Request for EZCD x86 unpack Tutorial

[Benten]

Hi there,

I just realized that everything I've done, the videos and stuff, everything we get as "Tutorials" are just Fucking nonsense and full of shit. I thought I was doing something but all I did was a mistake. I am sorry for being at the wrong place.

I don't know if some one's already working on this target, or would ever work on it. But I would let you guys know there is no good tut on IAT elimination, or at least I didn't find one.

Oh the GIV Target and Script, its just Minimal protection no IT Elimination. When it comes to real stuff even Mr.Exodia seems confused (Oh no Offense please). He just said it himself (not just @3Mins, 38th Sec of this video), watch this old tut.

Quote:

Originally Posted by Mr.Exodia

Mr.Exodia on Armadillo 7 Target(CopyMem II, Import Elimination and Code Splicing)
(Password: tuts4you)

But this set back is not going to put me down, I will continue learning and do what ever I can no matter how small or worthless it may seem. And before you guys say something just read this attachment, and then take a look at the tutorials we get you will understand what is it all about.

Highest Regards,
Ben

[TechLord]

Quote:

Originally Posted by Benten

Hi there,

I just realized that everything I've done, the videos and stuff, everything we get as "Tutorials" are just Fucking nonsense and full of shit. I thought I was doing something but all I did was a mistake. I am sorry for being at the wrong place.

I don't know if some one's already working on this target, or would ever work on it. But I would let you guys know there is no good tut on IAT elimination, or at least I didn't find one.

Oh the GIV Target and Script, its just Minimal protection no IT Elimination. When it comes to real stuff even Mr.Exodia seems confused (Oh no Offense please). He just said it himself (not just @3Mins, 38th Sec of this video), watch this old tut.

But this set back is not going to put me down, I will continue learning and do what ever I can no matter how small or worthless it may seem. And before you guys say something just read this attachment, and then take a look at the tutorials we get you will understand what is it all about.

Highest Regards,
Ben

Hi Ben,
I'd worked on the v7.x of the target earlier last week when you requested the tut, as I had difficulty downloading your "old" version.

The protection is identical in the newer version as well (same Import Elimination etc).

I happen to have screenshot with me at this time. Earlier, I'd though that I should make a tut and post it rather than the screenshot.

But I see that you are a bit disappointed.

So allow me to post the screenshot first :

Code:

https://s1.postimg.org/7cjg8x2kcv/screenshot2.jpg

Getting the "Eliminated" or "Scrambled" imports back together into one place is not exactly rocket science

However making a GOOD tutorial takes a considerable amount of time (at least 6-8 hours or more, believe me).
And once something is posted on the internet (like a tut for example), it more or less stays forever. That is why I make it a point to ensure that I post a tut ONLY when I make it proper.

As far the technique is concerned, you need to use UIF to get the imports all into one place and then ensure that this new IAT is referenced from your program in future. Needs manual patching in a few places.

And generally, I am not too comfortable with creating and posting tuts using commercial apps as a target unless by doing so, it illustrates a very good point, and rather prefer CRACKMEs for demonstrating the same (regardless of whether the app has already been cracked earlier or not) ...

So hopefully in the near future, I will post a tutorial using a crackme as the target with the same protection (IAT Elim etc) to illustrate the manual unpack ...

Cheers

P.S : Now that I have shown that it CAN indeed be done, I am sure that you can do it within a couple of days if you are persistent