New Armadillo tut I wrote yesterday. Maybe will help someone to find out the best way to unpack this protector protected files.




http://members.fortunecity.com/zilot/Tutorial/armadillo.htm<---- Web version

http://members.fortunecity.com/zilot/Tutorial/Tutorial.zip<----- For download

I'll upload installation of Trojan Remover because in the meantime there is new version

Also will upload dumped.exe and fixed.exe files

Tomorrow

Zilot

Thanks Zilot

thx

Zilot, you are not that bad

Thanks Zilot for this nice and helpful tutorial.

Yesta Kapitan !!!!

Woah!!! post dissapeared!?!

Hey +SplAj

did you mean this :

http://www.postsmile.com/img/default/0520.gif

Nice Tut
Thanks for Sharing

Hey, Mr. ZILOT. Everything is on wasm now and the links were modified.
Waiting for zipped target.

Offtop to forum admins:
Guys, you've done brilliant job and the forum looks really nice. The only thing which upsets me is avatar. I cannot change it to my custom one

Ok, try now.

Much, much better
Delta, thank a lot. Good job!

There are a whole bunch of settings in the new AdminCP which we have to check and make sure are properly set and we are still learning the new styles and the new adminCP. However, we wanted to get the Board back open as quickly as possible and, so far, it appears that we didn't lose anything too important along the way. Once I deleted 2,600,00 entries in the backup from the searchindex and word index, we were finally able to get the "restore" to work properly. We're still working on a better backup script, but time has been short for "playing" of late. Hopefully, soon it will be a litter better automated.

Regards.

Hi Zilot

NO

That was not the icon. Unfortunately 'someone' with a detached sense of humor deleted my post with my chosen icon, which was VERY appropriate for the way the topic of conversation was developing IMHO.......a picture says a thousand words.

BTW thanks for that link to nice graphical icons site I enjoyed browsing them



ciao

I didn't see that, just RCE MSG replay with link. But seems replay works excellent http://www.postsmile.com/img/default/0654.gif, I even couldn't access to this forum via cjb.net. I thought it was down. Then Volodya told me he replayed, fortunately I had in my browser magic number
66.98.132.48.

Changes always cause frustrations http://www.postsmile.com/img/default/0524.gif

Good tutorial Zilot.

Armadillo continues to "advance" in its complexity. One side effect is it actually becomes easier to make an unpacker for it (disregarding nanomites), since they are bound to forget something. This is one reason Lunar_Dust was able to keep up with versions without much trouble.

I like your handling of nanomites, you found the encrypted jump length table, good work ! Lunar_Dust came up with the int3 loader as you suggested, for GetRight 5.0 beta, and it worked very effectively. (Trademarked "NanoWrap". SImply make a program to act as a debugger, and decode the jump tables just as armadillo does it, and then plop in the jump table codes and compile (jump tables as c arrays). Worked like a charm. With little modification such a tool could easily auto-extract the jump tables and build itself into a wrapper. I used OllyDbg since its easy to track down tables with it.

But alas, other hobbies hold interest at this time

Seems Armadillo becomes popular lately ?

-nt20

Thanks Tesla

Maybe I'm dumb, but are Lunar Dust and NT20 same person. As far I've seen, same style, same icon.......



Games ?

Lunar_Dust and I both work together on some RCE projects, that's why we have the same icon.

Other hobbies include metalworking, (I'm getting into metalcasting, starting with aluminum.) and some electronics work again.

Just wanna say keep up the good work !

-nt20