Contribute  :  Web Resources  :  Past Polls  :  Site Statistics  :  Downloads  :  Forum  
    BiW ReversingThe challenge is yours    
 Welcome to BiW Reversing
 Thursday, March 21 2019 @ 02:25 AM CET
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Search found 79 matches
www.reversing.be Forum Index
Author Message
  Topic: An ornery Armadillo revisited
SKiLLa

Replies: 2
Views: 7488

PostForum: Unpacking   Posted: Fri Sep 08, 2006 7:30 pm   Subject: An ornery Armadillo revisited
Any chance you have an example target for us to try & investigate ?

One might expect that it shouldn't be too hard to find out how the overlays are identified,
but on the other hand, others a ...
  Topic: How to use malloc in C?
SKiLLa

Replies: 11
Views: 14285

PostForum: Coding Corner   Posted: Wed Aug 23, 2006 2:59 pm   Subject: How to use malloc in C?
Well, since you're using: r = scanf("%s",&pi[i]);

You could use: printf("%s", &pi[i]);

I'm not sure wether that's your intented ...
  Topic: I want MoleBoxPro 2.5.7 unpacker
SKiLLa

Replies: 2
Views: 8064

PostForum: Unpacking   Posted: Wed Aug 23, 2006 2:44 pm   Subject: I want MoleBoxPro 2.5.7 unpacker
I don't know any tutorial about v2.2.7, but you can find one about unpacking v2.5.x on the ARTeam Tutorials site:

http://omega.intechhosting.com/~access/ARTeam/tutorials/file_info/download1.php ...
  Topic: An ornery Armadillo
SKiLLa

Replies: 11
Views: 19241

PostForum: Unpacking   Posted: Fri Aug 18, 2006 6:34 pm   Subject: An ornery Armadillo
ActiveMark is a well known for it's overlay, but any program can use overlays and actually many Shockwave/Flash games use overlays for game-data. Not as part of a copy-protection but for other reasons ...
  Topic: An ornery Armadillo
SKiLLa

Replies: 11
Views: 19241

PostForum: Unpacking   Posted: Wed Aug 16, 2006 10:19 pm   Subject: An ornery Armadillo
Yeah ofcourse; with "BinDiff" I mean "do a binary file compare to see the differences between them", but it's actually also the name of a (cross OS) program doing just that, hence the expression. Pe ...
  Topic: An ornery Armadillo
SKiLLa

Replies: 11
Views: 19241

PostForum: Unpacking   Posted: Tue Aug 15, 2006 9:16 pm   Subject: An ornery Armadillo
The error-message sounds like an (ActiveMark ?) Flash/Shockwave overlay issue to me. The app is trying to read the overlay-data from it's own .exe into Memory and your version doesn't have it. This d ...
  Topic: Changing packing method in Visual C++ 2005 Express
SKiLLa

Replies: 3
Views: 7128

PostForum: Coding Corner   Posted: Mon Aug 14, 2006 1:00 pm   Subject: Changing packing method in Visual C++ 2005 Express
I upped my PEiD here:

http://d.turboupload.com/d/860253/PEiD.rar.html

It contains:

* PEiD 0.94 original and unpacked (by me, just for the fun, might come in handy sometime) version
* PE ...
  Topic: ebook
SKiLLa

Replies: 7
Views: 9706

PostForum: Coding Corner   Posted: Mon Aug 07, 2006 8:46 am   Subject: ebook
Here you go mate, in .chm format:

hxxp://d.turboupload.com/d/852430/The_Art_Of_Assembly_Language_2003.rar.html

The Art of Assembly Language - 2003 - 17.5 MB - 903 pages

PS: I hope that's the ...
  Topic: Armadillo 4.x + Debug Blocker
SKiLLa

Replies: 5
Views: 10578

PostForum: Unpacking   Posted: Thu Jul 27, 2006 1:30 pm   Subject: Armadillo 4.x + Debug Blocker
ADD BYTE PTR DS:

Since the code above is frequently used to generate exceptions when Arma detects that the program is being debugged; I guess you're being detected and the code is just some 'crash ...
  Topic: Unpacking UPX 1.x, possible self-modifying code
SKiLLa

Replies: 4
Views: 10973

PostForum: Unpacking   Posted: Sun Jul 23, 2006 10:11 pm   Subject: Unpacking UPX 1.x, possible self-modifying code
I guess a tutor about the serial-fishing will be appreciated, but I doubt posting working serials or keygens (on a commercial program) here is ok, since one might consider it 'warez' ... but it's good ...
  Topic: Unpacking UPX 1.x, possible self-modifying code
SKiLLa

Replies: 4
Views: 10973

PostForum: Unpacking   Posted: Thu Jul 20, 2006 11:04 pm   Subject: Unpacking UPX 1.x, possible self-modifying code
I checked the newest version 4.0.0.23. It's packed with UPX v1.x; so first thing I tried was unpacking it with upx.exe itself. As long as the .exe keeps it's original name the unpacked version runs f ...
  Topic: Elicense/Vprotect unpacking
SKiLLa

Replies: 24
Views: 37139

PostForum: Unpacking   Posted: Wed Jul 19, 2006 12:49 pm   Subject: Elicense/Vprotect unpacking
Yes, it's true. Just check the WinInternals.com site ... or check SysInternals.com and read Mark's blog, but the latter site is terribly slow due to the news Cool
  Topic: Elicense/Vprotect unpacking
SKiLLa

Replies: 24
Views: 37139

PostForum: Unpacking   Posted: Wed Jul 19, 2006 8:53 am   Subject: Elicense/Vprotect unpacking
It also writes key in registry with embedded nulls. Use RegDellNul from sysinternals to remove it.

Actually it's RegDellNull from MS now; SysInternals & WinInternals have been bought by MS Wink ...
  Topic: Elicense/Vprotect unpacking
SKiLLa

Replies: 24
Views: 37139

PostForum: Unpacking   Posted: Mon Jul 17, 2006 6:24 pm   Subject: Elicense/Vprotect unpacking
thanx for the info haggar; I hate it when programs leave that kind of trash behind Evil or Very Mad Stupid @!#$%^&
It eats up HDD & Mem-space, slows down your system and could even corrupt your Wind ...
  Topic: Elicense/Vprotect unpacking
SKiLLa

Replies: 24
Views: 37139

PostForum: Unpacking   Posted: Mon Jul 17, 2006 2:31 pm   Subject: Elicense/Vprotect unpacking
PS: any idea yet how the debugger is detected ? rdtsc, GetTickCount ?

Did you try unpacking with the Olly Advanced Plugin activated ?
 
Page 1 of 6 Goto page 1, 2, 3, 4, 5, 6  Next
All times are GMT + 1 Hour
Jump to:  


Powered by phpBB © 2001, 2005 phpBB Group
 Copyright © 2019 BiW Reversing
 All trademarks and copyrights on this page are owned by their respective owners.
Powered By Geeklog 
Created this page in 0.80 seconds