice on win 98 now I use olly since 2 weeks ,can someone help or tell me how make I the right option

thanks
Reply With Quote
  #4  
Old 05-07-2004, 03:17
MaRKuS-DJM's Avatar
MaRKuS-DJM MaRKuS-DJM is offline
Cracker + Unpacker
  
Join Date: Aug 2003
Location: Virtual World / Network
Posts: 553
Rept. Given: 7
Rept. Rcvd 6 Times in 4 Posts
Thanks Given: 3
Thanks Rcvd at 16 Times in 10 Posts
MaRKuS-DJM Reputation: 6
if OEP is right, you have done everything right with olly.
then use imprec, insert OEP (the one without image-base from ollydump), click IAT auto search, get imports... then click show invalid, right click and Trace Level One (Disasm), and all is valid. then fix dump. good luck.
Reply With Quote
  #5  
Old 05-07-2004, 04:51
the_beginner the_beginner is offline
Friend
  
Join Date: Feb 2004
Location: Germany
Posts: 85
Rept. Given: 114
Rept. Rcvd 13 Times in 7 Posts
Thanks Given: 97
Thanks Rcvd at 16 Times in 9 Posts
the_beginner Reputation: 13
shit wont not work ,I THINK I make anything with imprec wrong ,maybe wrong options
Attached Images
File Type: jpg Unbenannt.jpg (84.9 KB, 21 views)
Reply With Quote
  #6  
Old 05-07-2004, 11:23
TQN TQN is offline
VIP
  
Join Date: Apr 2003
Location: Vietnam
Posts: 358
Rept. Given: 143
Rept. Rcvd 24 Times in 13 Posts
Thanks Given: 196
Thanks Rcvd at 168 Times in 51 Posts
TQN Reputation: 24
Nothing wrong with me. What are your Windows version ? ImpRect settings for 9x/Me have some differences with WinNT/2000. This is my settings for ImpRec on my Win2000 Server and the unpacked file.
Regards
Attached Images
File Type: gif Settings.gif (10.5 KB, 18 views)
Attached Files
File Type: rar DVR-Studio.rar (371.9 KB, 11 views)
Reply With Quote
  #7  
Old 05-07-2004, 15:35
the_beginner the_beginner is offline
Friend
  
Join Date: Feb 2004
Location: Germany
Posts: 85
Rept. Given: 114
Rept. Rcvd 13 Times in 7 Posts
Thanks Given: 97
Thanks Rcvd at 16 Times in 9 Posts
the_beginner Reputation: 13
thanks for unpacking,but I have testet unpack and fix on my Notebook with xp ,want work here on my pc w2k work only unpack but I cant fix the *.exe I dont Know why
I'ts can be soo hard ????
Reply With Quote
  #8  
Old 05-07-2004, 16:22
TQN TQN is offline
VIP
  
Join Date: Apr 2003
Location: Vietnam
Posts: 358
Rept. Given: 143
Rept. Rcvd 24 Times in 13 Posts
Thanks Given: 196
Thanks Rcvd at 168 Times in 51 Posts
TQN Reputation: 24
Do not check "Import all by Ordinal" on ImpRec options.
Good luck
Reply With Quote
  #9  
Old 05-07-2004, 20:01
the_beginner the_beginner is offline
Friend
  
Join Date: Feb 2004
Location: Germany
Posts: 85
Rept. Given: 114
Rept. Rcvd 13 Times in 7 Posts
Thanks Given: 97
Thanks Rcvd at 16 Times in 9 Posts
the_beginner Reputation: 13
F*ck it wont be work ,under w2k the proggi start but crash,under XP pro many Faults ,can this some one explain why ,olly 10,steb3 ollydump 221.108 or 220.108 hidedebugger isdebug ,Maybe shit on my system

thanks if someone explain

edit

my dumped file and my iat (but not work ) and the fixed file ,who can explain what wrong ? I'm sure here someone can this
Attached Files
File Type: zip dump.zip (425.0 KB, 3 views)
File Type: txt dump.txt (24.0 KB, 7 views)
File Type: zip dump_.zip (427.5 KB, 5 views)
Last edited by the_beginner; 05-08-2004 at 01:44.
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
yoda's protector v1.0b bukkake General Discussion 0 08-22-2004 16:26


All times are GMT +8. The time now is 23:49.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )