首页
社区
课程
招聘
[转帖]Unpacking VMProtect 2.0 VMProtect 1.7 - 2.0 OEP & Unpack Helper 1.2
发表于: 2009-12-3 17:15 10844

[转帖]Unpacking VMProtect 2.0 VMProtect 1.7 - 2.0 OEP & Unpack Helper 1.2

2009-12-3 17:15
10844
Unpacking VMProtect 2.0 VMProtect 1.7 - 2.0 OEP & Unpack Helper 1.2

FROM:SND by  LCF-AT

Hello,

as I promised here comes the next movie tutorial and a updated script which now also supports VMProtect 2.0.As always you can see in the movie how to use it correctly.My unpack target which I have selected was the VMProtect 2.0 Ultimate itself [Demo] version.I also declare you how to rebuild the OEP in this target.Moreover you will see a second show movie about the VMProtect 2.0.1.2 itself which I also unpacked.This version has some more features than the Ultimate version.

So I fixed also some small bugs in the script and added some more functions.So read all messages which you get with attention before you press a button.For VMP 1.8 - 2.0 you can choose the API TRACER to get all needed addresses,dwords,api´s,module infos into a new file.The trace proccess can take a longer time if you work with a low system so for this problem I have added the possibility that you can always cancel the current proccess.Just stop the script if you want......if you then restart Olly and the script then it will work further from the last stop.

Some words to the "PE Header Fixing".This you will need for example for the VMProtect 2.0.1.2 itself so till now it was the only target which I have found which used this protection but I added the fix function also now in the new script.Just use it if you need it.It can also prevent some "File corrupted!...." messages.If you get still this message after fixing the PE then your target can also use some CRC checks.

I also wrote a small script for you to get some PE / IAT infos at a glance.I also added some OEP exsamples how it can look in your target which you want to unpack so you can see all infos after using in the Olly LOG window.

Let me know if something is not working or goes wrong to figure out the problem.


http://forum.tuts4you.com/index.php?showtopic=21803&pid=104789&st=0?entry104789

[招生]系统0day安全班,企业级设备固件漏洞挖掘,Linux平台漏洞挖掘!

上传的附件:
收藏
免费 1
支持
分享
最新回复 (19)
雪    币: 1657
活跃值: (291)
能力值: ( LV9,RANK:610 )
在线值:
发帖
回帖
粉丝
2
支持林大....
2009-12-3 19:44
0
雪    币: 161
活跃值: (261)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
猛殼.
下載試試.
2009-12-4 09:47
0
雪    币: 12533
活跃值: (5283)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
4

多谢大牛地分享呢
2010-1-30 09:03
0
雪    币: 12533
活跃值: (5283)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5

有点不会用
2010-1-30 16:43
0
雪    币: 5734
活跃值: (1737)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
6
Very good!
2010-2-2 15:07
0
雪    币: 87
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
7
多谢楼主分享。
2010-3-4 23:11
0
雪    币: 211
活跃值: (152)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
8
How to use?
2010-4-1 17:58
0
雪    币: 389
活跃值: (13)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
9
多谢分享,收藏了
2010-4-15 02:01
0
雪    币: 238
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
10
多谢分享,下载研究一下!
2010-4-15 10:00
0
雪    币: 212
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
11
太强大,不敢碰!做个记号吧!
2010-4-23 15:41
0
雪    币: 12282
活跃值: (3961)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
12
从其他论坛跟过来的
林老师发的东西常有精品:)
2010-4-23 20:39
0
雪    币: 101
活跃值: (97)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
13
林老师发的东西常有精品
2010-5-12 09:19
0
雪    币: 11
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
14
怎么是英文说明啊 看不懂
2010-5-13 15:52
0
雪    币: 37
活跃值: (112)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
15
呵呵有高人说下使用方法吗???
2010-5-13 20:41
0
雪    币: 201
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
16
谢谢你的分享
2010-6-15 20:37
0
雪    币: 182
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
17
要是有教程就好了。
2010-6-16 02:54
0
雪    币: 93
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
18
使用方法能不能详细点,我等E文好差或
2010-6-17 08:06
0
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
19
非常感谢,学习
2010-8-7 22:51
0
雪    币: 22
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
20
多谢...  8888
2010-9-21 00:15
0
游客
登录 | 注册 方可回帖
返回
//