|
WinUDA
Apr 10, 2005 18:22:15 GMT 10
Post by Dwing on Apr 10, 2005 18:22:15 GMT 10
Hey dwing how i do i unpack files packed with Upack? Tell me I use Quick Unpack 0.7 to unpack Upack. But sometimes you must find the OEP yourself .
|
|
|
WinUDA
Apr 15, 2005 6:42:01 GMT 10
Post by Niks on Apr 15, 2005 6:42:01 GMT 10
Where do i get Quick Unpack 0.7?
|
|
|
WinUDA
Apr 15, 2005 7:16:46 GMT 10
Post by Niks on Apr 15, 2005 7:16:46 GMT 10
UpackByDwing. An exe has that in it and Quick Unpack aint unpacking it
|
|
|
WinUDA
Apr 15, 2005 11:09:46 GMT 10
Post by Dwing on Apr 15, 2005 11:09:46 GMT 10
UpackByDwing. An exe has that in it and Quick Unpack aint unpacking it Quick Unpack can really unpack exe that was packed by Upack. Load file and press '>' to get OEP. If it's '00000000', you have to input OEP manually. Then press 'Unpack now!', and the unpacked one is out. But how to find OEP manually? It's not easy to say if you don't know how to use a debugger, Trace it and you will get the OEP easily.
|
|
|
WinUDA
Apr 16, 2005 7:02:43 GMT 10
Post by Niks on Apr 16, 2005 7:02:43 GMT 10
OEP says 00000000. I guess i need to find out what the OEP is manually, but what do i do and what tools do i use?
|
|
|
WinUDA
Apr 16, 2005 11:02:49 GMT 10
Post by Dwing on Apr 16, 2005 11:02:49 GMT 10
OEP says 00000000. I guess i need to find out what the OEP is manually, but what do i do and what tools do i use? I prefer OllyDBG. Trace your exe and find a far jump "Jz xxxxxxxx". OK, that's the OEP.
|
|
|
WinUDA
Apr 16, 2005 11:18:17 GMT 10
Post by Niks on Apr 16, 2005 11:18:17 GMT 10
This program looks very hard. Can you take a look at the exe for me ?
|
|
|
WinUDA
Apr 17, 2005 1:47:35 GMT 10
Post by Dwing on Apr 17, 2005 1:47:35 GMT 10
This program looks very hard. Can you take a look at the exe for me ? Also you can use a little tool called PEid. Open exe file with it and press the third button. Find an operator "0F 82 xx xx xx xx JB yyyyyyyy" The 'yyyyyyyy' is the OEP.
|
|
|
WinUDA
Apr 17, 2005 2:47:51 GMT 10
Post by Niks on Apr 17, 2005 2:47:51 GMT 10
I think ill just give up because i'm not understanding this at all.
|
|
|
WinUDA
Apr 17, 2005 16:47:54 GMT 10
Post by Dwing on Apr 17, 2005 16:47:54 GMT 10
Also you can use a little tool called PEid. Open exe file with it and press the third button. Find an operator "0F 82 xx xx xx xx JB yyyyyyyy" The 'yyyyyyyy' is the OEP. Correct: The third button is from up to down, NOT from left to right, just the second "=>" button. I hope someone may make a unpacker for Upack. I'm lazzzzy to do ;D
|
|
|
WinUDA
Apr 21, 2005 11:00:13 GMT 10
Post by Niks on Apr 21, 2005 11:00:13 GMT 10
Don't be lazy. It's bad to be that way. Go and make it
|
|
|
WinUDA
Aug 15, 2005 21:49:27 GMT 10
Post by heinz a fnw on Aug 15, 2005 21:49:27 GMT 10
hmmm... here's a script 4 olly... //start sto findop eip,#0F84? ???F# bpcnd $RESULT,"EAX==0" run sto an eip cmt eip,"here's the oep - now dump it" ret //end but anyway dwing: come on! make an unpacker... and glue it to your packer..
|
|
|
WinUDA
Oct 12, 2005 8:43:26 GMT 10
Post by cebolas on Oct 12, 2005 8:43:26 GMT 10
where can i download winuda
|
|
|
WinUDA
Oct 12, 2005 17:06:18 GMT 10
Post by -={DOGG}=- on Oct 12, 2005 17:06:18 GMT 10
|
|
|
WinUDA
Nov 21, 2005 7:52:09 GMT 10
Post by poderarcano on Nov 21, 2005 7:52:09 GMT 10
hola alguien me podria como sulucionar un problema? desempaque telock 98 pero cuando intento ejecutar el programa no abre, quiciera saber cual puede ser el problema?
|
|