i was playing for a while with some targets packed with Pecompact/Packer , aspack 2.11, Old UPX versions and some others. not really hard to defeat but my question is.. is there an special command to avoid/skip the loops while the program is decrypting itself.. Pecompact targets and the Packer itselft looks for me very easy to crack and to find OEP but really kill my time while tracing in SICE with F10 or F8 if i press F12 then the program just load without getting the end of routine where should i dump at OEP the same happends when i press F11 and some other times it will just freeze my PC and have to manually reboot

with SICE loader or LordPe Deluxe b ( Break & Enter) all works OK. my problem is while tracing with all those loops that takes many time to pass them any ideas/tips?

Regards!

yes, execute the pushad at start of the file and then set a Hardware-BP on ESP, press F9 and you are on the OEP-jump (this is for olly)

i don't use Olly.. just SICE by now

but thanks for the reply.. any other person would like to give an advice or hints?

Regards!

Errrr, how about the exact same thing, except you replace the word "Olly" with "Softice"?

LOL as he said this is for olly i thought it was only for only?

i will try it with SICE then

Regards!

Hello,

I'm very new to packing/unpacking, is anyone willing to say something more about this:




Execute the PUSHAD at the start of the file???
Is there always a PUSHAD at the start of a packed file???
I know UPX has a PUSHAD just before the OEP but do I have to expect one even in the other packers???

Thx.

yaa

i see a pushad or many of them in many packers but not just at the beggining...i think there are other tricks for harder packers/protectors like Asprotect or Armadillo ... anyone would like to share more info. about this?

Regards.