bogdan
October 6th, 2002, 10:04
I tried to unpack many progs that are protected with AsProt 1.3 but they all seem to crash. There is some kind of new protection in this version?
There is a topic that was created by prejker with the subject another asprotect newbie. In that topic hobgoblin
says that he managed to get this progy ( Advanced Log Analyzer 1.2) to run. How?
Ok here's the code from Advanced Log Analyzer 1.2:
EAX=0051A464 EBX=00000000 ECX=007BFF68 EDX=00000000 ESI=00000087
EDI=0051A46C EBP=007BFCD4 ESP=007BFCBC EIP=00403A95 o d I s Z a P c
CS=017F DS=0187 SS=0187 ES=0187 FS=391F GS=0000 FS:00000000=007BFE2C
00403A7A A1ACF45100 MOV EAX,[0051F4AC]
00403A7F 85C0 TEST EAX,EAX
00403A81 744B JZ 00403ACE
00403A83 8B30 MOV ESI,[EAX]
00403A85 33DB XOR EBX,EBX
00403A87 8B7804 MOV EDI,[EAX+04]
00403A8A 33D2 XOR EDX,EDX
00403A8C 55 PUSH EBP
00403A8D 68BA3A4000 PUSH 00403ABA
00403A92 64FF32 PUSH DWORD PTR FS:[EDX]
00403A95 648922 MOV FS:[EDX],ESP
00403A98 3BF3 CMP ESI,EBX
00403A9A 7E14 JLE 00403AB0
00403A9C 8B04DF MOV EAX,[EBX*8+EDI]
00403A9F 43 INC EBX
00403AA0 891DB0F45100 MOV [0051F4B0],EBX
00403AA6 85C0 TEST EAX,EAX
00403AA8 7402 JZ 00403AAC
00403AAA FFD0 CALL EAX ;when ebx=2, eax=40691C this call crashes the program
00403AAC 3BF3 CMP ESI,EBX
00403AAE 7FEC JG 00403A9C ;loop until ebx=esi
00403AB0 33C0 XOR EAX,EAX
I've seen the G6 FTP Server tutorial, and i tried to put some ret's in the calls that are crashing but that doesn't work.
Can anyone please help me?
Is this related to double dipping in ASProt?
There is a topic that was created by prejker with the subject another asprotect newbie. In that topic hobgoblin
says that he managed to get this progy ( Advanced Log Analyzer 1.2) to run. How?
Ok here's the code from Advanced Log Analyzer 1.2:
EAX=0051A464 EBX=00000000 ECX=007BFF68 EDX=00000000 ESI=00000087
EDI=0051A46C EBP=007BFCD4 ESP=007BFCBC EIP=00403A95 o d I s Z a P c
CS=017F DS=0187 SS=0187 ES=0187 FS=391F GS=0000 FS:00000000=007BFE2C
00403A7A A1ACF45100 MOV EAX,[0051F4AC]
00403A7F 85C0 TEST EAX,EAX
00403A81 744B JZ 00403ACE
00403A83 8B30 MOV ESI,[EAX]
00403A85 33DB XOR EBX,EBX
00403A87 8B7804 MOV EDI,[EAX+04]
00403A8A 33D2 XOR EDX,EDX
00403A8C 55 PUSH EBP
00403A8D 68BA3A4000 PUSH 00403ABA
00403A92 64FF32 PUSH DWORD PTR FS:[EDX]
00403A95 648922 MOV FS:[EDX],ESP
00403A98 3BF3 CMP ESI,EBX
00403A9A 7E14 JLE 00403AB0
00403A9C 8B04DF MOV EAX,[EBX*8+EDI]
00403A9F 43 INC EBX
00403AA0 891DB0F45100 MOV [0051F4B0],EBX
00403AA6 85C0 TEST EAX,EAX
00403AA8 7402 JZ 00403AAC
00403AAA FFD0 CALL EAX ;when ebx=2, eax=40691C this call crashes the program
00403AAC 3BF3 CMP ESI,EBX
00403AAE 7FEC JG 00403A9C ;loop until ebx=esi
00403AB0 33C0 XOR EAX,EAX
I've seen the G6 FTP Server tutorial, and i tried to put some ret's in the calls that are crashing but that doesn't work.
Can anyone please help me?
Is this related to double dipping in ASProt?