Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

[Olly Script] Molebox 2.x Unpacker / OEP Finder Script

Bugs/suggestions/scripts/... for OllyScript plugin
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

[Olly Script] Molebox 2.x Unpacker / OEP Finder Script

Post by Cherry »

Molebox 2.x Unpacker / OEP Finder Script v1.10
by Cherry

Needed tools: OllyDbg with ODbgScript-Plugin

This script will unpack all files in a Molebox 2.x packed file which are visible to the packed program into the subfolder "!UNPACKED!".
Unfortunately, in many cases the main executable is not included.

1. Copy "mbunpack.dll" and "filelen.exe" into the executable's folder.
2. Open the moleboxed executable in Olly.
3. Make sure EIP is at the entry point of Molebox stub, no breakpoints are set and all exceptions are ignored!!!
4. Run this script.
5. OEP address will be displayed and you will be asked if you want to unpack it or start exploring the file at OEP.
6. If you start unpacking, you can follow the progress in the console window which will open. Be patient.

Known bug: All folders in the root directory will be recreated in the "!UNPACKED!" subfolder, ignoring whether it existed in the archive or not.

Download: http://npshare.de/files/e2d13031/mbunpack.rar (no longer working)
(New link) http://cherrytree.at/misc/mbunpack.rar

Password: tl1bs


Have fun!
Greetings, Cherry

EDIT: Updated to v1.10 - the script didn't work with many files.
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

updated
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

maam im new in this kind of thing and i know nothing about this one, but i really want to learn..
im stuck with step 3, how can i do it??? how to run script in olly?

i want to unpack the lates molebox including those wiht license

please help me
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

You need the ODbgScript plugin: http://sourceforge.net/project/showfile ... _id=195914

After installing it, you'll find an entry "ODbgScript->Run Script..." in the Plugins menu.
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

i realy realy cnt find this in OLLydbg window
After installing it, you'll find an entry "ODbgScript->Run Script..." in the Plugins menu.

please help
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

Have you installed the ODbgScript plugin? It needs to be put in the "plugins" subfolder of Olly in most cases, or, if this folder doesn't exist, in the main folder of Olly.
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

yes i install in already

then i open th olly but the only buttons i see at the top are

FILE VIEW DEBUG TRACE OPTIONS WINDOWS HELP

no plugin buttons T_T

can i ask for aguide wiht pictures maam?

damn im so noob
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

Go to Options->Appearance->Directories and make sure the right plugin path is set.
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

cherry this what i saw

Locaton af API help file [its asking for .hlp file]

Directory for .udd files ??? is this correct?

i cant find file with .udd and .hlp


edit i found it now thw plugins.hlp
am i doing thr right thing?

now how to run the script still cant get it.. i think im using different ollydbg. can u show me how to do it exctly, i cant figure it out
tnx
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

Oh!

Are you using OllyDbg 2? Version 2 doesn't support plugins yet. Use OllyDbg v1.10.
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

are these the correct files man??
i followed the guide and also see the plugis now but when i run
i got game.exe cannot load independently................ and also i still didnt follow this step 4. Run this script.

i cannot load the .txt rom your archive...

Image
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

erm, you have to UNPACK the ODbgScript.1.67.3.VC6.zip file, of course.
ramispo
Junior Member
Posts: 10
Joined: Sat May 16, 2009 11:38 am

Post by ramispo »

i have unpacked it in the same folder already maam,then i load up the plugins, then restart olly, then open gam.exe in olly, this part is the part i cant do right,, running the script from your archive, i cant open the txt file by cherry..after i put the directory of the plugins, when i resatrt the olly plugins gone, the i do some trial and error, i open option,appearance, directories, then i see this options again

UDD path and Plugin pathc which i already configured alreday.. the UDD pack i did not change , coz i dont know what it is.
damn, why i cant understandthe guide( this is my first doing this one, o have no idea)

i just want to open some game.exe, but i cant do it.. maam your my only hope, i think text guide can not help me T_T

Image
Cherry
Junior Member
Posts: 17
Joined: Wed May 06, 2009 12:08 pm

Post by Cherry »

eistiger

Post by eistiger »

Hi cherry,
maybe u can help me.

i wanted to unpack an exe file which is packed by Molebox.

But im stuck at point 3.
I dont make much with Olly.
So i hope u maybe can explain me this thing or show me a thread where it show?

3. Make sure EIP is at the entry point of Molebox stub, no breakpoints are set and all exceptions are ignored!!!
Locked