Web
: http://kickme.to/mxbnet
Contact Me : dheeraj_xp@yahoo.com
Offline Explorer Enterprise Edition 2.17
Type : Offline
Explorer
Protection : ASPack --- RSA Serial
Tech : Unpack + Patch
Crack : Really a good program.We will enter this baby's protection from
registration window.So enter some fake serial no: and in SICE BPX HMEMCPY ...
Hit "OK" .... trace ....
0x5A30BF CALL 5EB7C8 ----- MAIN REG CHECK
0x5A30C4 TEST AL,AL
0x5A30C6 JZ 5A31DA ----- BAD BOY
............................
0x5A30CE MOV BYTE PTR [EAX+6C0],01 ==> FLAG SET :)
So put a BPX inside CALL 5EB7C8 ... and restart ....if same check is used
every time we will break .... hee.....yes it is .....
When we break trace back ....
0x5EB2CA CALL 404710
...............................
0x5EB2D3 JLE 5EB5FC = 0F 8E 23 03 00 00
.............................
0x5EB5F8 MOV BYTE PTR [EBP-05],01 ---> FLAG SET
0x5EB5FC XOR EAX,EAX ----> WE BREAK HERE ....
So patch is ....
0x5EB2D3 NOP = 90 OFFSET = 1EB2D3
0x5EB3D4 JMP 5EB5F8 = E9 1F 03 00 00
Unpacking :
But this baby is packed by ASPack ....So we will have to unpack it.
BPX LOADLIBRARYA and now start OE ....when we break just trace through
OE.daat section ....we will be able to find real entry point.
0x6983B4 MOV [EBP+443CF6],EAX ----- OEP
0x6983BA POPAD = 61
0x6983BB JNZ 6983C5 = 75 08
.............................
0x6983C5 PUSH 606058 ------ OEP
0x6983CA RET = C3 ---------- DUMP THIS BABY HERE ..
So use JMP EIP = EB FE and freez SICE ...come out of SICE and use
PE Edit and dump whole OE ....
Now edit this file using PE Edit and change its EP = 206058
Now you have a working unpacked file and you can apply your crack.And don't forget to fix IAT or this baby will not work on other PC