I have a file which is UPX packed. Is there any way I can change the headers and still find it as UPX packed? And how do I unpack it ? I tried a lot of tutorials and I am fed up as all explain the same method which doesnt work for me. the same problem is mentioned in the following : http://www.reteam.org/board/showthread.php?t=2670 I am not a well versed reverse engg.. :( jst a noob .. any ideas will be really helpful.
how to unpack a dll file which is UPX packed but also the headers are changed?
5.2k views Asked by kidd0 At
1
There are 1 answers
Related Questions in REVERSE-ENGINEERING
- How to find a sequence of bytes on the target program from my injected dll?
- Reversing and vtable swapping in dxgi.dll
- How to know Vector3 Position in Unity Mono Game
- Extracting an archive created via Java RandomAccessFile with PHP
- How can I verbosely track the whole process of calling a function?
- How can I patch a function call to a Windows DLL (e.g. kernel32 LoadLibrary)? Is this even possible?
- Grab SSL pinning certificate using Frida on iOS
- Kaitai Struct: error accessing elements in _parent
- How to restore damaged (mp3?) file
- CGSRegionRef: How is an arbitrary region represented as union of rects?
- can a convolutional neural network be reverse engineered?
- Decode suspected timestamps
- Extract Note Text Format (Bold/Italic/Strikethrough) from iOS OTG Backup
- Reverse engineer LCD Protocol used in MPC2000XL
- Opening a serial port using a prebuilt .so library
Related Questions in PORTABLE-EXECUTABLE
- How can I patch a function call to a Windows DLL (e.g. kernel32 LoadLibrary)? Is this even possible?
- How to protect MSI installer digital signature from tampering
- How can I extract raw bytes of DOS stub using python's pefile library?
- How can I decompile an exe protected by a PE packer?
- Spurious trampoline when calling function from DLL
- Trying to convert MASM into C equivalent, but getting different result
- Parse PE File with C in Windows
- PE Loader with Relocation
- How do file pointers point to the of data on the disk?
- Software copyright infringement
- Getting the forwarded function name
- parsing a PE file to find the export table address using CFF explorer and msdn doc
- Extract/parse resources from Portable Executable (PE) file
- A “universal” binary?
- Relocation Table and IDA
Related Questions in PACKING
- Code that outputs the center coordinates of a circle in the method of 2D packing the same circle of a regular hexagon
- Spheres random motion without overlap in Python
- Better way of writing similar functions that differ only by struct/class member variable name?
- Pyinstaller: Twilio package
- How to add new rectangles close to 0,0 on a infinite grid with later additions
- Difference between packing a struct vs union vs enum
- Checking overlap and tangent of 5 rectangles
- Creating a dense packing of spheres
- PHP simple packing items in boxes leads to unused space but there is capacity left
- My sprites don't fit in a single 4K Sprite Atlas. What happens with the remaining unpacked sprites that are added to a Sprite Atlas?
- What's the best way for packing rectangles and circles within rectangle?
- Generate pdf with pdfKit packingList
- Find the closest combination of items to the requirements
- import.meta.url breaking after packing
- How to extend an user definded table in SAP B1 10.0?
Related Questions in UPX
- libstdc++6 unmet dependencies installing upx-ucl
- UPX packed ELF turns into shared library instead of packed executable
- UPX packed binary getting corrupted in MAC
- upx4.0.1 dlopen failed: .dynamic section has invalid offset on Android
- no output after depacking C packed script with UPX
- Installing upx with Mac Big Sur
- pyinstaller and upx on Linux - no difference in exe size
- auto-py-to-exe generated 2 error messages: `UPX is not available` and `an error occurred while packaging`
- How to split Linux (Android) ARM64 executable into small and large parts?
- Executable made with pyInstaller/UPX experiences DLL load failed: The parameter is incorrect
- LoadLibrary error in pyinstaller bundled executable when compressed with UPX
- WinError 5 Access is denied when trying to include UPX dir in Pyinstaller
- Compressing a dynamically linked armeabi-v7a executable with UPX
- DLL load failure with Python3 (32bit)+PyInstaller+UPX (32bit) under Windows 10 (64bit)
- Pyinstaller not building correctly with PyQt5
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
For correcting the headers, you need to open up the file in a hexeditor and fix the offsets in the binary manually. Then you could use the upx.exe file to decrypt as
upx -d