#ro0ted #OpNewblood What the blackhats dont want you to know: Manually Unpacking Part 2
Since no one understood the Manually Unpacking tutorial, I decided to make a longer one. I will also use that technique with more tutorials so you can get it down. It’s an old but great method to know. – https://twitter.com/ro0ted/
So I am going to use a file I packed using UPX.
First we download UPX:
type cd C:\Users\Downloads\Compressed\upx391w\upx391w\
Type upx -9 cybernexus.exe
Now load it in exeinfoPE:
You will HAVE to this step yourself. Now load it in Ollydbg, scroll through code looking for OEP. Using the trial and error method:
the offset is 635E6
Click dump and save the file as however you want.
Open it in exeinfoPE:
The EP Section now shows the .text segment instead of the packer, UPX1
Finally load it in Olly:
Loads up. No problem.
Check out my tutorials in my series…. “What the Blackhats don’t want you to know”
Manually Unpacking Part 2 +
(Visited 344 times, 1 visits today)
- You can follow any responses to this entry through the RSS 2.0 feed.
- Both comments and pings are currently closed.