All Activity

You dont have to do changes on yourself its not the purpose of this plugin because you know what you have changed. The code/data should be changed by program itself.

+ password-protect-video.com

Now It works well but It takes some time to complete the job. Regards. sean.

Well, the project is still a demo. I updated the plugin and provided a program for my own testing，you can try that. https://github.com/fjqisba/VmpHelper/releases

I virtualized below part and tested it. 004010C2 6A 01 push 01 004010C4 53 push ebx 004010C5 FF15 1C614000 call dword ptr [0040611C] → USER32.dll!EndDialog 004010CB EB 09 jmp 004010D6 ↓ It is cahnged to thses codes. 00A810C2 | E9 27BA1800 | JMP win32gui.vmp.C0CAEE | 00A810C7 <win32gui | 57 | PUSH EDI | edi:EntryPoint 00A810C8 | C3 | RET | 00A810C9 <win32gui | 56 | PUSH ESI | esi:EntryPoint 00A810CA | C3 | RET | 00A810CB <win32gui | EB 09 | JMP win32gui.vmp.A810D6 | And I used your plugin by clicking the menu "VMP -> Show Graph" at the address of 00A810C2. then It hung. the IDA version is 8.3.23.0608.. Regards. sean.

For current plugin, it seems too early to analyze vmp oep, because vmp does a lot of operations at the beginning. Maybe you should try writing a small function, use vmp encryption, and then use plugin to analyze the begin of vmp function.

Win32GUI.vmp.zip Regards. sean.

What are the preconditions to start de-virting 3.5.0 x86? I'm hitting only this: sample https://workupload.com/file/bDGty7XBnfW sometimes it is crashing, eg: BTW, what IDA versions do you support?

Well, this is because it has not been fully developed yet. you can try sending samples to me so I can fix it.

An error!!! And for another example. Why does it just show one graph and no branches? but your github page shows like this. Regards. sean.

View File Nuitka 2.1.5 (Python 3.11) Hi Nuitka compiled python 3.11 file Correct password doesn't important Just patching Thanks Submitter Sh4DoVV Submitted 04/18/2024 Category CrackMe  

Where can I see the differences when choosing "Compare Snapshot"? I clicked the menu of "Make Snapshot" before changing anything. Then as @Priboi said, started an application. after it, I changed some bytes. then clicked the "Compare Snapshot" menu. however I cannot notice anything to show the differences in the disassembly pane of the x64dbg. Thanks. Regards. sean.

most possible using SetWindowDisplayAffinity API - more github.com/akinbicer/screen-capture-protector

Hi, everybody! I am developing an ida plugin which can be used to analyze vmp3.5 x86. If you are interested in vmp, Then you can view the source code of the project to learn it. Suggestions and PRs are welcome. https://github.com/fjqisba/VmpHelper

what have you tried what errors (if any) you've encountered? this forum is not chatGPT

who is "we"?

How can we find the PCode "C9" in the debugger? Regards. sean.

Does these plugins still work? Regards. sean.

jesus christ my man, u got some crazy shovel to dig up this old of a topic

Thank you for reporting! Should be fixed now... Ted.

@Teddy Rogers youtube links are not converted to video views. Regards. sean.

i have get it by TypeRefUser and MemberRefUser...

target assembly like this: namespace A{ class Program { static void Main() { ...} } } new assembly: namespace B{ class Program { static void M( ) { ...} } } 2 assembly in the same path, now i want to call method M( ) in target method main( ), If there was an example on how to add a reference or any ideas, it would be helpful. Thanks.

Here is the visual studio 2015 project and release and debug builds. If anyone needs this, feel free to download it. Enigma DeVirtualizer.zip Regards. sean.