Jump to content
Tuts 4 You

All Activity

This stream auto-updates     

  1. Past hour
  2. Black Hat Anonymous

    Edit XAML in .NET Apps

    Exactly what i do now a days. Open your target app. find the xaml code in resource and save it... then create a wpf application into the visual studio and create a new test or dummy project. insert the saved xaml code into your project that you created. modify all the changes into the xaml that you edit into the wpf app. then compile the project. now open your project in the dnspy and go to resource and you will see xaml resources as baml. dont save it directly. save it with raw save baml resources. now again go to your target app and then delete your resoueces which you wanna change and create a new system.io resource and select tghe raw baml file which you saved using dnspy from the test or demo wpf project. now give the same name into the target and boom /// it will work good. i tested it.
  3. Today
  4. whoknows

    Edit XAML in .NET Apps

    the scenario is @ A-target app B-a test app by you 1-get the XAML by DNSPY or Reflector 2-@B use the XAML make any modification and compile the project 3-extract the BAML from @B 4-replace the namspace then add it @A tested&working a demonstration https://workupload.com/file/RHt7JeCJ pass : b-at-s.info format:RAR5
  5. Benjamin

    Edit XAML in .NET Apps

    As @Black Hat Anonymous suggested, pretty much most of the executables containing XAML fail to run properly after editing in DnSpy (unless we do a hex edit of the resources). Unfortunately I believe that I am not allowed to share my actual target file here as it is commercial.
  6. Benjamin

    Tracer for DnSpy

    You are right @Kurapica but as mentioned in the title, I am mainly looking for any plugins for DnSpy that can trace the execution flow. Since then we would be able to check out the decompiled code as we trace. If anyone knows of any such plugins, please suggest. They should actually work with the present version of DnSpy.
  7. Kurapica

    Tracer for DnSpy

    I think you are right, but most of these features can be easily added via the GUI, which I already made public long time ago I created the tool in a way that makes customizing it easy, the ugly hard side which is C++ is not open source and I believe it's not necessary to modify it in order to get those features, those features can be added if you know some C# Search the forum and you will find the GUI project for the tracer and do your magic
  8. whoknows

    Edit XAML in .NET Apps

    drop an example assembly to play, I have to try it by 2016.
  9. Benjamin

    Edit XAML in .NET Apps

    This is what I am doing at present but I wanted to know if there was a way to do so without doing direct hex edits. @Kurapica The files containing the XAML simply refuse to run correctly (the same way exceptions are thrown if you make a random edit in the file and try to run it). So from this I could clearly understand that the saving and compilation after I make the changes is what is causing the issue. If I make the same changes with a hex editor it runs fine though. I understand that. So that was why I asked how the XAML could be edited and saved back, since we see the XAML in the DnSpy decompilation window.
  10. Benjamin

    Tracer for DnSpy

    Thanks @Kurapica Your tool is excellent, but it would be nicer if these features could be incorporated: - Right now, when tracing, there is no option to select trace only for certain modules and to skip system assemblies for example. Even if I am interested in tracing the functions just in the main executable, the logger logs all the methods in all the modules. This obviously makes the trace record quite bulky and also the execution would be slower. It would be good to have an option to select logging only for the modules of interest. - I would like the execution (when tracing) to break when a certain method is called in the target. Right now, short of manually editing and adding a breakpoint in the target (which of course breaks most executables due to CRC and other checks) there is no such function available in the tool. Would be good if could select a certain point (or points) in the executables where the execution should break while tracing with the tool. - I would like in some cases to just log the methods that are called without any extra parameters (or even the addresses called from). This could be used to easily construct a flowchart of the execution pattern. Right now, the tool logs a lot more stuff that we may or may need. Right now, I need to manually clean the output every single time. If we are given more choice so that there is much more granularity as regards to what should logged and what is not, it would be very useful. - The tool crashes when tracing very large files. This is not surprising since the tool was created almost 5 years ago and now the file sizes are much larger (leading to much larger log file sizes) - A feature to log the parameters and/or even locals ( for the methods of interest at least) would be good. Right now it is not available and logs only very limited parameters. - Stealth features are outdated. Please do not get me wrong. The tool is around 5 years old and so this is to be expected. Due to this, quite a number of protected executables do not run, or just crash after running for a few seconds. If it is open source, we can at least manually make a few edits. I agree wholeheartedly with you. That is why I am hoping that you could add the features requested above, to your tool, if possible. If there is a good tracer for DnSpy it would be best though. Would be very convenient to decompile, trace and edit, all in one tool.
  11. whoknows

    Edit XAML in .NET Apps

    The XAML compiled to BAML @ compiled exe. What u c @ dnSpy is the decompiled BAML to XAML. ref1 ref2
  12. Black Hat Anonymous

    Edit XAML in .NET Apps

    A better way to do this is - do all the change in Hex Format. Yes when you see in resources, you find xaml and you cant edit it. so just open file with hex editor and do changes !
  13. Kurapica

    Tracer for DnSpy

    What features do you miss in my old tool ? creating a tracer for .NET requires knowledge in C++/COM technologies so it's not fun at all you can find several base projects on the web to build on but be ready for some fun with COM and interfaces
  14. Kurapica

    Edit XAML in .NET Apps

    What error do you get after editing the XAML and running the application ? more details ?
  15. Hookahice

    Eazfuscator.NET + Themida

    Nobody did this yet? I am actually running into an issue with exactly this type of combo-protectors. Would love someone to share some knowledge on how to properly unpack and clean this! Thanks, -HooK
  16. I have done a lot of searches on this topic but there seems to be no satisfactory way to edit XAML in apps (through DnSpy or any other tools) when we don't have access to its original source code. What I am trying to do is this: I want to be able to open an app in DnSpy that has a lot of XAML in it, edit the XAML portions and then save it so that it runs again. This seems to not possible at this time. When I try to do this, the app does not run. After checking out the issues section in the DnSpy's github repo, I see that it had been discussed multiple times with no satisfactory solution. So I wanted to ask and see if anyone here could come up with a good solution, with or without the use DnSpy.
  17. Benjamin

    Control Flow Graph for .NET

    Thanks @XenocodeRCE I did run into this during my search on github. As you said, it does need a little more work and I am not a developer.. So I am looking for a tool similar to IDA where it generates a graph without much programming work from our side. Shareware at a reasonable cost (around $100) is fine with me if there are no free tools to do the job. Of course, I need the graph generated only for non-obfuscated .NET executables.
  18. I am looking for any tracer plugins for DnSpy? I am aware of an old plugin from 2015 but it does not seem to be compatible with the latest versions of DnSpy. My apologies if I am stupid and missed any obvious tools already available but I couldn't find any when I searched. It would be lovely if someone could recommend a way through which I could trace the methods executed in a target (.NET) executable while debugging it. So in other words, I am looking for some sort of a method logger which logs all the names of the various called methods in DnSpy. I am aware of the standalone tool by Kurapica but I am looking for an open-source version if possible so that I can customize the features and also add stealth and other features as required. So I am okay with even a standalone tool as long as it is open-source.
  19. XenocodeRCE

    Control Flow Graph for .NET

    https://github.com/Washi1337/Rivers I made one using this and read .net metadata and code using https://github.com/0xd4d/dnlib/ you should definitly look into this, the graph will will need work tho, mine looked very spiderweb-ish
  20. Is there any way to create a proper control flow graph of the code the same way that it is available for native apps in IDA Pro? I am looking for something like this but for .NET decompiled code: If I attempt to do this in IDA for .NET executables, I get a similar graph but it is for IL code (not the decompiled .NET code). So I am asking if anyone here is aware of any way that similar graphs could be generated (using any tool) for .NET code. I tried using GraphViz but it was too cumbersome. The tools I found after a quick search are very old and do not support the newer .NET runtimes or executables. So I am looking for any tools that would enable us to create a quick CFG just the same way that IDA makes it possible for native apps.
  21. Yesterday
  22. https://gchq.github.io/CyberChef/
  23. Extreme Coders

    Flare On 6

    @Bython
  24. Bython

    Flare On 6

    @Extreme Coders
  25. Extreme Coders

    Flare On 6

    @Bython
  26. Bython

    Flare On 6

    @Extreme Coders It works on my tests, it does extract something meaningful
  27. Extreme Coders

    Flare On 6

    @Bython
  28. Bython

    Flare On 6

    Hi, i would like to get a hint on the 6th challenge (bmphide), I have a decryptor but when I run it on the given image.bmp, all I get is binary data with the bmp header, when i try to open it as bmp it just says it's corrupted, I am able to extract data I put in my own image myself, the issue is with the given bmp . if anyone could help it would be awesome!
  1. Load more activity
×
×
  • Create New...