Results 1 to 9 of 9

Thread: Loader for ASPr?

  1. #1
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,518
    Blog Entries
    1

    Loader for ASPr? Yess!

    Ok, using ImpRec & revirgin we can "unpack" ASProtected file, disassemble and
    reverse. But what after? You will distribute "Revirgined" file??
    So we need special loader for asprotected programs.
    I know only "Launcher Generator V 1.03" by T3X with messagebox. But it is like toy, not solid.
    Is somebody working on this problem?

    I think in some case this will useful:
    In august I maked mammoth patch for DijiSecret (TamoSofts encryption program with 448bit-key)
    in this comic way:
    1. unpack with CASPR;
    2. Crack;
    3. Repack with ASPR1.2 (regged by SAC for SAC:);
    4. Create patch file using WinPatch.
    (maybe manually unpacked files are not supported for this way)

    Now in newest programs Aspr code is slightly changed and this way maybe will not works.
    But anyway, try it.
    Last edited by evaluator; October 10th, 2001 at 16:05.

  2. #2
    Firstly, distributing an unpacked file is not much of a problem, major concern is size. Secondly, unpacking, cracking, then repacking, seems to be going too far, considering what's needed. Instead, I'd suggest inline patching, either thru a loader, or thru a vxd. Ofcourse, if the program does a lot of crc'ing, that's gonna be a problem. But then the option of hooking dll's presents itself. This is one of the better options, since it's very hard for protections to guard against this.
    In short, seems to me you gave yourself too much work.

    Fake

  3. #3
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,518
    Blog Entries
    1
    Thanks for replay, Fake!

    You wrote:
    "I'd suggest inline patching, either thru a loader, or thru a vxd."
    1. So, if you know a loader-maker, which can handle aspr(v1.2) protection, tell me!
    (except "Launcher Generator V1.03")
    2. Were I can find tutors about "inline patching... thru a vxd"?

    My english is small and can't understand this:
    "the option of hooking dll's presents itself."
    "hooking dll's" is another method or "thru a vxd" method?
    Please, try for me easy english.

    You wrote:
    "distributing an unpacked file is not much of a problem"
    Under "distributing" I mean publishing a crack.
    Read more about: "CRACKS.AM Crack Submission Rules"

  4. #4
    1. I don't user loader makers myself. If I do go thru the process of making a loader, I code one myself.
    2. Tuts about inlining can be found on tsehp's Fravia mirror
    3. Hooking a dll (or actually hooking an API), means taking over the api. For instance, in the old days of vbox 4.02 and 4.03, it was possible to get around the vbox wrapping, without unwrapping the file. The method was, to take over the "LoadLibraryA" Api in Kernel32.dll, and check for the right call from the program. That way, it might be possible to patch the right part of the program, and change it back straight after it has been executed. Anyway, you'll also find tuts on hooking apis on Tsehp's mirror.
    4. Thru a vxd. This is basically just the idea that, thru a vxd you can do anything you want. I usually use it to patch code, or hook an api. Since there are no limits to vxds (they run in ring-0), you can do what you want. Patching with a vxd might be along the lines of: waiting for the program to reach the right place, then patch it, and then perhaps repatch it to avoid crc checks. For more info on vxds, go to Iczelions homepage, win32asm.cjb.net

    I hope this helps.

    Fake

  5. #5
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,518
    Blog Entries
    1
    Thanks for replay, Fake!

    Now I understand all you wrote.
    And it is not for me, because! I am not programmer.
    Now you also will understand, why I want loader.

  6. #6
    my new hair style :) +SplAj's Avatar
    Join Date
    Feb 2001
    Location
    Afghanistan, Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria
    Posts
    373
    The logic of releasing cracks in 2001
    =========================

    Dear fellows of this fine institution;

    In the good old days making your tiny patch file and spamming them out to the crack sites was great fun........especially receiving e-mails from desperate lamers pleading for the latest version of 'X' crack from you

    However, it seems today that the internet is dying. No revenue ==> No funds ==> No ISP's left ==> boring life in the real world is our destiny :-( It appears the only e-business model still working is the god old prono site. Even google lets you search for prono jpg's...... So it annoys me when I submit a crack to the likes of cracks.am etc etc to be bombarded with prono links everytime I research these sites for a ready made crack to compare them to my fine works of programming
    So by cracking targets we are helping some bastard earn cash.
    Ok I can live with that.

    But as a past upload 'member' I demand prono free crack access when I decide to d/l something I need. Also using 'certificates' before allowing access is something I abore - i.e. cracks.net

    So , my planned action. Lets boycott sending our cracks until we get 'membership' of this money making enterprise :-)

    A +Spl/\j get rich quicker scheme
    Carve my name into your arm :)

  7. #7
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,518
    Blog Entries
    1

    yO-yE!!!

    yO-yE!

    Today I created a loader for asprotected program (DijiSecret 1.1 build 272)!!!
    CASPRv1.100 can't handle this file.
    And this is "standart" loader created by "DZA Patcher 1.3"!
    NO "thru vxd" or "dll hooking"! (maybe this is "inline"? I'm not sure)
    Because I don't know ASM (& any program language), please, help me
    little:
    I found (using HIEW) instruction code for write 1 byte in memory address:
    mov b,[address],0XXh
    But how I can write multiple bytes?
    I tried this: mov d,[address],0(4byte)
    but bytes are written reversed, even if I also reverse.

    For example I want replace string "evaluation version" with:
    "NotEpad is GrReat!"

    It's hard to write for each byte 7 byte= 126byte!
    Help me!
    Also tell me if you know newest version of CASPR.

    Resume: This fact possible means: Death of ASPR anti-loader future.

  8. #8

    Re: yO-yE!!!

    Originally posted by evaluator
    yO-yE!

    Today I created a loader for asprotected program (DijiSecret 1.1 build 272)!!!
    CASPRv1.100 can't handle this file.
    And this is "standart" loader created by "DZA Patcher 1.3"!
    NO "thru vxd" or "dll hooking"! (maybe this is "inline"? I'm not sure)
    Because I don't know ASM (& any program language), please, help me
    little:
    I found (using HIEW) instruction code for write 1 byte in memory address:
    mov b,[address],0XXh
    But how I can write multiple bytes?
    I tried this: mov d,[address],0(4byte)
    but bytes are written reversed, even if I also reverse.

    For example I want replace string "evaluation version" with:
    "NotEpad is GrReat!"

    It's hard to write for each byte 7 byte= 126byte!
    Help me!
    Also tell me if you know newest version of CASPR.

    Resume: This fact possible means: Death of ASPR anti-loader future.

    /me shakes my head in disbelief...

    WTF is this? ..."point and click" cracking?

    Don't take this the wrong way Evaluator, but I think you're in a little over your head on Asprotect. Unpacking Asprotect is a little more involved than running CASPR (or any other auto-unpacking-magic) app on a target. Don't get me wrong here. I'm all for taking on challenges and reaching for knowledge beyond ones present ability... BUT without ANY knowledge of asm, programming, or basic memory addressing, you're like a blind man hoping to randomly stumble upon a solution. IMHO, you need to back up a step (or several) and begin at the beginning by learning asm and the PE format. Once you've mastered this knowledge, you'll have the foundation to try some of the more advanced RCE topics like anti-debug and unpacking. IMHO, RCE / cracking is *not* all about the glamor of realeasing "ready made patch for target X" with your name attached. It *is* about hard work, patience, self-education, and creative thinking. There are many kind people on this board willing to give of their precious free time to help and answer the questions of those seeking knowledge... There is no shame in being a newbie. BUT, how can you make use of the tips offered in response to your query on process patchers if you don't even know basic asm? IMO, if you're serious about learning this art of RCE, you need to begin at the beginning and build a good solid foundation for your knowledge. Admittedly, this is not glamorous. In fact its long, tedious, time-consuming, and difficult to teach yourself from ground zero up... Trust me, I know. But in the end it will be worth it.

    /me steps down off my soapbox

    I apologize in advance if this is a little off topic, but I just couldn't help throwing out my 2 cents after having followed this thread for some time.

    Best Regards,
    Clandestiny

  9. #9
    Greeting's all,

    Clandestiny, I have very strong feelings about what you have written.

    The basis of all I believe to be RCE is in knowing "the code". And of course some zen.

    I do not want these comments to be mis-understood. I only want to re-inforce their importance.

    I see too many who undertake projects above their abilities. If you want to progress then you must understand the most basic. This will only make you stronger in the future. I have been down the road of "please help me understand" and I was denied because I did not understand the basics of what I was trying to do.

    Please, with all respect, don't jump into something that you do not have a basic understanding of. If others hold your hand and you do not possess the understanding of what you are trying to reverse, you will not gather knowledge, you will only gain a robotic response until you face your next challenge.

    My future hopes are to start something that teaches the basics of the basics. I do not want anyone to stop "seeking", I only want you to have a greater understanding of what you are trying to do.

    Peace, Woodmann

Similar Threads

  1. Loader Gen
    By w_a_r_1 in forum The Newbie Forum
    Replies: 1
    Last Post: May 2nd, 2010, 16:33
  2. Loader making
    By w_a_r_1 in forum The Newbie Forum
    Replies: 12
    Last Post: July 13th, 2009, 14:42
  3. MAking a Loader
    By saber in forum The Newbie Forum
    Replies: 3
    Last Post: November 26th, 2005, 08:07
  4. Splash - Loader
    By Fsound in forum Malware Analysis and Unpacking Forum
    Replies: 5
    Last Post: May 11th, 2004, 23:46
  5. Loader
    By npanic in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: May 5th, 2002, 03:23

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •