An ornery Armadillo revisited

[mustanger]

I've been wrestling with this damned Armadilloed MacroMedia file for the past 3 weeks and I'm still stuck.

I've discovered a few things that might give some of you with more knowledge than me (nearly everyone!) a clue as to what we're up against.

Another site has the same game with a different protection. You start off on a push ebp followed by a call to a dll file. This dll is the protection-- a really sophmoric protection that newbies might want to play with. Anyway, the dll ends with a jmp edi command where edi holds the OEP (in this case 20003755). So one way to crack the program is to change the push ebp entry point to a jmp 20003755. You can also go into a PE editor and simply change the entry point to 20003755. What you can't do is run the program to 20003755 and dump the program with Lord PE and change the entry point at the same time to 20003755. If you try this, you get that error message:

Unable to load movie playlist. Does the .INI file exist? It must contain a section '[Movies]' 'Movie01=Pathname.dir'

Another thing I discovered is that if you take a functional exe file ( one from the crack site or one that was cracked as I described above) and you pack it with Armadillo (minimal protection) the file doesn't work. It gives you that .INI error message. The same thing happens if you pack it with AsPack or AsProtect or FSC (what ever that is!). UPX gives you an error message that the file is not compressible.


I thought Skilla found a solution when he pointed to a tutorial on ActiveMark packing. If you unpack this same game protected by ActiveMark you get the same .INI error message. You can fix the unpacking in this case by finding the ActiveMark overlay and appending it to the exe file.

There's another tutorial out there that is specifically for armadilloed macromedia applications. It uses Notepad to create a configuration file which points the way to the .dir file that the error message refers to. This is fine if you can find a .dir file in the program folder, but there is no .dir .dcr or a .dxr file anywhere on my computer.The author of the tutorial seems to say that these .dir files can be removed by the author after the programming is complete. He just happened be using a game where the .dir file was still there. He later indicates if the .dir file isn't there or if there's more than one movie, then his method of creating an .INI file won't work and you have to know how to find the overlay data. The problem is, he explains, he doesn't know how.


So does all this sound consistant with the explaination that we're lookin for overlay data in the original armadilloed file? Does anybody know anything about Macromedia overlays?

[SKiLLa]

Any chance you have an example target for us to try & investigate ?

One might expect that it shouldn't be too hard to find out how the overlays are identified,
but on the other hand, others already tried, so it's probably not that easy either

[mustanger]

The example that started it all is Ancient_Triipeaks from gamefiesta.com. That's the one I keep refering to in my posts. Game fiesta uses teh same protection for all its games. If you don't want to bother unpacking it, use dillodie version 1.6---1.5 won't work.

Ancient 4 in one gives the same result. Let me know how you do.