hi,
it's actually almost finished, and able to reconstruct all iat entries, encrypted or not for :
-asprotect (all versions)
-vbox 4.3 (encrypted iat's)
So I need new targets, thanks to give me links for other packed apps
with iat's to rebuild, with other protection schemes than the above,
this will allow the tool to work on all the iat related protection schemes.
regards,

+Tsehp

Waiting for your masterpiece (sources would be great too...)

Regarding the links, have a look at xoptimus thread
(target at http://www.hms.com/apps/issetup.exe)

How about Advanced Direct Remailer 2.0 from Elconsoft? CASPR 0952 won't unpack it. CASPR worked on ADR 1.62 with no problem.

http://www.elcomsoft.com/ADR/adr.zip

Hi Tsehp,
Tag&rename
url http://www.softpointer.com

regards
noname

Thanks guys,
I will then finish testing my tool with those three targets, but before
releasing it, I want el-caracol and the owl to finish to test the beta 1,
then you can believe that I'll release this freely on the main server.
I will only give parts of the source to help people that wants to do the same, and actually working on such related schemes. The idea this time is to gather some people on this project, but the info will be available for everyone who asks.
Be patient, it's coming soon. Thanks again for all the great people that helped me on this messageboard, with special words to :
-The owl (unbelievable knowledge on this)
-El caracol, French cracker and funniest essays I've ever read.
-Arthaxerxes, idem and working on things that nobody did before.
and all of you, still giving this place such a good spirit of knowledge exchange.

Time to go back to work, just to finish before Christmas.

best regards,

+Tsehp

Adobe LiveMotion http://www.adobe.com vbox 4.3
NetObjectsFusion v5.0 http://www.netobjects.com vbox 4.3 but somehow different

thanks again !
I'm sorry but the beta of my app will be delayed again
Why ? because a badly needed api that I used on win nt is not implemented at all on win98, so I'm working hard to emulate it, have no choice. If someone knows its CreateRemoteThread .
later,

+Tsehp

It was resolved, see the attachment. I have to port it to win9x and
will release it pretty soon.
regards,

+Tsehp

Just tried netfusion, quite a big one but resolved also, see the attachment.
regards,

Tsehp

Just tried netfusion, quite a big one but resolved also, see the attachment.
regards,

Tsehp

This piece is a little bit weird to me
http://www.addon-factory.com/download/cheet!_v1.12.zip
can it be tested ?
Thanks

There is some question marks are they ok ?.Also netobjects fusion decryps imports when it needs then destroy again. I have tried to unapck it but when it starts it calls another dll import which is destroyed and crashes.How I can use your tool to rebuild import a little tutorial can help me so much.Thanks.

write me to get the beta !

revirgin just impersonates the app itself when using iat entries, so they are decrypted and resolved by the tracer, you can only use the program itself while residing in mem, build the files and copy them into the dumped app. ask for the beta, everything is explained into the readme

Hello,

The "Chameleon Clock v2.51" seems to be protected by AsProtect. If you want to try your program on this target, here is the URL :

www.softshape.com/cham

Thanks in advance for your work
St Thomas

PS:
Is it possible to download your program. If yes, where ? - thank you

Could I trouble you to email a copy of ReVirgin beta? I would like to unpack Advanced Direct Remailer 2.0.
TIA