Contribute  :  Web Resources  :  Past Polls  :  Site Statistics  :  Downloads  :  Forum  
    BiW ReversingThe challenge is yours    
 Welcome to BiW Reversing
 Thursday, March 21 2019 @ 02:10 AM CET
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

yoda's Protector 1.03.2 Beta 3

 
Post new topic   Reply to topic    www.reversing.be Forum Index -> Unpacking
View previous topic :: View next topic  
Author Message
haggar
Regular
Regular


Joined: 19 Mar 2005
Posts: 246

PostPosted: Tue Mar 29, 2005 9:17 pm    Post subject: yoda's Protector 1.03.2 Beta 3 Reply with quote

Did anyone tried this version of yoda's crypter? It is newest and it has nice anti-debug trick , it freezes my Windows XP ?!? Maybe something on what KaGra could spend couple minutes.
Back to top
View user's profile Send private message
LaFarge
New to the board
New to the board


Joined: 08 Feb 2005
Posts: 5

PostPosted: Fri Apr 08, 2005 2:14 am    Post subject: Reply with quote

hehe, read my tutorial
Back to top
View user's profile Send private message Visit poster's website
Six19
New to the board
New to the board


Joined: 08 Apr 2005
Posts: 1

PostPosted: Fri Apr 08, 2005 6:59 am    Post subject: Reply with quote

hi,

I use yoda's protector but it seems to me that it only works for
Windows XP. yoda's old protector works great but again the file you protected with it crashes and won't load on systems with Windows 98/ME. Is there a fix for this? or a different version that will work on Windows 98/ME/2000/XP ? That would be awesome! Laughing

Also, yoda's beta version also freezes me too.
Back to top
View user's profile Send private message
haggar
Regular
Regular


Joined: 19 Mar 2005
Posts: 246

PostPosted: Fri Apr 08, 2005 11:48 pm    Post subject: Reply with quote

LaFarge wrote:
hehe, read my tutorial


Yep, thanks!


Six19

This version is buggy. It freezes if I try pack some file when ZoneAlarm is running, and on some machines it kills Explorer but on my it freeze whole system.
Back to top
View user's profile Send private message
haggar
Regular
Regular


Joined: 19 Mar 2005
Posts: 246

PostPosted: Mon Apr 18, 2005 11:45 pm    Post subject: Reply with quote

Ok, some news:

Freezing isn't a bug, it's intended. There is some info on yP page.

Packer uses CreateToolhelp32Snapshot to collect some info on processes running.

Then, when it finds itself, it give itself above high priority with SetPriorityClass.

After exiting that api, it calls BlockInput api which freezes my machine. I don't know what this api means, I don't have it in my documentation. This check is easy to pass, but then it just drives me in circle.

There are also some more interesting api's
IsDebuggerPresent
SetThreadPriority
SuspendThread
DebugActiveProcess
etc.


EDIT
Good old Google:
Quote:
The BlockInput function blocks keyboard and mouse input events from reaching applications.
Back to top
View user's profile Send private message
KaGra
New to the board
New to the board


Joined: 06 Feb 2005
Posts: 10

PostPosted: Wed Apr 20, 2005 7:26 pm    Post subject: Yoda's Prot 1.03.2 MUPed Reply with quote

check in exetools forum->windows tutoriaz

I MUPed it using a new hide plug,u will find it in exetoolz...
Back to top
View user's profile Send private message
haggar
Regular
Regular


Joined: 19 Mar 2005
Posts: 246

PostPosted: Wed Apr 20, 2005 8:38 pm    Post subject: Reply with quote

It's probably great tutorial, but forum is locked and no files can be downloaded if I'm not a member (and I'm not Sad )
Back to top
View user's profile Send private message
KaGra
New to the board
New to the board


Joined: 06 Feb 2005
Posts: 10

PostPosted: Wed Apr 20, 2005 10:48 pm    Post subject: ... Reply with quote

no,it's just a quick quide.All does the plug actually.But the way is universal for that protector!

Anyway,U may find it circulating....
Back to top
View user's profile Send private message
LaFarge
New to the board
New to the board


Joined: 08 Feb 2005
Posts: 5

PostPosted: Mon May 09, 2005 11:06 pm    Post subject: Reply with quote

Ehm, i hope u have read my tutorial i posted on ES forum before.

There u have the whole unpacking process explained.

Nice protector though

Cheers
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    www.reversing.be Forum Index -> Unpacking All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
 Copyright © 2019 BiW Reversing
 All trademarks and copyrights on this page are owned by their respective owners.
Powered By Geeklog 
Created this page in 0.08 seconds