So apparently some guys try to unpack the eso binary, and other guys spam my PM box with question, so I decided to make this short tutorial.
The OS version used to unpack the binary is "Windows XP SP3", so there is no ASLR applied on the binary, and ollyDBG v1 can work (I prefere the version one than two).
At the end of this tutorial you will find, a link to an archive with the original eso binary, ollydbg v1 and the plugin I used.
First open ollydbg and configure the phant0m plugin like this :
Go the menu "File" and choose "Open", and select the file "eso.exe".
Olly detect that the binary is packed stop the analysis.
The binary is loaded press F7 for steping to the instruction aftter PUSH EBX, so that the value of EBX has been pushed on the stack.
Right click in the registry window on ESP and choose "Follow in Dump", it will display the content of the stack in the dump window.
Select the first DWORD, right click and put an hardware breakpoint on access on it.
Press SHITF + F9 until the value will be accessed by this adress, you can recognize that the call is the "call security_init_cookie" (you can follow the assembly to see that), and the jump is the "jmp mainCRTStartup". So you are at OEP !
You can now dump the process like that.
And you can load the binary in IDA !
Link to ollydbg + bin + plugins : HERE
That's it. Btw I will not answer to some n00b ollydbg or IDA questions.