Web : http://mxb.cjb.net
Contact Me : [email protected] or [email protected]

Main | Index

Bullet Proof 1.20

Type : FTP Utility
Protection : ASPack
Tech : Memory Dumping


Crack : Programs packed with ASPack can be easily unpacked.

1 Go to the end point of the unpacker routine.
2 Use a memory dumper like PE-Editor to dump the entire process
to a file.
3 Find out the Original Entry Point [ OEP ] of the program.
4 Changed the entry point of the dumped file with PE-Editor.

Entry Point = OEP - Image Base

Note : If the program does not break at start point in symbol loader -
Change the FLAG of CODE Section to = E0000020

End point of the unpacker routine is shown below :

0x5134ED MOV [EBP+0x443E2F],EAX
0x5134F3 POPAD
0x5134F4 JNZ 0x5134FE
.....................
0x5134FE PUSH 0x4C47BC >> OEP
0x513503 RET >> DUMP HERE : USE 'JMP EIP' HERE TO
FORM A INFINITE LOOP AND COME OUT
OF SICE.THEN DUMP FULL PROCESS.THEN
OPEN DUMPEDFILE IN HEX EDITOR AND
CHANGE 'JMP EIP' TO 'RET'.

Change the entry point of the dumped program file.