Challenge of Reverse Engineering

View File dotNet Protector v6.0.7180 Assemblies are obfuscated, then method bodies are replaced by corrupted code; de-compilation and disassembly tools like ILDASM can no more unassemble methods. Components Protection, this feature enables not only exe protection, but dll as well. ASP.Net is supported by dotNet Protector. Added anti-JIT. Submitter VB56390 Submitted 08/24/2024 Category UnPackMe (.NET)  

View File Safengine NetLicensor v2.3.7.0 Based on Safengine Licensor with the combination of: Safengine Code Protection (Mutation & Virtualization) Safengine Licensor Local License Verification All protection options enabled: Anti Debug Anti Trace Anti Virtualization Anti Attach Anti Dump Anti API Hooks Self Integrity Check Code & Data Encryption Metamorphic Code Generation Branch Obfuscation Code Mutation Code Virtualization Advanced Code Replace Import Elimination API Relocation Try to unpack it. Enjoy! ; ) …

View File VMProtect v3.5.0.1213 Try to unpack or alternatively provide a serial. If there is no solution provided by Saturday 11am (GMT+0) I will attach the same without debugger detection. Protections used: Debugger detection (User-mode + Kernel-mode) Ultra (Mutation + Virtualization) Submitter whoknows Submitted 08/06/2020 Category UnPackMe (.NET)  

View File WinLicense v3.1.3.0 x86 (All Protection Options) UnpackMe - WinLicense 3.1.3.0 x86 Full Protect HWID Lock + Entry Point Virtualization + Etc... HWID: 1111-2222-3333-4444-5555-6666-7777-8888 Author:boot From:Tuts4you Time:2023.04.02 Submitter boot Submitted 04/02/2023 Category UnPackMe  

View File Simple Calculator (Enigma 7.40 + ILProtector 2.0.22.14) This is a simple calculator.exe. Protected with ILProtector 2.0.22.14 and double layer Enigma 7.40. First layer on DLL, second layer on EXE and added DLL in Enigma Virtualbox. For skilled reversers this will not be a problem unpack this. Submitter azufo Submitted 01/10/2024 Category UnPackMe (.NET)  

View File DNGuard HVM v3.9.6.2 This file is protected using DNGuard HVM 3.9.6.2 Protections used : HVM Jit Challenge is to unpack and post details of methods used. Submitter 0x59 Submitted 01/03/2021 Category UnPackMe (.NET)  

View File .NET Reactor v6.9 File packed with .NetReactor 6.9 -- All options Submitter AarJee Submitted 07/19/2023 Category UnPackMe (.NET)  

View File Python Crackme (Custom VM) Hello, this is a crackme made in python by a friends (wrc3667 on discord) Difficulty: [95 / 100] The purpose of this challenge is to find the correct key (note: the key should be in hexadecimal, otherwise the program will istantly close) Features: - Constant encryption - Name encryption - Opcode shuffling - Bytecode encryption - Stack encryption - Bytecode instruction mangling - Guillotine Interpreter - Complete namespace virtualization Submitter 0verp0wer Submitted …

All Protection Options Enjoy ! ; ) UnPackMe.TEP.3.80.rar

Is there anyone who can bypass this to run it? Let me know please. Click_Me.zip Regards. sean.

Difficulty : 5 Language : .NET Platform : Windows OS Version : All Packer / Protector : ConfuserEx - Custom Description : This is my first time as a newbe; I hope I didnt do too badly 😅. Try to find at least one valid alphanumeric Key. The key has the following format: XXXX-XXXX-XXXX-XXXX-XXXX-XXXX, it can have letters and numers. Good luck! Screenshot : KeygenMe1.zip

Hi. I created an unpackme using VMProtect 2.13.5. The only task is to devirtualize the blocks of code that are virtualized. There are 7 short functions. Each will execute when keyboard numbers 1-7 are pressed. The functions are virtualized as follows: 1 - Only mutation with no additional options 2 - Virtualization with no additional options 3 - Virtualization with the VM integrity check option 4 - Virtualization with the register scrambling on VM exit option 5 - Virtualization with the hide constants option 6 - Virtualization with all 3 extra options 7 - Ultra mode (which means mutation + virtualization) with all 3 extra options The pu…

enjoy it. CrackMe01.rar

[ Solutions so far: JohnWho, What ] (read whole thread) Hello folks. Decided I would post this here as well, as we're lacking some exercise on these kinds of targets. Purpose: open up the test target, click OK on the message box. Use any tool you want to alter a byte in application's active memory (e.g.: "MZ" string at ImageBase) and another message will appear. Goal: make the 'bad' message never pop-up, but not through patching the all-too-clear JUMP. Inline VMProtect's CRC check method so the CALL always returns 1. Again, not through MOV EAX,1|RETN (P.S.: imagine you don't know where this function is in a well-obfuscated target). …

View File VMProtectDDK v3.84 x64 No.2 2024 If you want to try this challenge, please read the following text descriptions: 1. Please try to debug the kernel driver in the virtual machine instead of your real machine to avoid causing a blue screen on the physical machine a. Why blue screen? For things like Ring0.sys, as I mentioned earlier b. Copy the Tuts4you.ini file to the C:\Windows\ directory of the virtual machine 2. I have added a test signature to the driver, so to load this driver, you need to enable Windows test mode a. Press and hold the "WIN+R" key to launch the CMD console as an administrator, enter b…

View File VMProtect x86 v3.81 (Default Protection Options) Please debug/unpack in the virtual machine This target is protected by a specially modified version of VMP, with some simple protection measures added It only supports running on x64 operating systems, such as Win7 x64 or Win10 x64, which may also support most Win11 x64 If you unpack it, please make tutorial(s)... I will mark the answers with tutorial(s) as solution. Submitter boot Submitted 07/27/2023 Category UnPac…

Protections: Winlicense Demo 2.2.7.0 (x64) Compiler: .NET If you succed to unpack please make a tutorial. WinlicenseUnpackMe.NET.rar

View File Fatmike's Crackme #4 ..::[FaTmiKE 2o23]::.. After a little break i decided to program another little crackme (This is my 4th crackme). Here are the rules: 1. The main goal is to unpack this crackme or write a loader. 2. If you like, find a valid serial or write a keygen. The crackme was tested on windows 10. Have fun! Submitter Fatmike Submitted 06/08/2023 Category UnPackMe  

View File CrackMe with Anti Patch The program uses VMP protection, and calls the relevant checksum SDK, even if the violent crack may also be slightly more complex, here provides a baymax patch tool to achieve the crack program, interested friends can read the pdf tutorial. The function of the program to determine whether the input is correct or not does not use the SDK for protection, and verify the error dialog box strings are searchable, but these do not mean that it is easy to crack, because the code also calls the memory checksum, determine whether the debugging and other SDK interfaces. So how to realize the cracking of this crac…

View File EAZFuscator .NET 2022.2 Max Preset (BlackHat) - Updated 04/06/22 Update 04-June 2022 Version 2022.2 Unpack Password - BH2022.2 Old 2022.1 Info - This unpackme is protected with latest version of EAZfuscator = https://www.gapotchenko.com/eazfuscator.net/features Password to unpack = EAZ2022 (I made a RAR file with password protection because I was unable to upload the unpackme directly. I was getting error due to false virus alarm) Your job is to unpack the file fully. Partial unpacking won't be accepted. Submitter BlackHat …

View File The Enigma Protector v6.9 I have protected a simple file with the Enigma Protector 6.9. Try to unpack. For a skilled reverser will not be as hard as it seems. HWID: A7707-65A71-43529-A59E1-41C2F-C5AA0-EB308-3F774 Name: tuts4you Key: BG8QC4UMZW3QMTH99U6ZTF8FJJNDAPKY5E2XNL3CMHRVUMLSB2QWRBSYBGF4RNHX7WC26W2GQMNBNPUU3YUTDXDS387A2UURMUVJ88P5PPC9ZCEQHFHW4J6ZQRAK7GW6DRK4QH4CGCEQM7F9K39J89S4CRARX3L3LPABBXU23M8QXP6A85L2CZFJZF66KF5NFTZ557872DA3 Submitter GIV Submitted 07/20/2021 Category …

This target is protected by license Private Exe Protector 4.2.2 with License ID Who will unpack this file please write tutorial Valid data: License ID: NP10-AC091DD4-1AB5FFFD-B78DDCD79F6B3217 User name: tuts4you Activation key: 061ABBE2-CDB2B006-9ED78E20-609AA20E Good luck! UnPackMe Private Exe Protector 4.4.2.rar

View File CrackMe [.NET + Native] A little "CrackMe" challenge (.NET + Native). Need to crack the application so that it does not require a license for its operation. P. S. Application requires .NET 6 to run Submitter InvizCustos Submitted 01/28/2024 Category CrackMe  

View File WinLicense v3.1.3.0 x64 (Bypass Without Unpacking) License User Details User Name=2days Tuts4you Company=The Terminator Hardware ID=6FF7-E7EF-5988-20FE-144E-865D-2D30-A73B Custom Data=<custom_start>Skynet, a global network of artificial intelligence machines.<custom_end> License Restrictions Days Expiration=365 Date Expiration=2029/12/12 Executions=999 Runtime execution=999 Global Time=999 Install Before Date=2029/01/01 Miscellaneous Unicode License=yes Generated License (FILE KEY) License Format=Binary License Data= <license_start> ghO1ud4wf14YNU87wUptZ1J…

View File Themida x32 v3.0.4.0 One of my tool (CompareInfo v3) protected by Themida x32 v3.0.4.0. Submitter CodeExplorer Submitted 04/01/2023 Category UnPackMe