About .Net Packing and Introduction

Hi,

First of all i will like to say thanks for accepting me as a part of the community. I should start the conversation by introducing my self. My name is Malik and a am from Pakistan and i am learning Reverse Engineering.

I had been a part of other communities but no one replies properly at most of them, but this looks a solid community.

As a question i would like to ask, how can one detect packing on a .Net software, How many packings are there.

If you can refer to a tutorial or anything i would be grateful, i have read almost all the tuts on tuts4you but they where of no use.

Regards

[Kurapica]

Sorry for the spam but this place could be useful

http://board.b-at-s.info/

all forums are one big family

good luck

[disauto]

@BackTangent
try this
http://pid.gamecopyworld.com/ProtectionID_v6.4.0.rar

[giv]

Quote:

Originally Posted by BackTangent

Hi,

As a question i would like to ask, how can one detect packing on a .Net software, How many packings are there.

Regards

Try Peid or RDG packer detector. They shows usefull information about the protection of the packed exe and the compiler also.

Quote:

Originally Posted by Kurapica

Sorry for the spam but this place could be useful

http://board.b-at-s.info/

all forums are one big family

good luck

I had been a member at your forum, and asked a question on this thread http://board.b-at-s.info/index.php?showtopic=8131 but it is still un answered.

Quote:

Originally Posted by giv

Try Peid or RDG packer detector. They shows usefull information about the protection of the packed exe and the compiler also.

I knew about pied and RDG packer but do not know about the packer information they show, like for an exe RDG shows using DLL. Now what i do not know is that what does it mean.

what my intent to post at the forum is to look for a detailed guide on types of packing and how to counter them.

Regards

[giv]

http://forum.exetools.com/showthread.php?t=13149&highlight=unpacking

[congviet]

BackTangent

You try DNid v0.12b & Dotnet ID 1.003 by RONGCHAUA.NET.
It is two tool for detect packing a .NET software.
I already attach they here:
DNID.zip

or
DNid v0.12b
hxtp://www.mediafire.com/?gtj38dm60ddcmma
Dotnet ID v1.003 by Rongchaua.net
hxtp://rongchaua.net/Web/Tool/DotNet Id.zip

My Question is not still answered. Let me rephrase my question. What i am asking is how to debug a specific packer scheme. you people are understanding i am asking about how to find a packer scheme, i know about it, there are tons of tool out there which can do that. What i do not know is how to tackle a specific scheme. There would be some documents which discuss specific packing schemes and how to crack them.

If you can help in that, i would be thankful .

[giv]

Check this link or this link or this.

[atomix]

Quote:

Originally Posted by BackTangent

My Question is not still answered. Let me rephrase my question. What i am asking is how to debug a specific packer scheme. you people are understanding i am asking about how to find a packer scheme, i know about it, there are tons of tool out there which can do that. What i do not know is how to tackle a specific scheme. There would be some documents which discuss specific packing schemes and how to crack them.

If you can help in that, i would be thankful .

AFAIK, there is no generic way to unpack/crack all types of protections. You need to detect first the packer (using suggestions above), then unpack the executable (manually or using special/generic tools available) and finally crack it (providing that there is any additional protection to the packer).

Perhaps it will help more if you provide more details on the protection scheme that you are trying to defeat.