Hello fellow reversers.

As promised I have uploaded discompress.com and today concluded a tut on tElock 0.71 unpacking.

This is under the advanced section as it involves debugger detection, IAT redirection and some PE header f*cking by the packer

Can some one please check-it-out and give some feedback
cos it takes around 4 hours of my time to 'create' such masterpieces

basically I intend to do the following :-

1) Introduce packers and what they do
2) Introduce the PE header format
3) Introduce the Imports (API's)
4) The Original Entry Point (OEiP)
5) The tools to use, including the usual large G&T
6) Frame of mind, approach.

hopefully discompress.com will become a focus for unpacking, oriented towards the Newbie reverser. I know there are tuts etc around but I think this is a specialist topic and a bit phearful for the beginner so the tuts will be full of my mistakes so you can make them too and learn.
I won't just say "do this" then "do that" "voila" - done. As the Newbies will have questions. especially about the IAT !!

I will try and pack/unpack with you ALL the major packers/protectors and intend to do 1 per week. I promise - NOT

Any special requests will get priority

+SplAj

www.discompress.com

Hi +SplAj

I just want to say that i like that about "Unpacking".
I'm also planning to write some Tutorials about it, So i want to ask can i send them to discompress.com when i'm done
Thanks.

Cya...

CoDe_InSiDe

Feel welcome to use the essay I did on Crunch2

It's not much but it's an easy packer to work on.

It's on http://tsehp.cjb.net/

Kilby...

Good job!!+SplAj!!



NeO

Hi +SplAj,

I'm excited about the possiblity of having the guidance of an experienced reverser in the unpacking arena :-).

I checked out your tut on tElock. It looks very infomative, but alas still a little advanced for me as I'm a *complete* newbie to unpacking... I'm currently wading through those beloved PE docs (for the 4th or 5th time)...I get a *little* more out of them each time and I'm hoping they'll really sink in one of these days .

You mentioned covering a packer per week... And I was thinking that if you have the time, it would be great if you could post the target in the mini projects forum for open discussion. Perhaps we could start out slow with some very simple packers w/o import redirection and such and then work up to more advanced ones.

--Clandestiny

[QUOTE]+SplAj (02-18-2001 20:59):
Hello fellow reversers.

As promised I have uploaded discompress.com and today concluded a tut on tElock 0.71 unpacking.



Hi +SplAj,

I did not find any tuts in the np-te!.zip.
it only has a notepad.exe packed with te-lock ??? I can't find it in discompress.com

regards
stillnewbie

Hi stillnewbie
Check the site again at:

www.discompress.com ---> Tutorials ---> Advanced

There you'll see the tutorial of tElock V0.71, you need to click on "ready" next to it.
Otherwise go here:

http://www.woodmann.net/discompress/tutorials/te!-unpack/te071.htm

Cya...

CoDe_InSiDe

i had the same problem!Once i found a tut the next time it wasnt' there!!


NeO

Damn I must be sleeping ((((
Thanks Cide_Inside 1001001001 :-D

stillnewbie

Damn I must be sleeping ((((
Thanks Code_InSide 1001001001 :-D

stillnewbie