roulic
June 10th, 2002, 02:43
Hello,
I'm very new to this sort of thing, so please excuse my ineptitude.
I've been trying unsuccessfully for a little while to unpack the latest KaZaA version. One of the file ID programs claims that kazaa.exe is packed with pex 0.99, but this is not the case according to DeX. I have poked around the pex sources, however, and noticed that its code is virtually identical to that in KaZaA. Also, a previous version of KaZaA /was/ encrypted with pex 0.99 and could be unpacked with DeX. This leads me to think that the KaZaA team has altered pex in order to provide slightly better protection.
So anyway, my question is: How in God's name does one unpack this mutha? I've traced through it a ton of times with SoftICE and my favourite debugger and I simply cannot do it. I've read the unpacking tutorials, and still no go.
If anybody could provide some helpful tips, I would be forever greatful.
Sorry about the tone of this message; I'm just a little frustrated.
Thanks again!
I'm very new to this sort of thing, so please excuse my ineptitude.
I've been trying unsuccessfully for a little while to unpack the latest KaZaA version. One of the file ID programs claims that kazaa.exe is packed with pex 0.99, but this is not the case according to DeX. I have poked around the pex sources, however, and noticed that its code is virtually identical to that in KaZaA. Also, a previous version of KaZaA /was/ encrypted with pex 0.99 and could be unpacked with DeX. This leads me to think that the KaZaA team has altered pex in order to provide slightly better protection.
So anyway, my question is: How in God's name does one unpack this mutha? I've traced through it a ton of times with SoftICE and my favourite debugger and I simply cannot do it. I've read the unpacking tutorials, and still no go.
If anybody could provide some helpful tips, I would be forever greatful.
Sorry about the tone of this message; I'm just a little frustrated.
Thanks again!
offset in data window)+4