11-06-2015, 09:41 AM
(This post was last modified: 11-06-2015, 10:33 AM by tombmonkey.)
No luck, saddly, unless I did something wrong. Gonna guess the password is in a .dll or something.
Gonna try following the debugger tutorial, wish me luck
EDIT: Only got 3 signatures, one being anti-debug, not sure but I think this means the .exe is protected, maybe this is why the password didn't turn up in the previous try?
If anyone smarter than me manages to dig out the password or unpack the files somehow I'm willing to help in the sorting, arranging, uploading proccess.
Code:
F:\Games\quickbms>quickbms zip_pwd_scanner.bms "F:\Games\Dragon Fin Soup\resourc
es.dfs"
QuickBMS generic files extractor and reimporter 0.6.7a
by Luigi Auriemma
e-mail: me@aluigi.org
web: aluigi.org
(Sep 14 2015 - 21:30:55)
http://quickbms.aluigi.org
http://twitter.com/luigi_auriemma
http://zenhax.com
- open input file F:\Games\Dragon Fin Soup\resources.dfs
- open script zip_pwd_scanner.bms
- set output folder .
offset filesize filename
--------------------------------------
- enter in folder F:\Games\Dragon Fin Soup
- open input file F:\Games\Dragon Fin Soup\passwords_list.txt
- SCRIPT's MESSAGE:
the error "incomplete input file number 1" means that no password was found
- SCRIPT's MESSAGE:
FILE: animations/
- SCRIPT's MESSAGE:
FILE: animations/actortrapspike.plist
- SCRIPT's MESSAGE:
scanning in progress, please wait patiently...
- 0 files found in 0 seconds
coverage file 0 0% 439 1280807720
coverage file 1 100% 219785 219785
coverage file -1 0% 0 325
coverage file -2 909600% 3065352 337
F:\Games\quickbms>Gonna try following the debugger tutorial, wish me luck
EDIT: Only got 3 signatures, one being anti-debug, not sure but I think this means the .exe is protected, maybe this is why the password didn't turn up in the previous try?
Code:
F:\Games\quickbms\ZipTools>signsrch -P DragonFinSoup.exe
Signsrch 0.2.3
by Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org
optimized search function by Andrew http://www.team5150.com/~andrew/
disassembler engine by Oleh Yuschuk
- 01060000 00c7b000 F:\Games\Dragon Fin Soup\DragonFinSoup.exe
- pid 8108
- base address 0x01060000
- offset 01060000 size 00c7b000
- 13086720 bytes allocated
- load signatures
- open file F:\Games\quickbms\ZipTools\signsrch.sig
- 3069 signatures in the database
- WARNING:
the file loaded in memory is very big so the scanning may take many time
- start 12 threads
- start signatures scanning:
offset num description [bits.endian.size]
--------------------------------------------
010d6d99 3048 DMC compression [32.le.16&]
0146cd8e 2545 anti-debug: IsDebuggerPresent [..17]
01c78813 1297 TEA encryption/decryption (0xc6ef3720 0x61c88647) [32.le.8&]
- 3 signatures found in the file in 28 seconds
- done
F:\Games\quickbms\ZipTools>If anyone smarter than me manages to dig out the password or unpack the files somehow I'm willing to help in the sorting, arranging, uploading proccess.