Te, why don't you upload it ? I raised the upload limit to 1 gig.
Daemon, the dp-borg2 is now traced, nice exports table trick![]()
Hi ^DAEMON^!
I like "unpacking"-deprotecting and
your protector is very interesting but
it is very NOT interesting deprotecting
SOME files!
It will very intersting if you will protect
your protector itself and upload here!
hi
penfold, i think the 11mb exe is part of the 'tricks' ? having a huge padded section full of zero takes just 1 line in source
*hint* best to check any large VSize numbers over RSize in the sections of target exe just to be aware about this in advance
BTW I would have copied lots of code in there as well while expanding to really fux the dump with a repeat .loop REPZ or something
however in this case just re-align the dump and petit size again![]()
hahahahahana the 11mb isn't a trick, r!sc coded this shit
don't know why he didn't use virtualalloc ? anyway hrm i don't release the protector i always just give out a few files, this way no one can do an unpacker
^DAEMON^
-------------------------------
love me hate me fuck me
-------------------------------
Hi Daemon!
I understand, why you won't publish your protector.
Also you can understand, why is not interesting deprotecting
SOME file.
!INTRIGUE NEEDED! Once again:
if you will upload here self-protected protector,
it will very interesting to deprotEto! (at least Previous_Version)
One critical note:)
Your protector is extraordinary &+but nonSOLID!
Here I submit dump file with one reconstructed Imported Function.
So can be reconstructed all others... I set OEP not 410000...
In other way, we can also reconstruct jump_table & calls to jump_table.
Question:
Does your protector
A. move jump_table &
B. change calls in program code for this?
Or you make it manually!?
GOTO post10825
Last edited by evaluator; November 21st, 2001 at 13:53.
the import wrapper can be configured
options are:
-no mutation (let import table where it is, if 1 then jmp table is mangled)
-wrap api calls
-wrap all (normally random choosen if not 1)
i've got a test in 3 weeks, so no time for this project! i'll improve it soonthere are a lot of things need to be done!
^DAEMON^![]()
Hi, Daemon!
As I found same IAT-redirection trick uses also telock98(at least).
My question is for history purpose:
How is author of this trick?
Hi, Tsehp!
If Solodovnikov will add this trick to ASPRotect...
You can close your RV project...
OR you must force your tracer to trace until real EXPORT. Is this possible???
My suggestion:
1. Lets make big pause in RV project!
2. Collect new anti-tricks
3. Come back with turbo-enhanced RV
hmmmm 98% of the code is done by myself.... just very few tricks i have stolen from "k-kryptor"... all other i've done on my own...
the disassembler borg is something special it can't even be dumped if i don't protect the file!
anyway 3 weeks to go for my test...
iam pretty sure all of u will like the latest version....
200kb of poly code etc...
better anti-dumping
more code mangling
etc...
/me tries to kick your asses![]()
^DAEMON^
---------
THE BIG PINK PUSSY IS BACK!
---------
^DAEMON^
GOOD LUCK![]()
Carve my name into your arm :)
Yeah yeah relly good luck,
whatever u do Deamon,
Splayi and Tsehpi will kick it :-)
keep scramble and put more unneccery code in it and it will be even more nOneffective :-)
"Everything has a Flaw that's how the light gets" it heheh :-))
have fun
bengaly how often should i tell u ??!?! eh ?
EVERYTHING CAN BE BROKEN!
THERE IS ALWAYS THIS RULE:
IF CODE = EXECUTEABLE THEN BREAKABLE!!!!
i can only improve it and make it harder!!!
and i'll do....
hmmmm also i think they like the protector, hopefully
so long, the test is going to be really hard
wish me luck!
^DAEMON^
^DAEMON^
I did mean *good luck* with the EXAM
but you can kick bi-tarts butt for luck though![]()
Carve my name into your arm :)
hehehe...
anyway DEAMON, than make it Profitble if its hard to unpack or so, just like aspack...
it will be handy u know
cya
maybe even some of u have got a few ideas....
about anti-debugging other ways to detect soft-ice
(then i do)
or some usefull tricks
maybe anti-dumping without modifying pe-header or api-hooking
every information can be usefull
maybe some tips for better import wrapping ???
^DAEMON^![]()
Bookmarks