I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Originally posted by jMerliN@Aug 14 2005, 03:05 I've unpacked the UPX packing on the RJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Well done. Don't you mean BJX?
In that case, we need to look into the source code. Remove the US/PW sending to BJX and response-requiring mechanism. Then, we need to find out where we're getting Trojan.Bat.Deltree.m from, as well as any other suspicious code.
With that, one of our better coders might be able to make a little EPVP Version using a few similar ideas or code.
Originally posted by Cryptic+Aug 13 2005, 20:09--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Cryptic @ Aug 13 2005, 20:09)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--jMerliN@Aug 14 2005, 03:05 I've unpacked the UPX packing on the RJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Well done. Don't you mean BJX?
In that case, we need to look into the source code. Remove the US/PW sending to BJX and response-requiring mechanism. Then, we need to find out where we're getting Trojan.Bat.Deltree.m from, as well as any other suspicious code.
With that, one of our better coders might be able to make a little EPVP Version using a few similar ideas or code. [/b][/quote]
Some of us from FuckGaming working on one that will have a public version
Also, the 'trojan' that was supposedly detected is probably nothing more than a false positive. Many known trojans and viruses use a variant of UPX packing ( with a modified stub.. which is what this uses ) and something that is poorly written may see the packing method as a possible positive for a known trojan that uses the same UPX variant. If anything other than that, it may have detected the sending of information to the private IP address as a trojan-like act and matched it to a known trojan's behaviour but I am quite positive there is no virus or trojan in this bot.
Originally posted by jMerliN@Aug 14 2005, 03:05 I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Great work, you got that done in less then an hour and you had to figure out how to unpack an exe that was packed with a modified UPX. Now, once it goes pay to use, we should be able to easily crack the bot, and jMerlin has already said he will do so.
Originally posted by Matt.dk+Aug 14 2005, 03:25--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Matt.dk @ Aug 14 2005, 03:25)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--jMerliN@Aug 14 2005, 03:05 I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Great work, you got that done in less then an hour and you had to figure out how to unpack an exe that was packed with a modified UPX. Now, once it goes pay to use, we should be able to easily crack the bot, and jMerlin has already said he will do so.
karma + [/b][/quote]
oO
lol how lame all he did was dumping the process he hasnt fixed the OEP or the tables so the prog doesnt work and thats the main part dumping is easy fixing is the art
lol how lame all he did was dumping the process he hasnt fixed the OEP or the tables so the prog doesnt work and thats the main part dumping is easy fixing is the art
Originally posted by Ultima+Aug 14 2005, 06:11--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Ultima @ Aug 14 2005, 06:11)</td></tr><tr><td id='QUOTE'>
Quote:
Originally posted by -Matt.dk@Aug 14 2005, 03:25 <!--QuoteBegin--jMerliN
Quote:
@Aug 14 2005, 03:05 I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one.* Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Great work, you got that done in less then an hour and you had to figure out how to unpack an exe that was packed with a modified UPX. Now, once it goes pay to use, we should be able to easily crack the bot, and jMerlin has already said he will do so.
karma +
oO
lol how lame all he did was dumping the process he hasnt fixed the OEP or the tables so the prog doesnt work and thats the main part dumping is easy fixing is the art [/b][/quote]
The oem/tables have not been fixed yet, any person who can read a dumped exe knows that. The fact that its now dumped is what counts right now. Besides, as I type this I am talkin' to him, he is fixing the oem/tables right now. And it will be cracked the day the bot turns to pay to use mode, which is rumored to be, August 10th.
I didn't think it was lame, I was talking to him in TS the whole time, I'd personally like to see you go dump an exe that is packed with a modified UPX, when you don't know immidiately how to do it.
Originally posted by Matt.dk+Aug 14 2005, 06:29--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Matt.dk @ Aug 14 2005, 06:29)</td></tr><tr><td id='QUOTE'>
Quote:
Originally posted by -Ultima@Aug 14 2005, 06:11
Quote:
Originally posted by -Matt.dk@Aug 14 2005, 03:25 <!--QuoteBegin--jMerliN
Quote:
Quote:
@Aug 14 2005, 03:05 I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one. Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Great work, you got that done in less then an hour and you had to figure out how to unpack an exe that was packed with a modified UPX. Now, once it goes pay to use, we should be able to easily crack the bot, and jMerlin has already said he will do so.
karma +
oO
lol how lame all he did was dumping the process he hasnt fixed the OEP or the tables so the prog doesnt work and thats the main part dumping is easy fixing is the art
The oem/tables have not been fixed yet, any person who can read a dumped exe knows that. The fact that its now dumped is what counts right now. Besides, as I type this I am talkin' to him, he is fixing the oem/tables right now. And it will be cracked the day the bot turns to pay to use mode, which is rumored to be, August 10th.
I didn't think it was lame, I was talking to him in TS the whole time, I'd personally like to see you go dump an exe that is packed with a modified UPX, when you don't know immidiately how to do it. [/b][/quote]
lol that shows that you don`t know what you are talking about
its decrypted and unpacked in memory when its loaded it takes about 10 seconds to load and dump it and i already did it the day i got the bot like i said its no big deal to dump it to fix the oep and the tables is the art
Originally posted by Ultima+Aug 14 2005, 06:42--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Ultima @ Aug 14 2005, 06:42)</td></tr><tr><td id='QUOTE'>
Quote:
Originally posted by -Matt.dk@Aug 14 2005, 06:29
Quote:
Originally posted by -Ultima@Aug 14 2005, 06:11
Quote:
Originally posted by -Matt.dk@Aug 14 2005, 03:25 <!--QuoteBegin--jMerliN
Quote:
Quote:
Quote:
@Aug 14 2005, 03:05 I've unpacked the UPX packing on the BJX 1.1 bot, and as of now this unpacked version wont execute but whenever I get around to making this one run i'll post up the final one.* Anyone who cares to can go ahead and do so, it only takes a simple bit of knowledge to do so... there's just no real need till the app goes P2P.
Though.. you can open it in IDA or your fav disasm app and browse around and find things and such, as all of the strings and functions are intact.
Great work, you got that done in less then an hour and you had to figure out how to unpack an exe that was packed with a modified UPX. Now, once it goes pay to use, we should be able to easily crack the bot, and jMerlin has already said he will do so.
karma +
oO
lol how lame all he did was dumping the process he hasnt fixed the OEP or the tables so the prog doesnt work and thats the main part dumping is easy fixing is the art
The oem/tables have not been fixed yet, any person who can read a dumped exe knows that. The fact that its now dumped is what counts right now. Besides, as I type this I am talkin' to him, he is fixing the oem/tables right now. And it will be cracked the day the bot turns to pay to use mode, which is rumored to be, August 10th.
I didn't think it was lame, I was talking to him in TS the whole time, I'd personally like to see you go dump an exe that is packed with a modified UPX, when you don't know immidiately how to do it.
lol that shows that you don`t know what you are talking about
its decrypted and unpacked in memory when its loaded it takes about 10 seconds to load and dump it and i already did it the day i got the bot like i said its no big deal to dump it to fix the oep and the tables is the art [/b][/quote]
Actually, I do know what I'm talking about. First he took a upx unpacker and tried to unpack it, he couldn't compensate for the modification so he searched online for unpacking a packed + modded upx exe, and he ended up doing what you said, dumping it from the memory using ollydbg.
Here is my unpacked BJX 1.1 bot .exe. Should work OK.
I finished with a router and UDP server but can't get over a little UDP protocol related bug, hope I can finish it before anyone else does :P
Originally posted by chocoman4k@Aug 13 2005, 23:51 Here is my unpacked BJX 1.1 bot .exe. Should work OK.
I finished with a router and UDP server but can't get over a little UDP protocol related bug, hope I can finish it before anyone else does :P
Originally posted by chocoman4k@Aug 14 2005, 08:51 Here is my unpacked BJX 1.1 bot .exe. Should work OK.
I finished with a router and UDP server but can't get over a little UDP protocol related bug, hope I can finish it before anyone else does :P
New Vip Unpacked 11/01/2009 - WarRock Hacks, Bots, Cheats & Exploits - 16 Replies http://i35.tinypic.com/b6pmxs.jpg
Rules to start Hack:
#1: Start WarRock
#2: Press The 1st OK
#3: Press the 2nd OK
#4: Fast as you can open the Injector Just after you press on OK.
#5: It will be Injected.
How to use Unpacked? 10/21/2009 - Dekaron - 3 Replies I just started this game looks good but I'm not really sure what I'm suppose to do with these unpacked stuff....I've been reading tutorial but it's not helping very will if any one willing to offer me help I'll will be greatful....PM me will be helpful as will..thanks yall...
anyone got unpacked 4.7.4 ? 09/30/2009 - Dekaron - 11 Replies anyone unpacked it yet? or should i give it a go and unpack it?
4.6.19 unpacked??? 04/18/2009 - Dekaron - 12 Replies as you know form previous post my unpacked files don't work well with other peoples pc. So I was wondering if the old unpacked still works and if not if someone can post one that does so I can readd it to my guide witch I will keep up and running.
what to do after unpacked.. 05/07/2008 - Dekaron - 5 Replies i unpacked data file, but it make a new folder named "data" also inside is another file called "data.pak file" and its over 2gig... my question is, do you guys use the unpack files as reference? or do u guys just replace the old data folder with new one created by unpacker?