Flag: Tornado! Hurricane!

 Forums >>  Debuggers  >>  how to crack packed apps that packed by professional packers like themida spoon or etc...

Topic created on: March 29, 2013 12:13 CDT by netmgr .

Hi friends ,
i want to know how i can crack or unpack apps that packed by good packers like themida spoon and etc.
some times some apps be multi-pack !
what i have to do?
good packers know enough about pushad popad :)
they may change all the data !
any references or Tutorials?
THANKS

  codeinject     April 4, 2013 06:21.56 CDT
You have to figureout how the packer works, find the OEP and dump the memory. just like with the pushad and popad packers. Although now you'll have to deal with anti-debuggers and harder too crack obfuscations.

Buy some commercial packers, build some easy to reconize bins and try to unpack them with your debugger.

Have fun :)

  netmgr     April 8, 2013 00:24.36 CDT
Thanks alot for your attentions
Is possible that we crack by memory dumping?
i think when app want start , packers recall to unpack app into memory , so the application code must be in there.

  codeinject     April 8, 2013 01:37.21 CDT
What I'd recommend to do is to use a Debugger. Dynamic Analyses happens within memory. ImmDBG, IDA and WinDBG can handle this task :)

Note: Registration is required to post to the forums.

There are 31,038 total registered users.


Recently Created Topics
Ultimate Hacking Cha...
Jun/21
CreateMutex
May/31
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Immunity Debugger Re...
Aug/03


Recent Forum Posts
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack


Recent Blog Entries
crystalwade
Jul/20
test

nieo
Mar/22
Android Application Reversing

halsten
Mar/14
Breaking IonCUBE VM

oleavr
Oct/24
Anatomy of a code tracer

hasherezade
Sep/24
IAT Patcher - new tool for ...

More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...

djnemo on:
Nov/17
Kernel debugger vs user mod...

acel on:
Nov/14
Kernel debugger vs user mod...

pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit