The LongTail Rat challenge

Thanks to all you fellow reversers that wanted to unpack
LongFileTail (Hop's challenge) and filled my PM box with requests for a URL....

well this was obviously tooooo kryptic .......

LongFileTail == LogFileTail

The target as discussed in the following recent thread by spiderman :-

_________________________

RV tracer seems not work on...
__________________________


It has latest ASPR protection and nice SEH to point the way to Check#3, Check#4, Check#5 MessageBoxA error debugging afetr unpacking

BTW a good tip is to use 'LogFileTail' in Gooooooooogle search box..... HINT HINT for JMI !

have fun as usual

Heya

I figured out that "LongFileTail" never existed and found LogFileTail sometimes after my pm message :-)
I didn't have the time to work on it yet tho. I donwloaded it and its waiting for me
I just started to play with CloneCD 4.

Regards,

Hopcode

+Spl/\j:

I smelled the rat shortly after I sent my PM, but your PM box was already full for my follow-up. At first I thought you had simply mis-typed "LogFileTrail," as in RegMon output, but soon figured that was not correct and that you were just fuxing with us in your "usual" funny style. At least your "kryptic" entries are somewhat more clear than some of the humor from our musician friend. We need to help him improve his English so he can teach us all the great stuff he has learned about unpaxing and debug registers.

What I wanted to also ask you, or anyone else who might know, is if you have a chance to review my comments on the "Azpr's new check time algo" thread about aspr placing its timelimit registry entry inside some other program's registry file, how M$ permits this to occur. It doesn't seem like very good planning to permit some other program to muck with a programs registry entries, but I have much to learn about the registry and have just started my "Windows NT/2000 Native API Reference." Managed to find it "used" at one of the online booksellers for a substantially reduced price.

I'm still having major problems in my transition using Sice in Win2K, but most of life has a learning curve. Didn't expect this to be different. Still not having much luck getting it to break inside aspr programs and I'm trying to figure out the context switching and address switching concepts adequately.

OK, I'm off to do my goooooogle searchs.

Regards.

Hi +SplAj , Hopcode , JMI , all

Nice one.
In this case, 'old good dead listing' is very usefull to find "Check#" code .

Regards

SV

PS: Somebody knows PELock Target (!=Quick Menu Builder) ?

Hi guys,

What a long time since i last post anything vaguely related to cracking/reversing... my brain does get rusty...

been back for a while but been tied up with thigns to settle down so did not have tiime to do much... just warm up with some AsProtect inline patching... yeah doesnt seem that hard anymore... esp it seems easier everyday... thought i just pop by and say hello to everyone... think i will share my AsProtect.idb file with everyone since it is just rusting in my hard disk anyway... it might be handy for some people to get to known AsProtect better, like where it calculate the trial time, where it performs CRC etc...

Global, did you sit down with pen n paper to brute the first 4 layers of AsProtect ? i was too lazy n decided to patch all 4 of them ... i am waiting for your new AIPH cos i think the old one can be optimised a bit more now that i already get my hand dirty with asm...

cheers,
crUsAdEr

Hello crUsAdEr,
nice to hear something from you
new AIPH is ready sice some time and it works much better than the old one because you dont need to brute any layer or so.
in new version you only have to choice the target.exe and press patch like armpa ... and yes armpa still work

best regards...

Yo Crus:

Kinda one handed since you weren't around So howz things. Nice to see ASsPR doesn't surprise you... => means ur brain is still functional and still sharp. Join in, friend

Signed,
-- FoxThree