#1
|
|||
|
|||
Asprotect Last Exception
This is the new script to bypass the asprotect trick of changing the last exception, I left the old asprotect since we already have script for them, this script should work on most new asprotect without skipping, it is only tested on handful of the new ones, so please feedback , if there is any problem.
[note2] script now is updated to include all new asprotect. Regards. Last edited by britedream; 08-30-2004 at 06:59. |
#2
|
|||
|
|||
Script above is update to include all new asprotect
it should work on all new asprotect now instead of most, for those who might have problem using the script on non xp pc , you might try the following script, it is identical to the above , except that I use ollyscript.dll to get the code size in instead of taking it from the pe header.
Regards. Last edited by britedream; 09-02-2004 at 05:12. |
#3
|
||||
|
||||
hey big unpacker! doesn't work on FlashPaste 2.0 Beta (hxxp://flashpaste.softvoile.com)
i think it's hard to get it working for really ALL asprotect |
#4
|
|||
|
|||
Thanks Markus-DJM
way to go , this is the only way to make the script better,feedback,the script is corrected to your finding, please check it. this is why asprotect has an edge over others, hard to keep up with, you always find different breed. Thanks.
regards. |
#5
|
|||
|
|||
100 % working..
@ britedream :
I have tryed your script. I have tryed with my appz, and it works very fine now... It stop my appz at last exception EVERY RUN NOW !! (win 2000 pre sp5, ollyscript and hideDebug) Congratulation for your great works !! Bye and thanx !! bye |
#6
|
|||
|
|||
script asplastex_Oepallnew2 has been corrected to work as good as asplastex_Oepallnew.for those who have the old one please change GMI eip,CODESIZE to GMI 401000,CODESIZE. this will make the script works from any address in the packer code .that was a tiny mistake I made ,sorry my knowledge of the script commands are not that great.please forgive my ignorance.Thanks
Regards. |
#7
|
|||
|
|||
Your new script is really nice. Great work. However I have a problem.
I am trying to unpack TheaterTek 2.0 which is protected by AsProtect. Your script never stops at the last exception. After starting your script, TheaterTek just runs. Any thoughts? -Malt |
#8
|
|||
|
|||
Thanks...
It's a VERY good idea cause Stripper 2.11 RC2 has PB with "new" ASPR and the last exception : Hey Syd, you can do it !....
Best regards. |
#9
|
|||
|
|||
To maltese
I really couldn't find your target to download, but my recent script is as below, please, try it , and see if it works.
Regards. [notes] this only works on some of the recent asprotect.I didn't get any feedback in order to make it works on many asprotect targets. script updated oct-23-2004 Last edited by britedream; 10-24-2004 at 02:56. |
#10
|
|||
|
|||
Thank you BriteDream for responding.
I tried the new script. No go. I sent you a PM so that you can try the script on the target file to see what I am seeing. -Malt |
#11
|
|||
|
|||
Stripper
I'm using Stripper since few month now and i found this tool very usefull but the last exception is really a problem, so i tried to find another way to unpack Asprotected progs ( i mean a simple way ) but haven't found. please Help !
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Reverse engineering MS C++ exception handling | jonwil | General Discussion | 1 | 04-10-2019 03:11 |
how to trace a program exception? | rcer | General Discussion | 6 | 01-16-2017 07:31 |
The Exception Table hook | STRELiTZIA | General Discussion | 0 | 10-25-2011 17:05 |
Last exception for asprotect | britedream | General Discussion | 7 | 04-09-2004 15:56 |