jump to navigation

REA UnPacKing Ebook by kienmanowa July 21, 2008

Posted by reversengineering in armadillo, asprotect, E-BOOK, execryptor, MUPS, NEWS, other protectors and packers, Themida.
2 comments

for more info and links :

http://reversengineering.wordpress.com/huge-collection/rea-unpacking-ebook-by-kienmanowa/

\REA_UnPacKing Ebook
|– \
|
| |– Introduction
| | |– Basic Steps to Unpack
| | |– Intro
| |
| |– Other Tutorials
| | |– Bypass Registration EncryptPE V2.2007
| | |– Inline Patching Ap Document to PDF Converter v3
| | |– Manual Unpacking hmimys-Packer 1.0
| | |– MUP ID Application Protector 1.2
| | |– ProtectShareware
| | |– Unpack UnpackMe1_by_KLiZMA
| | |– Unpacking Unpackme (ASPack + MSLRH)
| | |– Unpacking Wrapper used by GameHouse.com_tlandn
| | |– Unwrapping_Reflexive_Arcade_EvilInvasion
| |
| |– Unpack ActiveMark
| | |– Manual Unpack ACTIVEMARK 5.31
| | |– Manual Unpack ActiveMark 5.x
| | |– Manual Unpacking & Cracking ActiveMark 5.xx
| | |– Unpacking ActiveMark level 2 entry point
| |
| |– Unpack AHTeam EP Protector
| | |– How to unpack AHTeam EP Protector 0.3
| |
| |– Unpack AntiCrack Protector
| | |– How to unpack AntiCrack Protector 1.0x
| |
| |– Unpack Armadillo
| | |– Amardillo 4.xx-Patching Hardware Fingerprint (HWID)
| | |– AntiTracks_Arm 4.xx-Code Splicing
| | |– AoA DVD Ripper
| | |– Armadillo & Macromedia Games
| | |– Armadillo 3.70_IAT elimination_Code splicing_Standard
| | |– Armadillo 4.xx- Code Splicing (Other Method)
| | |– Armadillo DLL – Unpacking and MORE
| | |– Armadillo Exact Version Location Tutorial
| | |– Armadillo v3.xx Manual Unpacking
| | |– AutoPlayMediaStudio6_Arm 4.xx – Standard Protection+IAT Elimination
| | |– Cach khac de defeat debugBlocker
| | |– Code_Splicing_Evil_Method
| | |– Debugblocker + Nanomites
| | |– DiaryOne 5.6
| | |– DOC_Regenerator211_Debug Blocker+ Hardware Finger Print
| | |– Game Editor 1.3.2
| | |– GetRight_5_0_Final_Arm 2.xx-3.xx – Debug Blocker+CopyMem
| | |– GetRight60beta_Arm 4.xx Full Protections
| | |– HyperSnap-DX_Arm 4.xx – Standard Protection_IAT Elimination_Code Splicing
| | |– IAT elimination + Code splicing + Standard
| | |– Manual Unpack Armadillo v4.62
| | |– Movie Collector 4.4_CopyMemII+Nanomites
| | |– MUP Armadillo 3.78_Crack and reduce size of ASFConverter 2.68
| | |– MUP Armadillo v4.64 Small Case
| | |– MUP Armadillo v5.42 Case Study
| | |– MUP Armadillo v600
| | |– MUP_Armadillo_Fraps_Code_Splicing_+_IAT_Eliminatio n
| | |– My Screen Recorder Pro 2
| | |– PictureRipper3_Armadillo 4.xx- Import Elimination+Nanomites
| | |– Remote System Information 3.2
| | |– SWFDecompilerArm 4.xx – Standard Protection
| | |– SWFText 1.2
| | |– TrojanRemover6.4.4_Trojan Remover-DebugBlocker+Nanomites
| | |– Unpack and Crack Full XP Tools version 4.58
| | |– Unpack Armadillo – Standard protection only_vietnamese
| | |– Unpack_Armadillo_01
| | |– Unpack_Armadillo_02
| | |– Unpacking Armadillo 4.xx For Newbie 2
| | |– UnPackMe_Armadillo3.70a.b
| | |– UnpackMe_CopyMemII_Nanomites
| | |– Upack Armadillo 3.70a_VCT5
| | |– XTM_Arm 4.xx – Standard Protection+Code Splicing+IAT Elimination
| |
| | |– Unpack Armadillo\Manual Unpacking Armadillo Series by hacnho
| | | |– Armadillo_tut_serie1
| | | |– Armadillo_tut_serie2
| | | |– Armadillo_tut_serie3
| | | |– Armadillo_tut_serie4
| | | |– Armadillo_tut_serie5
| | | |– Armadillo_tut_series1_fixed
| | | |– armdillo_tuts_6_exp
| | | |– armdillo_tuts_7
| | | |– armdillo_tuts_7_exp
| | | |– armdillo_tuts_8
| | | |– armdillo_tuts_9
| | | |– armdillo_tuts_series6
| | |
| |– Unpack AsPack
| | |– How to unpack ASPack 2.12_dqtln
| | |– Unpack Aspack 1.06b_1.061b
| | |– Unpack ASPack 2.1
| | |– Unpack ASPack 2.12
| |
| |– Unpack Asprotect
| | |– ASProtect 1.23 RC4 – 1.3.08.24 with CloneCD
| | |– ASProtect_2.x_SKE_inline_patching_tutorial_by_Thun derPwr_trans
| | |– Asprotect20beta
| | |– How to unpack ASProtect 1.22-1.23
| | |– How to unpack Asprotect 1.23 rc4 series1
| | |– How to unpack Asprotect 1.23 rc4 series2
| | |– How to unpack ASProtect 1.23 RC4_dqtln
| | |– How to unpack ASProtect
| | |– Manual unpack ASProtect 1.23 RC 4_by hacnho
| | |– Tag&Rename32rc3_Inline Patching ASProtect 2.2 SKE
| | |– unpack Asprotect 1.2
| | |– Unpack ASProtect 1.23 RC4
| | |– Unpacking ASProtect 2.3 SKE
| | |– Unpacking ASProtect 2.XX SKE
| | |– Various Asprotect Loader Tricks
| |
| |– Unpack Egnima
| | |– The Egnima Protector 1.33
| |
| |– Unpack EXE Shield
| | |– Manual unpacking EXE Shield v0.5
| |
| |– Unpack ExECryptor
| | |– ExeCryptor_2.2.x_2.3.x
| | |– Manual Unpacking ExeCryptor 2.2.50
| | |– Manual Unpacking Total Uninstall 3.7
| | |– Manual Unpacking Zip Repair Tool 3.2
| | |– MUP EXEcryptor v2.2.6 with target_ PowerArchiver 2007
| | |– Mup Unpack Execryptor 2.x tlandn
| | |– Stupid Execryptor-Fixing Dump
| | |– Stupid Execryptor-small trick
| | |– Unpacking & Cracking RAR Repair Tool 3.0
| | |– Unpacking EXEcryptor 2.3x
| | |– Unpacking Flash Recovery 2.35
| |
| |– Unpack ExePack
| | |– How to unpack exe32packv1.42
| |
| |– Unpack ExeStealth
| | |– Manual Unpack ExeStealth
| |
| |– Unpack Ezip
| | |– Manual unpacking EZIP 1.0
| | |– unpack Ezip 1.0
| |
| |– Unpack FSG
| | |– How to unpack FSG v1.33
| | |– How to unpack FSGv2.0
| | |– Manual unpacking FSG 2.0
| | |– Manual unpacking FSG 1.0
| | |– Manual unpacking FSG 2.0 modified
| | |– Manual unpacking FSG v2.0
| |
| |– Unpack Mew
| | |– Manual unpacking Mew 11 SE v1.2
| | |– Manual unpacking Mew 10 exe-coder 1.0
| | |– Manual unpacking MEW 11 SE v1.1
| | |– Unpack Mew 10 exe-coder 1.0
| |
| |– Unpack MoleBox
| | |– [MUP & CRACKING] MoleBox Pro 2.6 Trial -Volume 1
| | |– Manual Unpacking MoleBox v2.5.7 and Serial Fishing
| |
| |– Unpack Morphine
| | |– Manual unpacking Morphine 1.4 – 2.7
| |
| |– Unpack NeoLite
| | |– Unpack NeoLite2
| |
| |– Unpack NTkrnl Protector
| | |– Manual Fixing IAT-NTKRNL Packer
| | |– MUP NTkrnl_Protector_0.1
| |
| |– Unpack Obsidium
| | |– Obsidium 1.2.5.0 – unpacking
| |
| |– Unpack PE Compact
| | |– Manual Unpack PECompact 1.68-1.84
| | |– Manual Unpack PECompact 2.x
| | |– Manual unpacking PECompact 1.84
| | |– Manual unpacking PECompact 2.0 Final
| | |– Manual unpacking PECompact v2.38
| | |– Unpack manual PECompact version 2.55
| | |– unpack PECompact 1.68 – 1.84
| | |– Unpack PECompact 1.68_1.84
| | |– unpack PECompact 2.x
| | |– Unpack PECompact v1.76
| |
| |– Unpack PE Diminisher
| | |– Manual unpacking PE Diminisher v0.1
| | |– Unpack PEDiminisher 0.1
| |
| |– Unpack PE Pack
| | |– Unpack PE Pack v1.0
| |
| |– Unpack PELock
| | |– How to unpack PELock v1.0x
| |
| |– Unpack PELockNT
| | |– Manual unpacking PE Lock NT 2.04
| |
| |– Unpack PEQuake
| | |– Manual Unpacking PEQuake v0
| |
| |– Unpack PE-SHiELD
| | |– Manual unpacking PE-SHiELD v0.25
| |
| |– Unpack PESpin
| | |– How to unpack PESpin v0.3
| | |– Manual Unpack PESpinv0.7 tlandn
| |
| |– Unpack PeTite
| | |– How to unpack Petite 2.2
| | |– Manual unpacking Petite 2.3
| |
| |– Unpack ProtectionPlus
| | |– ProtectionPlus 4.x_takada
| |
| |– Unpack RlPack
| | |– RLPack 1.19 Research
| |
| |– Unpack SafeDisc
| | |– SafeDISC2.x
| | |– Safedisc-Easy or Hard – Vol 1
| | |– Safedisc-Easy or Hard – Vol 2
| | |– Safedisc-Easy or Hard – Vol 3
| |
| |– Unpack SLVc0deProtector
| | |– Unpacking SLVc0deProtector 1.1
| | |– UNPACKING SLVc0deProtector 1.11 Tut 1_tlandn
| | |– UNPACKING SLVc0deProtector 1.11 Tut 2_tlandn
| |
| |– Unpack Software Compress
| | |– MANUAL UNPACK Software Compress 1.2
| |
| |– Unpack SoftWrap
| | |– SoftWrap 6.1.1_Loader
| |
| |– Unpack SPLayer
| | |– Manual unpacking SPLayer 0.08
| |
| |– Unpack SVKP
| | |– Manual Unpacking SVKP 1.32 Tut 1 – ASM Target
| |
| |– Unpack tELock
| | |– Manual Unpack tElock 0.90
| | |– Manual unpacking tElock 0.98b1
| |
| |– Unpack UPX
| | |– Inline_Patching for UPX
| | |– Manual unpacking UPX Protector 1.0x
| | |– Unpack UpX 0.896_1.02
| | |– unpack UPX Scramble RC 1.x
| |
| |– Unpack Virogen Crypt
| | |– Manual unpacking Virogen Crypt v0.75
| |
| |– Unpack Visual Protect
| | |– Manual Removing Visual Protect 3.5.4
| |
| |– Unpack WWPack32
| | |– Manual unpacking WWPack32 1.x
| |
| |– Unpack Yoda Crypter
| | |– Manual unpacking y0da’s Crypter v1.2
| | |– unpack Yoda Cryptor 1.2
| |
| |– Unpack Yoda Protector
| | |– Yoda’s protectors v1.02[MUP]
| | |– Yoda’s protectors v1.03.2 beta3[MUP]
| | |– Yoda’s protectors v1.03.2[MUP]
| | |– Yoda’s protectors v1.03.3[MUP]

have best time

Syser.Debugger.v1.97.1900.1038 July 21, 2008

Posted by reversengineering in DETECTOR, TOOLS.
add a comment

http://rapidshare.com/files/131394971/Syser.Debugger.v1.97.1900.1038.zip

FOR MORE DEBUGGERS GO  TO THE THAT PAGE THANX

good news is coming;) July 21, 2008

Posted by reversengineering in NEWS.
add a comment

hi my friend

i will run new page with huge archive OF Tools and Tutorials that good teams and guys(Cracker,unpoacker,reverser…) create them so best thanx flys to them  , i hope this little step helps u to get knowledge and use them to good way  till we have nice world .

best regards

REM

MSPress- Writing Secure Code July 21, 2008

Posted by reversengineering in E-BOOK.
add a comment

http://rapidshare.com/files/48733389/_MSPress__20Writing_20Secure_20Code.pdf

19 Deadly Sins of Software Security July 21, 2008

Posted by reversengineering in E-BOOK.
add a comment

http://rapidshare.com/files/48733340/0072260858.Mcgraw-Hill_20Osborne_20Media.19_20Deadly_20Sins_20of_20Software_20Security_20_Security_2

High Level Reverse Engineering July 21, 2008

Posted by reversengineering in E-BOOK.
1 comment so far

http://rapidshare.com/files/115966174/High-Level_Reverse_Engineering.pdf

link exchange July 21, 2008

Posted by reversengineering in NEWS.
add a comment

hi

for exchanging ur link’s website , weblog or forum plz go here: http://reversengineering.wordpress.com/links

and write ur comment about that and put ur logo’s address too .i will add them .

thnak u

regards ,REM

PC Guard for .NET/Win32 update released July 21, 2008

Posted by reversengineering in NEWS.
add a comment

14.07.2008

[+] Flexible machine locking feature.
[+] Added support for Opus Pro (Digital Workshop) applications.
[*] Remote protection: additional check for activation codes created with wrong project settings in case demo mode is enabled.

PC Guard for .NET DEMO version is available on request only.

CODE

http://www.sofpro.com/download.htm#demo_request

TLS callback for Immunity Dbg July 21, 2008

Posted by reversengineering in Immunity Debugger, TOOLS.
add a comment

from :tuts4you

———-Break on TLS callback for Immunity Dbg———

1. Install plugin
2. Disable option “Warn when terminating active process” in “Security”
3. Load “tls.exe” (from example[test] directory) in to ImmunityDbg

http://letitbit.net/download/4db08d675274/TLS-Stopper-v0.1.rar.html

———————————————————-
(c) 0x0c0de 2008

IIDKing v2.01 by SantMat July 21, 2008

Posted by reversengineering in TOOLS.
add a comment

Description: Add/Remove imports to your target exe. (With XP Fixes)

http://letitbit.net/download/e410df439184/IIDKing-v2.01.zip.html
—————================== Instructions =================————–

1. Pick a file.
2. Check the “Backup” checkbox if you want the file you are modifying
backed-up.
3. Click the “..pick DLL(s)..” button and choose a DLL file to import from.
4. Select as many Function(s) as you with from the Function listing of the
chosen DLL.
5. When you are done entering the DLL(s)/Function(s) you want added, his the
“Add them!!” button
6. If all goes well, you should get an OK via a messagebox explaining that the
DLL(s)/Function(s) have been added.
7. Finally, the addresses that you will need to call for those added
Function(s) will be sent to a file which is given by the previous messagebox.

—————=================== Changelog ==================————–

v2.01 (9/10/2004):

-Fixed the issues concerning IIDKing and Windows XP. The problem was due to how
the ‘fabulous’ Windows XP handles certain data in it’s memory as opposed to
Windows 98/2K.

-Fixed a minor issue concerning internal handling of data(DLLs/APIs).

-Added a message box to inform the user that the adding of imports to PE files
with no room left in their PE section header areas for the addition of sections
aren’t currently supported by IIDKing and that the issue is being worked on.
This feature is soon to come after the release of v2.1 which will add zero-paded
area adding capabilities to IIDKing. See http://www.reteam.org projects’ page.

-Everyone is encouraged to upgrade, even non-XP users.

v2.0 (9/6/2004):

-Added the ability to add an unlimited number of DLL(s) and their
corresponding Function(s) to the target exe.

-You can now run IIDKing an unlimited number of times on any given target and
IIDKing will only ever use ONE section called “.IIDKING” in your target. Old
versions of IIDKing required more.

-When you run IIDKing on a target that has already been modified via IIDKing
v1/v2 it will notify you of this fact and subsequently load the previously
added DLL(s)/Function(s) into the IIDKing dialog. This allows you to re-run
IIDKing for the purpose of removing or adding to past import additions to
your targets.

-Added an easy to use interface for adding DLL(s)/Function(s) in the form of a
list dialog. You simply select the DLL filename as you wish and it will list
all it’s available exports for you to choose from. Leaves no room for case
sensitive or spelling errors when adding DLL(s)/Function(s).

-IIDKing v2 is much more intuitive in handling user actions and hence can be
kept open and used continuously on the same target or any given number of
targets. No need to restart iidking ever.

v1.0 (9/15/2000):

- IIDKing allows you to add imports to ANY PE file’s import table, thereby
eliminating the need to have to do LoadLibrary then GetProcAddress.

- Allows you to specify how much MORE zero-padded code you wish to add to
the end of the section “.IIDKing” that is created when you change a PE
file, allowing for the creation of caves.

- Has a limit to the amount of dlls you can add, per run of the program. -One

- There is no limit to the amount of functions for that one dll though.

- You can run the program as many times on the program you wish! As long as it
has enough room in it’s PE header. So say you wanted to add MessageBoxA from
user32.dll and DeleteFile from kernel32.dll, you would have to run IIDKing
two times.

- A file backup feature, to backup while adding imports.

NTCore’s Explorer Suite III Build 20080611 July 21, 2008

Posted by reversengineering in .NET, TOOLS.
add a comment

Download

Multi-Platform Setup: http://www.ntcore.com/Files/ExplorerSuite.exe

Lutz Roeder’s .NET Reflector v5.1.0.0 July 21, 2008

Posted by reversengineering in .NET, TOOLS.
1 comment so far

2008-03-04

Download

http://www.aisto.com/roeder/dotnet/Download.aspx?File=Reflector

VBReFormer 2008 Professional Edition July 21, 2008

Posted by reversengineering in NEWS.
1 comment so far

What’s News ?
07/07/2008 – Released: VBReFormer 2008 Professional Edition !
VBReFormer now recovers the assembly code of modules methods, and try a decompilation on the code.
Thanks to this new feature, VBReFormer is a complete disassembler for Visual Basic applications.

A list of new MSVBVM60.dll virtual machine has been implemented to VBReFormer, improving decompilation stuff.

.NET Component Inspector July 21, 2008

Posted by reversengineering in .NET, TOOLS.
add a comment

Have you ever wished you could explore the behavior of a component or some code without having to write any code? To watch events occur on any object and examine the history of events? To quickly try something and see how it affects the component? To look at the visual behavior of a component as you adjust not only its properties, but execute its methods? If so the .NET Component Inspector is the tool you have been seeking.

The Component Inspector allows you to:

open any .NET assembly (executable or library), any number of which can be opened at once;
trace events on any object by simple one click event registration either on all events for an object or selected events;
create any object from a class in the opened assemblies using drag/drop;
create Controls on the design surface, move, resize or embed them in other Controls;
search for types or object content.
use the same set of Control objects both in design mode and normal running mode and go back and forth between the two with a single click;
examine or alter any field or property in the created objects, regardless of visibility;
execute any method on the created objects, regardless of visibility;
quickly examine and manipulate objects in common collections (IList, IDictionary) without concern of the implementation details of the collections. For example, you can cut/copy/paste objects to/from lists;
directly execute an application, class, or Control without writing any code; and
explore the contents of assemblies and the Global Assembly Cache (GAC).

http://oaklandsoftware.com/download_inspectors.html

Follow

Get every new post delivered to your Inbox.

Join 41 other followers