Hello.
i got a crackme that is packed and i wann unpack it...i don't wanna use any other tools available for it, but wann do it manualy to see how it is done...
any links will be greatly appriciated.
thx in advace

what do you mean with "tools". do you also mean without a debugger?

no i meant without progrs that autometicaly unpack my program.

hxxp://www.reteam.org/

There is a tutorial about unpacking asprotect without tools.

Enter "manual unpacking" (without the quotes) in the SEARCH button at the top of these Forums and in your favorite search engine and you will find enough information to last a long time.

Regards,

Hi ReVeR,
feel free to attach your crackme here. Maybe others would like to play with it.

Zai

@Zai: Indeed

ok here is the crack me, it takes 2 minutes to crack it (literally) once u unpacketed it...
so i don't think it is gonna be fun
but here it is anyways:

Hi ReVeR.
>i don't wanna use any other tools available for it, but wann do it manualy to see how it is done...
I think we can divide the project into some little tasks, i.e. how to find the Original Entry Point, how to create a new IAT and so on. Did you think about something in particular?

ZaiRoN

no, nothing in particular, i jsut wanted to learn how to unpack manualy...
i still gotta read some stuff on how to do it,

I made 4 parts of a tut of Manual unpack without Import Reconstructor, i use a script for make a list of the apis used and a little inject for use GetProcAddress and charge the values in the IAT, is a little hard for newbies but is very useful, is in spanish.

Download of my FTP quickly i'm unemployed now and in a little time i have no more internet connection.

http://www.ricnar456.dyndns.org/

or

http://www.ricnar456.dyndns.org/

user:crackslatinos
pass:fiaca22

folder:NUEVO CURSO-TEORIAS

253-IMPORT TABLES A MANO (parte 1).rar
254-IMPORT TABLES A MANO (parte 2).rar
255-IMPORT TABLES A MANO (parte 3).rar
256-IMPORT TABLES A MANO (parte 4).rar

Download quickly the day 20/8/2004 the ftp will be closed .

Ricardo Narvaja

Ricardo, I'm very sorry to hear that about your job.

Do you know if you will you distribute your tutorials somewhere else?

Most of Ricardso's tuts are already preserved on the exetools FTP and have been there for some time and I downloaded a copy on my HD as well. I'll make sure I have them all from the cracklatinos site and be glad to help Ricardo if he has any problem restoring them when he gets back on his feet and back on the net again.

Currently that archive contains numbers 1-170, and 203-208, and 213 (English translation of the vbox tut).

Again Ricardo, best of luck to you and your family.

Regards,

Well i was working in the same place for 23 years, will be difficult for me but i try.

Thanks

Ricardo Narvaja

Well in the crakslatinos page

http://crackslatinos.hispadominio.net/

and in the ftp of exetools and the crackslatinos mail list continue your work, and i expect return when i found a job.

Ricardo Narvaja

Ok, I wish you the best of luck then, and expect to see you back soon!

OK. I've now completed my personal archive of the NUEVO CURSO-TEORIAS folder and I'll upload the additional files to exetools shortly.

Ricardo you might want to make a small edit to the files titles.

Both

IMPORT TABLES A MANO (parte 3).rar
IMPORT TABLES A MANO (parte 4).rar

are labled as 256 and there is no 255.

Again thanks for all your great efforts and we hope to can get back to work and back to cracking very soon.

Regards,

Thanks the archive is renamed

255-IMPORT TABLES A MANO (parte 3).rar

256-IMPORT TABLES A MANO (parte 4).rar

Thanks

Ricardo Narvaja

Regards,

>>it takes 2 minutes to crack it (literally) once u unpacketed it...
...and a few minutes more to let it count below -1
(solution at crackmes.de crashes below -1 on my XP SP1)
Regards,

it is extremly easy, it took me 2 minutes literally to crack it after i unpacked it, but the problem was i want to redone it with manual unpalcing....reading ur tuts now ppl , thx

manual unpacking this target takes only 2 minutes too.
read "Manually UnPacking of Yoda's Crypter v1.1" from CoDe_InSiDe and "Manual unpacking y0da's Crypter v1.2" from hacnho.
Regards,

hey, can u give me direct lines cuz i have no idea qwhere to look for them.....
sry

This lines may contain spelling faultz
htpp://www.hvanoline.net/furom/showtipic_27123.html
http://home.tiscali.be/detten/tits.htm
Ragards,

ahem...i am sory but i can';t decipher those links....
i got for the first one wiht the errors corrected:
http://www.hudaonline.net/forum/showtopic_27123.html
doesn't work.
i got the second link working and there is 1 tut from the ones that u mentioned...
can u please look at the first link?
and i will try to get my spelling error free.

>>i got for the first one wiht the errors corrected:
>>http://www.hudaonline.net/forum/showtopic_27123.html
apparently not
bored now ,search yourself,you have all the keywords!
Regards,

crap, i meant that i got the second one...i didn;t get the first one....
and what is this, decryption contest?
i mean there are alot of web sites that are close in spelling of ur given one.....
i got all teh keywords, but if u try to look through all the sites that can be made from ur link,.....gonna take shit load of time....

Google is your friend.

http://www.hvaonline.net/forum/?showtopic=27123