Any Ideas? (Debugging Cabalmain.exe)

well sure enough I used chimprec in place of imprec and it worked...........................

well... now when i try to open the supposedly fixed dump it gives me

[Only registered and activated users can see links. Click Here To Register...]


this also happens when i try to open it in olly

i think i did it finally, removed themida completely. ran it normally, and peid didn't detect any protection. so happy!
on to the tracing part next! weeeeeeeeeeeeeeeeeeee! :p:p:p:p

how!!!!! pm me !!!.... and wait so you can run your unpacked.exe by itself?

Quote:

Originally Posted by howcow95 how!!!!! pm me !!!.... and wait so you can run your unpacked.exe by itself?

yep :p

pmed you back :P and also you just used one script?

LOL GUYS :D SEND ME UR UNPACKD CABALMAIN O_O

ill do it if i can find it out AND you mail me cookies

lol i will , giimme adress

Quote:

Originally Posted by howcow95 pmed you back :P and also you just used one script?

I have scripts for every packer, padder and obfusk'ers in existance ;) between raping Cabal and being the first botter on DragonSky it saves alot of time ;) :mofo: Id happilly make a full ollydbg Toolkit for epvpers with the relative scripts/plugins for Cabal but I lack so much in motivation..... Im sure -Chrome- knows what Im referring to, SALOMON and Lowyfre need a firm kick in the asses! (* Ill save u another wall of text chrome about how they happilly Leeched my work and help before then allowed those insults because I removed my work from epvpers -.- *)

Quote:

Originally Posted by NovaCygni I have scripts for every packer, padder and obfusk'ers in existance ;) between raping Cabal and being the first botter on DragonSky it saves alot of time ;) :mofo: Id happilly make a full ollydbg Toolkit for epvpers with the relative scripts/plugins for Cabal but I lack so much in motivation..... Im sure -Chrome- knows what Im referring to, SALOMON and Lowyfre need a firm kick in the asses! (* Ill save u another wall of text chrome about how they happilly Leeched my work and help before then allowed those insults because I removed my work from epvpers -.- *)

PM's work O.O hehe and as for motivation your helping mankind!!!

P.S I'll give you some of the cookies that Vegi is gunna send me

but yea hopefully oren could point me in the right direction I've spent a while just trying many dif combinations and retsarting my comp soooooooo many times over and over and over


Btw is there a way to edit upgrade success through cabalmain.exe aswell? I am absolutely hating my upgrading luck atm >.>

Doh i want some guides ._. howcow u already unpacked urs cabalmain ?:> i need do the same for cabal eu but im newbie in coding awww

i don't relly think I unpacked ... I use one script to find the OEP and unpack and it says it thinks it found it then i right click and hit search for all ref text strings and then I get a code that actually makes sense.... but whenever i try to dump/fix it I never succeed

Themida is not as simple as other protectors as rebuilding the IAT is a pain in the ass and varies from version to version. Use the script i've posted to search the real OEP, rebuild the IAT in olly, fix it with UIF, dump it, and fix imports with Chimprec .Heard Imprec does not import d3dx9.dll correctly; I'd never bothered to check though just to save the hassle :p

[Only registered and activated users can see links. Click Here To Register...]

the script to find the OEP is... Themida + WinLicense 1.1.x.x - 1.9.x.x OEP Finder.txt amiright?? I;ve been suing this ALL along just can't find the right combo of things to do after but yea ima try what you just posted... just wana confirm im using right oep finder

Quote:

Originally Posted by howcow95 the script to find the OEP is... Themida + WinLicense 1.1.x.x - 1.9.x.x OEP Finder.txt amiright?? I;ve been suing this ALL along just can't find the right combo of things to do after but yea ima try what you just posted... just wana confirm im using right oep finder

yes.the OEP that u get using the script is correct, but then u need to fix IAT too manually or using other scripts.