Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-23-2004, 16:32
rootra
 
Posts: n/a
Cool How to unpack DOS program working in protected mode?

Hello, I've got a problem with unpacking a program running in protected mode. I have no experience with such DOS programs, and don't know what debugger and dumper to use.
File analyze showed that the program was packed by LZEXE 1.0, but unpackers couldn't unpack it correctly. File size even decreased from 210kb to 10kb.

So what you suggest me to do?
Reply With Quote
  #2  
Old 03-24-2004, 02:01
least
 
Posts: n/a
Hi,
you say the program is running in protected mode. Does it mean that the unpacking isdone in PM too? If this is the case then I think you are in trouble. If not, try CUP386 it can unpack almost any packer, or try tr2.52 (both can be found on www.exetools.com, on the top of the page, under unpackers and debuggers). If all fails, you'll have to do it manualy, probably by dumping in softice and then rebuilding the whole exe (god save you
Good luck,
least
Reply With Quote
  #3  
Old 04-22-2004, 21:34
ladidi
 
Posts: n/a
Run it in a VDM

You can lauch it in a VDM under wind*ws and dump it.
Try with WinHex oy SIce.
Best regards.
Reply With Quote
  #4  
Old 04-23-2004, 23:42
JMI JMI is offline
Leader
 
Join Date: Jan 2002
Posts: 1,627
Rept. Given: 5
Rept. Rcvd 199 Times in 99 Posts
Thanks Given: 0
Thanks Rcvd at 96 Times in 94 Posts
JMI Reputation: 100-199 JMI Reputation: 100-199
This did not start out as a "Tutorial" and does not belong in that Forum, so I've moved it here.

Regards,
__________________
JMI
Reply With Quote
  #5  
Old 04-24-2004, 14:40
zuoquan
 
Posts: n/a
A DOS program working in protected mode?

What is a DOS program working in protected mode?
A, a program started in real mode, then make the machine into protected mode and then work
or
B, a DOS-Extend program generated by DOS/4GW or other SDKs

if B, the program file structure is much like NE or PE format. It has a stub running in real mode and real codes running in protected mode. The stub often search for the DOS-Extend program such as dos4gw.exe, the DOS/4GW Protected Mode Run-time, load it, and instruct it to load your program to execute.
Reply With Quote
  #6  
Old 04-28-2004, 17:02
peterchen
 
Posts: n/a
no body sharing dos cracking-art tuts now?

who can manual upacking for dos?
Reply With Quote
  #7  
Old 05-22-2004, 06:09
freddy2002
 
Posts: n/a
??? me confused ???
last time i did something on dos was MDK (the dos game (long ago))
installed softice on W9X, replaced explorer.exe with command.com
in system.ini, fire up the game and cracked the cd protection
Reply With Quote
  #8  
Old 05-24-2004, 17:28
redbull redbull is offline
Friend
 
Join Date: Mar 2004
Posts: 160
Rept. Given: 17
Rept. Rcvd 5 Times in 4 Posts
Thanks Given: 3
Thanks Rcvd at 6 Times in 6 Posts
redbull Reputation: 5
hmmm ..... Amazing how you can take it for granted that there are people out there who have had no DOS experience.

LZExe is a very easy tool to unpack ...

Snow Panthers "Unpack" should be able to handle this with no problem.

hxxp://reversing.kulichki.com/files/unpack/unpack23.rar

If you want to manually unpack this file use TR.EXE (Tracer 2.01 and above)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trace new hasp protected program Elickson General Discussion 2 09-05-2005 09:05


All times are GMT +8. The time now is 23:37.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )