#1
|
|||
|
|||
[Help] Armadillo 9.66 dumping target with splices - [Now Working]
Hi there,
This is my first post here, forgive me if something is horribly wrong please OK, here we go, it's an armadillo 9.66 protected target and I have unpacked the previous version of this target, which was last week, but it didn't came with the splices on. So that was rather easy to come by. Now that the splices are on, I find it quite hard to get through and needs a gentle nudge towards the right direction now. Please follow this video so you could see what I have done so far. As Promised the Videos are here, Quote:
May be I bite something a bit more than a newbie like me could chew. Please let me know of your valuable comments. [Update1] Use the "Armadillo_CodeSplicing.exe" tool in AKT as suggested by Mr. Exodia. It worked wonders.. Mr. SmilingWolf is a kind, cool person and a great guy.. he was the first one to help me with this protection.. [Update2] I've managed to do it manually cool huh?. [Issues] Got some issues guys. Stupid Dump fails on different PC(I mean the VM), now it fails in my PC too after restart. So Suggestions guys. I think its because I put the splice in BSS section, stupid me. but other sections don't have enough space what am I supposed to do then. >>>While you guys where enjoying your silence I was really struggling with my limited ability from my sickbed, then Mr.Haggar Happened. God<<< [Update3] Guys I just Fixed that loading issue on restart right now. Notes: It has been a real challenge and a very demanding journey till now. Really learned how much I have to learn. Found some great guys (I mean Mr. Exodia and Mr. SmilingWolf commented on my post how awesome is that). I am sick and tired so now am gonna take some time and make a video(so all links 've got to go down for a while ) to share my attempts. Oh my God, Awesomeee.. Respects, Ben Last edited by Benten; 10-22-2017 at 23:02. |
#2
|
|||
|
|||
Download Armadillo Key Tool v0.4 (https://github.com/mrexodia/akt/releases/tag/v0.4) and launch Armadillo_CodeSplicing.exe
You can use this to move the code splices to another section (I recommend .pdata, usually the second-last section). |
#4
|
|||
|
|||
Yeah that is if you want corrupt code +1 (SmilingWolf made a fixed version though).
|
#5
|
|||
|
|||
Either way it has source code to play with..
|
#8
|
|||
|
|||
Target Unpacked
Mr. Exodia is awesome. I am a big fan of yours.
Every word you said is true... Arminline works only in windows 7 and the code gets corrupted. Also it doesn't work in Win 10. (No offense please Mr. Admiral) Armadillo_CodeSplicing.exe from AKT works fine. Awesomeeee Now its unpacked.. all good ExeTools dosen't load properly in my country that's why the comments got delayed.. Now am in vodafone n/w Last edited by Benten; 10-10-2017 at 19:06. |
#9
|
||||
|
||||
For next time you could always try Armageddon van ARTeam. (just search this forum)
Great tool and easy to use :-) |
#10
|
|||
|
|||
Thanks for the suggestion, but Armag3ddon V2.2 fails at this target. And I am doing it for learning so using tools to the minimum is what I preffer. Idea is to do it manually and learn.
Last edited by Benten; 10-12-2017 at 00:44. |
The Following User Gave Reputation+1 to Benten For This Useful Post: | ||
DCA (10-13-2017) |
Tags |
armadillo, armadillo unpacking, splices |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Dumping Armadillo protected DLL? | FEARHQ | General Discussion | 10 | 02-09-2005 11:08 |
Dumping Armadillo 3.0-3.6 without CopyMem II | chaboyd | General Discussion | 17 | 11-21-2004 06:20 |
Dumping | sfld | General Discussion | 2 | 03-20-2004 23:56 |