Jump to content
Tuts 4 You

All Activity

This stream auto-updates     

  1. Past hour
  2. deepzero

    Private EXE Protector CLOSED Its Service !!

    Yes, i wrote some of that information on v3. Well, if it's entirely online-based that of course takes away much of the fun...
  3. Today
  4. Black Hat Anonymous

    Private EXE Protector CLOSED Its Service !!

    A detailed explanation of unpacking version 3 is available but version 5 is online license control based. Yes its really strange they decided to close though they are better then most of there competitors. tbh 90% marketing software protected with it not get cracked since very elite crackers tried there best. they provide good security. I tried to unpack myself a delphi tool protected with it though after dump it was crashing. after alot of try i ultimately decided to give up.
  5. deepzero

    Private EXE Protector CLOSED Its Service !!

    Oh, what a shame! All things come to an end, I guess. Really? The last hyped update (5.0?) I looked at didnt really bring much new stuff.
  6. As We all Know, Very less unpacking material is available about Private EXE Protector and its Latest Version is almost undefeatable. They are good but now they decided to close there service. As We can see here - https://private-exe-protector.com/project-closing/ Tell Your Review about it, If you are user or came across with it anytime.
  7. Yesterday
  8. https://torrentfreak.com/internet-archive-starts-seeding-1398635-torrents-120807/ https://archive.org/details/opensource_audio?and%5B%5D=metallica&sin=
  9. There is a Script of OLLYDBG made by @GIV that also helps to unpack the Anti Dump protected .NET Files and newbie Friendly too. But this method I tested and works well which you described. Very nice Explanation too. Thank you !!!
  10. Black Hat Anonymous

    ILProtector + Enigma - (Unpack & Get the Password)

    Dumping of ILProtector Native -- Done inject a DLL - Which DLL and Where and How ? Fix IL Protector HOOK - Any info about it Brother ???
  11. https://github.com/x64dbg/x64dbg/releases https://github.com/wwh1004/ExtremeDumper/releases
  12. Asura

    ILProtector + Enigma - (Unpack & Get the Password)

    Thanks!! @CodeExplorer
  13. mattheig

    Themida configuration

    1. Read https://www.oreans.com/ThemidaHelp.pdf 2. Add obfuscation like a ithare::obf 3. Encrypt strings with xorstr https://github.com/JustasMasiulis/xorstr 4. For education read https://github.com/lurumdare/ideas 5. Some tricks https://github.com/lurumdare/DefensiveGuideAgainstCrackers 6. Use embedding objects https://github.com/lurumdare/furikuri_tutorial (I think it is anti-disassembler https://forum.reverse4you.org/t/eset-finfinsher/1127 supported VMProtect, test on Themida and write me PM)
  14. @wwh1004 : can you add 2 tools to here ?
  15. CodeExplorer

    ILProtector + Enigma - (Unpack & Get the Password)

    Strange here attachments downloads works ok. Here is external download link: https://www3.zippyshare.com/v/fDchNW5P/file.html
  16. Asura

    ILProtector + Enigma - (Unpack & Get the Password)

    @CodeExplorer Could you please leave the DllSaver download please? Thanks!
  17. I once post it in a China forum, you can visit it in https://www.52pojie.cn/thread-762832-1-1.html by Google Translator I try my best to introduce it using English 1. download x64dbg and download the symbol file of clr.dll (mscorwks.dll if runtime is .net2.0~.net3.5) 2.set a breakpoint at "SystemDomain::ExecuteMainMethod" in clr.dll/mscorwks.dll and run 3.use MegaDumper (I use my ExtremeDumper based on codecracker's megadumper https://github.com/wwh1004/ExtremeDumper) to dump the main module when the program break at "SystemDomain::ExecuteMainMethod" 4.fix pe header and maybe you shoud also fix .net header This way is more complex than use MegaDumper only and directt dump the assembly. But if the assembly is packed with native stub and protected with anti dump (ConfuserEx and others) or protected with whole #US encryption (DNGuardHVM and others), maybe this way is good to dump assemblies. If you can not understand it, you can reply me. Best wish.
  18. ngocquy719

    [unpackme][crackme] PECompact 3.0.3.x beta - Easy

    Can anyone help me solve this please! i have a same problems with PEcompact 3.03.
  19. HI, can anyone tell me what the strongest setup for Themida protector is? If I untick automatic vm handling I can choose which vm's to use, I heard Dolphin is the newest, but shark32 and eagle32 have the highest complexity, does that make them better to use? my program is very simple so I don't care about speed reduction. I just want the hardest to RE. thanks
  20. wwh1004

    ILProtector + Enigma - (Unpack & Get the Password)

    1. dump ilprotector native runtime you can inject a dll to call OpenFileDialog and dump 2. decrypt method body fix ILProtectorUnpacker's hook, then it works Test.ip.exe.7z
  21. wwh1004

    [UnpackMe] Dnguard 3.68 Enterprise

    unpacked.7z
  22. Last week
  23. Codelove

    Rebuilding PE sections

    Hello guys, I'm trying to rebuild the PE sections because I want to reorder them. Has someone done this? What are the requirements for that? Some addresses are linked to certain directories and the padding between them? Any possible examples? I'm asking that because usually .reloc section is the last one and when I add a new section, it comes after it.
  24. CodeExplorer

    HELP python syntaxError: invalid syntax

    def main(): Read: https://docs.python.org/2/howto/sockets.html https://www.tutorialspoint.com/python/python_networking.htm From my very limited python knowledge there is a problem in the way you declare the Main Method: https://www.guru99.com/learn-python-main-function-with-examples-understand-main.html So instead of: def Main(): try lower case mode: def main():
  25. 身勝手のごくい

    HELP python syntaxError: invalid syntax

    Cannot see your image, code looks ok. Its python2 maybe u run it with 3? If you run it on linux, dont use capitals on function names - ur case Main.
  26. Hackers breach MSPs and use Webroot SecureAnywhere console to infect customer PCs with the Sodinokibi ransomware. https://www.zdnet.com/article/ransomware-gang-hacks-msps-to-deploy-ransomware-on-customer-systems bonus - hxxps://arstechnica.com/information-technology/2019/06/potent-firefox-0day-used-to-install-undetected-backdoors-on-macs/
  27. Teddy Rogers

    The Free Programming E-Books Topic

    Python Programming: A Step By Step Guide From Beginner To Expert (Beginner, Intermediate & Advanced) Ted.
  28. DefCon42

    [DevirtualizeMe] Themida 3.0.3.0

    Language : C++ Platform : Windows OS Version : Windows 10 Packer / Protector : Themida 3.0.3.0 Description : Looks like Oreans just dropped Themida 3. They've been working on the beta version for more than a year and just announced the initial release, so I'm praying I don't get my personal license revoked :^( Strings are (supposedly) virtualized then encrypted. The main protection is starting at VM_DOLPHIN_RED, though other VMs can be requested. Unpack/devirtualize the file. Screenshot :  Themida Crackme_protected.exe
  29. the problem is i cannot run and getting this error i dont get it at all, really need some help
  1. Load more activity
×
×
  • Create New...