Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 07-23-2011, 10:09 PM
Amorphor Amorphor is offline
Junior Member
 
Join Date: Jul 2011
Posts: 3
Default Unknown Packer, need assistance

Hello,

I have this file here:

http://www.mediafire.com/?49kis3qg2g2u33w

Informations are posted in post #4.

Thanks,

Amorphor

Last edited by Amorphor : 07-25-2011 at 03:18 AM.
Reply With Quote
  #2  
Old 07-24-2011, 07:17 AM
ac!d ac!d is offline
Member
 
Join Date: Sep 2010
Posts: 25
Default

ermmm this isn't even a exe file... its some config file etc. of some mech warrior game ;P
Reply With Quote
  #3  
Old 07-25-2011, 03:02 AM
SunBeam SunBeam is offline
Senior Member
 
Join Date: Jun 2011
Posts: 61
Default

Yeaps. Must be he's uploaded the wrong file? :-)

Last edited by SunBeam : 07-25-2011 at 04:22 AM.
Reply With Quote
  #4  
Old 07-25-2011, 03:17 AM
Amorphor Amorphor is offline
Junior Member
 
Join Date: Jul 2011
Posts: 3
Default

Oh lol I had the wrong file.

http://www.mediafire.com/?49kis3qg2g2u33w

That's the exe file, I was in a rush to leave my house at that time so I wasn't paying much attention =P

Originally this was packed with UPX (2.0 I believe). I think I broke the UPX part (I don't see any UPX headers) but I may be wrong.

Can anyone reverse engineer that exe though? I'm asking because the team that brought that program for flash kits is now disbanded so the users wanted a way to make their own bootstrap tools.

Thanks,

Amorphor
Reply With Quote
  #5  
Old 07-25-2011, 04:25 AM
SunBeam SunBeam is offline
Senior Member
 
Join Date: Jun 2011
Posts: 61
Default

It's clean. Pure C++.. You can use IDA 6.1 (it's been leaked already) to map out the file and try and re-write it..
Reply With Quote
  #6  
Old 07-25-2011, 02:33 PM
Amorphor Amorphor is offline
Junior Member
 
Join Date: Jul 2011
Posts: 3
Default

Thank you SunBeam. That's looks perfect. So it seems I did break the UPX encryption after all ^^ (since its pure C++)
I'm new at reverse engineering, but I'm a fast learner when it comes to computers. Can anyone enlighten me on how I might go about reverse engineering with IDA 6.1?

Thanks,

Amorphor

Last edited by Amorphor : 07-25-2011 at 02:35 PM.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.