Page 2 of 5 FirstFirst 12345 LastLast
Results 16 to 30 of 72

Thread: ARTeam: ArmaGeddon v1.0 Conceptual overview tool for unpacking Armadillo by CondZero

  1. #16
    Master Of Nebulah Frost Polaris's Avatar
    Join Date
    Jun 2002
    Location
    Invincible Cyclones Of FrostWinds
    Posts
    221
    You should check the caption... You're opening a nanomities file, not the file for unpacking.
    Stand In The Fog With So Cold A Heart... Watching The Death Of The Sun...

  2. #17
    Master Of Nebulah Frost Polaris's Avatar
    Join Date
    Jun 2002
    Location
    Invincible Cyclones Of FrostWinds
    Posts
    221
    Quote Originally Posted by Nico View Post
    lol at the last post.. even "clic and enjoy" unpackers aren't enough for some people.. grin.
    Hahhahahahahaha
    Stand In The Fog With So Cold A Heart... Watching The Death Of The Sun...

  3. #18
    name
    Guest
    Quote Originally Posted by Polaris View Post
    You should check the caption... You're opening a nanomities file, not the file for unpacking.
    cant get wat do u mean its not an unpacker?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #19
    You don't fit the minimum requierement "name."

    - Brain Final Version (not a time limited one, with all features enabled)
    Real ones don't need source

  5. #20
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Hey "name"...

    1. Get a clue.
    2. Stop writing like a stupid kiddie.
    3. Stop bloating our database with your uploaded screenshots.
    4. Read the FAQ.
    5. Get lost.

    Your current posts will be kept purely for their entertainment value, but further pollution of this and other threads with brain dead crap like that will be deleted without warning.

    For cryin' out load...
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  6. #21
    name, you made my day, definitely !!! Right, now beam me up, Scotty !
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #22
    Darn! The Prince is trying to steal my "Lame Poster" chastisement.

    Regards,
    JMI

  8. #23
    Quote Originally Posted by Nico View Post
    You don't fit the minimum requierement "name."

    - Brain Final Version (not a time limited one, with all features enabled)
    nice sense of humour
    Found in the OpenGL header file for Visual C++ 6: 'typedef GLint int '. AAAARRRRGGGHHHH!!! [Don't get it? You're not a C programmer.]

    A hacker does for love what others would not do for money.

    Being married to a programmer is like having a cat. You talk to it but you're never really sure if it hears you, much less comprehends what you say.

  9. #24
    name
    Guest
    ok thanks brothers i like your behaviour one more time thanks
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #25
    Long time, no post around here. This dude has PMed me at ap0x's board, RES boards, ARTeam and some other places asking me for the same freaking thing - to unpack a crappy sniffer that uses y0da's protector. Even if he followed a damn tutorial, he would be able to do it. Not to mention their is effin' OllyDbg + ODbgScript + a script made by fly for this protector. What else can you want more?!

    Sorry for the off-topic, heh. Anyway, back on track, don't know if it's been stated, any soon-to-be support for DLLs? Not much protection involved, but it would make a nice addition (compared to say dilloDIE )
    EXECryptor Add!ct

  11. #26
    Super Moderator Shub-nigurrath's Avatar
    Join Date
    May 2004
    Location
    Obscure Kadath
    Posts
    430
    Hi mate,
    actually nacho and condzero solved some nasty bugs which prevented the program to correctly dump & rebuild some targets (details on our forum), the dll thing is the easiest part because several protections cannot be used.. it's somehow planned to add it before or later.
    (`._.[*~-.,.-~* ŜħůβŇĝŕřāŧħ ₪*~-.,.-~*]._.)
    There are only 10 types of people in the world: Those who understand binary, and those who don't
    http://www.accessroot.com

  12. #27
    Thanks for the info, Shub. Will keep a look out for updates Read the newest ones on ARTeam board
    EXECryptor Add!ct

  13. #28
    We are currently testing v1.1 as you(we) speak. It will offer the following:

    February 2008 - v1.1
    + added dll support (dll loader.exe)
    + added option "Use OpenMutext trick" to force a single process. Use only if normal "debug blocker" processing fails. This would occur when a parent process launches the child process, but doesn't debug the child process (i.e. use the WaitForDebugEvent API)
    + improve IAT elimination functionality
    + includes updated ARTeam Import Reconstructor

    I think these changes will address many issues to date. Should be released fairly soon. stay tuned.

    cheers! and thx for the comments...
    If at first you don't succeed, you're just about average

  14. #29
    Master Of Nebulah Frost Polaris's Avatar
    Join Date
    Jun 2002
    Location
    Invincible Cyclones Of FrostWinds
    Posts
    221
    Lovely!
    Stand In The Fog With So Cold A Heart... Watching The Death Of The Sun...

  15. #30
    condzero, could you also change the way you name the dumped executables? instead of appending an underscore to the name of the second file, you could append it to the first one.
    otherwise the unpacker will fail to fix any nanomites in targets that check their own filename (at least that's what i guess was happening).
    that's the only problem i've come across so far.

Similar Threads

  1. ARTeam: SplashIt 1.0 by CondZero
    By Shub-nigurrath in forum Tools of Our Trade (TOT) Messageboard
    Replies: 0
    Last Post: March 14th, 2014, 07:08
  2. ARTeam PunchIt 1.1 from CondZero
    By Shub-nigurrath in forum Tools of Our Trade (TOT) Messageboard
    Replies: 2
    Last Post: October 2nd, 2008, 12:54
  3. ARTeam: AMDUMPV6.2 V2.0 by CondZero
    By Shub-nigurrath in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: September 20th, 2008, 06:37
  4. Armadillo 2.51 - 3.xx DLL unpacking - OEP?
    By MEPHiST0 in forum Malware Analysis and Unpacking Forum
    Replies: 13
    Last Post: May 24th, 2004, 02:28
  5. Armadillo unpacking: NetScanTools v4.30a
    By Solomon in forum Malware Analysis and Unpacking Forum
    Replies: 18
    Last Post: November 9th, 2002, 12:45

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •