Leaderboard

So you want to download some releases from snd? alright let's see at snd.webscene.ir, the distribution section menu contain a link pointing at hxtps://keygens.pro/ Super, looks like there a lot of cracks over here! and the site is virus free, right? So let's pick something, i don't know, maybe 7-Data.Card.Recovery.1.1.keygen-SND hxtps://keygens.pro/crack/729775/ lol @ description on the page, didn't know reagan was from snd and born in russia Anyway we got redirected on a download page after clicking 'Download only Keygen' button, we have to fill a captcha and agree

Info: https://www.reddit.com/r/windowsxp/comments/iz46du/the_windows_xp_source_code_has_been_leaked_on/ Most of the torrent includes previous leaked data/files. But now claims to include the full source to Windows XP (looks like SP1 based on pics people have posted). If you plan to download this (42gig torrent) I'd seriously recommend a VPN.

After spending three days i m still stuck at 4th challenge now i understand what it mean to be a reverse engineer. May be i will not solve all(or may be even the half of them) the challenge but i still try my best till the last day.

Eric S. Raymond is either very naive or has been smoking some strong stuff... Microsoft is not going to abandon the only thing that differentiates them from Ubuntu. Windows kernel is here to stay for a very long time.

Comments by a developer inside the Windows Media Player source code pastebin.com/PTLeWhc2

What I find of most interest is the API index and any documentation that exist. Line comments in the code can tell you a lot about what was going on internally within Windows. I recall chuckling over things like this in code comments, "Certain lame apps (Norton Desktop setup)"... Ted.

Here are some of my keygen/crack GFX's / templates i've made on photoshop + WinASM studio these days : (1) https://imgur.com/vS71RaO (2) https://imgur.com/3fWUf30 (3) https://imgur.com/5YfB8Xg (4) https://imgur.com/2Bt54Ne (5) https://imgur.com/fDC4FfK (6) https://imgur.com/p4TBQ4J (7) https://imgur.com/gNOgPnR (8) https://imgur.com/vkwSQ01 Please note that PERYFERiAH team is not a warez group. It is actually a vlogging team since i was making vlogs in high school in the past. And the people of the PERYFERiAH (PRF for short) were actually my

@underthevoidDid you try downloading from this thread, most of the links from this thread is working for me. vnekrilov's thread Rar file I am not an expert in unpacking, but u may try compile your own small executable files and protect it with various protection options one at a time and analyze/compare with that original, that way you can learn what is happening with each protection options.

Search for the keyword: vnekrilov He published a set of scripts and tutorial covering pretty much all features of Asprotect. Tutorial was machine-translated from Russian to English but it was sufficient for learning purposes.

Part 1 Part 2 Part

bleepingcomputer.com/news/microsoft/windows-xp-and-server-2003-compiled-from-leaked-source-code/

"App does not want to close, ask user if he wants to blow it away" Ted.

https://dev.to/gabbersepp/create-a-net-profiler-with-the-profiling-api-start-of-an-unexpected-journey-198n https://github.com/gabbersepp/dev.to-posts/tree/master/blog-posts/net-internals call-c-from-cpp debugging-profiler digging-into-callbacks how-does-profiler-work how-to-debug-with-windbg marshal-example net-bitness profiler-attach/code/DevToNetProfiler profiler-fn-enter-arguments profiler-fn-enter-leave-x64 profiler-fn-enter-leave stacktrace-linenumber/code/DevToNetProfiler write-net-profiler

With all respect to the efforts of the authors of the challenges, I advise you guys not to evaluate yourself or skills based on how many challenges of those you were able to solve, do it only for fun, it can be really depressing not to be able to pass some of the challenges, it's just a CTF in the end.

there is only single ranke or dual rank, nothing else. if they dont specifiy "dual rank" explicitly, it's single rank. i just found it: https://www.crucial.de/memory/eol_ddr4/ct8g4dfs8266 So this is the difference between the two IDs you posted, one is just newer manufacturing. Total limit for both slots all in all is 32, so 2x16, yes. Singel channel is always supported, and double channel bars can run as single channel.

8 GB Kit (4 GBx2) | 8 GB Kit (4 GBx2) Single Rank = you will get two 4gb bars, not what you want single rank, dual rank = dual rank is special option, you almost certainly have and want single rank. indeed the part number you posted seems single rank. 8 GB || 8 GB Single Rank | = same thing, probably different charges or submodels tldr: You want to buy the standard "8GB" bar. Or the "16GB". Both should work, 8GB certainly does, if you want 16gb you could google your motherboards id and "mix 8gb 16gbs ram stick" to rule out any performance issues when mixing, but ther

This is what I found: "A memory rank is a set of DRAM chips connected to the same chip select, which are therefore accessed simultaneously. In practice all DRAM chips share all of the other command and control signals, and only the chip select pins for each rank are separate (the data pins are shared across ranks)." https://en.wikipedia.org/wiki/Memory_rank So basically from what I am reading this just pertains to how big the bus of each memory chip is (don't quote me on this).

Oops... misread your first post. Now I understand. I have made some changes, give it a test run and let me know if not all good... Ted.

I can see that automating the process of unpacking is the future, totally. Thing is I want to work in this field and to do so I need to know the basics. Could you throw me some links or words so I can search in this forum that will help me on learning how to unpack ASProtect? I'm very new to this community so I'm a bit lost with so much information Thanks in advance!

https://torrentfreak.com/games-piracy-scene-reinvigorated-four-denuvo-protected-titles-released-in-one-day-201015/ Games Piracy Scene Reinvigorated, Four Denuvo-Protected Titles Released in One Day cheers B

retroreversing.com/source-code/decompiled-retail-console-games bonus IBM will list its IT infrastructure services unit, which provides technical support for 4,600 clients in 115 countries and has a backlog of $60 billion, as a separate company with a new name by the end of 2021. reuters.com/article/us-ibm-divestiture/ibm-to-break-up-109-year-old-company-to-focus-on-cloud-growth-idUSKBN26T1TZ and you still cracking?

Do you have a CUDA compatible GPU? It would be MUCH faster using GPU over CPU, C&A is an old app which, I think only officially works with XP, NT and 2000 and has been known not to recover some newer accounts / windows versions I recommend Hashcat, John the ripper or a pre rolled windows app which supports modern GPUs like the many from Elcomsoft 😀

When I was growing up, IT department was held responsible for all hardware misconfigurations and backup f*kups. In the new "Agile/DevOps age" they blame the hardware instead..

Heya, sorry I didn't see all the replies to this. Just happened to be cruising through, and remembered the thread. The VB6-specific code cache is at https://www.fortypoundhead.com/browse.asp?catid=122 Looks like y'all already found Github space for all of it. It's kinda of weird to discover my old stuff in there. Some of it I even forgot about, after all these years.

old stuff made me smile https://github.com/Planet-Source-Code/xylitol-a-patch-in-vb__1-70460

hmmm..things sound funky out there these days.. cheers B https://www.toptutorials.co.uk/games-cracker-empress-wants-to-crowdfund-denuvo-cracks-torrentfreak/ https://www.reddit.com/r/Piracy/comments/gqg4fc/why_did_codex_stop_cracking_denuvo_games/ https://torrentfreak.com/games-cracker-empress-wants-to-crowdfund-denuvo-cracks-200926/

romainthomas.fr/post/20-09-r2con-obfuscated-whitebox-part2/

I've also been able to change the PE header for a driver to a DLL, LoadLibrary it, and call the routines as exports ... or just call() straight into them. It's very ghetto-ish, and did it for an earlier year. Like Flare-on 2015, Challenge 10 https://www.ghettoforensics.com/2015/09/solving-2015-flare-on-challenges.html

here's the keygen template from the first pic. the keygen algo is removed from the project. xm by zalza (low-pitched by me to sound better for the kg) KeygenTemp4.zip

Keep the source code bloopers coming, gotta love it

Okay a bit late but maybe this'll help somebody. Shellcode is not a vulnerability, it's the code that can be used to exploit a vulnerability. The vulnerability is something that executes the shellcode (like a buffer overflow, use after free or something else). Which is not supplied in the link. Writing shellcode does need the ability to write Assembly that a Reverse engineer has. So he could make shellcode (which is similar to inline patching). However RCE goes way deeper it is the skill to deduce function out of complex VM's, obfuscation, functions and what not. You can then use th

don't brute-force it, and forget about the crypto function, it's all in the function which does the shifting A pseudo code would look like Local $flxmdchrqd = DllStructCreate("struct;byte[54];byte[" & $flvburiuyd - 54 & "];endstruct", DllStructGetPtr($flnfufvect)) Local $Counter = 1 ;first Loop >> For $dummy = 1 To DllStructGetSize($lowerCompName) Local $flydtvgpnc = 0 ;second loop For $LoopCounter = 6 To 0 Step -1 $flydtvgpnc += BitShift(BitAND(Number(DllStructGetData($flxmdchrqd, 2, $Counter)), 1), -1 * $LoopCounter)

GetAsyncKeyState GetKeyboardState GetKeyState To name a few.

God bless you for this shit !

First of all, this crackme is version dependent, it only works with Python 3.8 x86. I don't have it installed, so I had to replace _pytransform.dll with the x64 equivalent downloaded from here to be able to run it with my x64 version of Python 3.8. By looking in the memory of python.exe and placing hardware breakpoints on write on an encrypted code of PyArmor (that starts with \x50\x59\x41\x52\x4d...) we can find a place in _pytransform.dll where it decrypts it to the actual marshalled code object of Python. It is a function at RVA 0x254D0. Then we have to deal with the second layer of Py

Download them here:

Fun challenge. I went for finding just the key algorithm rather than fully devirtualizing, but the code is pretty clear. Here some sample keys: Approach: Keygen.7z

Sure, i gonna release a unpacker for net reactor 6x soon.

I am considering to start using Code Virtualizer (mainly because it supports binary formats not only for Windows). Could someone share experience/impressions on this piece of software? If possible, how it stands compared with other code virtualizing obfuscators? Note: I found a paper "Comparing the Effectiveness of Commercial Obfuscators against MATE Attacks" (by several guys from Univerisites of South Alabama and Nebraska), where the Subj: is compared with VMProtect and Themida - I can guess the Code Virtualizer gained some attention, if it became a subject of study. Thanks in

https://mega.nz/file/xgonHADA#6-giBWOZXfODm7sLFAMzuCH9L2uQz4sL_9NNBlDkLTM - for those who don't want to fill in the stupid questionnaire with company email address, job position and what not. https://mega.nz/file/Nt4xSaoK#jRcuuuM2vS77DM9Y-KuT4UQUKiYIEl0KkKd6Cp9t7hE - code samples that TheHackersNews forgot to include. Book tries to cover very wide area of topics - from Windows to .NET to Linux, IoT, iOS, Android and shellcodes. By doing so, it fails to cover any of the topics in sufficient details. So, it's a "Jack of all trades, master of none".

_PyEval_EvalFrameDefault executes a code object on the Python frame. To dump the code object to a file you need to use PyMarshal_WriteObjectToFile / PyMarshal_WriteObjectToString at an appropriate place within the function. DnSpy has nothing to do with Python. It's just a piece of string inserted there on purpose.

Is everything going PRIVATE or knowledge stopped being shared ? Unpacking => Private ... Tutorials(Patching , keygens) ==> Private ... New techniques ==> Private ... knowledge ==> Private .. So what we left for the others for this Scene ?? The only thing that left is nothing some old books and old school techniques and nothing else... Why ?

UnpackMe.clean.exe Approach:

Approach

My observation over the past few months shows the following categories of unpackmes/crackmes: 1. Genuine ones by members serious about RE: These are becoming more and more rare. These are the ones where the OP had put in personal effort to make them interesting and a real challenge to reversers, often using their own techniques to obfuscate or complicate the code.These are the ones that the likes of @kao and @Washi would enjoy. Here, the OP can post the solutions visible only to the mods. 2. Quick unpackmes/crackmes created from the latest releases of (commercial) protectors: These a

I think that to add to this, many apps worth reversing nowadays tend to use more sophisticated techniques in the past. In older times, things could be cracked often in mere minutes which was a motivating factor. Most people start with a target in mind, and their patience to learn is quite thin. Nowadays, you may have to learn to unpack, advanced cryptography, anti-debugger techniques, details of security permissions, etc. Windows itself has evolved into a much more complicated beast making the learning curve much steeper. I remember the days of SoftIce and what a wonderful tool th

Here, fixed that for you: "If the user is an idiot who disables all MS Office security settings, the malware will run automatically upon hovering over hyperlink." It's the same as to claim that office macro malware runs automatically if user has enabled office macroses - total nonsense and FUD.

Hello. Here i made a video of my script have a look VM API Fixing script is not mine its by PC-RET i just added that script to my script Video.rar

Figured I drop this here. Its the packer and decompressor I use for my private build of my exe packer. Feel free to do what you want with it. lzma_decenc.rar