Forums
-
Community Links
-
Terms, Privacy Policy & Frequently Asked Questions (253,608 visits to this link)
-
-
Community Discussions
-
- 2.3k
- posts
-
- What is the answer to your security question?
- By Progman,
-
-
Developers Forums
-
- 12.7k
- posts
-
- Resolve field with declaring type containing generic parameter
- By CodeExplorer,
-
- 437
- posts
-
- Leaked VMProtect sources
- By H1TC43R,
-
- 932
- posts
-
- Ofuscator .NET
- By Teddy Rogers,
-
-
Reverse Code Engineering
-
- 14.6k
- posts
-
- VMProtect HWID CrackMe
- By iced,
-
- 241
- posts
-
- Need help with keyboard firmware
- By guily6669,
-
- 452
- posts
-
- Get past an Incapsula block HTTP request
- By Progman,
-
- 1.7k
- posts
-
- Antivirus vs malwares difference???
- By ibay770,
-
- 2.5k
- posts
-
- Revteam Reverse Engineering Collection
- By helldorado,
-
- 199
- posts
-
- Software Reverse Engineer
- By derekb,
-
-
Community Projects
-
- 506
- posts
-
- Scylla Imports Reconstruction Source
- By Progman,
-
- 1.3k
- posts
-
- Requesting shadow (stealth) x64dbg
- By 111Polat111,
-
- 148
- posts
-
- 822
- posts
-
- TitanHide
- By Shub-Nigurrath,
-
-
Member Statistics
26,557
Total Members7,713
Most Online
Newest Member
buffer
Joined
-
Posts
-
By iced · Posted
Hey guys! I’m iced, a passionate student from Bosnia who’s really into reverse engineering. I decided to join Tuts4You to expand my knowledge and trade insights with people who are way better than me.Im also a friend of @0xret2win and he suggested me to join site and try to tackle couple of nice crackmes posted here. Also i dont think the guy who made this applied full protection settings. Anyways upon investigating this target i found two interesting calls: ( Not entierly sure if i should do step-by-step since if you follow "MessageBoxA" in ret and stack you will eventually get to same place i got ) "vmp-licensing-test.vmp.exe"+A19CAE - E8 B9CB60FF - call "vmp-licensing-test.vmp.exe"+2686C This is upon hitting "VMProtectGetCurrentHWID". RAX => 29 "vmp-licensing-test.vmp.exe"+A19C9C - E8 2550ABFF - call "vmp-licensing-test.vmp.exe"+4CECC6 This is upon hitting on "VMProtectSetSerialNumber". RAX => 20 Using x64dbg : 00007FF665759CAE | E8 B9CB60FF | call vmp-licensing-test.vmp.7FF664D6686C | -> VMProtectGetCurrentHWID 00007FF665759C9C | E8 2550ABFF | call vmp-licensing-test.vmp.7FF66520ECC6 | -> VMProtectSetSerialNumber -
By ibay770 · Posted
https://www.techrepublic.com/forums/discussions/here-are-25-reasons-why-windows-is-not-a-virus/ -
By ibay770 · Posted
Was the driver itself malware? Also, is there a way to disable all protection by default? -
By CodeExplorer · Posted
Resolve field with declaring type containing generic parameter FieldDef dnlibfield = instructions[i].Operand as FieldDef; if (!dnlibfield.DeclaringType.ContainsGenericParameter) field = assembly.ManifestModule.ResolveField(dnlibfield.MDToken.ToInt32()); else { // here is the problem: Type declType = assembly.ManifestModule.ResolveType(dnlibfield.DeclaringType.MDToken.ToInt32()); } So how do use dnlib to resolve declaring type containing generic parameter ??? public virtual System.Reflection.FieldInfo? ResolveField(int metadataToken, Type[]? genericTypeArguments, Type[]? genericMethodArguments); https://learn.microsoft.com/en-us/dotnet/api/system.reflection.module.resolvefield?view=net-9.0#system-reflection-module-resolvefield(system-int32-system-type()-system-type()) -
By HostageOfCode · Posted
Just find MrExodia's src he shared some years ago and update it for the new enigma versions.
-
-
Popular Contributors
-
1
CodeExplorer
37 -
2
jackyjask
16 -
3
dotdll
13 -
4
whoknows
10 -
5
Teddy Rogers
5
-
-
Files
-
-
File Comments
-
Tell a friend
