27 Aug 2016
9 Aug 2016
As I said I am sharing the crack of Volcano MTK Module v1.1.0. It is not very useful but it help sometimes in network unlocking.
Its too easy to use just extract these files in a Folder and run Loader_GautamGreat.exe and start working on it.
If you encounter any problem just comment below I will try my best to solve your problem.
Psycho GSM Destroyer
So today we gonna learn how to find the OEP of VMProtected targets. We gonna use ESP trick to do this.
What is VMProtect?
VMProtect protects code by executing it on a virtual machine with no-standard architecture that makes it extremely difficult to analyze and crack the software. Besides that, VMProtect generates and verifies serial number, limits free upgrades and much more.
In this tutorial we learn "How to find OEP of VMProtected targets."
Let's do it.
1. Firstly Load the target in Ollydbg. I used Olly Shadow Modification with Phantom and StrongOD plugin.
2. After file successfully loaded on Olly press CTRL + G and type "VirtualProtect".
Then click on OK or press Enter and put a BP there by pressing F2
3. Then press run and you will landed at VirtualProtect as shown in pic.
4. After press run check Is codesection filled ?
Our code section is still empty now Run again and Again utill you see that codesection filled.
5. Now follow ESP in DUMP.
6. Find last kernel32 in dump windows as shown in pic and but a Hardware Breakpoint on access at byte.
Press run one time
7. Now put a Memory BP on Access on codesection.
8. No press run again and again utill you reach at OEP :)
Thanks for Visiting.
Hope it will help. If you have any problem just comment below. I will try my best to help you.
Psycho GSM Destroyer
7 Aug 2016
So I am sharing a tutorial for unpacking The Enigma Protector v4.10 to v5.x. It is created by SHADOW_UA. There is some step to unpack it. On GSM industry there is many tools that used The Enigma Protector, Eg : Miracle Box, Falcon , GSM Aladdin etc. You we have to learn it to unpack and Destroy GSM :D
2. For preventing API emulation its use a bytes pattern to prevent API Emulation.
3. Fixing rest of API manually by finding API in Enigma Section.
4. Dumping and fixing by Scylla.
Note : in some cases OEP is Virtualized. In that case you have to Dump VM section and add it to Dumped file with correct RVA.
Password for RAR : tuts4you
Any problem with it just leave a comment will help contact you as soon as possible.
Psycho GSM Destroyer.