Leaderboard

Hey everyone, I put together a small challenge for anyone interested in reversing .NET protections. This one is packed using .NET Reactor v7.5.9.1 with some pretty aggressive settings, along with a bit of custom anti-tamper logic on top. Your goal is to unpack the application and recover a clean, working assembly. Protections Enabled NecroBit String Encryption Obfuscation Anti ILDASM Hide Method Calls Code Virtualization Anti Tampering Anti Debug Merge Enums Control Flow Obfuscation (Level 9) Additional Protections Custom runtime anti-debug Anti-injection checks Integrity verification A background watchdog thread 🎯 Objectives 1. Primary: Unpack the application and produce a clean assembly that runs without errors 2. Bonus: Recover the correct password (completely optional)

OllyDbg moded for ExeCryptor & THEMIDA Add the possibility of deleting all points of stopping Remove all breakpoints Auto path UDD & plugin Reference search directly from the toolbar Show offset in status bar Amendment to show the number of additions to the list Additions located 1 - advancedolly.dll 2 - analyzethis.dll 3 - API_Break.dll 4 - bookmarks2.dll 5 - cmdbar.dll 6 - HideOD.dll 7 - NonaWrite.dll 8 - ODbgScript.dll 9 - OllyBugfix.dll 10 - OllyDump.dll 11 - OllyMoreMenu.dll 12 - PhantOm.dll 13 - Poison.dll 14 - ustrref.dll 15 - StrongOD.dll This amendment took me time so there is no difference between them and the original They accept each others additions modified Do not forget pray for me and my family

After a longer time I created a new SnD - version 2.2 - by request from our board member DMichael. Normally I still do not like to use Olly 2 version [many basic features missing / changed etc] but anyway... I have taken some time to create all patches in OllyDbg 2.01h like in my older version + some little more checks etc. So now you can use this version with Windows 8 [testing done by DMichael - thanks again] without any problems. If there are any problems with ASLR (for example) then you will get a message with info about the problem and what to do. I also changed the look a little, maybe you like it as I do. All is ready to go and is setup by me [.ini file like I prefer] so that you can start directly after unpacking the .rar file. Some information can be read in the info text file. Have fun with the new 2.2 version [odbg201h] and post some feedback on the board if you like it or if there is any problem. Modifications: Added PEB Hide patch Added ZWQIP patch Changed OllyDBG names Changed CPU Added SnD patch section where you can see my patches Added some new resources Added manifest for XP style [just rename manifest if you get problem to use it on other OS etc] Added quick origin pop if you press the "C" button Added Win7 | Win8 support only with static original base of SnD 2.2 Added quick self check of loaded SnD 2.2 base. If not original or a problems comes at startup then you get info message Setup of SnD .ini file + color-scheme So all was again patched like in my older SnD 2.0 / 2.1 versions plus some more checks and different patching ways of the intern ZWQIP API. Testing by me on XP SP3. Testing by DMichael on Windows 8. Thanks again. Info: If you want to use int3 breakpoints instead of HWBPs [Debugging Options] then do not set a HWBP on ZWQIP API before you did stop at TLS or EP. Don't set the HWBP at systemBP. Int3 + HWBP on ZWQIP before TLS or EP = No API patch! Int3 + No HWBP on ZWQIP before TLS or EP = Ok HWBP + HWBP = All ok no problems. Just keep this info in your mind if you wanna change the option. Info: So I also insert the original Olly version which you will also need to read all plugins so that you don't need to change the OllyDBG.exe to SND.exe name in the plugins itself.

UPX Packing Unpacking

This is my version of OllyDBG. I removed all useless plugins and put my preferred ones, and also I set-up a good configuration. With it you should be able to load any protected file (Themida for example). Sometimes you have to change some options inside plugins (with Obsidium for example), but the current setting is good in 90% of cases. It has also a more advanced loaddll.exe that allows you to load dll's in different memory locations, so you can rebuild relocations in an easy way.

This engine isn't intentionally called ExeCryptor Edition its actually called ODbyDYK (after the author) but since its been commonly used for ExeCryptor and more generally known as such thats how I've named it here. I think there has been quite a few modifications to it but not being Chinese I'm unable to read and understand the information within the archive correctly to discover exactly what. Maybe a native or Chinese literate person could pass on to me further details about this engine or translate the included .txt file for me, please.

A version of OllyDbg specifically modified to allow debugging of Themida protected applications. Functions: 1.Hide IsDebuggerPresent 2.Hide NtGlobalFlag 3.Hide ProcessHeapFlag 4.Patch ZwQueryInformationProcess (==patch UnhandledExceptionFilter) 5.Patch ZwSetInformationThread 6.Patch CheckRemoteDebuggerPresent 7.Patch OutputDebugStringA 8.Anti heap-checking (For themida1.9.5.0) V1.02: ! Fixed the bug of patching ZwSetInformationThread (For themida 1.9.5.0) + ADD heap-checking. Debug themida1.9.5 1.Modify window caption in the file ollydbg.exe (CPU,OLLYDBG...) 2.Click "Hide ALL" (choose HideDBG plugin)

It is a version of "Emergency" is the basics to make a good crackeo, this is a package "Reduced", but I want to make portable versions of several programs, and As ultraedit and others that require installation and makes heavy. THIS OLLYSND PORTABLE NOT NEED CONFIGURARSE, THE ROUTE OF THIS PLUGINS AUTO-CONFIGURADA. So he can run from anywhere without the need to change Nothing is prepared and ready for use.

This is a Keygen and Keyfilemaker written in PureBasic 5, similar to this one. Unfortunaly the cpu usage is quite high and I had to make dirty hacks for not resetting gadget strings. This time I didn't use transparency and fading but again chiptune support After keygeneration the keyfile should be exported using "Export Key" and it will be saved in same dir as the keygen is. Hopefully it will help someone