Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > File Unpacking
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 10-24-2006, 04:18 PM
betonesto betonesto is offline
Junior Member
 
Join Date: Oct 2006
Posts: 2
Default

Moderated to remove copyrighted attachment -- please respect the rules of this board!

I am hopping someone can help me unpack this Armadillo paked DLL. It uses a hardware Finger Print. Please Help....
I have a valid User Name & Key

Name: Bert
Key: 866D-4BC6-XXXX-9679-BB73-XXXX-XXXX-8B08-3F31-XXXX

Thanks In Advance..
Reply With Quote
  #2  
Old 10-25-2006, 04:39 PM
haggar haggar is offline
Member
 
Join Date: Aug 2005
Posts: 13
Default

Well, that shouldn't be too hard, but why would somebody waste time on that.

Here you have couple mine Armadillo tutorials - www.reversing.be
and here you have tutorial for unpacking armadillo protected DLL - arteam.accessroot.com


Since it is a DLL file, it cannot have DebugBlocker, CopyMem-II and Nanomites protection. It can have SplicedCode and IAT Elimination. That is not too hard. Armadillo uses

IsDebuggerPresent - to find debugger
OutputdebugStringA - to crush olly


Good luck.

Reply With Quote
  #3  
Old 10-26-2006, 12:40 PM
betonesto betonesto is offline
Junior Member
 
Join Date: Oct 2006
Posts: 2
Default

Hi. & Thanks
I gues what i want to do is Unpack this File So I can compare it to the original. I am a newbe to Unpacking & Decrypting. Thanks..





Well, that shouldn't be too hard, but why would somebody waste time on that.

Here you have couple mine Armadillo tutorials - www.reversing.be
and here you have tutorial for unpacking armadillo protected DLL - arteam.accessroot.com
Since it is a DLL file, it cannot have DebugBlocker, CopyMem-II and Nanomites protection. It can have SplicedCode and IAT Elimination. That is not too hard. Armadillo uses

IsDebuggerPresent - to find debugger
OutputdebugStringA - to crush olly
Good luck.
[snapback]1654[/snapback]
[/quote]
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.