Log in

View Full Version : ARTeam: Unpacking 4 Simple Packers with IDA Videotut by TiGa


Shub-nigurrath
January 23rd, 2009, 17:31
Hi all,
this is a quite complex/long video tutorial (12Mb). In my opinion it is a must, to really learn how to use the debugger functionality that IDA offers. It's interface is quite different, compare to OllyDbg, and somehow less intuitive IMHO, but not less powerfull (for some aspects IDA Debugger is absolutely the best in class). It's just the matter of getting used to it, surely!

In this video tutorial TiGa explains how to unpack a program, packed with four different simple packers (UPX, ASPack, FSG, Escargot), all the times using IDA Interactive Disassembler Pro. The package includes all the required things to replicate the experience: scripts, programs either packed or unpacked.

I thing you'll enjoy it and possibly will learn how to use IDA even on its debugger side.

Unpacking 4 Simple Packers with IDA Videotut by TiGa

Take it here:
http://xchg.info/ARTeam/Tutorials/?dir=ARTeam_Tutorials/&file=Unpacking_4_Simple_Packers_with_IDA_Videotut_by_TiGa.rar


BR,
Shub

naides
January 25th, 2009, 09:05
Thanks Shub for the announcement add TiGa for the tut. Small detail: My Antivirus (AVG) claims that several of the files (The ones containing the sample programs packed or unpacked) are infected with a Trojan. False positive?

Shub-nigurrath
January 25th, 2009, 11:57
absolutely yes, the problem is that simple free packers like those used for examples are often used for malwares as well. Signatures have then drifted detecting any application packed like that as malware.. For the unpacked ones might be some portion of the signatures detected was left in the dumps..anyway it's 100% ARTeam quality :-D

evaluator
January 26th, 2009, 03:58
naides! it's unbeleaveable from you, talking about false positives..

anonim
February 12th, 2009, 18:40
a real great and pushing forward tut,
ID ho.
best regards,
anonim.

edit:
oh man, thats realy what has been looked for, thats realy something else,
i wish u blessings and happiness,
for Tiga, if you'll see this post ever,
bingo,
u just saved my life... (well, those smilies are especialy ugly but then again, if u understand IDA, u'll probably get their point too.. ).

2nd edit,:
oh, man, thats just such a proffesional debugger, if it wasn't for that tutorial, i wouldn't have got a hinch of it in a ...
long time!!
i owe u so much,
best regards!

look..:
it just goes on and on!!!,
and...,
it's nice...
and,
it's just the beggining of it,..!!!
yooooooo..!!
we'll see what comes next...

at the end,
just a brilliant tutorial!!!
c ya all..!
bye..