All Activity
This stream auto-updates
- Today
-
LaffLmao joined the community
-
koloba joined the community
- Yesterday
-
Josea joined the community
-
system24 joined the community
-
FullTuts joined the community
-
Mattes joined the community
-
VMP is hard decode. Password : vccode, appears a few in the entrance VM Bytecode(RVA : 001D5EC3) on the EAX, ESI register. And you can see clearly at the address RVA 00004790(stack and register) just before it was compared and return value ☺️.And only patch return value or trace find vm-jcc
-
Aekras1a joined the community
-
debomugaso joined the community
-
DmitriySalnikov joined the community
-
RDS joined the community
- Last week
-
FFmpeg - Audio bitrate not same
LCF-AT replied to LCF-AT's topic in General Discussions and Off Topic
Hi, I found that info already but it dosent work. Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten. C:\ffmpeg-4.0.1-win32-static\bin 1>ffmpeg -headers $'X-API-KEY: g\r\nuser-agent:3' -i "....m3u8" -v trace ffmpeg version 4.0.1 Copyright (c) 2000-2018 the FFmpeg developers built with gcc 7.3.1 (GCC) 20180710 configuration: --enable-gpl --enable-version3 --enable-sdl2 --enable-bzlib --enable-fontconfig --enable-gnutls --enable-iconv --enable-libass --enable-libbluray --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg - -enable-libopus --enable-libshine --enable-libsnappy --enable-libsoxr --enable-libtheora --enable-libtwolame --enable-libvpx --enable-libwavpack --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libzimg --enable-lzma --enable-zlib --enable-gmp --enable- libvidstab --enable-libvorbis --enable-libvo-amrwbenc --enable-libmysofa --enable-libspeex --enable-libxvid --enable-libaom --enable-libmfx --enable-amf --enable-ffnvcodec --enable-cuvid --enable-d3d11va --enable-nvenc --enable-nvdec --enable-dxva2 --enable-avisynth libavutil 56. 14.100 / 56. 14.100 libavcodec 58. 18.100 / 58. 18.100 libavformat 58. 12.100 / 58. 12.100 libavdevice 58. 3.100 / 58. 3.100 libavfilter 7. 16.100 / 7. 16.100 libswscale 5. 1.100 / 5. 1.100 libswresample 3. 1.100 / 3. 1.100 libpostproc 55. 1.100 / 55. 1.100 Splitting the commandline. Reading option '-headers' ... matched as AVOption 'headers' with argument '$'X-API-KEY:'. Reading option 'g\r\nuser-agent:3'' ... matched as output url. Reading option '-i' ... matched as input url with argument '.....m3u8'. Reading option '-v' ... matched as option 'v' (set logging level) with argument 'trace'. Finished splitting the commandline. Parsing a group of options: global . Applying option v (set logging level) with argument trace. Successfully parsed a group of options. Parsing a group of options: input url .....m3u8. Successfully parsed a group of options. Opening an input file: .....m3u8. [NULL @ 0052f780] Opening '.....m3u8' for reading [https @ 04943b80] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy' [https @ 04943b80] request: GET /....m3u8 HTTP/1.1 User-Agent: Lavf/58.12.100 Accept: */* Range: bytes=0- Connection: close Host: .....net Icy-MetaData: 1 Thats the problem.If I use -headers parameter once then it will add it below but I need to add many header paramters not only one.If I use more than one -headers xy then it only adds the last one.Any more clues? greetz -
FFmpeg - Audio bitrate not same
NeWOT replied to LCF-AT's topic in General Discussions and Off Topic
Hi @LCF-AT, Try something like(tested): ffmpeg -headers $'X-API-KEY: g\r\nuser-agent:3' ... -
FFmpeg - Audio bitrate not same
LCF-AT replied to LCF-AT's topic in General Discussions and Off Topic
Hi guys, I have a new small question about ffmpeg and using custom request http header datas.I have test it and I dont get it working anymore so correctly and I just get it work with only one header paramter also if I am using more than one.So ffmpeg said this... http AVOptions: -headers <string> ED....... set custom HTTP headers, can override built in default headers ...so if I use this paramter -headers "User-Agent: test" then it works.So now I would like to use more than one but if I do that then only the last -headers paramter gets added to the header and all before gets ignored.So does anyone remember how to make it correctly to set more than one header paramters for a commandline I can enter in CMD window?Is there any issue with CLRF and if yes how to enter that in text form?Maybe anyone has any example for that. Thanks -
Yes, pw is correct. can u take a cracked file?
-
Password is : vccode
-
What i got so far... i just went to the method where it decrypts it and set a bp to get the key. some strings are decrypted. i don't know how to make my own string decrypter to do the other parts automatically. key: crack-me_obfuscated_stringdec.exe
-
Difficulty : 6-7 Language : C++, Platform : Windows x32 OS Version : Windows 7+ Packer / Protector : VMProtect 3.0.9 Ultimate Description : Provide correct password or cracked file. if you manage to crack please leave a tutorial. Screenshot : CrackM3.exe
-
will be interesting to see this out in the wild and how it holds up (if a game ever has it lol)
-
it would also appear theres a new denuvo-a-like in town.. https://valeroa.com/ havent seen anything 'protected' with it though so if anyone comes across any targets, please let me know
-
https://torrentfreak.com/hitman-2s-denuvo-protection-cracked-three-days-before-launch-181112/ 😎
-
Game bot, client reaction when sending a packet?
atom0s replied to Netskyes's topic in Internet and Network Security
Depends on the game. If the movement is synced in some manner after you send the packet to move, the server will respond back that it did or didn't move etc. If the game doesn't sync then if you want to visually see the move you'd have to tell the client to move by force as well. -
Game bot, client reaction when sending a packet?
Netskyes posted a topic in Internet and Network Security
Hey all, I've created a packet sniffer and lets say I've hooked up a game and can intercept all traffic, modify packets, replay etc. Now the question is, when I replay a packet, lets say Moving packet, how does the game client know it should move when I only send it to server and receive a response? Does the client upon receiving that info from server move or? If anyone has any idea on how exactly this part works I'd appreciate the input. Thanks! -
It's called threading / threaded execution. edit: disregard, putting downvoted posts at the end of the thread successfully confused me.
-
Pass: rb3-Unpacked.exe
-
Hi. its month after challenge v2, but i had free time just now, to work on target. Result of both Key 1 & 2 are identical compared to Protected file. Kind Regards devirtualizeme32_vmp_3.0.9_v2_DeVM_Final_OK.exe
-
Keep in mind that i dont convert vmp's x86 straight to llvm ir (if you are looking for something like that, McSema might help). Instead, I translate the handlers into my own node things, which i then create llvm ir from. There is a bunch of nodes, but most are pretty straight forward. This is how Add looks like: struct AddNode : public BinaryNode { AddNode(const NodePtr &left_value_node, const NodePtr &right_value_node) : BinaryNode(left_value_node, right_value_node) { } void get_name(std::ostream &o) const override { o << "add"; } void gen_ir(GenIr &o) const override { o << id(index) << " = add " << get_ir_type(width) << " " << id(left_value_node->index) << ", " << id(right_value_node->index) << endl; } Width get_width() const override { return left_value_node->width; } }; So it expects 2 input nodes (which usually come from vmp's stack). When generating IR, Node X expects its inputs to already be generated and available via their input's index, so Add can just use consume them, create an Add instruction and thus create a new result, which itself will be consumed eventually (or not, if its a deadstore)
-
Difficulty : 7 Language : C++ (crt support) / C# (:NET 2.0) Platform : Windows 7+ (X86) OS Version : All Widnows Packer / Protector : Rlpack, Upx (custom), ConfuserEx(custom) , Memory protection, Antidebug (ASM) Description : This one is for most experienced reversers. Because computing runtime is spreaded in to the three PE files. Screenshot : CrackMe^ v15___.zip
-
Brtbl changed their profile photo
-
How to find routine?
-
Email service DNSSEC signature is not valid
evlncrn8 replied to hex_none's topic in Site Bug Reports and Technical Issues
https://dnssec-analyzer.verisignlabs.com/tut.tuts4you.com -
Email service DNSSEC signature is not valid
hex_none posted a topic in Site Bug Reports and Technical Issues
Forum email-service has tut.tuts4you.com domain which has invalid DNSSEC records. So my email-provider classified as spam and rejected these emails. Please fix this misconfiguration. - Earlier
-
SkyProud changed their profile photo
-
How did you convert that assembly to llvm IR? It looks pretty good.
-
good job
-
AlisaCodeDragon changed their profile photo
-
[UnpackMe] Private Exe Protector 4.4.2 + License ID
estelle970 replied to Arting's topic in Archived
hello dear, SHADOW_UA I am new here and still learn can you make a detailed tutorial for unpacking private exe protector 4.4.x (prefered video), please? regards -
Protection for Native Driver / Applicaition
HostageOfCode replied to KoMaR1911's topic in Software Security
Haven't seen so far unpacked or devirtualized driver of any protector above. So far as far as i know exist only dynamic devirtualizers which don't see how will work in kernel mode. Only static devirtualizer for kernel mode would work but not sure any of this exists.
