What to do if i can't run the app to main windows, since the app do not run at all without licence? (TwinrNA2.0.18beta)
Incredibly short *Cracking TwinR Thread*
03/13/2009 00:42
goldencoolsam#16
03/13/2009 17:48
skyboi91#17
actually is dam easily just run the script to end it will patch some address instant and it will be crackedQuote:
What to do if i can't run the app to main windows, since the app do not run at all without licence? (TwinrNA2.0.18beta)
03/13/2009 21:47
goldencoolsam#18
I know but the script need to be run while debugging the app to its main windows, and to do so i need a valid licence because TwinrNA2.0.18beta don't run at all without licence :s
So the script always gime
OllyScript error!
Error on line 35
Text: lc
No such command: lc
(I use OllyScript v0.92, odbg110 9in1 for Themida, PhantOm Plugin v1.54, OllyDump v3.00.110, StrongOD v0.2.3.328)
So the script always gime
OllyScript error!
Error on line 35
Text: lc
No such command: lc
(I use OllyScript v0.92, odbg110 9in1 for Themida, PhantOm Plugin v1.54, OllyDump v3.00.110, StrongOD v0.2.3.328)
03/24/2009 05:15
peonme#19
get the other ollyscript [Only registered and activated users can see links. Click Here To Register...]Quote:
So the script always gime
OllyScript error!
Error on line 35
Text: lc
No such command: lc
(I use OllyScript v0.92, odbg110 9in1 for Themida, PhantOm Plugin v1.54, OllyDump v3.00.110, StrongOD v0.2.3.328)
03/24/2009 22:59
goldencoolsam#20
what i need to enter when "Enter a address of free space if you alraedy have!If not then enter nothing and press a button" message? if leave blank script don't work.Quote:
03/25/2009 04:40
peonme#21
you can leave that blank, on the script execution windows right click and hit continue. thats where i get lost cause the next thing that pops up says Can? find the API Base!Maybe your target still needs some dll file.
03/26/2009 15:21
lavazzas#22
wtf is twinr?
03/26/2009 15:23
-Chrome-#23
search funtion, google, ....Quote:
It's a Cabal bot.
03/30/2009 18:33
Roma93#24
in deutsch bitte
04/03/2009 22:05
.Kreative#25
diese thread ist fur english.
du muss fragt -chrome- @ PM fur ein deutsch translation.
(hope i got that out well?)
Danke,
Tuxified.
du muss fragt -chrome- @ PM fur ein deutsch translation.
(hope i got that out well?)
Danke,
Tuxified.
04/04/2009 08:13
luser#26
thx for greats tutor. but its work for TwinRSEA 2.0.25? this one just release April 4th 2009.
04/05/2009 05:20
bobbyblew#27
Is that possible to have a dummy guide step by step? :p
04/05/2009 07:43
skyboi91#28
Hi,
I alraedy unpacked TwinrSEA 20.25 yesterday with my unpacker script!After unpacking the app starts with the message NAG then you get a nag about the aaaa.edit file.Then you can get a runtime message NAG and then the unpacked file closed.If you remember that Twinr has to debug it to kill the runtime error nag and then you have to correct the addresses for the x & y coordinates if you can also remember this from some older Twinr versions!
004FC5ED /E9 AE1B1700 JMP 0066E1A0 OEP
IAT start
008692CC 77DA5DCF ADVAPI32.RevertToSelf
IAT end
$+116C >74CB4BAF oledlg.OleUIBusyW
$+1170 >00000000
If you now use UIF then enter as new IAT address 008790AC
New IAT start
008790AC 77F4157D ntdll.RtlGetLastWin32Error
New IAT end
$+CE4 >76BB32DD psapi.EnumProcesses
$+CE8 >00000000
Now you can dump & fix.And now you can debug the unpcked file.
Do this run the unpacker 1.0 script (easily method)
1)HWID or TRIAL check ==> YES
2)temporary memory direct HWID patch==> NO
3)continue the script
4)script finished ! all patches are written into a new file now
it will appear a message you can run whenever u like and press F9 it will start TwinR..... or continue to get the IAT at the OEP
I alraedy unpacked TwinrSEA 20.25 yesterday with my unpacker script!After unpacking the app starts with the message NAG then you get a nag about the aaaa.edit file.Then you can get a runtime message NAG and then the unpacked file closed.If you remember that Twinr has to debug it to kill the runtime error nag and then you have to correct the addresses for the x & y coordinates if you can also remember this from some older Twinr versions!
004FC5ED /E9 AE1B1700 JMP 0066E1A0 OEP
IAT start
008692CC 77DA5DCF ADVAPI32.RevertToSelf
IAT end
$+116C >74CB4BAF oledlg.OleUIBusyW
$+1170 >00000000
If you now use UIF then enter as new IAT address 008790AC
New IAT start
008790AC 77F4157D ntdll.RtlGetLastWin32Error
New IAT end
$+CE4 >76BB32DD psapi.EnumProcesses
$+CE8 >00000000
Now you can dump & fix.And now you can debug the unpcked file.
Do this run the unpacker 1.0 script (easily method)
1)HWID or TRIAL check ==> YES
2)temporary memory direct HWID patch==> NO
3)continue the script
4)script finished ! all patches are written into a new file now
it will appear a message you can run whenever u like and press F9 it will start TwinR..... or continue to get the IAT at the OEP
04/05/2009 10:04
scrinravager#29
EDIT : always after step 3 i get "TODO: <File description> has stopped working"Quote:
1)HWID or TRIAL check ==> YES
2)temporary memory direct HWID patch==> NO
3)continue the script
4)script finished ! all patches are written into a new file now
it will appear a message you can run whenever u like and press F9 it will start TwinR..... or continue to get the IAT at the OEP
04/05/2009 10:51
RICANPAPI_16#30
Quote:
I alraedy unpacked TwinrSEA 20.25 yesterday with my unpacker script!After unpacking the app starts with the message NAG then you get a nag about the aaaa.edit file.Then you can get a runtime message NAG and then the unpacked file closed.If you remember that Twinr has to debug it to kill the runtime error nag and then you have to correct the addresses for the x & y coordinates if you can also remember this from some older Twinr versions!
004FC5ED /E9 AE1B1700 JMP 0066E1A0 OEP
IAT start
008692CC 77DA5DCF ADVAPI32.RevertToSelf
IAT end
$+116C >74CB4BAF oledlg.OleUIBusyW
$+1170 >00000000
If you now use UIF then enter as new IAT address 008790AC
New IAT start
008790AC 77F4157D ntdll.RtlGetLastWin32Error
New IAT end
$+CE4 >76BB32DD psapi.EnumProcesses
$+CE8 >00000000
Now you can dump & fix.And now you can debug the unpcked file.
Do this run the unpacker 1.0 script (easily method)
1)HWID or TRIAL check ==> YES
2)temporary memory direct HWID patch==> NO
3)continue the script
4)script finished ! all patches are written into a new file now
it will appear a message you can run whenever u like and press F9 it will start TwinR..... or continue to get the IAT at the OEP
nice..and thanx but can u post pic or explain what we have to run first in deatail for us noobs who how little or no experience with scripts and olly.thanx alot for your work skyboi.