吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 5281|回复: 3
收起左侧

[Unpackers] ObsidiumUnpacker by winndy

[复制链接]
Hmily 发表于 2009-12-3 13:51
ObsidiumUnpacker by winndy

FROM :CRACKL@B

ObsidiumUnpacker by winndy
winndywinndy This quote was last edited by winndy on 2009-11-28 20:43

http://www.unpack.cn/viewthread.php?tid=42938

ObsidiumUnpacker


winndy

CNwinndy@hotmail.com


The unpacker is not fully tested. Any bugs or feedbacks ,please contact me.

Use at your own risk!
1 Usage


Long option Short option Comment
--unpack -f The full path name of the target
--injectdll -i The full path name of the dll to be injected when stop at OEP
--funcname -n The function name to be called of the injected dll.The default name is DoJob.int DoJob(void* pData)The pData points to a structure.The first DWORD is the ImageBase of the target.The second DWORD is the ImageSize of the target.The third DWORD is the PID of the target.
--patch_registered Patch sdk function ‘isRegistered’ return true.Sometimes,this will cause error.
--DONT_PARSE_STOLEN Do not clear the junk code in the raw stolen code.If the unpacker is hang up, try to use this option.
--BE_QUIET Don’t ask the user when unpacking is done.
--help -h Print usage.





SDK fix is not supported yet.
2 Example

2.1 The simple example


ObsidiumUnpacker.exe --unpack=c:\testob.exe

Or ObsidiumUnpacker.exe -f c:\testob.exe


2.2 Use ObsidiumUnpacker as a loader, and inject a dll to crack it.


ObsidiumUnpacker.exe --unpack=c:\obsidium.exe --injectdll=c:\InjectToObsidium.dll

Or ObsidiumUnpacker.exe -f c:\obsidium.exe –i =c:\InjectToObsidium.dll

This will load the obsidium.exe and inject dll to crack it.


ObsidiumUnpacker.exe --unpack=c:\obsidium.exe --injectdll=c:\InjectToObsidium.dll --patch_registered

Or ObsidiumUnpacker.exe -f c:\obsidium.exe –i =c:\InjectToObsidium.dll --patch_registered

This will load the obsidium.exe and inject dll to crack it,and it will show “registered”.But this probably cause error.For obsidium v1.3.6.4 it will cause error.


If you have a customized function name,you can use like this:

ObsidiumUnpacker.exe -f c:\obsidium.exe -i =c:\InjectToObsidium.dll --funcname=YOURFUNCTION


2.3 be quiet option


ObsidiumUnpacker.exe --unpack=c:\testob.exe --BE_QUIET

Or ObsidiumUnpacker.exe -f c:\testob.exe
--BE_QUIET

This will cause the unpacker exit after it finishes its work.


3 History

2009.11.28

V 0.1 beta

Supported Obsidium version:

V1.3.5.7

V1.3.6.0

V1.3.6.1

V1.3.6.3

V1.3.6.4

SDK is not supported yet.

OS: WinXP SP3, Vista, other OS is not tested.
4 Bugs and Test

If you got bugs,please contact me.

The target size is limited to below 3M.

And the target must not be commercial software.

If the target is dll, you should also provide the exe associated with the dll.

And you must provide both the original file and the packed file.

The name of the packed file has the suffix of the version number of Obsidum and the OS.

For example,If the exe is aaa.exe,the and the obsidium is v1.3.6.4, the OS is XPSP3,the packed file name will be aaa_Ob1364_XP_SP3.exe.

And I don’t guarantee all the bugs will be fixed.Sorry.
5 Greetings

Reserved.

If you find some bugs, your name probably will be here. J

http://rapidshare.de/files/48772264/tmp.zip.html 

tmp.zip

827.96 KB, 下载次数: 82, 下载积分: 吾爱币 -1 CB

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

2051314 发表于 2009-12-3 14:51
还没能看懂。要走的路还很长
wa126 发表于 2009-12-3 15:30
a2213572 发表于 2009-12-3 19:52
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-11-22 20:09

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表