Quote:
Originally Posted by wilson bibe
e.reverse is this: learn,learn,learn...brain,brain,brain....and patience.
|
I will add here the term "and rehearsal".
Quote:
Originally Posted by Benten
From the bottom of my heart, I am not interested in cracking some software. I am interested in learning the real thing like in the PDF, that's it.
|
Just watch my commands in the unpack script and you will know when, why and what you must do to unpack a Armadillo file. And is there the IAT elimination feature present. IAT scrambling is import redirection - imports are in the import table but they are redirected and their names are not visible and you need to reconstruct their names - and IAT elimination is that imports table is scattered all over the file and you need to gather and put in one place. Just step command by command and you will see the magic reveal. You do not need any tutorial when a script is available. Just trace command by command and you will see live the things happening. Then you will conclude by yourself. All protectors do the same thing. Encapsulate the protected file into their own shell and try to fool the debugger by hiding the OEP and parts of the code or redirect or rebase some imports or resources. Just the method is different on each protector.