Hello for all This tutorial, it's only for share knowledge, the target it's called mecawind.exe. _http://rghost.net/44090837 password:EXETOOLS FORUM All the information about this file you will find in the "tutorial about net assembly.doc" Regards
After a while, I’ve decided to write about something interesting which I’ve found while unpacking one protection, and it will be also nice introduction to one of my tools which I have wrote for fun of it. However, I won’t mention application name here, but to demonstrate checksum check which I have found I will be using one test application, thus you will get idea what happened, and how checksum is defeated. I will also introduce one tool I wrote, which served me well in this particular case. Tool should come with this document, thus I won’t describe tool, and it’s internals as source code should be well commented.
Today I release a new created video and text tutorial with a new script. This time everything turns around ExeCryptor. It was not my intention and also unplanned to create a EC tutorial and script but the reason why I did it now was our member "antrobs" had trouble with EC for a very long time, so I just started and now I am finished.
Note 1: For all of you who are interested in how to handle EC manually they can check out the long "ExeCryptor Manually Unpack Tutorial" first. There you can see all the steps from A-Z about OEP | IAT | DUMPING | Problem find check & fix - all manually. The tutorial is very long and includes seven longer videos. Most of them are created in realtime with much tracings so it's no tutorial where I explain every single frame with text! The important parts can be read in the different created text files so it's no "newbie friendly" tutorial so keep this in your mind if you are a newbie or if you have no idea, you should have already some RCE prerequisites so that you can follow and understand my steps.
Note 2: For all other lazy guys they can watch the script video and can use the script to unpack EC targets after watching it.
Note 3: So I know there is already a great EC unpacker tool by RSI which you can use to get your EC files unpacked for most cases and the script is just an alternative which you can use if the EC unpacker tool failed or if you need some more detailed information about your target etc.
Like the name already says it's a "basic" version so also if you use it you will have to do some little steps manually like CRC's & Ret patchings but no fear so all informations and addresses will be created in an extra LogFile of each target, you just need to change some bytes later that's all and no big deal of course. In the single script video you can see three unpack - fix - other OS check examples, watch it once then you will know what your part is.