Does anyone here has deal before with a target that is wrapped with Softwrap and also has a Softwrap.dll which looks it handle there registration checks + SICE checks and expiration stuff.... i got a target which needs the IAT and i haven't been able to fix it.. does anyone here has been able to fix IAT for such targets ... i took the .exe to unpack which seems to be easy for my limited knowledge so far.. it has last section named as .Xlock

ok the good part is i have searched many times and without finding anything for this kind of packed way .... isn't the normal .locked that all tuts around mention...

if someone is interested to have a look please send me a PM and i'll send you the download details..

btw i'm waiting for JMI critics

Regards

What are you waiting for me to criticize? You said you searched and didn't find anything and that is what nearly always prevents a suggesting that searching will help solve the problem. You also said for those interested in the target to sent you a PM and that, also, is what we ask members to do. So you get two points for proper form.

Regards,

at least i made a good dump of it and set the right OEP.. Imprec 1.6 can't find any good entry for IAT and i fail to rebuild manually.. i need someone experienced that knows this wrapper to explain me.. how to do it... this is not a crack request. it's not fail to try this just couple of time and for only 5 minutes..

Regards

Softwrap is quite easy to unpack.

On the other hand, their "protection" is protected by another commercial protector which is Xlock. That's why you have that section.

Basically, you dont' want to deal with Xlock to unpack a softwraped target.
Don't confuse the target exe you want to unpack.

Xlock is just here to protect lame software code

you dont' want to deal with Xlock to unpack a softwraped target.

the true is .. i have to deal with both.... both .. the main .exe + the dll have that section means both are packed with this garbage.. other stuff about softwrap is quite easy to deal with i know /// if you're interested to try it .. let me know .. and i'll send you target details on PM

using some sence ..i assume the .Xlock section + Softwrap of the exe calls the Softwrap.dll before reaching the OEP .. i assume the .dll takes me to the OEP if still trial days left after pressing the OK button of the nag ... if this .dll as well wouldn't be packed the job could be easier to reverse it to kill nag + trial .. but also the exe will do an integrity check against any changes there. so i believe the easier short way is to unpack the main exe to remove all this and let the program run without Xlock/softwrap. as i wrote i already got a dumped exe with good OEP .. i'm stuck with the IAT .. later i found out that Peid also gives right OEP for the target.


Regards

here are some good tuts
http://mxbnet.host.sk/prog/unpacking/softwrap.htm
http://myhome.hanafos.com/~comgod/com41.htm

i see you haven't read well what i have posted so far.. this isn't my case.. i ain't got any .locked file ..if that would be my case i wouldn't bother anyone... the problem remains with Xlock/IAT

Regards

I saw some softwrap target that have not packed softwrap.dll.So if this is the case you can patch the softwrap.dll so you can return good value(granted ??)I dont remember well but its crc algo also was simple so you can patch DLL and return good values and even you can patch exe from this dll because you have the rights to do.Just my 2 cents.

it's packed.. what about explaining how to inline patch this dll instead of been arrogant! didn't i wrote the dll is also packed with a .Xlock Section

Just my 2 cents.

maybe you would like to try the target and test your skill against it and explain how to patch it ?

there's nothing to patch on the exe.. it's just packed with Xlock

I don't think he was being arrogant, seems like he was hinting a non-packed dll might be found and it may be possible to replace the packed dll with an non-packed and patched one, seems like a reasonable suggestion to me.

he was hinting a non-packed dll might be found and it may be possible to replace the packed dll with an non-packed

i believe he meaned it was going to b easy to patch if the dll wouldn't be packed.. and it's true but its packed in this case.. is not bad idea to find this .dll not packed and replace it.. anyone would like to share it?

LaptoniC do you have it ?

Of course I have non packed dll.Do you think I am speculating ?.I really dont talk antyhing that have no idea about it.Maybe because I am arrogant Just PM me and I will send the url of the software that have unpacked softwrap.dll

the program you told me is not softwrapped in anyway .. is there any other you know or you have the one tha has softwrap.dll ??

I'm curious, is your target vb?, never came across a softwrap(ed) app that wasn't. I know your targets a 20mb d/l, too big for me but I did unpack xpsmoker (vb) thats wrapped with new(ish) softwrap. Oh and you might consider ollydb for softwrap if you are on w2000/xp its so much simpler.

There are two versions at that page one is adwared and other is day limited trial please look carefully.First click related page on products page then look Download title for the file.I am not talking about the download link at the main page

it's a Microsoft Visual C++ 6.0 game (OEP: 0043C66C)...can be run only 3 times and has 10 minutes for playing only. i haven't enought time lately to start with Olly ..i got many good tuts for Olly. i will read them all and start using Olly when i got some more free time.. using SICE with this target is not simple i know. i was true when i guess the integrity check stuff . the exe check the integrity of the dll and maybe not all these Softwrap.dll are the same or work in the same way for difference APP... code difference,OEP...etc ..i see that softwrap made it harder to reverse in this way.. not softwrap in fact but Xlock .. if the exe have all there could be easily defeated witha simple loader.. but they put all trial crap on this .dll .. which also the exe detect its valid crc check against any modification.. and as i see not Experienced reversers has put much attention on this Xlock stuff? ... maybe because is not too comercial.. but i haven't found any tuts about it specially for fixing IAT. i found this about softwrap.dll could be of interest for someone --> hxx//www.softwrap.com/faq4_v4.asp

if still someone is interested to help me and explain me fixing this one i will be really much apreciated.

Regards