Page 3 of 8 FirstFirst 12345 ... LastLast
Results 21 to 30 of 79
  1. #21
    S4R4H
    S4R4H is offline
    New member S4R4H's Avatar
    Join Date
    2011 Jun
    Posts
    28
    Thanks Thanks Given 
    12
    Thanks Thanks Received 
    33
    Thanked in
    8 Posts
    Rep Power
    0
    1. your 'dump_.exe' is corrupt resulting from incorrect unpacking..

    2. assuming that the 2nd picture shows all the instructions after replacements with the stolen bytes, it looks nothing likes
    the ones you copied:
    PUSH EBP
    MOV EBP,ESP
    PUSH -1
    PUSH 623730
    PUSH 5EF620
    MOV EAX,DWORD PTR FS:[0]
    PUSH EAX
    MOV DWORD PTR FS:[0], ESP
    SUB ESP, 58
    PUSH EBX
    PUSH ESI
    PUSH EDI
    MOV DWORD PTR SS:[EBP-18], ESP
    the guide is meant for AikaSEA anyway so a few things may appeared different with AikaIN.. or maybe I am wrong..

    sorry I can't help you any further than this.. but I suggest you redo all the steps slowly, jot down all the important things
    such as the EP, OEP, number of stolen bytes, the dumping OEP address etc..

    again, sorry I can't be much of a help with your problem..
    I like to make stupid theories and asssumptions..

  2. #22
    shemgwapo
    shemgwapo is offline
    Member-in-training shemgwapo's Avatar
    Join Date
    2010 Sep
    Location
    www.animebio.com
    Posts
    51
    Thanks Thanks Given 
    27
    Thanks Thanks Received 
    19
    Thanked in
    8 Posts
    Rep Power
    0
    is there a way to fix the debugged program was unable to process exception error?

    edit: nvm fixed the problem.
    Last edited by shemgwapo; 2012-01-11 at 08:09 PM.

  3. #23
    JeanBR
    JeanBR is offline
    Senior Member JeanBR's Avatar
    Join Date
    2012 Jan
    Location
    Hestia
    Posts
    326
    Thanks Thanks Given 
    41
    Thanks Thanks Received 
    210
    Thanked in
    82 Posts
    Rep Power
    0
    great tutorial, step by step olly was great. thank you friend
    Welcome To PGC.

  4. #24
    b1shop
    b1shop is offline
    New member
    Join Date
    2012 Jan
    Location
    Mcz
    Posts
    10
    Thanks Thanks Given 
    4
    Thanks Thanks Received 
    1
    Thanked in
    1 Post
    Rep Power
    0
    well.. i have a doubt about the step 2b, i do all the previous process but when i will restart the AIKASM.exe in ollydbg to repeat the steps 1b -1d, I cannot press shitf F9 16 times anymore, when i do 2 times the game starts and screw up all the job..

    thx for share.

  5. #25
    shemgwapo
    shemgwapo is offline
    Member-in-training shemgwapo's Avatar
    Join Date
    2010 Sep
    Location
    www.animebio.com
    Posts
    51
    Thanks Thanks Given 
    27
    Thanks Thanks Received 
    19
    Thanked in
    8 Posts
    Rep Power
    0
    stuck at finding : "EBP=[0x12FFC0]". is it possible that the values changed after aika sea updated their client yesterday?

  6. #26
    susimilikiti
    susimilikiti is offline
    New member
    Join Date
    2011 Dec
    Posts
    48
    Thanks Thanks Given 
    3
    Thanks Thanks Received 
    144
    Thanked in
    9 Posts
    Rep Power
    0
    my stolen code is different with you its start with
    MOV DWORD PTR SS:[ESP],EBP
    MOVE EBP,ESP
    PUSH -1
    ... ...
    ... ...


    and its doesnt fit the nop in dump_.exe
    the code cave is not as many as the stolen code... so the stolen code doesnt fit all in the code cave..

    can you help me?

  7. #27
    DarkT
    DarkT is offline
    Member-in-training DarkT's Avatar
    Join Date
    2012 Jan
    Posts
    116
    Thanks Thanks Given 
    60
    Thanks Thanks Received 
    103
    Thanked in
    30 Posts
    Rep Power
    0
    Guy, try again, it's working here =D

  8. #28
    Winged313
    Winged313 is offline
    New member
    Join Date
    2012 Jan
    Posts
    15
    Thanks Thanks Given 
    16
    Thanks Thanks Received 
    26
    Thanked in
    4 Posts
    Rep Power
    0
    Hi there!

    I'm new and eager to learn about the world of hacking! I've been reading on the forums for severals days already but just until recently created an account for posting and sharing knowledge in the future.

    I've been trying to unpack the Aika SEA client manually by following this guide, but I can't get it to work. I discovered that Ollydbg dosen't support Windows 7 64-bit. I did some research and found a plugin called Stealth64, but the problem still remains. Ollydbg is showing me the wrong codes.

    I'm hoping you've got a solution for my problem. If not, I guess I'll have to buy and install Windows XP 32-bit version.

    Thanks in advance,

    Winged.

  9. #29
    shemgwapo
    shemgwapo is offline
    Member-in-training shemgwapo's Avatar
    Join Date
    2010 Sep
    Location
    www.animebio.com
    Posts
    51
    Thanks Thanks Given 
    27
    Thanks Thanks Received 
    19
    Thanked in
    8 Posts
    Rep Power
    0
    the client runs when you do a bp at "0x2D53A30" and then gameguard shows up and ruin the whole process.

  10. #30
    fennes
    fennes is offline
    New member fennes's Avatar
    Join Date
    2012 Jan
    Posts
    22
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    32
    Thanked in
    6 Posts
    Rep Power
    0
    Quote Originally Posted by S4R4H View Post
    1. your 'dump_.exe' is corrupt resulting from incorrect unpacking..

    2. assuming that the 2nd picture shows all the instructions after replacements with the stolen bytes, it looks nothing likes
    the ones you copied:


    the guide is meant for AikaSEA anyway so a few things may appeared different with AikaIN.. or maybe I am wrong..

    sorry I can't help you any further than this.. but I suggest you redo all the steps slowly, jot down all the important things
    such as the EP, OEP, number of stolen bytes, the dumping OEP address etc..

    again, sorry I can't be much of a help with your problem..
    1. I Using Several Step To Get The OEP, Your Guide And Few Another and The Result Is Exactly Same
    Pointing to Address 005EE73C [in My Exe]
    I am Confident This Is My OEP.

    2. Number Of Stolen Byte :

    Possible Stolen Bytes ASProtect For M$ Visual C++ is 13 Lines, CMIIW

    Already Compare To Running Unpacked Exe And The Stolen Byte Format is Same, The Different Only

    PUSH 623730
    PUSH 5EF620


    Because Every Patch This PUSH Address Always Changes, But We Can See The Value PUSH Address In Trace Windows.

    3. Dumping OEP Address.

    In Your Guide

    -make certain that the 'Modify:' field is correct:
    = [EP - BaseAddress]
    = [0x5EAD5C] - [0x400000]
    = [0x1EAD5C]
    -click 'Dump'

    my Calculation Using OEP
    = [EOP - BaseAddress]
    = [0x5EE73C] - [0x400000]
    = [0x1EE73C]
    -click 'Dump'

    I Using This Address To Rebuild IAT


    But The Value EP Base On Your Picture IS "0x5EAD82"

    So, What Value I Must Use To Calculate This Address EP or OEP.

    I Will Try Unpack On Different OS Xp or Se7en Maybe.
    Because Now I Unpack This Exe under Win Vista, Maybe I Get Luck With Other OS.

    Thx

Page 3 of 8 FirstFirst 12345 ... LastLast

Similar Threads

  1. [Info] Manual Patching, patch info
    By Dwar in forum Requiem Online
    Replies: 25
    Last Post: 2018-11-06, 02:37 PM
  2. [Dev] Cabal EU Yoda-ASProtect Unpacked
    By Grooguz in forum Cabal Bots, Hacks, Cheats
    Replies: 8
    Last Post: 2013-05-31, 01:31 PM
  3. GameShield Manual Unpacking and Modifying Licenses
    By h4x0r in forum Anti-Cheat Systems
    Replies: 0
    Last Post: 2011-10-12, 10:13 PM
  4. [Info] Dragon Nest CN manual unpacking zip archive
    By Dwar in forum Other MMO
    Replies: 0
    Last Post: 2011-06-29, 06:12 AM
  5. [Info] ARGO Online manual updating
    By Dwar in forum Other MMO
    Replies: 0
    Last Post: 2011-06-12, 09:22 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •