Leaderboard

...because cloning git repo, or just clicking on anonfiles.com_d1D7M7q9z4_vmpsrc.zip is so f*ing complicated. You don't need VMProtect sources. What you need is a basic understanding of this magical thing called "the internet".

What? No explanation of what he done?

> WindowsFormsApplication37_Slayed.exe!WindowsFormsApplication37.Internal.PolicyFinalizer.VisualContainerPolicy.CombineTransaction(WindowsFormsApplication37.Internal.PolicyFinalizer.ArgumentViewer instance) (IL=0x2260, Native=0x091A0040+0x6B85) case (PolicyFinalizer.NotificationCall)128: if (PolicyFinalizer.m_PolicySenderList.Count == 0) { Module module = typeof(PolicyFinalizer).Module; this.m_ClientEvaluator.IncludeManager(new PolicyFinalizer.PolicyFinder(module.ResolveString((int)this.m_CustomDecryptorPolicyObj | 1879048192))); return; } 70000000 metadataToken 0x7000174A int - metadataToken of good string: 0x700016DE but it is not easy as replacing a string- it is not working after changing string.

.

3.9.5 changes protection against unpacking and improved anti debug, from that leak all unpack and critical vulnerability before 3.9.2 allowed change serial vmp license ultimate version in memory

unpacked.exe

This project is mirrored from https://github.com/jmpoep/vmprotect-3.5.1.git. https://huihui.cat/mirrors/vmprotect-3.5.1 https://git.nadeko.net/Fijxu/vmprotect-source (someone is fighting and DMCA-ing (removing) all VMP related repos on github!) and a downloadable copy https://pixeldrain.com/u/fKn1dZqK

On the 000000014000838B 0, 1, 2, 3 8, 9, A, B, C, D, 6, 7 - 0000000140008BD4 | 8B4424 20 | mov eax,dword ptr ss:[rsp+20] 0000000140008BD8 | FFC0 | inc eax 0000000140008BDA | 894424 20 | mov dword ptr ss:[rsp+20],eax 0000000140008BDE | E9 07070000 | jmp crackme123.1400092EA 0000000140008A16 | 8B4424 30 | mov eax,dword ptr ss:[rsp+30] | 0000000140008A1A | FFC0 | inc eax | 0000000140008A1C | 894424 30 | mov dword ptr ss:[rsp+30],eax | 0000000140008A20 | 837C24 30 04 | cmp dword ptr ss:[rsp+30],4 | 0000000140008A25 | 0F8D A9010000 | jge crackme123.140008BD4 | 0000000140008A2B | 8B4424 24 | mov eax,dword ptr ss:[rsp+24] | 0000000140008A2F | 99 | cdq | 0000000140008A30 | 83E2 03 | and edx,3 | 0000000140008A33 | 03C2 | add eax,edx | 0000000140008A35 | 83E0 03 | and eax,3 | 0000000140008A38 | 2BC2 | sub eax,edx | 0000000140008A3A | 898424 80000000 | mov dword ptr ss:[rsp+80],eax | 0000000140008A41 | 83BC24 80000000 00 | cmp dword ptr ss:[rsp+80],0 | 0000000140008A49 | 74 2B | je crackme123.140008A76 | 0000000140008A4B | 83BC24 80000000 01 | cmp dword ptr ss:[rsp+80],1 | 0000000140008A53 | 74 60 | je crackme123.140008AB5 | 0000000140008A55 | 83BC24 80000000 02 | cmp dword ptr ss:[rsp+80],2 | 0000000140008A5D | 0F84 90000000 | je crackme123.140008AF3 | 0000000140008A63 | 83BC24 80000000 03 | cmp dword ptr ss:[rsp+80],3 | 0000000140008A6B | 0F84 C3000000 | je crackme123.140008B34 | 0000000140008A71 | E9 0B010000 | jmp crackme123.140008B81 | 0000000140008A76 | 8B4424 30 | mov eax,dword ptr ss:[rsp+30] | 0000000140008A7A | D1E0 | shl eax,1 | 0000000140008A7C | 48:98 | cdqe | 0000000140008A7E | 48:898424 E8010000 | mov qword ptr ss:[rsp+1E8],rax | 0000000140008A86 | 48:8D8C24 98000000 | lea rcx,qword ptr ss:[rsp+98] | 0000000140008A8E | E8 0DEDFFFF | call crackme123.1400077A0 | so I don't any idea where the password test is made...

View File .NET Reactor v7.3 (Embedded DLL's) File protected by .NET Reactor v7.3 having Code Virtualization enabled. By nature the application using Dependency Injection (this time heavily developed), the 3rd party files embedded to main exe (see shot2), in addition System.Data.SQLite.dll lying near application. Find registration combination and reply it with the success message! Custom antidebugger Submitter whoknows Submitted 06/26/2025 Category UnPackMe (.NET)  

V-S-2-0-1-2

congrats @CreateAndInject here is the source incl refs @ --limited time download, expired--

They have fixed the source leak in vmp 3.95 so back to the drawing board Also 3.8 had a memory leaking issue, which I haven’t checked to see if it’s been fixed

wow! someone is cheating with us here! (sneaky snitch) 2nd time https://www.sendspace.com/file/51jvil

copy from pixadrain - https://workupload.com/file/MqvBWJnEM9K

@guily6669 how about you find & compose an email to support? you are legitimate user of the product, so try some old school tactics ask them about your pain points

guyz you playing Morze games? ... .. .. ... . . ...

Have you read and checked this: https://www.newskillgaming.com/manuales/Gungnyr-manual-EN.pdf You should be able to reduce/increase light intensity with the function button and arrow up/down. Also colour should be choosable with the function button and DEL. Read more in the guide above. Or, are you saying that this doesn't work? You might need the software also in order for all functions to work: https://www.newskillgaming.com/en/newskill-gungnyr-pro-optomechanical-rgb-gaming-keyboard-with-interchangeable-switches

what type of binary is your FW about? what CPU/controller/HW it is built for?

.

Hi there, I bought NEWSKILL Gungnyr Pro keyboard and was lied by the brand, they claim we can customize the ring of color around the keyboard on the software but there is no such thing... In their software there's a updating app and likely firmware separated from it, is it ok to ask if someone here could maybe do it for me?? All I wanted was to have more pre-defined colors added and the addition of dimming the ring of light with like FN+PageDown. The checksum's of all files also seem to be in the config file of the updater app: [PRODUCT] ic_type = MWV602 program_type =multi_file [BOOTLOADER] Bootloader_VID = 0x2EA8 Bootloader_PID = 0x0001 Bootloader_type= USB ENCRYPT_KEY = 0xffffffff Bootloader_Info = vid_2ea8&pid_0001 [APPINFO] App_Info = vid_2EA8&pid_2122&mi_01&col03 App_Dev_Type = 0 ;1:mouse,0:keyboard App_Report_ID = 4 ; fixed 4 now App_Dev_ID=0x0f04 [HEX] boot_name =boot.bin app_name =ER_IROM1 data_name =ER_IROM2 merge_name = program.bin [BOOT_SIZE] 602boot_size = 0x1E00 905boot_size = 0x600 [DATA_START_ADDRESS] boot_address =0x0 app_address =0x2000 data_address =0x1A000 [SETTING] bootloader_upgradable =1 application_upgradable =1 data_upgradable =1 [LOCAL_CHECKSUM] boot_checksum =0x18C959A7 app_checksum =0xA251C166 data_checksum =0x22269921 merge_checksum =0x98BE01E0 [IC_CHECKSUM] boot_checksum =0x422F1A50 app_checksum =0x2670F275 data_checksum =0x333D2A3C merge_checksum =0xA89D3DE6

Android Hackmes are intentionally vulnerable Android applications designed for security training and penetration testing. They help developers and ethical hackers practice identifying and exploiting security flaws in mobile apps, such as insecure storage, weak encryption, or improper authentication. They're often used in CTFs (Capture The Flag) and learning platforms like Hack The Box or OverTheWire.

.

hard to know, on the update .cfg file like shown above says ic_type = MWV602 but there's not even info on it; but it's likely something ARM, no idea what ☹️ I'm not even 100% sure but the firmware is likely ER_IROM1 and ER_IROM2 without any file type. And to check visually it's likely on top of the keyboard, I would have to disassemble it and remove all the 100+ keys 😱 Chatgpt Said the following: But then ended up analyses for today, can only continue tomorrow on it lool

Just wanted to know if someone could like hack the firmware to still work on the official updating app but add more colors to the outer ring and like a way to dim them using like FN+PGdown which isn't used for anything...

There's no drivers, just software to add macros or do color keys custom profiles to save in the keyboard...

wha exactly do you expect to be in help here?

@guily6669 Have you installed the keyboard driver of your windows's? Regards. sean.

windows/linux? native/.net?

Can anyone share the complete project, which can be compiled?

thanks a lot for this !!

@boot You are an expert, please give me some advice. 20250416_190759.mp4

I have question how to create that shfolder.dll u created it by yourself or how the process is going can any one answer me please

Bypassed.mp4

Forgive me for speaking frankly. There is no need to use the so-called "KeyGen", and it can be directly forced to bypass this protection. Those who boast about "KeyGen" but do not provide effective solutions are useless besides wasting forum space and questioner's time. Video_2025-01-25_181545.mp4

View File WinLicense v3.1.3.0 x64 (Bypass Without Unpacking) License User Details User Name=2days Tuts4you Company=The Terminator Hardware ID=6FF7-E7EF-5988-20FE-144E-865D-2D30-A73B Custom Data=<custom_start>Skynet, a global network of artificial intelligence machines.<custom_end> License Restrictions Days Expiration=365 Date Expiration=2029/12/12 Executions=999 Runtime execution=999 Global Time=999 Install Before Date=2029/01/01 Miscellaneous Unicode License=yes Generated License (FILE KEY) License Format=Binary License Data= <license_start> ghO1ud4wf14YNU87wUptZ1JTofTFErVAD+IwWKEjB/fxOtba9Vt0uasw45jdF3Yr9eGcJ/6h6lfad3d/MMYzxXYP7OZVGfHctljzMWS4H13UVl3DWBgWzCeozgy9k1UlULrL3/oKL/VdiS/BOJC98IgsF5+XT80xyGxos+Hcs4YdRarI9t0tj/+asJhpgN2KAXvH6lfp8qp0uvwZQUcnw/u+SpQjssOF5aAP9Bwweuw+6nfGxrZGcy8aNK3Kqo7rI5rLPk9Mzo1U0WkS1/I8lpQS1Mtticm1Am/eZCiCHJDMXDEfgTEuLGhQ9AItQtLQ2Fn8egx786AbJM09OEdiz5aGhz3kZfJZz8djMG3g8222gCmmDty8G4pBttMefKkVjKHoI2UXboNHpoOpxi53F6jldAhh3t+JoaOwa3Ng51uTfoNc2kLlCCP+jrjchZUNN9MY8y3kQ4K0Hd6eNkPAXwqbl2kakLZOlsmkkkVi9Pg620SzOt6YHh9iV1rS+TZ0jzWMvC9IakEgJionxYShgLg1Qkv6o4qIzP2ri9lMpM5eJK9Zo+Yl6K9HLnJ/gOE97Op7iAlywjsol5sunCIROe4pLHZo0PDNFJNZ4yy1VEgHp2+Qy/0nP55Fc8845MkE4hrjpg7SOFphFILgTuGVPG97nhRDTi05+f50WE2rl5PpuXnmeBblgD7S87p2tHUO7o2t8kvI/z7Xd9xNfw4HYJcbztKPxAkamUdIl0jmnhdIRGJMlYZm7rBgLd6dYhEu6Lo8P5vi7tydId4QsuwC7tv6+F8CQ1n6HpXSoPowKuMI/L2Zg1Ry3jlS2KUvH4spGy3URvJ8e2rFaDZpmQ== <license_end> File Information Platform: Windows Bits: 64-bit Type: Executable (Standard) Version: 1.0.0.2 Modified: 8/1/2023 12:09:04 PM Protection Macros Virtual Machine: 10 Mutate: 0 String Encrypt: 6 CheckProtection: 2 CheckCodeIntegrity: 0 CheckVirtualPC: 1 CheckDebugger: 1 Unprotected: 0 CheckRegistration: 0 Registered: 0 Unregistered: 0 WinLicense x64 (version 3.1.3.0) Unit_bypassme.pas Submitter 2days Submitted 08/02/2023 Category CrackMe  

Few Questions in my mind regarding the @solutions getting posted and even getting approved. How did you patch It? How did you unpack or crack It? What kind of debugging settings used by You? Have you used already available public tools or coded something private? (If you made something privately then how does It work?) How did you trace and reach to specific point for patching? (Anti debug bypass or CRC check for patch) What was the logic behind that? Do you guys know what a good @solution is? See this - What is the logic of all these videos posted in threads (mostly related to Themida) ? are these Useful? No absolutely not. you all are just acting like an attention seeker by showing off that you can unpack or patch by making a 13-15 sec video with no info. in such videos, there is a loader and you launch and it works. BOOM ! If all the videos are like this then better not to post and increase burden on the site because in my point of view these kind of video proofs are pointless and senseless. We are here to read and increase the knowledge. If you don't wanna share, simply keep it up to you. No need to show off and even If you do, I have no problem with you when you show-off but It should not be marked as a Solution. P.S. - I am not asking you to share the source code or a complete private stuff but at least you can share steps in a descriptive manner.

@TRISTAN Pro: The point of the forums is to enable other people to learn about the protections and unpacking. When you post just an unpacked file, nobody learns anything. Would you please be so kind and write also a few sentences on HOW you did it?

Debug with dnSpy and Remove Anti-Tamper. NOP Anti-Tamper Call and Save. Search for "GCHandle.Free" and put BP. Debug the File and Save koi module from Memory. NOP Anti-Tamper Call after debugging in dnSpy. Clean Cflow as It is a basic "switch" one. Clean Proxy. Clean Constants. Rename using de4dot. WindowsFormsApp1_unpacked.exe

https://github.com/x64dbg/TitanEngine https://docs.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-addvectoredexceptionhandler

Ported to FASM diablo2oo2's snr patchengine and little search&replace patch example. snr_example_scr_fasm.zip

@ morfej Why using a NetFrameWork file?If you can then create the same UnpackMe again as nomral PE32 file if possbile. greetz

Hi, ok normaly you don't really need a tutorial for this but if you are a newbie then I could make a little exception in that case. - Video- Text Infos + details- Res Tool- Unpacked filesJust watch and read and try and if something is not clear then ask again.greetz Unpacking PESpin.v1.33 - No Specials.rar