Can anyone remove the gameguard?

[srin]

can anyone unpack the korean client projectg.exe and remove the gameguard?
I wish i could run projectg.exe in korean but I don't know about reversing.

This is the korean client.
https://drive.google.com/open?id=0B4...XgzU2ZRelhTbkE

Thank you.

[MentaL]

[jtb1]

look at github a tutorial have been make for do it

[Bola]

look at github a tutorial have been make for do it

Which github ?

[jtb1]

https://github.com/outubro/PangYa

--> tutorial for unpack and nulled gameguard for pangya

[srin]

Thank you for your reply jtb1, I tried to unpack and following guide step by step.
when I unpack projectG.exe file inside this guide I can unpack it.
but both Korean client and Japan client(live version currently) can't unpacked.

when Unpack korean client, an Internet Explorer window pops up
(guide) * FIND VM OEP BY LCF-AT? Do not <---- when after doing this
and process projectG.exe is end.

and when unpack japan client, ODbgScript pops up for me
(title) MSG ODbgScript
(content)Themida - Winlicensed blabla
-+-+-+-+
No eax api's possible locations found, find it manually and resume script.
*******
LCF-AT
[OK][Cancel]

when after doing this: (guide) * FIND VM OEP BY LCF-AT? Do not

It seems this script fits only global pangya I think..

[jtb1]

if remember good the korean is not packed and the jap , i dont remember


Edit JP is :
Themida & WinLicense 2.0 - 2.1 - (special version for hide from PE scanners II-V)

--> so you need to find manually

[srin]

Oh thank you jtb1, I unpacked JP successfully!
now I will remove gameguard and the other things.
it is little bit hard to me..

but so much thankful to you!
------------
Edit - uh.. when I run the unpacked projectG, it crushes immediately..

[srin]

oh my gosh.. Korean pangya has different login method..
I removed gameguard successfully.
but the pangya client tried to login with http(s) protocol with port 80(443), not tcp with port 10103.

is there any information of korean login server?

anyway now I'll try to unpack jp server..
It is so hard..

----
Edit - I think JP client is packed by newest version of Themida..
I can't unpack this with Themida + WinLicense 2.0 ultra unpacker v1.4 by LCF-AT.
*sigh*

[jtb1]

for korean you need create "launcher"

for jp you need to try new way for fix it or use the old way and fix the entry point yourself

[srin]

I can run kr client without laucher. it shows login form like other clients.
but when I press the login button, client try to connect via http(s) protocol.

it is not pops up internet explorer, but just client is connecting itself.
I checked this with wireshark.

Login form : https://drive.google.com/open?id=0B4...XJuQ1F1ejVLTE0
Captured packet : https://drive.google.com/open?id=0B4...WdVUU1yYm1TX2M
https://drive.google.com/open?id=0B4...nlxZTNOT0p5Zkk