Hello.Im kinda newb at unpacking....

I want to unpack armadillo to use this program..

PEiD saids it is packed with armadillo 3.78...

I tried to use Olly script but I couldnt unpack it...

Can someone please provide unpack tut or unpack it for me?

Thank you

/*
.:TEAM RESURRECTiON:.
Armadillo Standard+Strategic Code Splicing Script by AvAtAr
Tested on WinXP Pro SP2, OllyDbg v1.10, OllyScript v0.92
NOTES:
- Remove all hardware breakpoints before run the script.
- Add the following custom exceptions on OllyDbg:
C0000005(ACCESS VIOLATION), C000001D(ILLEGAL INSTRUCTION)
C000001E(INVALID LOCK SEQUENCE), C0000096(PRIVILEGED INSTRUCTION)
*/

var CreateMutexA
var CreateThread
var GetModuleHandleA
var OpenMutexA
var VirtualAlloc
var JumpLocation
var JumpLength
var adata
var regESP
var OEP

gpa "CreateMutexA", "kernel32.dll"
mov CreateMutexA, $RESULT
gpa "CreateThread", "kernel32.dll"
mov CreateThread, $RESULT
gpa "GetModuleHandleA", "kernel32.dll"
mov GetModuleHandleA, $RESULT
gpa "OpenMutexA", "kernel32.dll"
mov OpenMutexA, $RESULT
gpa "VirtualAlloc", "kernel32.dll"
mov VirtualAlloc, $RESULT

gmi eip,MODULEBASE
find $RESULT,#2E6164617461#
mov adata,$RESULT
add adata,0c
mov adata,[adata]
gmi eip,MODULEBASE
add adata,$RESULT

bp OpenMutexA
esto
exec
PUSH EDX
PUSH 0
PUSH 0
CALL CreateMutexA
JMP OpenMutexA
ende
bc OpenMutexA

bphws GetModuleHandleA, "x"
label1:
esto
rtu
find eip, #0F84????????????????????74??????????EB??#
cmp $RESULT,0
je label1
bphwc GetModuleHandleA

mov JumpLocation, $RESULT
mov JumpLength, JumpLocation
add JumpLength, 2
mov JumpLength, [JumpLength]
inc JumpLength
mov [JumpLocation], 0E9
inc JumpLocation
mov [JumpLocation], JumpLength

msgyn "Resolve Strategic Code Splicing?"
cmp $RESULT,0
je label3
bphws VirtualAlloc, "x"
label2:
esto
mov regESP,esp
add regESP,0C
cmp [regESP],1000
jne label2
add regESP,4
cmp [regESP],40
jne label2
rtu
mov eax,adata
bphwc VirtualAlloc
label3:

bp CreateThread
run
cob
bc CreateThread
rtu
rtr
sti

find eip, #2B??FF??8?#
mov OEP, $RESULT
add OEP, 2
bp OEP
run
bc OEP
sti
cmt eip, "<- OEP"
msg "You're at the OEP, now dump with LordPE and fix the IAT with ImpRec. =)"
ret


This is the script that I used in Olly.
I added those exceptions
Ignores memory access violation in KERNEL32.DLL
C0000005(ACCESS VIOLATION),
C000001D(ILLEGAL INSTRUCTION)
C000001E(INVALID LOCK SEQUENCE),
C0000096(PRIVILEGED INSTRUCTION)

hi Kinda, This site can help u unapckin' Armadillo v3.xx
http://www.absolutelock.de/construction/fi...r/tutorial.html (http://www.absolutelock.de/construction/files/infobase/New/arma_debugblocker/tutorial.html)

Help me unpack this file ( protect with ARmadillo 3.78 )
Target here : http://www.cucat.net/aikido/Aikido3D.exe
Thanks! ( I cannot do any things with the tutorials above )

Hi, about aikido3d... have anyone solved the problem with fingerprint? I´ve bought it, its really interesting, but I want to have it in all my computers, portable, at home, at work... and I would like to have a copy with no restrictions due to fingerprints... I found nothing with emule, nobody seems to be successful...

Ive been told that there is someone who avoided all restrictions, but he denies to share it... :angry:

Maybe a program that change all information so the program sees the same fingerprint that in the computer where it was first installed?

Originally posted by cucat@Mar 4 2006, 09:11 AM
Help me unpack this file ( protect with ARmadillo 3.78 )
Target here : http://www.cucat.net/aikido/Aikido3D.exe
Thanks! ( I cannot do any things with the tutorials above )
1301


Hello cucat.
In order to unpack this target, you need valied Hardware Fingerprint, Name, and key.
Without that, this target is impossible to unpack.

HI guys this is packed with minunum protection could someone unpack it for me because i use that script and nothing happens but the enter name and key box comes up am i doing it righT?
Or do i suppose to get that im at the OEP

Originally posted by atlantaazfinest@Jun 9 2006, 03:46 PM
HI guys this is packed with minunum protection could someone unpack it for me because i use that script and nothing happens but the enter name and key box comes up am i doing it righT?
Or do i suppose to get that im at the OEP
1439



I cant get anywhere with this. Hopefully someone else can help.