Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 10-31-2010, 02:32 PM
gdpforion gdpforion is offline
Member
 
Join Date: Oct 2010
Posts: 9
Default File unpacking

Hello everybody,
Greetings to all. I have a program which is using some form of packer. I am new so trying and exploring the possibilities. manually finding OEP and ollydump always gave me segmentation fault during reanalysis of dump file, so not doing it correctly, i guess. I tried few automatic tools as well but not able to know what type of protection it is. Help ?
Can somebody point me to know what is the packer i am dealing with and is it possible to unpack it using the generic method of manual dumping and rebuilding imports.
The file is here.
http://www.megaupload.com/?d=7IA4DYWE

Suggestions always opens new doors of possibilities....
Reply With Quote
  #2  
Old 10-31-2010, 03:37 PM
ac!d ac!d is offline
Member
 
Join Date: Sep 2010
Posts: 25
Default

Protection ID scan:

Scanning -> .\3dcontrol.dll
File Type : 64-Bit Dll (Subsystem : Win GUI / 2), Size : 2125824 (0207000h) Byte(s)
[!] Warning : File is 64 Bit, this os is NOT
[File Heuristics] -> Flag : 00000000000001001100000000000000 (0x0004C000)
[!] LiCENSE - FlexNET v11.7 protected !
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
- Scan Took : 0.156 Second(s) [00000009Ch tick(s)]
Reply With Quote
  #3  
Old 11-01-2010, 06:28 AM
gdpforion gdpforion is offline
Member
 
Join Date: Oct 2010
Posts: 9
Default

Thanks ac!d,
Appreciate your response. Yes it is Flexnet licnse appli. But unfortunately i was not able to locate the lc_checkout function. My first doubt goes, is it packed with something. I tried unpacking but invalid.
I am trying to work on it, as it is, but not have enough knowledge about unpacking.
------------------------------------------------------------------------
Note : Thanks Everybody. Target defeated using lc_ckeckout true return.

Last edited by gdpforion : 11-02-2010 at 02:25 PM. Reason: Update and Finished
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.