Themida BlackDesert 690

03/28/2018 08:17 Irbos#1
Can anyone remove the thiemida from the exe file blackdeser64.exe?
[Only registered and activated users can see links. Click Here To Register...]
03/28/2018 11:33 R3p#2
Themida x64 isnt that easy to unpack. But why do u need it to unpacked? It unpacks itself at runtime just for ya info
03/28/2018 11:54 Irbos#3
Quote:
Originally Posted by R3p View Post
Themida x64 isnt that easy to unpack. But why do u need it to unpacked? It unpacks itself at runtime just for ya info
I want to pull out the key and the package script method
03/28/2018 13:51 kwskii#4
Just dump it from runtime like r3p said. There's lot of info,plugins that let you easily do this.
03/28/2018 15:04 Irbos#5
Quote:
Originally Posted by kwskii View Post
Just dump it from runtime like r3p said. There's lot of info,plugins that let you easily do this.
And you can not tell how to dump?
03/28/2018 15:35 R3p#6
If U dont know this i doubt U be able to reverse things
03/28/2018 17:37 ceh430#7
Quote:
Originally Posted by Irbos View Post
And you can not tell how to dump?
maybe this can help ya a little :P



also all other OALabs are really nice if you want to learn something about it:pimp:
03/29/2018 09:20 Ustonovic#8
Quote:
Originally Posted by Irbos View Post
And you can not tell how to dump?
When you dump something you want to make sure to dump it when the RIP is at the OEP. Attach your debugger of choice, search for "commnad line param" ASCII, trace 2 functions out at you are at the "real" main function.
Set a hardware breakpoint there, restart the game and dump it when it hits the breakpoint (Scylla can do this for example).