| Сейчас на форуме: (+7 невидимых) |
 |
eXeL@B —› Протекторы —› ObsidiumUnpacker by winndy |
| Посл.ответ | Сообщение |
|
|
Создано: 01 декабря 2009 12:19 · Личное сообщение · #1 ObsidiumUnpacker by winndy winndywinndy This quote was last edited by winndy on 2009-11-28 20:43 www.unpack.cn/viewthread.php?tid=42938 ObsidiumUnpacker winndy CNwinndy@hotmail.com The unpacker is not fully tested. Any bugs or feedbacks ,please contact me. Use at your own risk! 1 Usage Long option Short option Comment --unpack -f The full path name of the target --injectdll -i The full path name of the dll to be injected when stop at OEP --funcname -n The function name to be called of the injected dll.The default name is DoJob.int DoJob(void* pData)The pData points to a structure.The first DWORD is the ImageBase of the target.The second DWORD is the ImageSize of the target.The third DWORD is the PID of the target. --patch_registered Patch sdk function ‘isRegistered’ return true.Sometimes,this will cause error. --DONT_PARSE_STOLEN Do not clear the junk code in the raw stolen code.If the unpacker is hang up, try to use this option. --BE_QUIET Don’t ask the user when unpacking is done. --help -h Print usage. SDK fix is not supported yet. 2 Example 2.1 The simple example ObsidiumUnpacker.exe --unpack=c:\testob.exe Or ObsidiumUnpacker.exe -f c:\testob.exe 2.2 Use ObsidiumUnpacker as a loader, and inject a dll to crack it. ObsidiumUnpacker.exe --unpack=c:\obsidium.exe --injectdll=c:\InjectToObsidium.dll Or ObsidiumUnpacker.exe -f c:\obsidium.exe –i =c:\InjectToObsidium.dll This will load the obsidium.exe and inject dll to crack it. ObsidiumUnpacker.exe --unpack=c:\obsidium.exe --injectdll=c:\InjectToObsidium.dll --patch_registered Or ObsidiumUnpacker.exe -f c:\obsidium.exe –i =c:\InjectToObsidium.dll --patch_registered This will load the obsidium.exe and inject dll to crack it,and it will show “registered”.But this probably cause error.For obsidium v1.3.6.4 it will cause error. If you have a customized function name,you can use like this: ObsidiumUnpacker.exe -f c:\obsidium.exe -i =c:\InjectToObsidium.dll --funcname=YOURFUNCTION 2.3 be quiet option ObsidiumUnpacker.exe --unpack=c:\testob.exe --BE_QUIET Or ObsidiumUnpacker.exe -f c:\testob.exe --BE_QUIET This will cause the unpacker exit after it finishes its work. 3 History 2009.11.28 V 0.1 beta Supported Obsidium version: V1.3.5.7 V1.3.6.0 V1.3.6.1 V1.3.6.3 V1.3.6.4 SDK is not supported yet. OS: WinXP SP3, Vista, other OS is not tested. 4 Bugs and Test If you got bugs,please contact me. The target size is limited to below 3M. And the target must not be commercial software. If the target is dll, you should also provide the exe associated with the dll. And you must provide both the original file and the packed file. The name of the packed file has the suffix of the version number of Obsidum and the OS. For example,If the exe is aaa.exe,the and the obsidium is v1.3.6.4, the OS is XPSP3,the packed file name will be aaa_Ob1364_XP_SP3.exe. And I don’t guarantee all the bugs will be fixed.Sorry. 5 Greetings Reserved. If you find some bugs, your name probably will be here. J  |
|
|
Создано: 01 декабря 2009 12:21 · Личное сообщение · #2 sorry. Now, It need UB to download . I'll put it public soon. |
|
|
Создано: 01 декабря 2009 12:43 · Личное сообщение · #3 The latest version of the Obsidium started to use VM already in the loader. This version of the old. View course it would be interesting but for less money. Although it is possible anyone else is interested. |
|
|
Создано: 01 декабря 2009 13:09 · Личное сообщение · #4 Yes. From v1.4.0 , there is VM in it. |
|
|
Создано: 02 декабря 2009 01:06 · Личное сообщение · #5 rapidshare.de/files/48772264/tmp.zip.html - кроме ...test... |
|
|
Создано: 02 декабря 2009 01:54 · Личное сообщение · #6 pavka У нас для протов подфрум есть.  Под софт/варез только что не относится к протам.
|
|
eXeL@B —› Протекторы —› ObsidiumUnpacker by winndy |
Для печати