Challenge of Reverse Engineering

View File Example CrackMe - Debug Blocker x64 This is an example for submitting a CrackMe in the Downloads section of the site. You can download the file and run Debug Blocker x64. Nothing too exciting will happen! The challenge here would be to patch the debug-blocker function so that it does not spawn a second process. Submitter Teddy Rogers Submitted 02/23/2020 Category CrackMe

View File Simple Calculator (Enigma 7.40 + ILProtector 2.0.22.14) This is a simple calculator.exe. Protected with ILProtector 2.0.22.14 and double layer Enigma 7.40. First layer on DLL, second layer on EXE and added DLL in Enigma Virtualbox. For skilled reversers this will not be a problem unpack this. Submitter azufo Submitted 01/10/2024 Category UnPackMe (.NET)  

View File The Enigma Protector x64 v7.4 (HWID Lock) Two simple Win x64 GUI applications protected using Enigma x64 v7.4. Challenge is to; bypass the hardware ID lock; unpack the application. Let us go together to solve this issue. Submitter The Binary Expert Submitted 06/17/2024 Category UnPackMe  

View File VMProtect v3.8.1 Ultra (Mutation + Virtualization) The target is an old software (from 2010) coded in c++, I just apply the VMP protection without any special code as I show in the two screenshots. All available protection features in VMProtect were used with this unpackme. Refer to the attached images for the specific protection settings used. Challenge is to unpack the file, providing an explanation and details on your methodology. Submitter X0rby Submitted 04/18/2023 Category UnP…

View File The Enigma Protector (x32 & x64 DEMO) This is an encryption example using The Enigma Protector 7.50 encryption. Enigma 7.5_x64_DEMO.rar TEP_7.5x32_DEMO.rar Submitter lengyue Submitted 04/29/2024 Category UnPackMe  

Difficulty : 3 Language : Delphi Platform : Windows X86 OS Version : XP and above Packer / Protector : Enigma Protector 5.2 Description : Small unpackme for you guys to try. Screenshot : Enigma Protector 5.2 unpackme.rar

View File DNGuard HVM v3.9.6.2 This file is protected using DNGuard HVM 3.9.6.2 Protections used : HVM Jit Challenge is to unpack and post details of methods used. Submitter 0x59 Submitted 01/03/2021 Category UnPackMe (.NET)  

View File Safengine Licensor v2.4 (HWID Lock) I coded a simple Win x64 GUI application with a close button and protected it using Safengine Shielden v2.4. Challenge is to; bypass the hardware ID lock; unpack the application. Let us go together to solve this issue. Submitter Sean Park - Lovejoy Submitted 06/11/2024 Category UnPackMe  

View File WinLicense v3.1.3.0 x86 (All Protection Options) UnpackMe - WinLicense 3.1.3.0 x86 Full Protect HWID Lock + Entry Point Virtualization + Etc... HWID: 1111-2222-3333-4444-5555-6666-7777-8888 Author:boot From:Tuts4you Time:2023.04.02 Submitter boot Submitted 04/02/2023 Category UnPackMe  

View File Enigma Protector x64 v7.40 (Demo Version | All Protection Options) Unpackme x64 - Enigma Protector 7.40 (Demo Version | All Protection Options) Enigma x64 + SDK +HWID Lock + etc... https://forum.tuts4you.com/ If you unpack it, please make tutorial(s)... I will mark the answers with tutorials as a solution. The compressed package includes a simple MP4 display, please pay attention to check... Created by boot / From Tuts4you 2023.08.21 Submitter boot Submitted 08/22/2023 …

This is an Enigma Protector_7.5 shell sample, whether it is Unpack, PatchHWID, or KeyGen, as long as it can successfully bypass registration, it is sufficient. Welcome friends to test, Using hardware ID encryption without popping up a registration box when changing computers, I think this one machine, one code solution is very challenging，I don't check anti virtual machine, but it cannot run on a virtual machine, which I find somewhat unbelievable..thank you. Insufficient forum member permissions, unable to post to the reverse challenge area. Sorry Name: tuts4you HWID: C16BF-8E2CA-FF15D-2CE16 KEY: BA23FLLESM75MTHXKU3Z8JNA3VJWLKCSZWV3PS76NAMJK5D3MRQ5ZYJ5ZPE9EKA…

View File .NET Reactor v6.9 File packed with .NetReactor 6.9 -- All options Submitter AarJee Submitted 07/19/2023 Category UnPackMe (.NET)  

View File Python Crackme (Custom VM) Hello, this is a crackme made in python by a friends (wrc3667 on discord) Difficulty: [95 / 100] The purpose of this challenge is to find the correct key (note: the key should be in hexadecimal, otherwise the program will istantly close) Features: - Constant encryption - Name encryption - Opcode shuffling - Bytecode encryption - Stack encryption - Bytecode instruction mangling - Guillotine Interpreter - Complete namespace virtualization Submitter 0verp0wer Submitted …

All Protection Options Enjoy ! ; ) UnPackMe.TEP.3.80.rar

Is there anyone who can bypass this to run it? Let me know please. Click_Me.zip Regards. sean.

Difficulty : 5 Language : .NET Platform : Windows OS Version : All Packer / Protector : ConfuserEx - Custom Description : This is my first time as a newbe; I hope I didnt do too badly 😅. Try to find at least one valid alphanumeric Key. The key has the following format: XXXX-XXXX-XXXX-XXXX-XXXX-XXXX, it can have letters and numers. Good luck! Screenshot : KeygenMe1.zip

View File Nuitka 2.1.5 (Python 3.11) Hi Nuitka compiled python 3.11 file Correct password doesn't important Just patching Thanks Submitter Sh4DoVV Submitted 04/18/2024 Category CrackMe  

Hi. I created an unpackme using VMProtect 2.13.5. The only task is to devirtualize the blocks of code that are virtualized. There are 7 short functions. Each will execute when keyboard numbers 1-7 are pressed. The functions are virtualized as follows: 1 - Only mutation with no additional options 2 - Virtualization with no additional options 3 - Virtualization with the VM integrity check option 4 - Virtualization with the register scrambling on VM exit option 5 - Virtualization with the hide constants option 6 - Virtualization with all 3 extra options 7 - Ultra mode (which means mutation + virtualization) with all 3 extra options The pu…

enjoy it. CrackMe01.rar

[ Solutions so far: JohnWho, What ] (read whole thread) Hello folks. Decided I would post this here as well, as we're lacking some exercise on these kinds of targets. Purpose: open up the test target, click OK on the message box. Use any tool you want to alter a byte in application's active memory (e.g.: "MZ" string at ImageBase) and another message will appear. Goal: make the 'bad' message never pop-up, but not through patching the all-too-clear JUMP. Inline VMProtect's CRC check method so the CALL always returns 1. Again, not through MOV EAX,1|RETN (P.S.: imagine you don't know where this function is in a well-obfuscated target). …

View File VMProtectDDK v3.84 x64 No.2 2024 If you want to try this challenge, please read the following text descriptions: 1. Please try to debug the kernel driver in the virtual machine instead of your real machine to avoid causing a blue screen on the physical machine a. Why blue screen? For things like Ring0.sys, as I mentioned earlier b. Copy the Tuts4you.ini file to the C:\Windows\ directory of the virtual machine 2. I have added a test signature to the driver, so to load this driver, you need to enable Windows test mode a. Press and hold the "WIN+R" key to launch the CMD console as an administrator, enter b…

View File VMProtect x86 v3.81 (Default Protection Options) Please debug/unpack in the virtual machine This target is protected by a specially modified version of VMP, with some simple protection measures added It only supports running on x64 operating systems, such as Win7 x64 or Win10 x64, which may also support most Win11 x64 If you unpack it, please make tutorial(s)... I will mark the answers with tutorial(s) as solution. Submitter boot Submitted 07/27/2023 Category UnPac…

Protections: Winlicense Demo 2.2.7.0 (x64) Compiler: .NET If you succed to unpack please make a tutorial. WinlicenseUnpackMe.NET.rar

View File Fatmike's Crackme #4 ..::[FaTmiKE 2o23]::.. After a little break i decided to program another little crackme (This is my 4th crackme). Here are the rules: 1. The main goal is to unpack this crackme or write a loader. 2. If you like, find a valid serial or write a keygen. The crackme was tested on windows 10. Have fun! Submitter Fatmike Submitted 06/08/2023 Category UnPackMe  

View File PatchMe No.1 2024 (x86 32-Bit) PatchMe.exe MD5: DD4E072F8B5CA241927EAA63DED47383 SHA1: 08F4699C3A84F5E40343CE9A9AD05046EE15D6DD CRC32: 9A4C0721 PatchMe No.1 2024 Please check the ReadMe.mp4 in the zip package, you'll understand what I mean... If you have solved this challenge, please make tutorial(s)... I will mark the answers with tutorials as a solution. About This Challenge... - Author: boot - Date: February 10, 2024 - Difficulty: ★★☆☆☆ - Architecture: x86 32-Bit - From: Tuts4you - Platform: >=Win95 Submitter boot …