Go Back   FileForums > Games > Game Coders

Reply
 
Thread Tools Display Modes
  #1  
Old 13-01-2009, 17:28
pikachu5501 pikachu5501 is offline
Senior Member
 
Join Date: Oct 2006
Location: canada
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
pikachu5501 is on a distinguished road
compress or encrypted exe files.

First, happy new years to everyone, second, my nick sucks, i know.

Ok, simple question: I want to train/modify a game but when i open it with olydbg, it said that it might be compress or encrypted and all i see is mostly "db (some number)" so i can't work like that. Also, in cheat engine, the process show twice in the process list (wierd, i just start-it once). Probally some kind of embeded thing wrapper drm [email protected]# .

so what i would need to know is how if there is tools that uncompress or can extract from memory the uncompressed content of a executable files or a at least, be able to work with a compressed/encrypted file with a debugger such as oly.


Thanx in advance.

Last edited by pikachu5501; 13-01-2009 at 18:41.
Reply With Quote
Sponsored Links
  #2  
Old 13-01-2009, 22:09
DABhand DABhand is offline
Banned
 
Join Date: Nov 2004
Location: Near my PC
Posts: 5,406
Thanks: 0
Thanked 3 Times in 3 Posts
DABhand is on a distinguished road
Olly is a debugger, and most protected wrapped executables will notice it running and either give your debugger a hard time by crashing the game or give you scrambled assembly.

I know its nice for breakpoints etc and tracing, but ideally you would need an unwrapped executable or somehow remote debug it.

Still Cheat Engine has a handy debugger of sorts, not good like olly but at least you can get somewhere with it.
Reply With Quote
  #3  
Old 14-01-2009, 22:29
pikachu5501 pikachu5501 is offline
Senior Member
 
Join Date: Oct 2006
Location: canada
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
pikachu5501 is on a distinguished road
thank you for you answer. I will look around about unwrapping and remote debugging.
Reply With Quote
  #4  
Old 19-01-2009, 20:34
pikachu5501 pikachu5501 is offline
Senior Member
 
Join Date: Oct 2006
Location: canada
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
pikachu5501 is on a distinguished road
But one more thing: When the code data is in memory then, it not compressed or encrypted but it is the prog itselft that detect a debugger and screws-up everything so it can't be read, right? . If then someone can find what call that function and "nop" the call for example... anyway.. just some thought a have about all this.
Reply With Quote
  #5  
Old 20-01-2009, 00:44
TippeX's Avatar
TippeX TippeX is offline
zeroes and ones.....
 
Join Date: Jan 2003
Posts: 3,843
Thanks: 2
Thanked 35 Times in 23 Posts
TippeX is on a distinguished road
code runs-> hits entrypoint
code is then decrypted/decompressed
import table probably then 'filled'
normal code is then executed

thats the normal steps the system takes when the exe is packed/compressed/crypted

you're sort of asking for a generic method, and there isn't one, while packers and cryptors follow a common 'theme', their methods can be vastly different, and debugger detection (and getting around it) relies entirely on your own skill level... try using some anti-anti debug plugins to avoid detection, or spend some time, trace the code and see how its detecting your debugger... there are no quick, short answers sadly
__________________
bleh
DO NOT PM me with questions, leave that in the forums...ESPECIALLY if i dont know you...
Reply With Quote
  #6  
Old 21-01-2009, 06:08
pikachu5501 pikachu5501 is offline
Senior Member
 
Join Date: Oct 2006
Location: canada
Posts: 101
Thanks: 0
Thanked 0 Times in 0 Posts
pikachu5501 is on a distinguished road
thanx for replying so fast . i though so that it wouldn't be that easy but i will keep trying and i appreciated all the info i got here since; it helped me a lot.
Reply With Quote
  #7  
Old 12-03-2009, 00:51
Alchemist256 Alchemist256 is offline
Junior Member
 
Join Date: Mar 2009
Location: AZERBEIJAN
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Alchemist256 is on a distinguished road
Try some regular unwrappers, most of the games nowadays use standard tools to protect from copying\modifying code.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Sims 2 + All Expansion Packs CaferGameStudios PC Games - CD/DVD Conversions 2 04-02-2012 14:22
call of duty 2 1.2 linux server fix? MCorleone General Gaming 13 22-06-2006 21:26
Multiple Games to DVD Grumpy PC Games - CD/DVD Conversions 6 22-12-2005 16:47



All times are GMT -7. The time now is 00:07.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
Copyright 2000-2018, FileForums @ https://fileforums.com