Where can i find paper about unpacking Obsidium?

[softworm]

I searched on google and found nothing detailed,
and i can understand only English.

Regards.

This isn't an easy Target (well never seen tutors )
look at:
stolen bytes on OEP
int3 check's
redirect api
SEH
CC check on API address
check cc after the API call in code
steal bytes on API start & jump to next line in API
jump to API with a ret (funny tricks with stack)

and so on
Hope this help you

[softworm]

I have one paper written in Chinese by my friend fly,
and wish to find something more detailed. It's said a cracker
named ZILOT wrote something interesting but i didn't find it.

Maybe I'll write one when i unpack the unpackMe. Somebody
said it's not difficult but it's hard to me.

Thank you!

hi softworm,
you may meet Zilot here :
w��w.woodmann.net/forum/showthread.php?t=4853
rheya

[pps44]

any chance for new version of unpack obsidium? thanks

[deepzero]

Did you just resurrect a 14 year old thread to spam it?

[pps44]

Quote:

Originally Posted by deepzero

Did you just resurrect a 14 year old thread to spam it?

i not spam it,I only asked a question because obsidium has changed since then "14" years
and i need some help for unpack the new version
It is not forbidden I believe?

[chants]

I don't know why this thread resurrected, but as you might want to look into:

Quote:

Obsidium v1.6.1.9_x32 NONAG by yoza

Quote:

http://distro.crack.vc/index.php?dir=RceTools/Packers/&file=Obsidium.v1.6.1.9_x32.NONAG.by.yoza%5BUpK%5D.rar