BlueOwl's UPXed
| Download upxed.zip, 28 kb (password: crackmes.de) Browse contents of upxed.zip This crackme shows some techs for protecting UPX'ed files."
Difficulty: 2 - Needs a little brain (or luck) | Send a message to BlueOwl » View profile of BlueOwl » |
Solutions
Solution by _khAttAm_, published 03. aug, 2005; download (40 kb), password: crackmes.de or browse.
_khAttAm_ has rated this crackme as quite nice.
Discussion and comments
| Sinclaire 01. May 2005 | Uhmm, good for you, you could have submitted a solution instead od typing it in here!, others would like to solve it too, but hey atleast i got it before you :P, and you should also consider understanding the purpose of the site, good for you if you got the password, but publishsing the password is not needed, you can only ASK ABOUT WHAT YOU DO NOT UNDERSTAND ONLY! |
|---|---|
| BlueOwl Author 01. May 2005 | TQN, i deleted your post. Please don't give away the password. |
| Haykuro 01. May 2005 | i tried everything to unpack it.. I used the PEiD generic unpacker. I attatched OllyDbg to it and found the entry point. but no matter what i try it keeps messing up. Can someone help me? |
| Sinclaire 01. May 2005 | Haykuro: If you managed to get the OEP then mostly half the work is done, if it keeps messing up, then this is due to a protection used against dumping it, which works as follows, the code gets overwritten so that when you try to dump from memory you get the wrong data, but in my opinion you must be doing something wrong, try again this time make sure you have correct the EP of the dumped programed and reconstruct the IAT. |
| _HellDashX_ 01. May 2005 | Haykuro: Hi, in my case i need use a script in Olly using the OllyScript plugin for UPX. Made a script with this code and use it: eob Break findop eip, #61# bphws $RESULT, "x" run Break: sto sto bphwc $RESULT ret Using this script Olly found the OEP in 1 or 2 seconds, only needs trace a few steps and you can found the password in ASCII. I hope this help, :) |
| elfz 03. May 2005 | STRIVING FOR PERFECTION: Before submitting your solution, make sure that you have explained how and why the protections work, how to re-implement them, why is upx foolded; not just way of finding OEP and dumping it!!! |
| _HellDashX_ 03. May 2005 | Hi, i explain it in my submited solution in a txt not in the comment, :) |
| _HellDashX_ 03. May 2005 | And, when you have the zip file password you can read the author explain about the protections, if you see, but i explain it, ok? :) |
| _HellDashX_ 03. May 2005 | But, yes, i forgot put the Anti-Dumping protecction explains in my submited solution, :) Sorry, hehehe...my mind lost sometimes...:) |
| fjlj 04. May 2005 | it was a pretty good crackme but fairly simple lol all i did was step over fallow the esp in dump set a hardware on access dword break and clicked run sepped into the jump and then continued to step into untill it gave me the pass in my registers. also i made the program allert the password instead of "Example using UXP!" or whatever it said lol but overall i liked it |
| SoN 08. May 2005 | This one took me about 2 days but I just got it. I'm glad I figured this one out because it was the first packed crackme I've tried. Thanks for writing it. |
| _pusher_ 08. May 2005 | yeah man... its bad that you are not able to publish a tutorial for it.. i even had a Softice solution.. |
| BlueOwl Author 09. May 2005 | Thanks for the positive reactions. :) |
| Sinclaire 09. May 2005 | And thanks for the c00l tr0ll that closed this crackme and destroyed all the fun, we should really thank him, cheers up. |
| Zero Moderator 11. May 2005 | The "c00l tr0ll" is the automation in the website system ;) |
| elfz 12. May 2005 | c00l tr0ll punished. he won't count rejected submissions before automatically closing the submissions ever again. |
| Immortal_One 14. May 2005 | This one took me about 2 sec pretty good crackme |
| snak3 24. May 2005 | been trying on this some time now, and finally with some reading i made it :) thx alot for a fun crackme |
| BlueOwl Author 03. Jul 2005 | I hope it gets solved sometime. I think people could learn from its techniques. (about how to re-implement them) |
| _khAttAm_ 19. Jul 2005 | I tried to write a solution and it is accepted, but when I read here, i think my solution is quite lame............. What do you ppl think?? |
| Knight 20. Jul 2005 | Before submitting your solution, make sure that you have explained how and why the protections work, how to re-implement them, why is upx foolded; not just way of finding OEP and dumping it!!! Here's what i think^^^. I think that most of us (not talking about complete newbies) can unpack it without bigger problems. But intreseting part is why upx can't unpack it. I unpacked it, but haven't looked at it's sources, so it would be nice to know that. Also if same technique could be used with other packers/protectors it might be realy useful to develope this. |
| Takayuki 04. Aug 2005 | Well this one was a easy one i think. It took some minutes to understand it I liked this crackme :) |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.