#1
|
|||
|
|||
need help unpacking ASProtect
I am having problems unpacking a program again. The program that is protected which I am trying to unpack is aatools. AATools v5.92 Build 1610
homepage http://www.glocksoft.com/aatools.htm The protector it uses is ASProtect, but the problem is I am not sure which version. I used PEiD and then based on what it told me, I went looking for a MUP tut or an auto unpacker. I spent a while playing around and following different guides. After messing around for a while I tried using the older version of PEiD just to make sure it is really ASProtect, but when I checked it, it was recognised as a different version. So I checked it with some other tools aswell and this is what I saw Quote:
The closest I have got is using a guide written in vietnamese. I can't remember where I got this guide originally. It might have even been from this forum, but I will upload it to this thread so that if anybody can help me, they don't have to go looking for it. -------------------------- I think I explained enough so far to let you know my situation, I'll tell you where I currently am. I open AATools in Olly with the 2 plugins and scripts in the same directory as Olly. I also have my exceptions configured like they are configured in the picture. I run the IAT fixer script and when that is finished and it tells me the import tables are fixed, I click ALT + M and then set a breakpoint on memory access on the line underneath "PE Header", I press F9 and dump the file. (little note, you need to run the IAT fixing script with odbgscript not ollyscript, otherwise it will give an error about BPHWCALL) I open the file in ImpREC and then click IAT autosearch, then get imports, it finds that most of them are correct, but 2 are wrong. so I choose "Show Invalid" and on the invalid thunks I right click and choose "Plugin Tracers" -> "ASPR2" which is the ASPR2 plugin that comes with the tutorial. it says they are fixed but when I click fix dump and it saves the file, I run the file and the file doesn't work :P So I don't know what to do, or what I am doing wrong Please help me, if you want any more information just ask. Last edited by Fade; 10-11-2006 at 06:18. |
#2
|
||||
|
||||
Use VerA plugin for PEiD to detect exact ASProtect version.
You can download it in my post: ASProtect Version Detection Direct link to archive: VerA v0.15.rar Last edited by Jupiter; 10-11-2006 at 23:13. |
#3
|
|||
|
|||
That tutorial I said I didn't know where it came from, well it came from here http://www.exetools.com/forum/showthread.php?t=9624
Jupiter thank you for the reply, I tried that program and it gave me this. Version: ASProtect 2.xx (may be 2.11) Registered [1] There are a lot of guides for the different versions, I think ASProtect 2.xx (IAT Rebuilding + Stolen Code) will work, I got it from http://www.tuts4you.com/blogs/download.php?view.279 , well the first few parts is working like it says in the tutorial, but then I get lost. Also there are a lot of scripts that come with it, which I don't know what to do with yet, they haven't said I need to use them, so maybe it covers that later. I get to Quote:
Quote:
|
#4
|
||||
|
||||
Did you check this tut --> http://forum.exetools.com/showthread.php?t=9912 ...
you may download it at tutorials.accessroot.com
__________________
http://accessroot.com |
#5
|
|||
|
|||
ASProtect V2.X Registered -> Alexey Solodovnikov *
Pls help
I don not know what's the real version of ASProtect When I used Exeinfo PE v0.0.2.2 I'm getting ASprotect ver 2.1 / 2.^ ( www.aspack.com/asprotect.htm ) but by using DiE6.4 I'm getting : ASProtect V2.X Registered -> Alexey Solodovnikov * and by PEiD 0.95 I'm getting : ASProtect 1.33 - 2.1 Registered -> Alexey Solodovnikov How I can know the exact version. Pls help. |
#6
|
||||
|
||||
ASPrINFO
ASPrINFO v 1.6 Beta
100% detector version of ASProtect > v1.23 © nik0g0r 2oo7
__________________
EnJoy! |
The Following 2 Users Say Thank You to Jupiter For This Useful Post: | ||
semthex (11-18-2019), WorldCrackersUnited (08-02-2015) |
#7
|
|||
|
|||
Read rules - this and this
If you need ASprotect version detectors - here they are... ASPrINFO 1.6 beta VerA 2.03 Last edited by XQuader; 05-23-2011 at 14:57. |
#8
|
||||
|
||||
It's a useful tool but i have one requirement...
Quote:
Thank you! |
#9
|
||||
|
||||
there`s also one from PE KIll, i think.
afaik the readme just states it should work on all1.x/2.x versions except for aspro itself. (btw, this thread is from 2006/09...) |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
ASProtect SKE unpacking | TempoMat | General Discussion | 10 | 08-24-2016 17:48 |
Unpacking asprotect | britedream | General Discussion | 7 | 09-01-2004 01:46 |