Jump to content
Tuts 4 You


  1. Kurapica


    Full Member

    • Points


    • Content Count


  2. kao


    Full Member+

    • Points


    • Content Count


  3. Teddy Rogers

    Teddy Rogers


    • Points


    • Content Count


  4. CodeExplorer



    • Points


    • Content Count


Popular Content

Showing content with the highest reputation since 03/07/2020 in all areas

  1. 7 points
    What makes you question either of these? Private: There are occasionally some techniques, practices (and tools) kept private to stay ahead of the game. Nothing has changed much over the years in this regard as far as I can tell. Knowledge: As @kao already mentioned most of the core techniques and information is out there to be discovered (in these forums for example). It only needs a willing and proactive individual to expand and develop on this information. As everyone seems to have their own blog (or YouTube channel) these days these generally seem to be the new format for tutorials. One day... when all my children have grown up and left home I can get my life back and get back to RCE and making traditional tutorials. Hopefully the RCE world will be an entirely new and interesting place to explore... 👍 Ted.
  2. 5 points
  3. 5 points
    Hello guys, I'm proud to announce the beta release of AMED (an Advanced Machine Decoder). It's extremely fast, lightweight and supports the following architectures : - x86(with all its extensions including xeon instruction set). - aarch32(arm, thumb, neon, ARMv8+). - aarch64(with all its extensions including SVE). I also released the new version (v3) of opcodesDB. https://github.com/MahdiSafsafi/AMED https://github.com/MahdiSafsafi/opcodesDB What do you think guys ?
  4. 4 points
    Please people do not take any "cure" for COVID before consulting an specialist (medical man). They are a lot of so called "cures" for COVID which are actually all fake. There is no cure for COVID at this moment.
  5. 4 points
    My personal belief is that the entire world around is fake - just a simulation. Our universe does have a creator and that creator may or may not be God. The pain & and struggles we face means nothing in the greater sense. We are nothing more than a programmed object. Even the pain or happiness is nothing but programmed feelings. For example, we design computer games with their own story-lines. In one such game there may be a person who is put under immense pain. There are many movies in which innocents die due to no fault of theirs. However we are not concerned since we know the pain is virtual. It's how we designed the game or movie. In a similar sense, our creator knows the pain we humans/animals face is also virtual. In the real world (which is not this world) this doesn't matter. Even the concept of life and death is fake. Death is simply a way of putting an expiry date. Is is possible to know the real truth? I guess it is. But once humans try to understand the real truth there will be no wars anywhere. There will be no struggle for wealth, fame and power. After all why run after wealth, fame & power in a fake world. If there is something that needs to be done is to try to find out the real truth and escape from this fake world.
  6. 4 points
    I think a lot of public knowledge sharing is going on, especially in the field of malware analysis with many good YouTube channels and blogs covering basics. It just looks like people move to social media (Twitter/Reddit/Discord) to discuss things and traditional forums start to show their age. There is also a very active CTF scene with many techniques and tools being shared (tools on GitHub) and it appears that the cheating scene is also still very active. If you look at more academic sources there are a lot of techniques published (frameworks like miasm/angr/triton or LLVM-based techniques) and there are still many things to be learned, you just have to be willing to put in the time. Obviously nobody is sharing tools for VMProtect/Themida/whatever, in my view simply because there is a lot of money to be made there, but a very similar thing has been going on in the dongle scene for years and that's nothing new.
  7. 4 points
    I think that to add to this, many apps worth reversing nowadays tend to use more sophisticated techniques in the past. In older times, things could be cracked often in mere minutes which was a motivating factor. Most people start with a target in mind, and their patience to learn is quite thin. Nowadays, you may have to learn to unpack, advanced cryptography, anti-debugger techniques, details of security permissions, etc. Windows itself has evolved into a much more complicated beast making the learning curve much steeper. I remember the days of SoftIce and what a wonderful tool that was. Nothing even compares to it to this day. Although there are suitable alternatives, it was trivial to install and get started immediately. Now its a lot of complicated details to get going with tools. We had websites like +Fravia which were simply fantastic reading and offering fun challenges designed to make people think more deeply about reversing, not merely reversing of computer code. How to search was emphasized so much, and this is part of the reason that people became independent solvers. But we have tools like IDA Pro and Ghidra that have also made analysis quite a bit easier. We have faster and more powerful computers and an internet even more full of knowledge, if one knows how to find it. Some knowledge has become obscured by certain mainstreaming and politicizing of information designed to bury other information, and it would be nice to have better searching capability again, not just some commercialized nonsense that has decayed. So high learning curve and people with low patience, and usually choosing their initial motivation as an out of reach target that will require learning a variety of reversing disciplines has raised the bar. My prediction is that when the older generation retires, there will eventually be a new generation who will revitalize the whole thing in their own style. There may even be a generation skip here, as a pretty dead and flat generation can often lead to a really good generation after. One generation trying to make up for their mistakes by raising children better. The rapid spread of technology and social media caught the prior generation by surprise, and has led to a correction generation. If they really need YouTube videos and auto-magic tools, then they will make them and get them. We really have a different style and culture from them, and whether we respect this new way or not, supply and demand will eventually work itself out.
  8. 4 points
    I blame high speed internet and HD porn ! << just kidding The knowledge is out there, as my friends already said, you just need the motivation to learn and explore, it's time-consuming and the new generation wants everything ready and they want it quickly.
  9. 4 points
    This forum is overrun by lazy-ass noobs who don't really want to learn. They want to have a youtube video and automagic tool for everything. Ready-made tools are private for this exact reason. People who want to learn will find the necessary information to learn the basics. And once you show you've done your homework, knowledge and techniques are being shared freely. Maybe not 100% public but via PMs and chat.
  10. 3 points
    I have not read through the entirety of what has been posted here and I really do not want to have to for moderating purposes. I kindly ask that if other people have opinions (what ever that evidence is based upon) respect them and debate them without having to degenerate your posts in to personal attacks. Try to influence each other through debate and not impose or mandate your view point on everyone else. The Covid-19 has been a fast flowing series of events that even the best governments and scientists around the world are struggling to understand and resolve. If you are unable to discuss appropriately my advice is to not to reply or post at all... Ted.
  11. 3 points
    Agreed. And no medical suggestions please, unless you are medically qualified and certified to give any since they could potentially put innocent people at risk if they follow them without consulting with their physicians first.
  12. 3 points
    If there is a god somewhere it's a god of war (and it's not kratos). Anyway, fews interesting ressources: Covid19 in japan (map): https://coromap.info/ Covid19 in switzerland (map): https://www.corona-data.ch/ Covid in france (map): https://dashboard.covid19.data.gouv.fr/ Research material released by China: https://www.mdpi.com/1999-4915/11/3/210/htm thought from MIT: We’re not going back to normal: https://www.technologyreview.com/s/615370/coronavirus-pandemic-social-distancing-18-months/ Corona tracker for BBS software: https://www.phenomprod.com/ Wanna help? you can start folding https://foldingathome.org/covid19/ And 3d print visors for your local doctors and hospitals who are in very terrible condition.. https://blog.prusaprinters.org/from-design-to-mass-3d-printing-of-medical-shields-in-three-days/ remember: there is no cure
  13. 3 points
  14. 3 points
    @Blue: you have a bug in your crackme that makes keygenning it so much harder. You use string "DE" in 2 places - which is really not good. So, I cheated.
  15. 3 points
    It is not for il binaries but his test app is very simple sleep followed by printf. Wonder how will work on some virtualized complex algorithm.
  16. 2 points
  17. 2 points
    You could also try using the Extended Tools plugin in Process Hacker to monitor disk activity, then filter by process if required. My preference though would be using Resource Monitor, as @atom0s already mentioned. You can filter a process to see everything happening with it on the Overview tab plus it catches things like Page File activity. Leave Windows 10 to optimise (or defragment) your drives, no need for another program to do this work... Ted.
  18. 2 points
    You're writing to the wrong address. It should be something like: WriteProcessMemory(debugee,pointer(dword(ProcessBasicInfo.PebBaseAddress) + 2),@buffer,sizeof(buffer),length); Since Delphi doesn't have a pretty way to get field offset, I had to hardcode the "2" instead of writing something prettier like "offsetof(PEB, BeingDebugged)". You could do some of the ugly tricks mentioned here: https://stackoverflow.com/questions/14462103/delphi-offset-of-record-field but to me it's not worth the effort.
  19. 2 points
    Reverse engineering the Coronavirus: https://github.com/geohot/corona
  20. 2 points
    Please guys, I'm begging you not to hijack the original topic theme, we are here as friends and we don't need any new drama, please let's keep this place worth visiting and avoid personal issues.
  21. 2 points
    Dear, my uncle has renal failure and when he needed surgery they did not use these on him. What you are quoting seems to be those valid for otherwise healthy people without such salt and water restrictions. By the way, I use Himalayan salt in my cooking. It is nothing but table salt but it looks pink and contains more minerals I guess (not purified). Same with sea salt which I use in cooking shrimp dishes. Iodized or non-iodized salt is not important here. The restriction is for the Na ion and the total quantity of water intake per day. All of these are forbidden for my uncle. He even measures exactly how much water he is allowed to drink per day. A lavage is performed in the hospital and is different from drinking the saline solution! A lavage means that they use a tube to push the pressured solution in and then also suck it out later through a NG tube. A lavage cannot be done by untrained people at home and is dangerous if attempted by untrained individuals without medical training or equipment in their homes. If you do not get your medical facts right, please do not post medical advices. We do not want everyone making fun of tuts4you. Peace
  22. 2 points
    Try InstallRite: https://www.softpedia.com/get/System/System-Info/InstallRite.shtml it is free. Most popular portable creators are Turbo Studio and VMware ThinApp, there is also Cameyo, don't know if you want to create portable program!
  23. 2 points
    had it hit us 100 years ago, It would have had the same effect of the Spanish flu, but the number of casualties is greatly reduced due to modern science and easiness of sending information and awareness, our hearts go out to all those who lost their loved ones. and we hope this will awake those who were responsible for this outbreak either directly or indirectly to change their habits.
  24. 2 points
    Hi there, Everyone has his/her favorite tools - but that's not what you were asking. So, just to answer your questions: * Peid was abandoned years ago. Best option is ProtectionID - but even that is not being updated anymore. DIE is the wanna-be alternative but it's lightyears behind in terms of reliability and coverage. * IDA is the most commonly used disassembler. Ghidra is the open-source alternative from NSA. Hipsters prefer Radare2 or Binary Ninja. * Olly works (with a patch from http://waleedassar.blogspot.com/2012/03/ollydbg-v110-and-wow64.html). x64dbg is the new crowd favorite, IDA has reasonably good debugger as well. * Imprec doesn't work with modern OS. Scylla is the alternative. * HIEW still works. * As for anti-antidebug - ScyllaHide is a pretty good option. Most of the tools mentioned can be found in this forum.
  25. 2 points
    Ad-blocking proxy? Where have I seen that before? Oh, yeah, Proxomitron from year 2003. Privoxy does the same thing. Adguard has had proxy option for years. So there's really no reason to get overly excited for that "early alpha software" hipsterproject.
  26. 2 points
    Another bug in crackme - certain part of code will get stuck in eternal loop. For example, try using serial "QzBDMDBCMEJCMEIwREUwRC0tREVDMEFE" Attached is a keygen + source which works it's way around different issues in keygenme. Except the eternal loop, that is.. kg_for_blue_saga_by_kao.zip
  27. 2 points
    1) There was nothing new, unlike the old versions, I did not replace the HWID, I just found the button in the NAG and patched the execution result, because the file did not have a constant, it worked. 2) One of the functions was under the virtual machine, not counting the EP. CISC vm is a simple virtual machine and the code was small. mfcapplication1_unpacked.rar
  28. 2 points
  29. 2 points
    пароль: F * * king_m0rfing
  30. 2 points
    Is everything going PRIVATE or knowledge stopped being shared ? Unpacking => Private ... Tutorials(Patching , keygens) ==> Private ... New techniques ==> Private ... knowledge ==> Private .. So what we left for the others for this Scene ?? The only thing that left is nothing some old books and old school techniques and nothing else... Why ?
  31. 2 points
    One of the main reasons why solutions for complex protectors are not shared is because forums like these are the haunt of the protector software vendors as well, who use the reversers as "free testers" in order to improve their future releases. Which is why, the moment someone releases a solution, within the next 2-3 days, we find that it no longer works, as the vendors would have patched it up. This is the main reason IMO why everything is declared as "private" these days by the veterans, who do not want to spend hours once again, creating another solution for the protector. Money is one thing, but many of these solutions are shared free-of-cost on private forums within private sections, which means that money is the full reason. Vendors are on the lookout for solutions so that they can render the published solutions ineffective, many a time posing as innocent requesters. That is the reason that such solutions are made available only to vetted members in certain private forums.
  32. 1 point
    Grow up and move on. Is it okay to be wrong. Just say sorry and move on. That is what adults do. @Kurapica The poster Progman seems to be not only childish but determined to turn this forum into a battlefield. Maybe you should direct your energies towards telling that person in private to stop persisting in his vain attempts to prove himself right when he clearly goofed up and gave dangerous medical advice. You can also see that he persists in making 2 more posts in this very same thread trying to prove himself right. You may also like to know that the Progman (who also is known as Chants on another forum and a wide variety of alternate nicks on other forums) is going around telling that he is a "Good friend of Kurapica's" in order to gain various extra privileges. This is not healthy either for for the forum or your reputation, which he seems intent to mar.
  33. 1 point
    Have you tried using Privacy Pass? https://addons.mozilla.org/en-US/firefox/addon/privacy-pass/ Ted.
  34. 1 point
    Use of Tor leads to even more nasty captchas on most of the sites! Doesn't work in many countries where they use either cable-based or fiber-optic internet. In the US for ex, you need to call up the ISP if you need an IP change, or wait for a few months till they change it on their own... The best way is to get a good VPN and use it. Most of us do that.
  35. 1 point
    If you want a dynamic IP and bypass the nasty stuff from time to time, try Tor Browser. It worked with me in several occasions, hopefully it will do so with you either. https://www.torproject.org/download/
  36. 1 point
    I agree it's very annoying, if your IP from the ISP is static then it's a nasty problem, try resetting your router to get a new IP from your ISP The new IP could solve your problems.
  37. 1 point
    Would suggest using a sandboxing type tool that can hook and log all types of system actions. (ie. Sandboxie, Cuckoo, etc.) The latest versions of Windows 10 (Insider Builds) also now include a sanbox/virtualization system for these kinds of things too: https://www.pcmag.com/how-to/how-to-safely-run-software-with-windows-10-sandbox As for self-monitoring, there are things such as: ApiMonitor: http://www.rohitab.com/apimonitor procmon: https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
  38. 1 point
    A VM is the only reliable way. The other reliable way is to image your hard disk and restore it after every cracking task. But this will significantly shorten the life of your drives, especially your SSDs. These days apps write to obscure places. So no one prog can reliably remove all traces of a software!
  39. 1 point
    Download broken! Please re-post it!
  40. 1 point
    hi @codeExplorer : who is cruel is man not God ! look around you there are lot of wars ,killing everywhere , poverty etc.. all these things are made by humans !!! even covid-19 is suspicious though. !
  41. 1 point
    Well the thing is that this life is a test. There is absolutely no justice in this world or short life which is filled with hardship and tragedy. So considering that judgement and eternal compensation is in the hereafter, those who die innocently or prematurely will have had short or simpler tests and will still be judged fairly. Whether you agree with this view is up to you. But a consistent and coherent explanation is in order. Seeing tragedy in the world does not make the creator cruel or unjust. A few short years compared to eternity is not a comparison. God had no beginning and has no end. The human soul has a beginning and no end. This world has both a beginning and an end. An eternal and absolute God who is perfectly just if creating new eternal objects would have to sort them based on a criterion - to eternal paradise or damnation. Hence a temporary creation to make it so a binary result can be obtained. You can study religion and people have for centuries, it is philosophically sound at least in it's original form. I am trying to convey a small amount of the key parts of this knowledge from a reverse perspective just to quickly increase understanding. Even if nothing in the world is free, you always have a free choice to believe in the creator or not, until you die.
  42. 1 point
    Which app is it? I can check.
  43. 1 point
    old shits, dont know if working on modern systems @ for registry https://sourceforge.net/projects/regshot/ for files SilentNight Inspector not sure is doing the job, but give a shot. -- as trial https://www.softpedia.com/get/Authoring-tools/Authoring-Related/VMware-ThinApp.shtml to convert to normal registry, use the build in app : //expport by c:\1.tvr to output.reg vregtool c:\1.tvr ExportReg c:\output.reg
  44. 1 point
    A light-weight password manager with a focus on simplicity and security https://github.com/JFreegman/SpicyPass
  45. 1 point
    Hello! I'm wondering is it just me or the downloads always get "File Not Found"? I tried so many downloads pages, none worked for me! Is there something wrong with it?
  46. 1 point
    Free games just keep on giving... Tomb Raider Lara Croft and The Temple of Osiris Headsnatchers Deiland Drawful 2 Offroad Racing - Buggy X ATV X Moto Pleasure Puzzle: Portrait Sky Boom Boom Spirit Lake Fish Lake Frozen Soul Dog's Garden Helicopter Flight Simulator 3D - Checkpoints High Speed Trains 3D Flight Unlimited Las Vegas Real Fighting LLC Games Simulators Live LLC Games Teen Games LLC Game Chronology Football Manager 2020 Soko Loco Faerie Solitaire Classic Pipe Push Paradise Hiding Spot monad The Rainsdowne Players Central Limit Theorem ART SQOOL Fidel Dungeon Rescue ASA: a free adventure (covid containment offer) Ted.
  47. 1 point
    InstalledAppView, gives a quick list of installed programs though does not uninstall. You may find it of use. Ted.
  48. 1 point
    I think the vast majority of vendors do not have protection as a high priority. This is only a smaller group of unique vendors largely who have programmers who have taken a particular interest in the field. What you describe without a doubt is happening but only in this niche, and we can name the handful of products and technologies and companies involved mostly. After all the industry leader in software Microsoft has largely set an example of giving products away almost for free to establish market dominance. Then they find profits through alternative channels like exclusive deals with hardware vendors and the like, or large business support contracts. Most developers are more interested in developing their product than playing the cat and mouse game with the reverse engineers. Unless they have a passion for the lower level aspects of code, its doubtful they are very interested in developing something without a rewarding look and feel result. It usually at best goes from low priority to medium priority when its a consumer product and the vendor is losing significant business due to piracy. There are still plenty of easy to crack apps, whose cracks end up working for innumerous versions. And with service model moving into play everywhere for so many apps, its totally changing the traditional model so that protocols and banning abusers is the way many app makers work, such as on Android.
  49. 1 point
    In theory will be possible, unfortunate current created quantum computers don't have enough qubits. Read more: How Does a Quantum Computer Work? https://www.youtube.com/watch?v=g_IaVepNDT4 How it Works: Quantum Computing https://www.youtube.com/watch?v=WVv5OAR4Nik A Beginner’s Guide To Quantum Computing https://www.youtube.com/watch?v=JRIPV0dPAd4 Lunch & Learn: Quantum Computing https://www.youtube.com/watch?v=7susESgnDv8 Understanding Quantum Entanglement - with Philip Ball https://www.youtube.com/watch?v=5_0o2fJhtSc Quantum Fields: The Real Building Blocks of the Universe - with David Tong https://www.youtube.com/watch?v=zNVQfWC_evg Dark Matter's Not Enough - with Andrew Pontzen https://www.youtube.com/watch?v=GFxPMMkhHuA Why Everything You Thought You Knew About Quantum Physics is Different - with Philip Ball https://www.youtube.com/watch?v=q7v5NtV8v6I Quantum Algorithms https://www.youtube.com/watch?v=-ysVGWtAjio How Quantum Computers Break Encryption | Shor's Algorithm Explained https://www.youtube.com/watch?v=lvTqbM5Dq4Q How Shor's Algorithm Factors 314191 https://www.youtube.com/watch?v=FRZQ-efABeQ What is Shor's factoring algorithm? https://www.youtube.com/watch?v=hOlOY7NyMfs 44 Quantum Mechanics - Quantum factoring Shor's factoring algorithm https://www.youtube.com/watch?v=YhjKWAMFBUU
  50. 1 point
    I once post it in a China forum, you can visit it in https://www.52pojie.cn/thread-762832-1-1.html by Google Translator I try my best to introduce it using English 1. download x64dbg and download the symbol file of clr.dll (mscorwks.dll if runtime is .net2.0~.net3.5) 2.set a breakpoint at "SystemDomain::ExecuteMainMethod" in clr.dll/mscorwks.dll and run 3.use MegaDumper (I use my ExtremeDumper based on codecracker's megadumper https://github.com/wwh1004/ExtremeDumper) to dump the main module when the program break at "SystemDomain::ExecuteMainMethod" 4.fix pe header and maybe you shoud also fix .net header This way is more complex than use MegaDumper only and directt dump the assembly. But if the assembly is packed with native stub and protected with anti dump (ConfuserEx and others) or protected with whole #US encryption (DNGuardHVM and others), maybe this way is good to dump assemblies. If you can not understand it, you can reply me. Best wish.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
  • Create New...