Themida - Winlicense 1.x - 2.x Multi PRO Edition 1.2
Hello together,so today I will release my new TheMida & WinLicense unpack script.So will know already my previous script and this new one is a advanced version of my other script and of course is it based of the original main unpack script by quosego.So all original fixing features by quosego are also included and used how you will see if you are using the new script.So a big special thanks goes of course to quosego and without his script would this new script not possible.
So I added some new features which makes the unpack process faster and it will help you to get your files unpacked.The main feature which I added was the "Master Direct API Code Patching" which will fix all direct APIs in your file very fast at the original IAT.So if you choose this feature then you need no more use the UIF or ImportsFixer tool.Just ImpRec.So I created seven unpack movies where you can see how to use the script.In the first movies you can read some comments my me and from the third movie not more so much so I got some record problems and changed the record tool which is also not the best to write some comments.Anyway.So you will see what happend in the movies and just follow.
Themida - Winlicense 1.x - 2.x Multi PRO Edition 1.0
****************************************************
( 1.) Unpacking of WinLicense & TheMida Targets
( 2.) Three Way Unpack Choice Possibilities x3
( 3.) Supports IAT Special Patch & ESP CRC Checking
( 4.) Use UIF or ImportsFixer or Script + DI Patch
( 5.) Code-En-Crypt Fixer
( 6.) Cryp-To-CodeFixer
( 7.) Version Identification
( 8.) Magic Jump Finder
( 9.) Manually Enable & Disable Option Choice
( 10.) VM OEP Finder xII +
( 11.) 500 Bytes Extra Stack-Anti-Dump Checking
( 12.) Master Direct API Code Patching
( 13.) TLS Callback Killer
( 14.) Choice To Break Close On HWID & TRIAL Stop
( 15.) Turbo Patching Mode
( 16.) VM WARE Fixer by quosego
( 17.) EXE & DLL Support with LoadDll
****************************************************
In the movies you will see some exsamples about normal unpacking of exe,HWID & DLL files.I added also a exsample how to extract some XBundler files from a target.All in all some helpfully exsamples for you to get a good start with this script.
I will post also all unpackmes from my tuts for you in the second post so that you don't need to search them anymore and you can test all by yourself.Thats all for the moment.So then have fun and if something not works then post a reply on this topic.
PS: Don't forget the Tutorial UnpackMe Set.rar in the second post!
greetz
@LCF-AThttp://forum.tuts4you.com/index.php?showtopic=25554UPDATE: 1.1
***********
- Fixed some bug's
- Added forcing heap fixing
- Added improved direct API fixing method
- Added three new direct API checking patches
- Added second dll base compare string
- Added improved address compare 00 byte bug
- Added loaded module overview
- Added second sleep string
- Added stack-anti break check | ntdll | auto disable
- Added second VM Ware check
***********
So here comes a new update.Fixed some bug's and added some new check stuff for the moment.
- Stack-anti break check will disable checking and goes to the next step.
- I added also a second VM Ware check .Not testet under VM Ware!Hope that it works for you.
- I changed direct API fixing. script use system PEB struct now.
UPDATE: 1.2
***********
- Fixed one direct API address compare check patch
- Added new skip messagebox for the last API compare checking | Can take a long time if used! 據說,就差 antidump 尚未完美了。 {:1_924:}英文水平不行,没看太懂。 看了先,谢谢 下载来研究下 更新了. 下载来试试 UPDATE: 1.2
***********
- Fixed one direct API address compare check patch
- Added new skip messagebox for the last API compare checking | Can take a long time if used! 我用了个。net程序的软件试了下。怎么会弹出窗口显示第一行错误 支持H大大