Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 08-15-2012, 09:21 AM
justine justine is offline
Senior Member
 
Join Date: Dec 2007
Location: Serbia,Belgrade
Posts: 82
Send a message via ICQ to justine Send a message via MSN to justine Send a message via Yahoo to justine Send a message via Skype™ to justine
Default

First be patient and read all!!

Last few days im trying to unpack one simple exe protected with winlicense
Application is very simple few text boxes for input and one button for calculation.
Implementation is like this:
application dont have hardware id checks
no time limitation
starts good without license,even no messagebox informing me that license doesnt exist..
But when i click on calculate button msgbox "License error " apear.

What i done so far
I tried few different aproaches

1. I tried to find and patch two "is_registered" dwords
Later to make loader for it .
Found the code which points me to the dwords memory locations hwbp on it but my application doasn't execute this code at all (doesnt brake here)....im pretty sure that i found good locations because code is exacly the same as in tutorial ..

2. I wanted to use Winlicense key creator by xingyuwan then to extract license unique hash and generate new license...later i readed on unpack.cn that unique hash is not possible to extract fully so i give up . Can someone confirm this? Or if possible can someone point me to right direction

Its a little strange that extraction isn't posible since many peoples is happy with this tool..and if extraction of the license unique hash isn't posible tool is useless obviously

3. At last my only solution will be to unpack aplication
Ok i started to read tutorials and downloaded unpackme and scripts
It was nice experience i can finish some unpackme's but this one is little harder as i can see

maybe its a newer version of wl not sure
however rdg packer detector says themida 2.0.3.0

Now im looking for someone more experienced then me who is willing to spent some time one me and guide me trought unpacking process

I just need support from someone who have more experience.
Will be great if someone is willing to help

file:
http://www.sendspace.com/file/g4jvtf

Thanks

Ok i patched it in memory, no need license anymore

Will go with loader.

Thanks to everyone who helped me

Thread can be locked
__________________
ALLEZ!!

Last edited by Git : 08-15-2012 at 01:28 PM.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.