Themida BlackDesert 690

Irbos · 03/28/2018, 08:17

Can anyone remove the thiemida from the exe file blackdeser64.exe?

R3p · 03/28/2018, 11:33

Themida x64 isnt that easy to unpack. But why do u need it to unpacked? It unpacks itself at runtime just for ya info

Irbos · 03/28/2018, 11:54

Quote:

Originally Posted by R3p

Themida x64 isnt that easy to unpack. But why do u need it to unpacked? It unpacks itself at runtime just for ya info

I want to pull out the key and the package script method

kwskii · 03/28/2018, 13:51

Just dump it from runtime like r3p said. There's lot of info,plugins that let you easily do this.

Irbos · 03/28/2018, 15:04

Quote:

Originally Posted by kwskii

Just dump it from runtime like r3p said. There's lot of info,plugins that let you easily do this.

And you can not tell how to dump?

R3p · 03/28/2018, 15:35

If U dont know this i doubt U be able to reverse things

ceh430 · 03/28/2018, 17:37

Quote:

Originally Posted by Irbos

And you can not tell how to dump?

maybe this can help ya a little :P

also all other OALabs are really nice if you want to learn something about it

Ustonovic · 03/29/2018, 09:20

Quote:

Originally Posted by Irbos

And you can not tell how to dump?

When you dump something you want to make sure to dump it when the RIP is at the OEP. Attach your debugger of choice, search for "commnad line param" ASCII, trace 2 functions out at you are at the "real" main function.
Set a hardware breakpoint there, restart the game and dump it when it hits the breakpoint (Scylla can do this for example).