Jump to content
Tuts 4 You

All Activity

This stream auto-updates

  1. Today
  2. Yesterday
  3. extonoxt

    de4dot.blocks.cflow.InstructionEmulator

    Thank you jackyjask, I solved it by using GetValue of the same class
  4. jackyjask

    de4dot.blocks.cflow.InstructionEmulator

    the issue is that >ThrowArgumentOutOfRangeException is unhappy that for example you have a list with 3 elements [1,2,3] but for some reason you want to access a element with index 5 as you have just 3 elements in your list you are beating by this kind of exception Value value = list[int32Value.Value]; << here is hits the exception
  5. Last week
  6. Hello All, I am trying to add two methods in de4dot.blocks.cflow.InstructionEmulator. private void Emulate_Stelem_I4(Instruction instr) { Value value = this.valueStack.Pop(); bool flag = value.IsInt32(); if (flag) { Int32Value int32Value = (Int32Value)this.valueStack.Pop(); List<Value> list = this.valueStack.Pop(); list[int32Value.Value] = (Int32Value)value; } else { this.valueStack.Pop(); this.valueStack.Pop(); } private void Emulate_Ldelem_I4(Instruction instr) { Int32Value int32Value = (Int32Value)this.valueStack.Pop(); List<Value> list = this.valueStack.Pop(); Value value = list[int32Value.Value]; bool flag = value.IsInt32(); if (flag) { this.valueStack.Push(list[int32Value.Value]); } else { this.valueStack.Push(Int32Value.CreateUnknown()); } } Ref: https://github.com/mobile46/de4dot/blob/master/de4dot.blocks/cflow/InstructionEmulator.cs I am getting the following error Unhandled Exception: System.ArgumentOutOfRangeException: Index was out of range. Must be non-negative and less than the size of the collection. Parameter name: index at System.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument, ExceptionResource resource) at System.Collections.Generic.List`1.get_Item(Int32 index) at de4dot.blocks.cflow.InstructionEmulator.Emulate_Ldelem_I4(Instruction instr) at de4dot.blocks.cflow.InstructionEmulator.Emulate(Instruction instr) What am I doing wrong? What is the correct way to do it? Thank you
  7. https://www.emsisoft.com/en/ransomware-decryption/autolocky did you try this??
  8. @bootbro i have a question ,when we start titan hide drivers then we can easily debug the latest vmp protected file like putting breakpoints and stepping but when we attach same file to the debugger and after putting breakpoint click on the button why program auto closes?
  9. In theory, it is feasible, but it is unknown whether it will be effective in the new version of Windows OS.
  10. Wow superb @boot ,what the great jobs you are doing for us bro. Much appreciated. Best of luck. Thank you very much.
  11. I have tried to add Etw Hook's source code to the source code of TitanHide.sys, but it was not effective and I am not considering it for now. I will release newly compiled plugins and drivers, using methods to bypass signatures. They will not need to disable signatures and can be loaded in normal mode.
  12. boot

    titan - VMProtect devirtualizer

    https://github.com/gmh5225/titan-1
  13. Stuttered

    titan - VMProtect devirtualizer

    Here you go: https://mega.nz/file/y4ZGVIiQ#M8OgBUWMwMqzwYH0z0WFA6ihNuYvCDaOtHTN6gT5MNo
  14. @bootbro did you tried solving titan hide driver's blu screen issue? Regards.
  15. I'll do a short video the 2 apps running fin without using a debugger
  16. one target silently crashes even without any debugger being used steps to run it?
  17. Please try that with the 2 targets i shared
  18. hank

    titan - VMProtect devirtualizer

    Anyone cloned titan repo? It's currently down, please share!
  19. windowbase

    Pass Debugger Check in VMprotect 2.x

    @boot ASAP. Regards. sean.
  20. With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public.
  21. I didn't change anything, just my usual dbg settings...
  22. windowbase

    Pass Debugger Check in VMprotect 2.x

    @X0rby Just showing off? Regards. sean.
  23. X0rby

    SharpOd plugins

    Works only on 64-bit systems.
  24. Oliver

    SharpOd plugins

    Hi all, I installed 32bit windows but now sharpod plugin not showing in xdbg any solution for that? Thanks in advance.
  25. The first link in Google results: https://bbs.125.la/thread-14741515-1-1.html
  26. windowbase

    Pass Debugger Check in VMprotect 2.x

    Is it on the web? it doesn't seem to be any download link on the web. Regards. sean.
  1. Load more activity
×
×
  • Create New...