[release for testing] unpacked dragonica.exe

09/30/2009 05:21 ruddyhell#1

this is the previous to the now new exe vers(gpotato). just finished (i think lol) unpacking and then there is a fookin update gawd (which i accidently replaced with the unpacked .exe lol. So a upload of the new gpotato .exe would be kindly welcomed ppl (need it!!!! cant be fooked with a redownload/install)).

THIS NOT A HACK PPL. BUT CAN HELP.
This is for testing i.e. bugs/cockups/idiota mistakes to be pointed out
I hate asprotect 1.23 rc4 so there better not be lol
olly hangs @ 97%..use space before it reaches this point (trying to fix that) some ppl say a clean install of olly will fix this, though no luck for me
also cant get by server selection (trying to fix)
IAT might be fooked lol
Im only okay @ unpacking(if ppl with no knoweldge of "how" are bad,.. im okay lmao)
more mistakes/bugs? tell me!!!!

furthermore, uploads of the other versions(thq, IAH) .exe's would be welcomed to see what they are packed with, then mabye unpack(if i can be bothered downlading more installers gawd lol) etc

09/30/2009 07:33 that5life#2

Any chance of unpacking one for thqice?

09/30/2009 13:44 ruddyhell#3

right no need for a new .exe deleted patch id and it pulled a new one from the server.
to q, yes mabye when i have completed doin gpatato ver

09/30/2009 13:56 freddi98#4

it says missing bugtrap_mdo.dll is missing

09/30/2009 15:42 LemoniscooL#5

nice one as fas as i can see it is completely unpacked ^^
would be nice if you could release the newer unpacked executable

09/30/2009 15:49 ruddyhell#6

yeah it looks unpacked lol but the iat isnt rebuilt properly

right after trying to unpack for a few hours this buggy unfinished unpack is as good as i can make atm.

this now looks like wishful thinking again. unless solutions can be found for

1.how to skip launcher through ollydbg(should be easyish but i cnt be fecked lol)
2. how to hide the debugger from themida (phantom plugin is not working...isdubugpresent.dll has nothing to do with themida obv)
3. how to hide imprec from themida

until solutions are found for these problems. it shall be impossible to make a fully unpacked exe, well for me anyways.

until then ill be lookin at other things to do with dragonica.

I'll leave the buggy exe up for refrence thats all!!!!!!!!!!!

ill do a "unfinished" unpack of the new exe but thats all i can do.

09/30/2009 16:26 Kuma123#7

Some hints on how to get the rest done:

1. BP on CreateProcessA() see which parameters are used to start the client, use this parameters in olly. (Arguments in the Open dialog)

2. hiding olly when gg is using a kmd is not that easy, best would be a solution like [Only registered and activated users can see links. Click Here To Register...]

3. same as in 2. but you could try to disable GG (noping the CreateProcess call) let the client load and then attach imprec to restore the IAT

Btw there may be CRC checks on the file, to test if it was tampered/unpacked

09/30/2009 16:33 ruddyhell#8

woot hints :P
I mean................oh no hints...............back to trying to finish unpacking.
thanks for the hints i geuss lol
nah really ty

10/01/2009 23:59 foxracer32765#9

It doesn't work. lol

10/02/2009 23:40 shay_3100#10

what we can do with this?

10/02/2009 23:51 LemoniscooL#11

nothing suz its not complete
close please ..

10/03/2009 01:17 ruddyhell#12

yeah close..........i suck and am done with unpacking this lol. Im never gonna do it on this one lol.

so much time wasted :facepalm::facepalm::facepalm:

lol