Log in

View Full Version : exe file

NonPanic
May 19th, 2004, 19:53
Hello guys

I'm new here, and I'm a newbie. And my english might not be the best, sorry for that.

To my problem then !

I'm trying to reverse an exe file that includes a public key.

The authors of this file says it is strongly encrypted. I've tried a lot of tools to find out what encryption is used to this file, but I've failed.
I have tried latest versions of PEiD, Language2000, PE Explorer, Ollydebugger and so on to find something about this file, but no success.

The only thing I found out is that the file is programmed with Borland C++ Win32 1999.

In my opinion, this file is not encrypted, just the data in it, or maybe just the public key.

There are 8 sections in the file, it looks like this -

.text
.data
.tls
.rdata
.idata
.edata
.rsrc
.reloc

PEiD says that the .data section is packed.

Is it possible that only the .data section is packed or encrypted ?

If so, can I find out what packer/encryptor that is used for that ?

Don't hang me if this is a stupid question, just leave it then.
Else, thanks for your eventually answere


Regards NonPanic
Aimless
May 19th, 2004, 23:46
Hello NonPanic. Welcome to the RCE board.

I might suggest an alternate course of action for you. Since you have mentioned that you are a newbie, I might suggest you leave unpacking and decrypting based protections away for a while.

I might also suggest you find an older version of Winzip (say, version 5/6/7) and try cracking the key based protection. Then you need to try cracking a time based protection and finally license-file based protections.

Once you have a solid 6-7 months of cracking such varied protections, you may try the Mini-Project Area to practice cracking of protected files. Once you have got a hang of the kind of packer/crypter used, and can manually unpack and decrypt, it will not make much of a difference whether you can really identify the packer/crypter, except purely for speeding up the cracking process.

My advice is, go slow and go steady.

Have Phun
NonPanic
May 20th, 2004, 11:09
Hello Aimless !

And thanks for your answere.

Well, I have cracked an older version of Winzip, some key based protection and time litmit progs, and read alot of tutorials.

But as you suggested, I think I need to do it more and take it slow.

And I will try the Mini-Project Area for practice.


Thanks for your advice

Rgds NonPanic