Jump to content
Tuts 4 You

All Activity

This stream auto-updates     

  1. Past hour
  2. Yesterday
  3. !Eddy420CZ

    CrackMe^ v15 [Packers_Madness]

    Hey xD.. Good job. I codding new super protected version.. but its not done yet.. Want to PM? I have question
  4. Last week
  5. I am learning Wi32 GUI app development. I want to style and design my app using "sciter" library. But I am googling and trying to find a good article or tutorial series or similar like that (I want to reverse engineer app {Reversing Sciter app} ) but I can't find anything useful. popular apps are designed using Sciter. (ESET,Symantec etc) Any help appreciated.
  6. Hi again, it seems that the command with using CLRF \r\n only works for Linux systems. 😕 Now I found also another problem trying to play some rtmp streams with FFmpeg + rtmp commands.FFmpeg always fails with application rejected but FFplay does play it using exactly the same ffmpeg rtmp commands (app / playpath / swfurl etc).Thats strange. greetz
  7. Cursedzx

    Ama's Protector

    Difficulty : Probably 8 Language : C# .NET Platform : Windows (anyCPU) OS Version : Windows 7 Above Packer / Protector : Ama's Protector Description : Upload the Unpacked file and Give me a detailed tutorial. like... tell me the specific method or specfic tools you used in order. as i said in the previous unpack challenges XD. you know the rest. Screenshot : testapp_enc.exe
  8. GautamGreat

    CrackMe^ v15 [Packers_Madness]

    I'm not able to deobf ConfuserEx how noob I'm https://www119.zippyshare.com/v/txC1DUJf/file.html
  9. Hi again, still dont get it.So it really seems that its not possible to set more than one -headers xy paramters in commandline. -headers $"X-API-KEY: g\r\nuser-agent:3" [https @ 05253e40] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy' [https @ 05253e40] No trailing CRLF found in HTTP header. User-Agent: Lavf/58.12.100 Accept: */* Range: bytes=0- Connection: close Host: mcdn.daserste.de Icy-MetaData: 1 $X-API-KEY: g\r\nuser-agent:3 -headers $'X-API-KEY: g\r\nuser-agent:3' [https @ 0012ff00] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy' User-Agent: Lavf/58.12.100 Accept: */* Range: bytes=0- Connection: close Host: mcdn.daserste.de Icy-MetaData: 1 -headers "X-API-KEY: g"\r\n"user-agent:3"\r\n [https @ 00703e40] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy' [https @ 00703e40] No trailing CRLF found in HTTP header. User-Agent: Lavf/58.12.100 Accept: */* Range: bytes=0- Connection: close Host: mcdn.daserste.de Icy-MetaData: 1 X-API-KEY: g\r\nuser-agent:3\r\n What now?Anyone any idea or working commandline with minimum 2 header paramters? greetz
  10. dangducluan

    CrackMe VMP

    VMP is hard decode. Password : vccode, appears a few in the entrance VM Bytecode(RVA : 001D5EC3) on the EAX, ESI register. And you can see clearly at the address RVA 00004790(stack and register) just before it was compared and return value ☺️.And only patch return value or trace find vm-jcc
  11. Hi, I found that info already but it dosent work. Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten. C:\ffmpeg-4.0.1-win32-static\bin 1>ffmpeg -headers $'X-API-KEY: g\r\nuser-agent:3' -i "....m3u8" -v trace ffmpeg version 4.0.1 Copyright (c) 2000-2018 the FFmpeg developers built with gcc 7.3.1 (GCC) 20180710 configuration: --enable-gpl --enable-version3 --enable-sdl2 --enable-bzlib --enable-fontconfig --enable-gnutls --enable-iconv --enable-libass --enable-libbluray --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg - -enable-libopus --enable-libshine --enable-libsnappy --enable-libsoxr --enable-libtheora --enable-libtwolame --enable-libvpx --enable-libwavpack --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libzimg --enable-lzma --enable-zlib --enable-gmp --enable- libvidstab --enable-libvorbis --enable-libvo-amrwbenc --enable-libmysofa --enable-libspeex --enable-libxvid --enable-libaom --enable-libmfx --enable-amf --enable-ffnvcodec --enable-cuvid --enable-d3d11va --enable-nvenc --enable-nvdec --enable-dxva2 --enable-avisynth libavutil 56. 14.100 / 56. 14.100 libavcodec 58. 18.100 / 58. 18.100 libavformat 58. 12.100 / 58. 12.100 libavdevice 58. 3.100 / 58. 3.100 libavfilter 7. 16.100 / 7. 16.100 libswscale 5. 1.100 / 5. 1.100 libswresample 3. 1.100 / 3. 1.100 libpostproc 55. 1.100 / 55. 1.100 Splitting the commandline. Reading option '-headers' ... matched as AVOption 'headers' with argument '$'X-API-KEY:'. Reading option 'g\r\nuser-agent:3'' ... matched as output url. Reading option '-i' ... matched as input url with argument '.....m3u8'. Reading option '-v' ... matched as option 'v' (set logging level) with argument 'trace'. Finished splitting the commandline. Parsing a group of options: global . Applying option v (set logging level) with argument trace. Successfully parsed a group of options. Parsing a group of options: input url .....m3u8. Successfully parsed a group of options. Opening an input file: .....m3u8. [NULL @ 0052f780] Opening '.....m3u8' for reading [https @ 04943b80] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy' [https @ 04943b80] request: GET /....m3u8 HTTP/1.1 User-Agent: Lavf/58.12.100 Accept: */* Range: bytes=0- Connection: close Host: .....net Icy-MetaData: 1 Thats the problem.If I use -headers parameter once then it will add it below but I need to add many header paramters not only one.If I use more than one -headers xy then it only adds the last one.Any more clues? greetz
  12. Hi @LCF-AT, Try something like(tested): ffmpeg -headers $'X-API-KEY: g\r\nuser-agent:3' ...
  13. Hi guys, I have a new small question about ffmpeg and using custom request http header datas.I have test it and I dont get it working anymore so correctly and I just get it work with only one header paramter also if I am using more than one.So ffmpeg said this... http AVOptions: -headers <string> ED....... set custom HTTP headers, can override built in default headers ...so if I use this paramter -headers "User-Agent: test" then it works.So now I would like to use more than one but if I do that then only the last -headers paramter gets added to the header and all before gets ignored.So does anyone remember how to make it correctly to set more than one header paramters for a commandline I can enter in CMD window?Is there any issue with CLRF and if yes how to enter that in text form?Maybe anyone has any example for that. Thanks
  14. alifeti54

    CrackMe VMP

    Yes, pw is correct. can u take a cracked file?
  15. GautamGreat

    CrackMe VMP

    Password is : vccode
  16. Cursedzx

    Night Protector 2.0

    What i got so far... i just went to the method where it decrypts it and set a bp to get the key. some strings are decrypted. i don't know how to make my own string decrypter to do the other parts automatically. key: crack-me_obfuscated_stringdec.exe
  17. alifeti54

    CrackMe VMP

    Difficulty : 6-7 Language : C++, Platform : Windows x32 OS Version : Windows 7+ Packer / Protector : VMProtect 3.0.9 Ultimate Description : Provide correct password or cracked file. if you manage to crack please leave a tutorial. Screenshot : CrackM3.exe
  18. Blah

    Denuvo - In The News

    will be interesting to see this out in the wild and how it holds up (if a game ever has it lol)
  19. evlncrn8

    Denuvo - In The News

    it would also appear theres a new denuvo-a-like in town.. https://valeroa.com/ havent seen anything 'protected' with it though so if anyone comes across any targets, please let me know
  20. Blah

    Denuvo - In The News

    https://torrentfreak.com/hitman-2s-denuvo-protection-cracked-three-days-before-launch-181112/ 😎
  21. Depends on the game. If the movement is synced in some manner after you send the packet to move, the server will respond back that it did or didn't move etc. If the game doesn't sync then if you want to visually see the move you'd have to tell the client to move by force as well.
  22. Hey all, I've created a packet sniffer and lets say I've hooked up a game and can intercept all traffic, modify packets, replay etc. Now the question is, when I replay a packet, lets say Moving packet, how does the game client know it should move when I only send it to server and receive a response? Does the client upon receiving that info from server move or? If anyone has any idea on how exactly this part works I'd appreciate the input. Thanks!
  23. deepzero

    [DevirtualizeMe] VMProtect 3.0.9

    It's called threading / threaded execution. edit: disregard, putting downvoted posts at the end of the thread successfully confused me.
  24. Cursedzx

    ConfuserEx Mod

    Pass: rb3-Unpacked.exe
  25. Raham

    [DevirtualizeMe] VMProtect 3.0.9

    Hi. its month after challenge v2, but i had free time just now, to work on target. Result of both Key 1 & 2 are identical compared to Protected file. Kind Regards devirtualizeme32_vmp_3.0.9_v2_DeVM_Final_OK.exe
  26. Earlier
  27. RYDB3RG

    VMPROTECT vs. LLVM

    Keep in mind that i dont convert vmp's x86 straight to llvm ir (if you are looking for something like that, McSema might help). Instead, I translate the handlers into my own node things, which i then create llvm ir from. There is a bunch of nodes, but most are pretty straight forward. This is how Add looks like: struct AddNode : public BinaryNode { AddNode(const NodePtr &left_value_node, const NodePtr &right_value_node) : BinaryNode(left_value_node, right_value_node) { } void get_name(std::ostream &o) const override { o << "add"; } void gen_ir(GenIr &o) const override { o << id(index) << " = add " << get_ir_type(width) << " " << id(left_value_node->index) << ", " << id(right_value_node->index) << endl; } Width get_width() const override { return left_value_node->width; } }; So it expects 2 input nodes (which usually come from vmp's stack). When generating IR, Node X expects its inputs to already be generated and available via their input's index, so Add can just use consume them, create an Add instruction and thus create a new result, which itself will be consumed eventually (or not, if its a deadstore)
  28. !Eddy420CZ

    CrackMe^ v15 [Packers_Madness]

    Difficulty : 7 Language : C++ (crt support) / C# (:NET 2.0) Platform : Windows 7+ (X86) OS Version : All Widnows Packer / Protector : Rlpack, Upx (custom), ConfuserEx(custom) , Memory protection, Antidebug (ASM) Description : This one is for most experienced reversers. Because computing runtime is spreaded in to the three PE files. Screenshot : CrackMe^ v15___.zip
  29. zodiac

    Excelsior JET 12 Std

    How to find routine?
  1. Load more activity
×