| Find the decryption key | Custom packer,no virtualization #2 |
Just start reversing this. I see three sections with -W-, RWX, --- memory rights. I gues there is one-time payload/original code unpackage process. Have some idea to improve packer - try add page-by-page unpacking, don't unpack all code at one time. Unpack just that you need to execute at the moment. Hope this idea will helpfull |
2026-05-15 00:03 |
| Easy for begin |
Update: ok, i did it. I needed to take a closer look |
2025-10-02 11:28 |
| Easy for begin |
Guys, I'm almost a complete beginner, and can someone explain the following to me? Writeups provide the addresses of the functions we need. I fully understand the solution process, but I don't know how to find the functions in the Ghidra that we need to set breakpoints in the debugger. |
2025-10-02 10:23 |