Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-16-2004, 00:23
ferrari
 
Posts: n/a
ASProtect-1.23 RC4 - 1.3.08.24

I got this software-->Innovative System Optimizer Version 2.6 (latest version 2.7)
Download: fxp://fxp.download.com/pub/ppd/10248215-10259907/SystemOptimizer2.exe

I run the packed program and get a NAG screen showing the time limit and registration key box.
PEiD scan: ASProtect 1.23 RC4 - 1.3.08.24 -> Alexey Solodovnikov

I was able to unpack the program. Since i m new to unpacking ASPR i might have done something wrong. Here are the details.

Last exception: 00FA39EC
Dumped the process at: 00406F99
IAT-LOG: Included in attached rar.

Stolen Bytes:
0069E33D > $ 55 PUSH EBP
0069E33E . 8BEC MOV EBP,ESP
0069E340 . 83C4 F0 ADD ESP,-10
0069E343 . B8 4CDD6900 MOV EAX,dump_.0069DD4C

Okay, now when i run the unpacked program i still get the NAG screen. Now when i advance the system time and run the original program, obviously it expires but the unpacked program doesn't expires and runs normal
But a very strange problem. When i reset the sys time and run the unpacked program the GUI gets corrupted, but again if i forward the system time it's back to normal GUI and vice-versa.
Why is it so??? I have included the screenshots in the attached rar.
Attached Files
File Type: rar opt-iat.rar (42.8 KB, 35 views)

Last edited by ferrari; 03-16-2004 at 00:25.
Reply With Quote
  #2  
Old 03-16-2004, 01:14
britedream britedream is offline
Friend
 
Join Date: Jun 2002
Posts: 436
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 7 Times in 7 Posts
britedream Reputation: 0
I think your stolen should start at one byte earlier, and there is push ebx before moving value to eax
Reply With Quote
  #3  
Old 03-16-2004, 01:26
ferrari
 
Posts: n/a
Quote:
Originally posted by britedream
I think your stolen should start at one byte earlier, and there is push ebx before moving value to eax
Yes i know that britedream. I mean i got the same stolen bytes u got . But just experimented with the ones posted above. The program runs without any errors. Why??
Reply With Quote
  #4  
Old 03-16-2004, 01:28
_Servil_ _Servil_ is offline
VIP
 
Join Date: Jan 2002
Posts: 171
Rept. Given: 57
Rept. Rcvd 12 Times in 2 Posts
Thanks Given: 78
Thanks Rcvd at 27 Times in 13 Posts
_Servil_ Reputation: 12
how do u determine stolen bytes?
__________________
_Servil_
SemtekSoft Corporation, Inc.
Reply With Quote
  #5  
Old 03-16-2004, 01:53
ferrari
 
Posts: n/a
Quote:
Originally posted by _Servil_
how do u determine stolen bytes?
Run Trace--> where EBP=ESP
Read R@dier's tut.
http://www.exetools.com/forum/showthread.php?s=&threadid=3594
Reply With Quote
  #6  
Old 03-16-2004, 01:58
britedream britedream is offline
Friend
 
Join Date: Jun 2002
Posts: 436
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 7 Times in 7 Posts
britedream Reputation: 0
To Ferrari

did you get my tut.
Reply With Quote
  #7  
Old 03-16-2004, 02:07
ferrari
 
Posts: n/a
Quote:
Originally posted by britedream
To Ferrari

did you get my tut.
Downloading started
Thanx alot
Reply With Quote
  #8  
Old 03-16-2004, 02:28
ferrari
 
Posts: n/a
Britedream:
May i get the link to the target plz.
Reply With Quote
  #9  
Old 03-16-2004, 02:35
britedream britedream is offline
Friend
 
Join Date: Jun 2002
Posts: 436
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 7 Times in 7 Posts
britedream Reputation: 0
_www.advsoft.info
Reply With Quote
  #10  
Old 03-17-2004, 01:22
ferrari
 
Posts: n/a
Ok britedream that was a good tut on stolen bytes
Problem solved...the app is running properly now...strange it didn't earlier with the same stolen bytes.
Anywayz thanks a ton
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
The new asprotect 1.31 britedream General Discussion 48 06-03-2004 17:12
Anyone can help me with this one?? ASProtect loman General Discussion 0 12-31-2003 16:37


All times are GMT +8. The time now is 18:28.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )