Sunday, July 09 2006 @ 04:28 PM CEST Contributed by: LucyE Views: 11751
Level : newbie
Cracking and finding the name to serial algorithm in Chainie1 Crackme
This is my first crackme tutorial: I wrote it to try and help other real newbie’s like me to better understand the simple basics of cracking. Although this is supposed to be a very simple crackme I found it quite hard to understand what was really going on and very nearly fell into a little trap of thinking I had found the name to serial algorithm too soon.
Saturday, July 08 2006 @ 07:14 PM CEST Contributed by: haggar Views: 13375
Level : beginner
----------------------------------------------------------------------------------------
Thinstall 2.521 - unpacking dependencies and injecting a DLL
---------------------------------------------------------------------------------------
Intro, hmm.... what to say for intruduction? I wrote already one tutorial for Thinstall 2.521. There I explained how to unpack target protected with DebugBlocker feature but Thinstall is not packer/protector with some strong anti-debug layer. Thinstall is bundler which is able to pack all kinds of files into one executable file. What hard at Thinstall is, to unpack target that has dependencies - bundled files into one exe. In this tutorial we will try to unpack one file that have such dependencies. It is Teddy Rogers UnPackMe_Thinstall2.521.f.exe which contains three dependencies.
This tutorial is not exact solution for unpacking obsidium, instead it will just discuss some protection features and new implemented tricks in this version of obsidium. The new version of obsidium, 1.3.0.4 one, is pretty much the same as 1.2.5.0 one. One new trick is implemented, more junk code is added and that would be it.
I didn't unpack anything for a while due to my coledge obligations, but today I gave on examne and I'm in good mood. Obsidium is pretty good protector that comes from chinese author. I didn't notice any apps packed with it and I don't know why, since it has some pretty cool options. In this tutorial I will try 1.2.5.0 version which is older one, but it's good as starting point. I think that this unpackme doesn't have all protection options enabled since I know that obsidium has option to relocate whole image. That is probably only possible with Borland applications.
read more (4613 words) 2 comments Most Recent Post: 06/21 02:30PM by TheHyper
Wednesday, April 12 2006 @ 11:57 PM CEST Contributed by: SKiLLa Views: 11902
Level : beginner
Introduction
In this short tutorial I will show my solution to haggar's clone keygenme.
From haggar's comment we know that the target is packed with some (simple)
unknown protector and has some obfuscation. The goal (ofcourse) is to create
a KeyGen for it.