Greetings,
I'm looking for tuts about how to manually unpack neolite packed programs. Any hints?

TIA,
regards,
hobgoblin

hobgoblin:

Are we being just a tad bit lazy? Let me sing that same old tune one more time. "Did you use the search button?" or that other old favorite: "Did you search anywhere else?"

Typing "neolite+tutorials" into google (www.google.com) quickly produced 4 pages of references including two from the fravia site on the very first page. It also mentioned CoDe_InSiDe's homepage as a place to look.

The two fravia tuts are:

http://www.woodmann.net/fravia/text/eb_tut32.txt
by enternal bliss

and

http://www.woodmann.net/fravia/Neolitepackeddll.htm
by Bit Reaper

Surely you can make the same effort at searching. It didn't hurt much at all, and took very very little time. There are even tutorial search site you might want to learn about and check out.

O.K. enough sermon.
Hope those files and hints help.

First of all: thanks for the response. I always like to be helped.

For your information: I typed in neolite+tut in google and altavista. Result: nill (try it for yourself...)

And one question: do you have a problem with the kind of requests I just made?
Do you know anything about what lies behind a request like that?
Sometimes there is a reason for people making what you view as "lazy requests"...
If it bothers you, why don't you just ignore it?
(and that's what I probably should have done in this case...)
Your answer just pissed me off a little bit...

But back to beginning: I appreciate your helpfulness.

regards,
hob

hobgoblin:

It's ok if you're pissed off, but that was not my intent. If your post said something like "I've searched for tuts on neolite, but having no luck, any hints" I would have skipped the "tad bit lazy" part, but I'm also trying to get more people to make an effort and, as others have stated, show that they have made an effort and what that effort is. Since you didn't say you had done anything already, I simply took the opportunity to spread the message that searching on one's own is the preferred first step. Of course I can't know "what lies behind a request like that" and that's why it might be helpful to say a bit more about what does lie behind it. And if you think about it after your blood stops boiling, the phrase "a tad bit lazy" was a question, not really an accusation.

I have no explaination for your lack of success on google. As I said, I typed in "neolite+tutorials" and got four pages. I took your challenge and typed in "neolite+tut" on google and got three pages with most of the same references.

Since I have no way of knowing what you know, I also mentioned the tutorial search engines, because they might be news to others reading the thread. You'll find a good tutorial search engine here:

http://reversersearch.da.ru/

and a good link list to things reversing here:

http://dmoz.org/Computers/Hacking/Cracking/

Using the search button here will led to some informative threads here discusssing neolite packed programs and unpacking issues.

I've already done war and it's often very loud, usually very messy and sometimes you can't figure out who the enemy is. I'm certainly not one of yours.

As Woodmann would say in closing
Peace.

Just want to say and thank you for the search-tip.

regards,

You are welcome and if you haven't come across it already, or if somebody else wants it, here's a tut by CoDe_InSiDe on manually unpacking Neolite 2.0, with a packed notepad to practice on.

Greetings,
JMI Why don't you just give the url
Sorry for sapmming the url guys
http://members.home.nl/code.inside/

Hi Hobgoblin,
Could it your browser has problems? I found what
JMI found of course without the quotes

Greetings cluesurf:

The only reason I didn't give the url for Code_InSiDe was that I had mentioned his home page in the previous post and one of my main goals is to encourage people to search on their own. I happened to have the Neolite tut on my HD, so I though I'd just offer it anyway. There's lots of other interesting stuff to be found on CoDe_InSiDe's homepage, so give it a check. If memory serves, this was the major tut on Neolite there.

Just to clear up one point from cluesurf's post, I don't use quotation marks at the start or end of what I put in the google search box. That was done only to try to make as clear as possible where the words I used started and ended. Next time, I'll just display it like this:

neolite+tutorial

so there will be no confusion. I really recommend that anyone without much experience at searching check out the section on

How to search

at the fravia site at http://tsehp.cjb.net . It can be accessed from the link at the bottom of the main page here. They have a page of search engines and search forms. Some of them no longer work, but it is a good learning place. The tutorial search form reference I gave is, I believe, associated with Fravia. At least it uses a picture from his original site.

Just as an example of what you might need to find, a tutorial you are reading might be talking about a version of a program that is no longer available at the official site and the code may be quite different from the details discussed in the tut. If the program is not too old, often you can search for the title and version and find somewhere that has a copy of the older version for downloading.

Last night I was looking for a copy of version 7.3 of Awave Studio to follow along with the +SplAj tut on that version that I will be uploading for distribution with his discompress site materials. The current version is 8 and the only one available at the company's site, and often after a tut has been posted somewhere the authors of the software or their protection company make changes in the code. I haven't checked version 8 yet to see if they tried to get around +SplAj's discoveries, but it is a larger file with likely many changes. Maybe the protection has changed because of the tut, maybe not.

A good example of the confusion this can cause is the thread here started by evaluator with posts by +tsehp,+SplAj, and others, discussing Revirgin and import tables on CommView 3.1. This is another of the tuts +SplAj did that will be in the upload. Use the search button at the top and under user name enter evaluator or +SplAj and you'll find it.

+Splaj's tut was about version 3.1, but hadn't identified the build number. Evaluator, working on the same version number, 3.1, discussed getting different import table results. +SplAj downloaded the latest version and got even more different import table listings and it turned out that the latest version, at that time, was 3.1.161 and evaluator was using 3.1.160, and the original tut was written using 3.1.156, so that explained why everyone was getting different results with the same version number. Helps to check the build number, often found in the About box of the Help dialogue.

So if you are trying to follow a tut line by line, rather than learning just the method of attack, you need to have the exact same version and build. Searching for an alternative download site may be the only way to find it. Even if you're like me and don't read many other languages, and I have great respect for those reversers who aren't native english speakers who are trying this in what is to them a foreign language, you can often find older version of programs on Russian, Chinese, Japanese, and Korean sites, to name but a few. Usually the program names are in english and if you move your cursor over the page and look at the bottom of your browser you will often see when you have located a zip or rar file for downloading. Give it a try. There is some amazing stuff out there.

Regards.

Hi everyone,

Bleh, my Neolite Tutorial
I'm gonna re-do it sometime, because it's not detailed enough hehe

Cya...

CoDe_InSiDe

Just a quick note on the two +SplAj tuts on Awave Studio and CV 3.1; for those who don't want to wait until I upload the discompress site with the additions. Those two files are available as attachments to the the thread here:

http://www.woodmann.net/forum/showthread.php?threadid=2001

Posted it on the thread about +SplAj's Tuts and mention it here only because I mentioned his tut in the previous post and someone might want to check it out.

Enjoy.