Hey!
I have unpacked securom 5.00.03.
But I have some questions.
As usual, there are EXE-file and some dll on CD-disk.
But I have onlle EXE packed with securom and no dlls, other files on disk are .swf and etc. Is it possible to unpack securom if
I have only EXE file and no Image of disk at all?
I tried to unpack in Ollybdg only ExE (I've opened it not from mounted image, but copied in separate folder)

There is sections of packed file
CWFR
FWFR
.asrc
.hvdpok
.jzuhd
.idata

I have noticed that section CWFR has the physical size 0.
It's mean that all will be then unpacked there.
Section CWFR begins with 401000
I've placed Breakpoint on 401000 and stop in dll :
100171D6 8807 MOV BYTE PTR DS:[EDI],AL

It seem to me that it's possible to unpack only EXE.
Can you help me or advice something?

I can also upload file (653 KB)

It looks like you need to learn more about how packers work, because you're almost there. Just let it finish unpacking, loading imports, and OEP will come soon.

hm...I said that I've unpacked this file, but it was opened in Olly from mounted image of disk.
Now I have problem how to unpack only EXE file. If I have only him.
It will be good if you try this file.
Here is file

URL to exe Removed!

Thank you.

it is doable without a disk, if you haven't done it before its tricky

URL of exe Removed!

have fun...

if you've unpacked 5.0.3 before then this should not have been a problem...

looks like its upx'ed or something underneath tho.. weird

evlncrn8
Why won't you try this to unpack?
unpacking only EXE and having image of disk It's different things!!!
I think you you won't make it.

fuck off dude, i removed the securom.. u can do the rest...

"i wont make it.." hahah, yeh, u removed the securom and all.. go and do some work .... trying to goad me into doing all the work for you wont work...

all that remains is unpacking the upx if you really need to.. hardly rocket science
a monkey could do it...

just to clarify...

[i did]

1. i removed the securom
2. i upped the exe for you...

[you did]

1. uploaded a securom protected exe and couldnt crack it / bypass the cdcheck

evlncrn8
Tell please how did you unpack securom!!!

no, why? cos you pissed me off with your response

next time (if there is one, which i doubt) try a different tact.

Sorry.
I really need to unpack securom wthout image...
But I don't know how.

evlncrn8
Accept my apologies...

its unpacked... didnt u catch that already... crkd = cracked
in the link i posted the securom is removed...

i suggest you read the faq, and do some work for yourself
not once have you posted what you've actually done

if you 'really need' to unpack securom without image, then i
suggest you do what i did and research the cdcheck routine
with and without the disk and compare what happens...

the same approach can be used on other protections too

evlncrn8
Can you upload unpacked file on cocoshare??
So I'will compare files and see differenf bytes. if you only patched it without cutting sections.
Mm..
I didn't understood all you written in your last post, cause English isn't my native language...
I've read FAQ.!! Sorry for not observance the rules...

It will be better if you post there addresses which you pached and placed breakpoints.


could you give the uRL?

lol,

sometimes it's like a circus in here

the url...sigh

try reading...and like i said before im NOT pasting va's, breakpoints or anything else...
why? because

1. the exe is posted, so any code pastes etc are against the rules
2. you pissed me off with your little 'i dont think you can do it' line

and i didnt do it by patching sections either... im professional, clearly you are not

evlncrn8


I think you can forgive me.
I can edit my posts so that there will not be any URLs and exe.
Please tell me how you removed the securom. It will be useful for me.

P/S/. Sorry once again me.

EB_FE:

You are at the wrong Forum if you think this is the place you can ask:

"Please tell me how you removed the securom. It will be useful for me."


That's not what we do here. Now stop asking that question or GO AWAY or join the "Goners"!



Regards,

and removing the urls is pointless, i am not removing mine
so no posts can be done relating to the code...
as to telling you how to remove securom without the disk
all i can say is it wasnt easy.. i researched hard.. so
now you have to do the same... and STOP fucking asking
me to tell u how i did it..

evlncrn8
Hmm...
I've compared two files.
And found 9134 differences!!!
It's strange!

yeh, cos securom is removed.. comparing my file against yours is like comparing chalk and cheese
you will NOT figure out what was done inbetween from a simple binary compare...
and its not strange at all.. go research securom, get a securom game, with the disk, trace its code
see what happens when you dont have the disk and run the exe, compare those two
research.. do some work... also .. loading an exe into ollydbg does not unpack it...
i think securom might be a bit hard for you.. at least thats the feeling i get...

EB_FE: Grow a brain.

evlncrn8
ok. so if you won't tell there, may be you can tell in private message?

Apparently you missed the part where he said:

"STOP fucking asking
me to tell u how i did it"

If you ask again, you will joining the "Goners" and be banned from these Forums.


Regards,