Foro de elhacker.net

Programación => Ingeniería Inversa => Mensaje iniciado por: Faez Abdala en 1 Mayo 2017, 17:20 pm


Título: Unpacker
Publicado por: Faez Abdala en 1 Mayo 2017, 17:20 pm
Buenos dias quisiera sabe quien me ayuda para extraer un exe protegido con unity 3D alguien podria decirme porfavor que puedo usar para lograrlo :-* Gracias

Título: Re: Unpacker
Publicado por: apuromafo CLS en 1 Mayo 2017, 21:46 pm
unity 3d no es un sistema de proteccion

es una libreria para generar librerias ofuscadas entre otros detalles
http://en.unity3d.netobf.com/


sabes que es desempacar? es devolver el flujo de un programa a su entrypoint , para esto debes saber de ing inversa ...favor leer las chinchetas
en el caso de ofuscar lo inverso seria desofuscar...

minimo para detectar que packer o protector usa rdg packer detector o bien PID protection ID

hoy en dia hay muchos tutoriales , aqui por ejemplo tienes un video como "unpack" desempacar un programa con upx
https://www.youtube.com/watch?v=c4CNY902SAE&list=PL6mApIrwvMthNYqiL8bjCc2oOlQ-yUHeY&index=6

si realmente quieres seguir viendo del tema:
https://forum.unity3d.com/threads/unity-3d-obfuscator-a-special-protection-tool-for-unity-3d.51356/


Título: Re: Unpacker
Publicado por: Eleкtro en 1 Mayo 2017, 23:22 pm
Cita de: apuromafo en  1 Mayo 2017, 21:46 pm
unity 3d no es un sistema de proteccion

Al leer la pregunta yo di por hecho que se estaría refiriendo a alguna característica que la IDE de Unity 3D proporcionará para ofuscar/proteger el executable compilado. ¿No podría ser?.

Supongo que el autor de la pregunta o algún usuario de Unity debería aclararlo.

¡Saludos!

Título: Re: Unpacker
Publicado por: Faez Abdala en 1 Mayo 2017, 23:45 pm
es exactamente lo que dice elektro
quiero extraer los archivos compilados del ejecutable que fue protegido por este programa Unity3dObfuscator Mi pregunta para aclarar es como lo podria lograr

·No hagas Doble post, usa el botón modificar
>aquí las reglas del foro (http://foro.elhacker.net/reglas.htm)
-Engel Lex

Título: Re: Unpacker
Publicado por: engel lex en 1 Mayo 2017, 23:47 pm
Cita de: Faez Abdala en  1 Mayo 2017, 23:45 pm
es exactamente lo que dice elektro

por favor aporta tanta información como puedas de una sola vez, todos los detalles que sepas, esto de sacar información a cucharadas, no ayuda a nadie...  :-\

chequea los temas fijos en este subforo para aprender sobre como decompilar un programa y realizar este tipo de acciones y si te quedas trancado avisa

Título: Re: Unpacker
Publicado por: Faez Abdala en 2 Mayo 2017, 00:08 am
Con sus aclaraciones y lo que me dijeron llegue a la conclusion que lo que yo en realidad quiero saber es como poder extraer los archivos que tienen comprimidos un exe lo que pasa es que este exe es un mod de un juego el cual esta protegido porque  fue compilado por unity3dObfuscator
entonces como lo puedo extraer que nesecito saber para poder extraerlo o que programa puedo usar , este es el programa ya con el mod http://www.mediafire.com/download/xhy7s8hcsotwv8s/RCFinal.exe quiero saber como extraer su archivos

Título: Re: Unpacker
Publicado por: Eleкtro en 2 Mayo 2017, 01:15 am
Cita de: Faez Abdala en  2 Mayo 2017, 00:08 am
esta protegido porque  fue compilado por unity3dObfuscator

El software de protección al que se refiere al parecer es el siguiente:
  • https://forum.unity3d.com/threads/unity-3d-obfuscator-a-special-protection-tool-for-unity-3d.51356/ (https://forum.unity3d.com/threads/unity-3d-obfuscator-a-special-protection-tool-for-unity-3d.51356/)
  • http://en.unity3d.netobf.com/

Cita de: Faez Abdala en  2 Mayo 2017, 00:08 am
que nesecito saber para poder extraerlo

En los resultados de Google no parece haber ninguna información y/o intentos al respecto sobre el procedimiento. Yo no sé como, no soy cracker.

¡Saludos!

Título: Re: Unpacker
Publicado por: apuromafo CLS en 2 Mayo 2017, 05:26 am
veamos veamos que tenemos:

un programa que usa ofuscacion ,luego parece tener algun packer relacionado a enigma protector y luego salta al oep (no es nada distinto de upx)


oep:
0089F543 | E8 87 12 01 00           | call <sub_8B07CF>                       |
0089F548 | E9 89 FE FF FF           | jmp 89F3D6                              |
0089F54D | 6A 14                    | push 14                                 |

ahora bien si usa otra imagebase(el que deberia ser)
017EF543 | E8 87 12 01 00           | call 18007CF                            |
017EF548 | E9 89 FE FF FF           | jmp 17EF3D6                             |
017EF54D | 6A 14                    | push 14                                 |
017EF54F | 68 58 15 D4 01           | push 1D41558           |
017EF554 | E8 17 1D 00 00           | call 17F1270                            |
017EF559 | 83 65 FC 00              | and dword ptr ss:[ebp-4],0              |


respecto de la iat no es distinto de todos..posiblemente hay 1 entrada invalida que es validada desde tls por lo cual no debes hacerle nada
si lo fixeas a 0

el scan del unpacked es
-=[ ProtectionID v0.6.8.5 DECEMBER]=-
(c) 2003-2017 CDKiLLER & TippeX
Build 24/12/16-13:09:21
Ready...
Scanning -> C:\Users\Pc\Downloads\RCFinal_dump - copia_SCY.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 11800576 (0B41000h) Byte(s) | Machine: 0x14C (I386)
Compilation TimeStamp : 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT)
[TimeStamp] 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT) | PE Header | - | Offset: 0x00000048 | VA: 0x00400048 | -
[TimeStamp] 0x546B783B -> Tue 18th Nov 2014 16:47:55 (GMT) | Export | - | Offset: 0x009F6C24 | VA: 0x00DF8224 | -
[TimeStamp] 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT) | DebugDirectory | - | Offset: 0x0085F904 | VA: 0x00C60F04 | -
[!] Executable uses TLS callbacks (1 total... 0 invalid addresses)
[File Heuristics] -> Flag #1 : 00000100000001011101000100000000 (0x0405D100)
[Entrypoint Section Entropy] : 6.75 (section #0) ".text   " | Size : 0x85E600 (8775168) byte(s)
[DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA
[SectionCount] 10 (0xA) | ImageSize 0xBF8000 (12550144) byte(s)
[Export] 100% of function(s) (60 of 60) are in file | 0 are forwarded | 59 code | 1 data | 0 uninit data | 0 unknown |
[VersionInfo] Product Version : 4.6.0.178163
[VersionInfo] File Version : 4.6.0.178163
[ModuleReport] [IAT] Modules -> advapi32.dll | dnsapi.dll | gdi32.dll | hid.dll | imm32.dll | IPHLPAPI.DLL | kernel32.dll | msacm32.dll | oleaut32.dll | opengl32.dll | shell32.dll | shlwapi.dll | user32.dll | version.dll | winhttp.dll | winmm.dll | ws2_32.dll | ole32.dll
[Debug Info] (record 1 of 1) (file offset 0x85F900)
Characteristics : 0x0 | TimeDateStamp : 0x546B783D (Tue 18th Nov 2014 16:47:57 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0)
Type : 2 (0x2) -> CodeView | Size : 0x4C (76)
AddressOfRawData : 0x9D83E0 | PointerToRawData : 0x9D6DE0
CvSig : 0x53445352 | SigGuid 0B1A7ECB-7F9C-43A7-B49EDAFE4BB95B29
Age : 0x1 (1) | Pdb : C:\BuildAgent\temp\buildTmp\UnityPlayer_Symbols.pdb
[CdKeySerial] found "Invalid serial" @ VA: 0x008856E0 / Offset: 0x008840E0
[CdKeySerial] found "Invalid code" @ VA: 0x00929C64 / Offset: 0x00928664
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE63 / Offset: 0x0093D863
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE80 / Offset: 0x0093D880
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE93 / Offset: 0x0093D893
[CdKeySerial] found "Serial Number" @ VA: 0x00976B81 / Offset: 0x00975581
[CdKeySerial] found "SerialNumber" @ VA: 0x009771A0 / Offset: 0x00975BA0
[CdKeySerial] found "SerialNumber" @ VA: 0x009988D7 / Offset: 0x009972D7
[CdKeySerial] found "SerialNumber" @ VA: 0x00998989 / Offset: 0x00997389
[c] Unity Version 4.6.0f3_30840d631a27 detected
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 2.250 Second(s) [000000ABEh (2750) tick(s)] [506 of 580 scan(s) done]
si lo dejas tal cual con el valor dword mostrará que es un
[CompilerDetect] -> Visual C++ 10.0 (Visual Studio 2010)

Scanning -> C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_unpacked.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 11595264 (0B0EE00h) Byte(s) | Machine: 0x14C (I386)
Compilation TimeStamp : 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT)
[TimeStamp] 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT) | PE Header | - | Offset: 0x00000148 | VA: 0x00400148 | -
[TimeStamp] 0x546B783B -> Tue 18th Nov 2014 16:47:55 (GMT) | Export | - | Offset: 0x009F6C24 | VA: 0x00DF8224 | -
[TimeStamp] 0x546B783D -> Tue 18th Nov 2014 16:47:57 (GMT) | DebugDirectory | - | Offset: 0x0085F904 | VA: 0x00C60F04 | -
[File Heuristics] -> Flag #1 : 00000100000001001101000100000000 (0x0404D100)
[Entrypoint Section Entropy] : 6.75 (section #0) ".text   " | Size : 0x85E41C (8774684) byte(s)
[DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA
[SectionCount] 7 (0x7) | ImageSize 0xBB2000 (12263424) byte(s)
[Export] 100% of function(s) (60 of 60) are in file | 0 are forwarded | 59 code | 1 data | 0 uninit data | 0 unknown |
[VersionInfo] Product Version : 4.6.0.178163
[VersionInfo] File Version : 4.6.0.178163
[ModuleReport] [IAT] Modules -> HID.DLL | WS2_32.dll | KERNEL32.dll | USER32.dll | VERSION.dll | ole32.dll | SHLWAPI.dll | ADVAPI32.dll | GDI32.dll | SHELL32.dll | OPENGL32.dll | WINMM.dll | OLEAUT32.dll | MSACM32.dll | IMM32.dll | DNSAPI.dll | IPHLPAPI.DLL | WINHTTP.dll
[Debug Info] (record 1 of 1) (file offset 0x85F900)
Characteristics : 0x0 | TimeDateStamp : 0x546B783D (Tue 18th Nov 2014 16:47:57 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0)
Type : 2 (0x2) -> CodeView | Size : 0x4C (76)
AddressOfRawData : 0x9D83E0 | PointerToRawData : 0x9D6DE0
CvSig : 0x53445352 | SigGuid 0B1A7ECB-7F9C-43A7-B49EDAFE4BB95B29
Age : 0x1 (1) | Pdb : C:\BuildAgent\temp\buildTmp\UnityPlayer_Symbols.pdb
[CdKeySerial] found "Invalid serial" @ VA: 0x008856E0 / Offset: 0x008840E0
[CdKeySerial] found "Invalid code" @ VA: 0x00929C64 / Offset: 0x00928664
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE63 / Offset: 0x0093D863
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE80 / Offset: 0x0093D880
[CdKeySerial] found "Serial Number" @ VA: 0x0093EE93 / Offset: 0x0093D893
[CdKeySerial] found "Serial Number" @ VA: 0x00976B81 / Offset: 0x00975581
[CdKeySerial] found "SerialNumber" @ VA: 0x009771A0 / Offset: 0x00975BA0
[CdKeySerial] found "SerialNumber" @ VA: 0x009988D7 / Offset: 0x009972D7
[CdKeySerial] found "SerialNumber" @ VA: 0x00998989 / Offset: 0x00997389
[c] Unity Version 4.6.0f3_30840d631a27 detected
[CompilerDetect] -> Visual C++ 10.0 (Visual Studio 2010)
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 3.984 Second(s) [000000BC8h (3016) tick(s)] [506 of 580 scan(s) done]



en sus recursos se ven 5 dialogos de los cuales forma algo similar a un dialogo y usa algunos archivos de una carpeta data...

por el peso no es nada facil compartir nada de estos temas, en el estado actual pesa 10mb..falta aun ver mas..

listo, vi una signatura conocida de enigma virtualbox...busque si habian enigma vb unpacker si los hay
aqui tu log para que veas el resultado:


EnigmaVBUnpacker v0.33, compiled on 23-07-2015 11:30
Supports Enigma Virtual Box v4.10..7.30
Latest version always on https://forum.tuts4you.com and http://lifeinhex.com

  • Filename: C:\Users\Pc\Downloads\RCFinal.exe
  • MD5: 4DC7B532659AFF02957C6290B2598BE3
  • x86 executable
  • Embedded files are not compressed
  • EnigmaVB version: 7.30
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level0", size=0x8528C
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level1", size=0x2E42A8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level10", size=0x174E8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level2", size=0x116FC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level3", size=0x961C4
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level4", size=0x860C8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level5", size=0x58A0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level6", size=0x2F74EC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level7", size=0x18770
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level8", size=0x7B88
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level9", size=0x59EC8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\mainData", size=0xCAB50
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-CSharp-firstpass.dll", size=0xB200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-CSharp.dll", size=0x148A00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-UnityScript-firstpass.dll", size=0x13A00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-UnityScript.dll", size=0x4200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Boo.Lang.dll", size=0x1F000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\ICSharpCode.SharpZipLib.dll", size=0x31000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Mono.Security.dll", size=0x47800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\mscorlib.dll", size=0x261800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Photon3Unity3D.dll", size=0x23C00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\System.Core.dll", size=0x41800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\System.dll", size=0x105200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityEngine.dll", size=0x95000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityEngine.UI.dll", size=0x29600
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityScript.Lang.dll", size=0x3800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\1.0\DefaultWsdlHelpGenerator.aspx", size=0xE354
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\1.0\machine.config", size=0x436B
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\Browsers\Compat.browser", size=0x645
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\DefaultWsdlHelpGenerator.aspx", size=0xEC25
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\machine.config", size=0x6BEA
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\settings.map", size=0xA3A
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\web.config", size=0x2DA6
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\browscap.ini", size=0x4C2B0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\config", size=0x69B
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\mconfig\config.xml", size=0x64D9
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\mono.dll", size=0x201200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\output_log.txt", size=0xD78
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\ICSharpCode.SharpZipLib.dll", size=0x31000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\Photon3Unity3D.dll", size=0x23C00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\Photon3Unity3D.pdb", size=0x57600
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\RCAssets.unity3d", size=0xC3F224
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Resources\unity default resources", size=0x18529D
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Resources\unity_builtin_extra", size=0x5AF74
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\resources.assets", size=0x1738360
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets0.assets", size=0x17361C4
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets1.assets", size=0x22F84
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets10.assets", size=0x8468
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets11.assets", size=0x1168
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets2.assets", size=0xD2AEC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets3.assets", size=0x27F0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets4.assets", size=0x5B68
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets5.assets", size=0x2F9598
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets6.assets", size=0x1038
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets7.assets", size=0x3DC74C
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets8.assets", size=0x1300
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets9.assets", size=0x1118
  • Unpacked main file: C:\Users\Pc\Downloads\RCFinal_unpacked.exe
  • Finished!

hay una version mas nueva 0.35 de aqui bajas el unpacker
https://lifeinhex.com/quickpost-updated-enigmavb-unpacker/

EnigmaVBUnpacker v0.35, compiled on 28-04-2016 07:11
Supports Enigma Virtual Box v4.10..7.40
Latest version always on https://forum.tuts4you.com and http://lifeinhex.com

  • Filename: C:\Users\Pc\Downloads\RCFinal.exe
  • MD5: 4DC7B532659AFF02957C6290B2598BE3
  • x86 executable
  • Embedded files are not compressed
  • EnigmaVB version: 7.30
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level0", size=0x8528C
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level1", size=0x2E42A8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level10", size=0x174E8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level2", size=0x116FC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level3", size=0x961C4
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level4", size=0x860C8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level5", size=0x58A0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level6", size=0x2F74EC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level7", size=0x18770
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level8", size=0x7B88
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\level9", size=0x59EC8
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\mainData", size=0xCAB50
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-CSharp-firstpass.dll", size=0xB200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-CSharp.dll", size=0x148A00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-UnityScript-firstpass.dll", size=0x13A00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Assembly-UnityScript.dll", size=0x4200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Boo.Lang.dll", size=0x1F000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\ICSharpCode.SharpZipLib.dll", size=0x31000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Mono.Security.dll", size=0x47800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\mscorlib.dll", size=0x261800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\Photon3Unity3D.dll", size=0x23C00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\System.Core.dll", size=0x41800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\System.dll", size=0x105200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityEngine.dll", size=0x95000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityEngine.UI.dll", size=0x29600
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Managed\UnityScript.Lang.dll", size=0x3800
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\1.0\DefaultWsdlHelpGenerator.aspx", size=0xE354
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\1.0\machine.config", size=0x436B
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\Browsers\Compat.browser", size=0x645
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\DefaultWsdlHelpGenerator.aspx", size=0xEC25
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\machine.config", size=0x6BEA
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\settings.map", size=0xA3A
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\2.0\web.config", size=0x2DA6
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\browscap.ini", size=0x4C2B0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\config", size=0x69B
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\etc\mono\mconfig\config.xml", size=0x64D9
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Mono\mono.dll", size=0x201200
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\output_log.txt", size=0xD78
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\ICSharpCode.SharpZipLib.dll", size=0x31000
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\Photon3Unity3D.dll", size=0x23C00
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Plugins\Photon3Unity3D.pdb", size=0x57600
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\RCAssets.unity3d", size=0xC3F224
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Resources\unity default resources", size=0x18529D
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\Resources\unity_builtin_extra", size=0x5AF74
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\resources.assets", size=0x1738360
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets0.assets", size=0x17361C4
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets1.assets", size=0x22F84
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets10.assets", size=0x8468
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets11.assets", size=0x1168
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets2.assets", size=0xD2AEC
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets3.assets", size=0x27F0
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets4.assets", size=0x5B68
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets5.assets", size=0x2F9598
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets6.assets", size=0x1038
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets7.assets", size=0x3DC74C
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets8.assets", size=0x1300
  • File "C:\Users\Pc\Downloads\%DEFAULT FOLDER%\RCFinal_Data\sharedassets9.assets", size=0x1118
  • Unpacked main file: C:\Users\Pc\Downloads\RCFinal_unpacked.exe
  • Finished!


el resultado es que si, funciona xD
(http://i68.tinypic.com/2vuha8k.jpg)

unpacked:
http://rgho.st/788NL2wbl

Saludos Apuromafo


Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines