Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Thread Tools Display Modes
Old 10-31-2010, 02:32 PM
gdpforion gdpforion is offline
Join Date: Oct 2010
Posts: 9
Default File unpacking

Hello everybody,
Greetings to all. I have a program which is using some form of packer. I am new so trying and exploring the possibilities. manually finding OEP and ollydump always gave me segmentation fault during reanalysis of dump file, so not doing it correctly, i guess. I tried few automatic tools as well but not able to know what type of protection it is. Help ?
Can somebody point me to know what is the packer i am dealing with and is it possible to unpack it using the generic method of manual dumping and rebuilding imports.
The file is here.

Suggestions always opens new doors of possibilities....
Reply With Quote
Old 10-31-2010, 03:37 PM
ac!d ac!d is offline
Join Date: Sep 2010
Posts: 25

Protection ID scan:

Scanning -> .\3dcontrol.dll
File Type : 64-Bit Dll (Subsystem : Win GUI / 2), Size : 2125824 (0207000h) Byte(s)
[!] Warning : File is 64 Bit, this os is NOT
[File Heuristics] -> Flag : 00000000000001001100000000000000 (0x0004C000)
[!] LiCENSE - FlexNET v11.7 protected !
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
- Scan Took : 0.156 Second(s) [00000009Ch tick(s)]
Reply With Quote
Old 11-01-2010, 06:28 AM
gdpforion gdpforion is offline
Join Date: Oct 2010
Posts: 9

Thanks ac!d,
Appreciate your response. Yes it is Flexnet licnse appli. But unfortunately i was not able to locate the lc_checkout function. My first doubt goes, is it packed with something. I tried unpacking but invalid.
I am trying to work on it, as it is, but not have enough knowledge about unpacking.
Note : Thanks Everybody. Target defeated using lc_ckeckout true return.

Last edited by gdpforion : 11-02-2010 at 02:25 PM. Reason: Update and Finished
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.