|
You last visited: Today at 13:44
Advertisement
About SM decrypted. Execryptor
Discussion on About SM decrypted. Execryptor within the Silkroad Online forum part of the Popular Games category.
06/17/2007, 18:33
|
#1
|
elite*gold: 0
Join Date: Apr 2007
Posts: 45
Received Thanks: 0
|
Sly2 said that sm was decryted, who have it? i want it only for OllyDBG. Plz !!
|
|
|
06/17/2007, 18:50
|
#2
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
i have this & no other
decrypted sm.dll is a normal sm.dll without execryptor protection, but with morphed code (VERY difficult!!!) in most importand procedures...
|
|
|
06/17/2007, 19:05
|
#3
|
elite*gold: 0
Join Date: Apr 2007
Posts: 110
Received Thanks: 2
|
Quote:
Originally posted by sly2@Jun 17 2007, 18:50
i have this & no other
|
so what ur sayin is that ur the only 1 that have it?
|
|
|
06/17/2007, 19:19
|
#4
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
i unpack this from execryptor...
when you or anyone unpack sm.dll to, then i will be not allone with it
|
|
|
06/18/2007, 05:58
|
#5
|
elite*gold: 0
Join Date: May 2007
Posts: 106
Received Thanks: 9
|
For good cracker all unpackers is newbie stuff..They can unpack and pack files only with ASM code, but the best eay is use unpacker you will wait only 5 seconds but you will unpack it with ASM code you will get more XP in the cracking...
If someone create packer, someone can create unpacker :P
|
|
|
06/18/2007, 14:59
|
#6
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
1. show me unpacker for execryptor
2. do you know, that all exe or dll files are in assembler
3. show me anyone, that can unpack execryptor in 5 seconds (EntryPoint seek, IAT seek & fixing, Relocations fixing)... (i dont speak about morph procedures. these are VERY dificult. i talk with "good" cracker, he wont to demorph it, its to dificult, nearly imposible...)
and i hope, you know, what you talking about...
|
|
|
06/18/2007, 15:22
|
#7
|
elite*gold: 0
Join Date: May 2007
Posts: 106
Received Thanks: 9
|
I said that unpacker can unpack file in 5 sec... Take mmm UPX pack it and Use Upx unpacker you will see how fast it is..
Yeah morphine is very good as Armadillo.. That's true
the best thing it is that execryptor hasn't unpacker, so I love every packing which canot be unpacked :P
If you want unpack it you need crate packer...
ASM code = assambler, just Olly
So "ggod" cracker will crack all stuff because he's good
Morphine code demorph mb is imposible then it is decripted whith another cript code..
Or just it's code which are used one time and it's created by PRO cracker
But I woudn't take to unpack execryptor packer
I hadn't a lot of time to sit down on one sm.dll
|
|
|
06/18/2007, 15:31
|
#8
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
you dont need to unpack sm.dll, it's now unpacked
olly is ONLY a debugger
in unpacked sm.dll is more of self changing code. pro cracker? it dont see, that was a "pro" cracker...
it's a feature of execryptor, thats all
tell me why not to crack sm.dll. its good practice for me
it's funny too, but cost more time...
|
|
|
06/18/2007, 17:28
|
#9
|
elite*gold: 0
Join Date: May 2007
Posts: 106
Received Thanks: 9
|
OK it's good Yeah cracking is good practice and good challenge for everyone who know somethng...
OK if you have unpacked sm
I will say my minds like newbie because I don't know how it rename srry..
can you add NOP's in the section then user have get logged.It's something like patch which always is 1 for connection to server
Do you understand my minds ?
|
|
|
06/18/2007, 17:42
|
#10
|
elite*gold: 0
Join Date: Apr 2007
Posts: 45
Received Thanks: 0
|
sly2 have reason, u can see the debugged code but uncrypt all the code reallocate it in his memory and all its too hard work
|
|
|
06/18/2007, 19:17
|
#11
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
@iamcnk:
you are almost right, the code is unpacked, you can see really clear code, but parts of the code are morphed (self changing and at other place), look here:
Code:
10004A00 55 PUSH EBP
10004A01 8BEC MOV EBP,ESP
10004A03 83EC 44 SUB ESP,44 <- [COLOR=red]to this place all ok[/COLOR]
10004A06 - E9 53660300 JMP 1003B05E <- the really code self making at here
10004A0B E8 438E0600 CALL 1006D853
10004A10 C6 ??? ; Unknown command
10004A11 24 97 AND AL,97
10004A13 6368 4A ARPL WORD PTR DS:[EAX+4A],BP
10004A16 5D POP EBP
10004A17 04 91 ADD AL,91
10004A19 57 PUSH EDI
10004A1A E8 61750300 CALL 1003BF80
10004A1F 84C5 TEST CH,AL
10004A21 E6 DA OUT 0DA,AL
10004A23 4B DEC EBX
10004A24 0041 B1 ADD BYTE PTR DS:[ECX-4F],AL
10004A27 E8 54750300 CALL 1003BF80
10004A2C 89E9 MOV ECX,EBP
10004A2E 6D INS DWORD PTR ES:[EDI],DX
10004A2F 1141 0C ADC DWORD PTR DS:[ECX+C],EAX
10004A32 81C1 8B12FC50 ADD ECX,50FC128B
10004A38 - E9 B8180300 JMP 100362F5
10004A3D 8A00 MOV AL,BYTE PTR DS:[EAX]
10004A3F 8845 F7 MOV BYTE PTR SS:[EBP-9],AL
10004A42 8A45 F6 MOV AL,BYTE PTR SS:[EBP-A]
10004A45 24 07 AND AL,7
10004A47 8845 F5 MOV BYTE PTR SS:[EBP-B],AL
10004A4A 33C0 XOR EAX,EAX
10004A4C - E9 9C700300 JMP 1003BAED
10004A51 E8 51F60300 CALL 100440A7
10004A56 58 POP EAX
10004A57 7B 7B JPO SHORT 10004AD4
10004A59 ^ 77 E8 JA SHORT 10004A43
10004A5B 17 POP SS
10004A5C 810400 6E4326A0 ADD DWORD PTR DS:[EAX+EAX],A026436E
10004A63 872C24 XCHG DWORD PTR SS:[ESP],EBP
10004A66 52 PUSH EDX
10004A67 E8 69F00300 CALL 10043AD5
10004A6C 390F CMP DWORD PTR DS:[EDI],ECX
10004A6E 9A E25D00D1 F26>CALL FAR 68F2:D1005DE2
10004A75 BA B60310E9 MOV EDX,E91003B6
10004A7A B6 0E MOV DH,0E
10004A7C 04 00 ADD AL,0
10004A7E E8 0AB40500 CALL 1005FE8D
10004A83 - E9 57850300 JMP 1003CFDF
10004A88 - E9 007A0600 JMP 1006C48D
10004A8D - E9 C6A50300 JMP 1003F058
10004A92 C600 23 MOV BYTE PTR DS:[EAX],23
10004A95 58 POP EAX
10004A96 51 PUSH ECX
10004A97 57 PUSH EDI
10004A98 BF B4BF0510 MOV EDI,1005BFB4
10004A9D - E9 D0120300 JMP 10035D72
10004AA2 89E8 MOV EAX,EBP
10004AA4 81C5 C308D63D ADD EBP,3DD608C3
10004AAA 81C5 01742DD2 ADD EBP,D22D7401
10004AB0 8B6D 00 MOV EBP,DWORD PTR SS:[EBP]
10004AB3 - E9 8BA40300 JMP 1003EF43
10004AB8 8BD0 MOV EDX,EAX
10004ABA 81E1 D2EEA7F8 AND ECX,F8A7EED2
10004AC0 - E9 64F80500 JMP 10064329
10004AC5 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
10004AC8 50 PUSH EAX
10004AC9 837D EC 05 CMP DWORD PTR SS:[EBP-14],5
10004ACD 0F94C0 SETE AL
10004AD0 - E9 D9450600 JMP 100690AE
10004AD5 68 8D95DC9D PUSH 9DDC958D
10004ADA 871C24 XCHG DWORD PTR SS:[ESP],EBX
10004ADD 8BF3 MOV ESI,EBX
10004ADF 5B POP EBX
10004AE0 81E6 D3DF249E AND ESI,9E24DFD3
10004AE6 81F6 40B6AD8B XOR ESI,8BADB640
10004AEC 81C6 CF245CF8 ADD ESI,F85C24CF
10004AF2 873424 XCHG DWORD PTR SS:[ESP],ESI
10004AF5 - E9 0FF60300 JMP 10044109
10004AFA 03C5 ADD EAX,EBP
10004AFC 81C0 C4259198 ADD EAX,989125C4
10004B02 8B00 MOV EAX,DWORD PTR DS:[EAX]
10004B04 E8 0C1E0300 CALL 10036915
10004B09 56 PUSH ESI
10004B0A ^ E2 AA LOOPD SHORT 10004AB6
10004B0C ED IN EAX,DX
10004B0D 53 PUSH EBX
10004B0E 68 D4670610 PUSH 100667D4
10004B13 E9 20000000 JMP 10004B38
10004B18 B7 92 MOV BH,92
10004B1A 4E DEC ESI
10004B1B 4E DEC ESI
10004B1C 836D 85 8B SUB DWORD PTR SS:[EBP-7B],-75
10004B20 E5 5D IN EAX,5D
10004B22 C3 RET
@SwaDDie:
sorry NO, you dont change jump's or call's to NOP's
greets
Sly
|
|
|
06/19/2007, 06:18
|
#12
|
elite*gold: 0
Join Date: May 2007
Posts: 106
Received Thanks: 9
|
Ok if NOP's not working.. Yeah i memory it's not working..Hmm so you can create other code which at load moment changes old code to new code...But it will be probably detected by GMGuard...
And that code has been very clear for 0x33 server...
And if your seeing code hops to other position it is very big ****..Because you can know what that code do then it hops ...
Which disambler soft you use ?
I'm working with Olly
and for easy stuff use DeDe or PEiD...
And some HexEditor...
|
|
|
06/19/2007, 09:30
|
#13
|
elite*gold: 0
Join Date: Apr 2007
Posts: 127
Received Thanks: 15
|
dede is for delphi!!!
sm.dll was writen in vc++ .net
PEiD can tell you, whitch packing soft was used...
i prefer lordpe, imprec, relox, rdg, and as degugger ida & olly (with plugins)
greets
Sly
|
|
|
06/19/2007, 16:20
|
#14
|
elite*gold: 20
Join Date: Mar 2007
Posts: 4,277
Received Thanks: 2,990
|
It's all about unpacker.
I tryied most of em ,but the result wasn't what i wanted.
EDit:Thanks sly
PEiD for the win!
|
|
|
|
Similar Threads
|
execryptor v2.4.1 unpacking helpme!!
08/17/2010 - Kal Hacks, Bots, Cheats & Exploits - 1 Replies
execryptor TLS callback etc
|
arclord ini decrypted
08/10/2009 - Archlord - 27 Replies
here are the archlord folder ini decrypted with stats by lvl / all item list etc etc
:) u can check this with antivirus its totaly safe : only ini and txt
example what u can find :
|
decrypted mapdestination.dat
01/18/2008 - Eudemons Online - 8 Replies
Hello all. I have decrypted mapdestination.dat, however, I cannot find the coordinates, only texts are clearly visible.
the file is encrypted this way: if you ignore first 4 bytes, group of 532 bytes is xor-ed with first byte of encryption key, next 532 bytes are xor-ed with second byte of key.. etc..
structure of the decrypted file is unknown to me, maybe someone will be lucky.
no clear coordinates can be seen..
here is the encryption key for decrypting the file:
byte enc_key = new...
|
SOFTMOD without EXECRYPTOR
06/03/2007 - Silkroad Online - 5 Replies
Hi!
i can give you the new softmod without execryptor.
this version ist unpacked, but not working!!!!!!!!
one more: NOT WORKING!!!!!!!
when you are knowledge in assembler, reverse engineering, win32 api, then send me PM & i will give you link to the file.
greets
|
All times are GMT +2. The time now is 13:44.
|
|