Quote:
Originally Posted by Benten
May be locked features are crashing the dump
|
That's not how Secure Sections work. If the program works in trial mode but not once unpacked something got messed up in the process. Most likely it's the splices that haven't been fixed correctly. You can try to simply redirect them to the .pdata section instead of resolving/fixing them. Less likely it's because of some CALL or JMP to imports that for one reason or the other didn't make it into the final dump.
Quote:
Originally Posted by Benten
I can't do brute forcing, we don't have any PC that good around the Coffee shop.
|
Code:
Global Information:
TimeStamp : 522B6164
First DWORD : BEB12B6C
Project ID : EZ CD Audio Converter 5
Website : http://www.poikosoft.com/buy.html
Magic1 : A99D3A69
Magic2 : 185F
Salt : DDFD006F
Crypt Seed : 3D1F87D1 (0xE, 0xF, 0x4, 0x4)
Public Certificate Information:
Short V3 Level 10:
Chk : 2C0F3520
Sym : 2B7D0D69
BaseP : 438743756 (Size=4F, Diff=2F67, MD5=32F5621D)
Pub.X : 5166803264428898532848136302152315
Pub.Y : 5885292780640973861494979822117782
Short V3 Level 10:
Chk : F4A58BED
Sym : D25882FE
BaseP : 2707316665 (Size=50, Diff=2FBC, MD5=EB410984)
Pub.X : 9572786991591576323293497288923141
Pub.Y : 7813891883224157983281644193935444
Short V3 Level 10:
Chk : D310A5F2
Sym : F9B0ABB5
BaseP : 3073286976 (Size=50, Diff=3012, MD5=5DD8378B)
Pub.X : 8853314056135967505699477416912929
Pub.Y : 2273504409043285102220298435426270
Short V3 Level 10:
Chk : 76B6BB27
Sym : AA65E8AC
BaseP : 3279749701 (Size=4F, Diff=3068, MD5=81777B0F)
Pub.X : 3277174474704060691137745527117117
Pub.Y : 308731733377103543808919722499418
Intercepted Libraries:
-*
GIV's script v0.1
can be found on tuts4you just like *shameless plug* my
Armadillo Factotum script. Never ask anyone but the original poster to mirror an attachment. It's against the rules.
10-31-2017, 21:49
Hybrid Mode
