#1
|
|||
|
|||
SVKP 1.3x - Download Accelerator plus v7.5
Hi folks,
Im currently having a play with unpacking SVKP. The unpackme's are easily solved, and so are a few other apps. But this app puzzles me... The stolen bytes seem to be some kind of psuedo code, nearly 600 lines worth. So I added the Virtual Allocated section to the dump and diverted the EP. But it then becomes machine specific because of the emulated api. Begin Stolen Bytes: 0052D1E4 End Stolen Bytes: 0052D24E I have resolved these pointers: 0 00152180 ? 0000 00F79B75 > 1 00152180 kernel32.dll 01DB GetVersion 0 00152184 ? 0000 00F7AB8B > 1 00152184 kernel32.dll 01DC GetVersionExA 0 00152188 ? 0000 00F6AE6C > 1 00152188 kernel32.dll 0176 GetModuleHandleA 0 00152268 ? 0000 00F69E56 > 1 00152268 kernel32.dll 013C GetCurrentProcess 0 001534E4 ? 0000 00F7BC35 > 1 001534E4 user32.dll 01DD MessageBoxA Could someone confirm if these are correct? But still have these left: 0 0015332C ? 0000 00F764E6 0 00153330 ? 0000 00F78B53 0 00153334 ? 0000 00F71E99 0 00153670 ? 0000 00401000 Any help on this matter would be greatly appreiciated. (Also anyhelp on cracking it, the whole reg routine hinges on one byte @ 005C3FAC, but sometimes it wants it to be 0 sometimes it wants it to be 1!, makes no sense!) |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
svkp | infern0 | General Discussion | 3 | 06-05-2011 18:34 |
The new svkp 143 | britedream | General Discussion | 3 | 09-19-2004 22:22 |