Struggling

[HexaPe]

Hey everyone

Ive spent the last few weeks reading whatever I can find about unpacking specifically trying to wrap my head around how themida and vmp work

I’ve managed to get x64dbg and ida pro set up, and i've been playing around with some basic targets just to understand how a PE file is structured and how IAT redirection works but every time I touch something protected i feel like i'm way out of my depth

Any advice or a push in the right direction would be huge

[Jupiter]

When playing chess against a bot such as Stockfish, you can select its strength level.

Using VMProtect after UPX is like starting to play chess at a difficult level.

I recommend increasing the complexity step by step.

Choose more well-known protectors with detailed research and tools.

For example, consider ASProtect or Armadillo. These protectors are well known in the research community and there are many tutorials and scripts available.

After mastering well-known protectors you can go deeper.

[wx69wx2023]

Haha , I also want to learn how to unpack ; I has collected a lot of ASProtect releases (version from 1.0 to 2.65) and upackers (e.g CASPR,DcomAS, stripper, ollydbg scripts).


https://mega.nz/file/5EQCxTqT#RvE9r6iws9d8cJgTXhD9hM3cQ0WKa7Cph1Kn9KPSfNM

[Jupiter]

Quote:

Originally Posted by wx69wx2023

I has collected a lot of ASProtect releases ...

Some files are password-protected. There is no password in the text files (you need WeChat etc.). I have access to these releases, so I don't need a password, but other members without WeChat will find this challenging.

[blue_devil]

Quote:

Originally Posted by wx69wx2023

Haha , I also want to learn how to unpack ; I has collected a lot of ASProtect releases (version from 1.0 to 2.65) and upackers (e.g CASPR,DcomAS, stripper, ollydbg scripts).


https://mega.nz/file/5EQCxTqT#RvE9r6iws9d8cJgTXhD9hM3cQ0WKa7Cph1Kn9KPSfNM

I cannot unarchive the files under "unpack" folder; this is the error:

Quote:

unzip stripper.207ht.zip
Archive: stripper.207ht.zip
End-of-central-directory signature not found. Either this file is not
a zipfile, or it constitutes one disk of a multi-part archive. In the
latter case the central directory and zipfile comment will be found on
the last disk(s) of this archive.
unzip: cannot find zipfile directory in one of stripper.207ht.zip or
stripper.207ht.zip.zip, and cannot find stripper.207ht.zip.ZIP, period.

[wx69wx2023]

Quote:

Originally Posted by Jupiter

Some files are password-protected. There is no password in the text files (you need WeChat etc.). I have access to these releases, so I don't need a password, but other members without WeChat will find this challenging.

Hi，thanks for your remind, I checked and it's true. Password: pediy.com

Quote:

Originally Posted by blue_devil

I cannot unarchive the files under "unpack" folder; this is the error:

Hi，thanks for your remind, I checked and it's true. every file is actually a html file in unpack folder, The reason is that I triggered a cloudflare rule when I zip and download from my web site.

I upload again, you can try and check.

https://mega.nz/file/9AgyFAqb#w72AQEn3NyJVluVnJ82Omhq-ca10z9gDJAQcZpe4arI