|
trying ur tut atm but again ... just like you busy w/ school etc etc so this is second priority... ALSO the Sienna Queen patch is scheduled for Euro and NA pretty soon soooooo what if they find another way to make us not able to do this whole unpack bussiness >.> or maybe we''ll just have to redo our work? (if we successfully get it dun by then)
|
what'cha dreaming about ? took em months to fix that even though they knew it existed,they probably fell in denial,but I don't think they'll add extra protection to the cabalmain.exe,like Themida etc.
|
lol... according to bindie CabalNA is packed with themida >.> ALSO I followed the dekaron thing it works perfectly till I have to fix in imprec ... it doesn't have the right OEP which means that I'm missing something from the step before(after I set the BP at the cabalmain jmp and run it, it doesn't take me anywhere) >.> ... well atleast it's good news to here estsoft is slow !
|
SEA is also packed with Themida, 1.9.9.0 specifically. tried unpacking it but i too end up Themida detecting the exe being debugged; gives some oreans error message. I believe the oep is correct as i tried finding it manually and using scripts, both gives the same oep. I think the problem im facing now is fixing the IAT.
|
btw, if cabalridre bypasses your security system (xtrap,gg) no need for twinR..
if u already bypass ur security protection theres no reason why cabal detects olly... asfaik |
Quote:
|
I never dlded it :P.Will do now,as I said,im overloaded,I usually post from my phone while in classes xD
Never said Themida was un-removable,it just takes more for ppl to remove it by meerely reading guides. EDIT:Holy shot ,the folder u posted pwns,all in 1 folder >;,epic. |
Nova provided some really great stuff. Just wondering, Nova did you work on Debug of NA Cabal or others? Or maybe all of them? If so, did you ever get errors while using Olly that some Memory Adresses were un-readable? I like the tools you provided, I just wish that it would all come together smoothly. Is there a specific setup I should use to each plugin for it to actually run and not be detected and fail? I've been racking my brain for this accursed .exe. I can attach to other games no problem and run debugger succesfully...I swear once I figure this out, I will dedicate my life to killing X-Trap :bandit:
|
Quote:
of all the scripts i tried, only one script successfully finished till the end. [Only registered and activated users can see links. Click Here To Register...] tried the manual way following joker_italy guide on tmd 1.9.1.0 gives the same result as this script (although SEA is packed with 1990, that's why im sceptical whether its real oep). well, there are still many things i'm going to try, and i'm back to basics. :p |
@ oren that's the only script that works for me as well but when I try to rebuild IAT using imprec using the OEP I found there and subtracting image base .... it doesn't work :S
@punk... that post about dekaron ... Cabalmain seems a little more complex? I'm trying dif things but can't find the correct way to find the proper OEP =( |
Upon further research. Could you use MHS to actually Debug? and Would it also work if you inject a code where the flag is triggered? Or would that still require repetitive procedures after Cabal is closed? I've read MHS can read kernal memory without actually attaching to the process. It's odd, something that should be so simple is made complicated by a simple thing. Unless of course I'm looking in the wrong places. But then I'm just thinking about it too hard. :pimp:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
|
| All times are GMT +2. The time now is 22:39. |
Powered by vBulletin®
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.