Contribute  :  Web Resources  :  Past Polls  :  Site Statistics  :  Downloads  :  Forum  
    BiW ReversingThe challenge is yours    
 Welcome to BiW Reversing
 Tuesday, November 29 2022 @ 11:42 AM CET
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Help with pop-cap games

 
Post new topic   Reply to topic    www.reversing.be Forum Index -> N2C Member Chat
View previous topic :: View next topic  
Author Message
Bluemagica
New to the board
New to the board


Joined: 04 May 2005
Posts: 13
Location: infront of a computer

PostPosted: Sun May 15, 2005 1:53 pm    Post subject: Help with pop-cap games Reply with quote

I am a newbie.I tried to remove the time trial by disassembling in W32Dasm but I get no String or Imported Functions listing. What do I do?
Back to top
View user's profile Send private message Visit poster's website
parabytes
Frequent poster
Frequent poster


Joined: 14 Apr 2005
Posts: 92
Location: Israel

PostPosted: Sun May 15, 2005 8:28 pm    Post subject: Reply with quote

it might be packed or a VB program.

check out http://www.peid.has.it/ for the signature...

_________________
thoughts roam free and endless..
Back to top
View user's profile Send private message Visit poster's website
Bluemagica
New to the board
New to the board


Joined: 04 May 2005
Posts: 13
Location: infront of a computer

PostPosted: Mon May 16, 2005 11:33 am    Post subject: Reply with quote

Fantastic! but I recomend you to actually see the problem. IT CANNOT BE UNPACKED WITH A ACTIVE DEBUGGER IN MEMORY.
Back to top
View user's profile Send private message Visit poster's website
parabytes
Frequent poster
Frequent poster


Joined: 14 Apr 2005
Posts: 92
Location: Israel

PostPosted: Mon May 16, 2005 1:49 pm    Post subject: Reply with quote

1) turn off any kernel debugger (like softice) you might running
2) find out which packer is used
3) find the right method how to unpack it. usually, they explain how to bypass the debugger checks.

because you know, eventually.. the code has to run to find the debugger.
and the debugger can always change the code.
so you can always make it think there is no debugger around your system.

_________________
thoughts roam free and endless..
Back to top
View user's profile Send private message Visit poster's website
Bluemagica
New to the board
New to the board


Joined: 04 May 2005
Posts: 13
Location: infront of a computer

PostPosted: Mon May 16, 2005 3:46 pm    Post subject: Reply with quote

I am using ProcDump and trying to disassemble [censored] from [somesite].com. Tell me How can I exactly find out which encryption is used. Or better yet Tell me step-wise just how do I un-pack and un-un-pack it.
Back to top
View user's profile Send private message Visit poster's website
parabytes
Frequent poster
Frequent poster


Joined: 14 Apr 2005
Posts: 92
Location: Israel

PostPosted: Mon May 16, 2005 4:24 pm    Post subject: Reply with quote

look, i edited your post because no body really cares what program is that.
if you want this program so badly, pay for it.

if you want some help, do what i told you to do.
get peid from the link above, find out what packer is being used, and then go ask your new best friend (google) about how to unpack it.

we like to help, but we don't like spoonfed people. got it ?

_________________
thoughts roam free and endless..
Back to top
View user's profile Send private message Visit poster's website
Bluemagica
New to the board
New to the board


Joined: 04 May 2005
Posts: 13
Location: infront of a computer

PostPosted: Tue May 17, 2005 9:34 am    Post subject: Don't get mad:( Reply with quote

Look, I have already tried that, as I am a newbie I don't understand everything.When I selected the file and ran it, it showed:
ep section: .text
[others]
Nothing found [overlay]*

How do I find the encryption?

P.S I dont want the software I just want to crack it;)
Back to top
View user's profile Send private message Visit poster's website
thorpe
Regular
Regular


Joined: 28 Apr 2005
Posts: 125

PostPosted: Tue May 17, 2005 6:35 pm    Post subject: Reply with quote

Just a little hint, you have to show more effort before someone is willing to help you. You pressing "scan" on a program doesn't do it. Have you tried hiding your debugger with the numerous plugins for olly? Have you looked for any additions to the pe? Have you tried the OEP find function in PEiD and see if it matches with what olly loads up in the beginning?

These are some things you need to look into
Back to top
View user's profile Send private message
Abe+!_D_Omni
Frequent poster
Frequent poster


Joined: 12 May 2005
Posts: 56
Location: London (No:WaRe$*)

PostPosted: Tue May 17, 2005 7:50 pm    Post subject: Or u could try...... Reply with quote

Try..... Doing a search for pop-cap tutorials. (On LimeWire or Google)
I found tutorials on all of the games.
The fun in hacking is the learning ^_^
It takes time & patience

-={ Abe+! }=-
Back to top
View user's profile Send private message Visit poster's website
Bluemagica
New to the board
New to the board


Joined: 04 May 2005
Posts: 13
Location: infront of a computer

PostPosted: Thu May 19, 2005 8:16 am    Post subject: Reply with quote

Alright I tried out your suggesions but nothing seems to work.Try to Give me suggesions regarding ProcDump as i am using that.

Now lets assume that this software was packed with a completely custom Encryption which ProcDump can't recognise. So how do I unpack it???
by the way I tried out 5 different unpackers but in vain.
Back to top
View user's profile Send private message Visit poster's website
stingduk
Regular
Regular


Joined: 19 Feb 2005
Posts: 148

PostPosted: Thu May 19, 2005 11:25 am    Post subject: Reply with quote

heh it seems you dont google right there are really complete tutorials on this popcap crap including one with target name included and from what i read it seems it is almost byte patching crap also there are numerous hits
as to the protection company that authored the mark protection and big threads in almost all reversing boards
Back to top
View user's profile Send private message
Abe+!_D_Omni
Frequent poster
Frequent poster


Joined: 12 May 2005
Posts: 56
Location: London (No:WaRe$*)

PostPosted: Fri May 20, 2005 4:07 pm    Post subject: Learn to search... Knowledge is power ^_^ Reply with quote

I strongly recomend lookin through this great site

http://fravia.com/

You NEED to learn some advanced searchin methods
It's not that hard to find a tutorial on most programs, if you look in the right place

But if you still cant find a tut try...
http://www.absolutelock.de/construction/releases.html
For all your un-packing needs

-={ Abe+! }=-
Back to top
View user's profile Send private message Visit poster's website
Abe+!_D_Omni
Frequent poster
Frequent poster


Joined: 12 May 2005
Posts: 56
Location: London (No:WaRe$*)

PostPosted: Tue May 24, 2005 12:04 am    Post subject: This should help Reply with quote

Couldnt find a comlete tutorial, but this forum has info on the keychecks.
U may need to register, but it has a huge forum
(If the link wont work, its in the 'chalenge' forum)

http://woodmann.com/forum/showthread.php?t=7093

PM me n let me know how u get on

-={ Abe+! }=-
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    www.reversing.be Forum Index -> N2C Member Chat All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
 Copyright © 2022 BiW Reversing
 All trademarks and copyrights on this page are owned by their respective owners.
Powered By Geeklog 
Created this page in 0.89 seconds