Board view
Mix viewspeedsys.exe packed (Users)
posted by ecm 
, Düsseldorf, Germany, 13.04.2025, 14:32
> > You mentioned that the executable that you've used is
> > packed:
> >
> > > Now I'd like to know how to patch (skip)
> > > this IO access at runtime by some TSR or
> > > loader as I cannot patch the EXE coz it's
> > > encrypted or packed by unknown exe
> > > packer... Speedsys checks for V86 mode and
> > > complains about it (can run but very
> > > limitest tests available)
> >
> > If it's created by
> >
> speedin1
> > then it's just a DOS/EXE UPX with the "UPX!" signature (offset 55h) and
> the
> > depacked size (offset 6Bh) hacked. You can restore the signature
> manually
> > then adjust the checksum (offset 6Fh).
> > UPXDUMP can tell
> you
> > the current and expected checksum. After hacking the size and checksum
> to
> > mirror the speedin1 modification I was able to unpack an executable
> using
> > upx-ucl -d test.exe, despite the wrong size field.
>
> Hmm, the speedsys.exe file in
> https://www.philscomputerlab.com/dos-benchmark-pack.html isn't packed in
> this way.
I did try to hack 55h to "UPX!" and then adjusted the checksum at offset 6Fh and it seems to depack using upx-ucl -d. I didn't run the resulting executable but it seems fine. So maybe it is packed the same way after all, just different garbage in the hacked fields?
---
l
Complete thread:
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 10:44 (Users)
![[Board]](img/board_d.gif "Open in board view")
![[Mix]](img/mix_d.gif "Open in mix view")
- debugxv - how to use I/O watchpoint? - Japheth, 08.04.2025, 12:30
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 14:11
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:53
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 11:19
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 16:33
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 20:08
- debugxv - how to use I/O watchpoint? - RayeR, 11.04.2025, 06:14
- debugxv - how to use I/O watchpoint? - Japheth, 11.04.2025, 09:10
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 05:59
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 09:16
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 15:02
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 16:58
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 18:10
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 19:05
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 20:11
- debugxv - how to use I/O watchpoint? - RayeR, 13.04.2025, 07:12
- debugxv - how to use I/O watchpoint? - ecm, 13.04.2025, 14:13
- speedsys.exe packed - ecm, 13.04.2025, 14:25
- speedsys.exe packed - ecm, 13.04.2025, 14:32
- speedsys.exe packed - RayeR, 15.04.2025, 06:43
- speedsys.exe packed - ecm, 13.04.2025, 14:32
- speedsys.exe packed - ecm, 13.04.2025, 14:25
- debugxv - how to use I/O watchpoint? - ecm, 13.04.2025, 14:13
- debugxv - how to use I/O watchpoint? - rr, 12.04.2025, 19:05
- debugxv - how to use I/O watchpoint? - Japheth, 12.04.2025, 09:16
- debugxv - how to use I/O watchpoint? - RayeR, 12.04.2025, 05:59
- debugxv - how to use I/O watchpoint? - Japheth, 11.04.2025, 09:10
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 16:33
- debugxv - how to use I/O watchpoint? - tom, 09.04.2025, 21:06
- debugxv - how to use I/O watchpoint? - Japheth, 10.04.2025, 13:14
- debugxv - how to use I/O watchpoint? - tom, 10.04.2025, 18:27
- debugxv - how to use I/O watchpoint? - Japheth, 10.04.2025, 13:14
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 11:19
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:53
- debugxv - how to use I/O watchpoint? - RayeR, 09.04.2025, 02:58
- debugxv - how to use I/O watchpoint? - Japheth, 09.04.2025, 05:50
- debugxv - how to use I/O watchpoint? - RayeR, 08.04.2025, 14:11
- debugxv - how to use I/O watchpoint? - Japheth, 08.04.2025, 12:30
