Reverse Engineering Team Board

Reverse Engineering Team Board (http://www.reteam.org/board/index.php)
-   File Unpacking (http://www.reteam.org/board/forumdisplay.php?f=27)
-   -   Cracking ASProtect 1.3 without Unpacking (http://www.reteam.org/board/showthread.php?t=205)

XFlorian 02-05-2005 05:52 AM

Cracking ASProtect 1.3 without Unpacking
 
hello Can anyone help me how I can crack an Asprotected Tool without Unpacking it?

seven 02-05-2005 10:10 PM

XFlorian
 
uze loader 2 crack,m without unpack,m .

JohnWho 05-05-2005 03:55 PM

With v1.2/1.3 you can redirect one of the dips and that way you don't have to deal with the CRC check! To use this method you'll need to study aspr's crypto to understand the encryption/decryption!

With v2.0x you can either change encrypted bytes after 2nd call to virtualalloc to break from the layer and start your patching chain, or you can start your patching chain from first hardcoded jmp in 1st decryption block shortly after EP(this way you don't need to know anything about aspr's crypto), this method you can also use on v1.2/1.3 ofcourse! Using this method you'll ofcourse have to deal with the CRC check by

1) make aspr do it's crc check on a backup file!(this is done before createfilea where eax contains file path and name)
2) patch the mapped image of file in memory back to original(this is done immediately after mapviewofileex where eax contains mapped image base)

JohnWho.


All times are GMT -4. The time now is 10:03 AM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.