View Single Post
  #2  
Old 11-29-2018, 03:46
Megin Megin is offline
Banned User
 
Join Date: Jul 2018
Posts: 31
Rept. Given: 0
Rept. Rcvd 4 Times in 4 Posts
Thanks Given: 79
Thanks Rcvd at 98 Times in 40 Posts
Megin Reputation: 4
Quote:
Originally Posted by Turkuaz View Post
Hello all,
I am trying to unpack a mobile forensics programme protected by themida/winlicence using Ollydbg with Themida - Winlicense Ultra Unpacker 1.4.txt script. Then I will write a loader for it.

It is Oxygen Forensic Detective v10.4.0.54, one of the leading mobile forensics app and its official site is http://www.oxygen-forensic.com/en/products/oxygen-forensic-detective

I saw on a forum that someone cracked it but he put HWID restriction on it using zprotect.

My aim is to learn to crack it, by doing so I will be able to crack next versions too. I hope.

I did setup a virtual machine w7 x32 with olly and unpack script. Everything looks fine. Script runs, no debugger detection or error/warning and the programme asks license but there is no dump dialog and no dumped file.

I must miss something or do something wrong. I tried every combinations of the script, the same result, no dump

I'd be very appreciated if anybody can guide me.

Thanks in advance.

Notes and files:
Protection ID says Themida x86 V 2.4 Build 6 (reserved 0) detected !
RDG Packer Detector says Themida/Winlicense 2.x
Installation failed under xp so I have to use w7

Script log -> https://mega.nz/#!obgWiQgY
Ollydbg log ->https://mega.nz/#!ZHRwUaJJ
Video of my trying ->https://mega.nz/#!BLYU2YQD
Setup file in case you want to try yourself ->https://mega.nz/#!IbR0VSAL or http://dosya.co/uu5j4p949d8o/OxyDetective_Setup_10.4.0.54.exe.html
You forgot the MEGA decryption keys...
Reply With Quote