Need help with Crunch/PE 3.0.0.x 4.0.0.x >Bitarts

Hello i have a question about this protection.
I have a proggie called Driver guide Toolkit that has this protection i have scanned with Stud-PE i couldn`t find a proggie for unpacking this protection.I have also searched here on the forum but i could not find a direct answer (mabye i overlooked it )

But can someone tell me how to unpack this proggie ,and for you info i am learning newbie guys so please not too difficult with explainning

Thanks in advance.

ysco.

Quote:

Originally posted by ysco
Hello i have a question about this protection.
I have a proggie called Driver guide Toolkit that has this protection i have scanned with Stud-PE i couldn`t find a proggie for unpacking this protection.I have also searched here on the forum but i could not find a direct answer (mabye i overlooked it )

But can someone tell me how to unpack this proggie ,and for you info i am learning newbie guys so please not too difficult with explainning

Thanks in advance.

ysco.

do you mean from here ---> hxxp://www.driverguidetoolkit.com/

Yep thats the site lonewolf55 have you any info about it ????

Thanks.

ysco.

Ok I just downed the progie "dgt.exe" and then I right clicked on it and selected "extract files" ... ... I have winrar installed on win 2K .... it extracted the files to the directory dgt..

then I used "installshield cabinet file viewer version 6.21" and this allows me to start inspection....

I have not gone any further than this yet

I have looked for that proggie you mention on google but couldn`t find a valid link.
Will also look if it is on ftp here.
But what does the proggie, can you also dissambler/debugger the exe file or can you only view the file ,because if that is the only thing then we still have the problem that it is packed .

ysco.

well I'm not sure the progie I used will help any at all, it was just something I used just to get a general look at the installation method and allow me to get an idea of how to approach reversing

this tool won't reverse or modify any exe file, just for partial inspection

I don't remember where I found it it says DL'ed from playtoys but I think not where I found..........

anyway I do not see it here so I will atatch....

scanned no bugs found ----->

next thing you might wish to do is de-compile the "setup.inx" script file

find a progie called "sid.zip"

quote from readme:

[sid] - installshield 6/7 script decompiler
v1.0 written by sn00pee

introduction
------------
sid is designed to decompile installshield .inx scripts created with
installshield 6 or 7. additionally it allows the user to take a few
changes to the code and patch the script.

END quote

I found this file at protools.com

Thanks for the help buddy will try it again

Hmm i have checked it just right now and if i look at the setup.inx and try too load it with sid then it says ((no valid installshield 6 file))

Do i something wrong ????

ysco.

[Jay]

ysco,
check your pm, the dll's in the cab file can be extracted with winrar or am I missing something?.

well, I hope it helps, it may not be the correct way to reverse this progie but I'm sure it can be done this way....

being I'm a stubborn old goat, I like to attack the setup methods first before I try to un-fuuk the installed apps lol

if anyone else have ideas please post, I'm learning too

Quote:

Originally posted by Jay
ysco,
check your pm, the dll's in the cab file can be extracted with winrar or am I missing something?.

was no mention of extracting dll's from cab file with winrar

[Jay]

I'm not sure what it is you are trying to with script decompilers, the exe is packed with crunch, as far as I can see that is what ysco wanted to unpack.

Quote:

Originally posted by Jay
I'm not sure what it is you are trying to with script decompilers, the exe is packed with crunch, as far as I can see that is what ysco wanted to unpack.

what I was looking at was the actual installer, not the program after the installer had installed it.

edit:
after decompiling the setup.inx script I was looking at code such as this ---->

begin
/* 0000561C: 0022 */ // -- Begin Function Code -- //
/* 00005625: 0006 */ s0000 = g_str0008;
/* 0000562F: 0021 */ function_011C(0x00000001, s0000);
/* 0000563D: 0021 */ function_00ED("PRODUCT_KEY");
/* 00005651: 0006 */ s0001 = LAST_RESULT;
/* 0000565B: 0014 */ s0001 = s0000 ^ s0001;
/* 00005668: 0021 */ function_011C(0x00000002, s0001);
/* 00005676: 0024 */ return;
/* 0000567A: 0026 */ // -- Create Local Variables -- //
end;

[Jay]

still can't see how that relates to

Quote:

But can someone tell me how to unpack this proggie

seem to have out lines crossed somewhere, guess I'll butt out.

Quote:

Originally posted by Jay
still can't see how that relates to


seem to have out lines crossed somewhere, guess I'll butt out.

no problems .. please if you can help please post more .. as I said I'm learning also