Jump to content
Tuts 4 You

Leaderboard

  1. CodeExplorer

    CodeExplorer

    Moderator


    • Points

      15

    • Content Count

      3,124


  2. Xyl2k

    Xyl2k

    Full Member


    • Points

      13

    • Content Count

      141


  3. Kurapica

    Kurapica

    Full Member


    • Points

      10

    • Content Count

      915


  4. kao

    kao

    Full Member+


    • Points

      10

    • Content Count

      2,392


Popular Content

Showing content with the highest reputation since 12/21/2020 in Posts

  1. Happy New Year 2021 For All members
    5 points
  2. Happy New Year and welcome to 2021! I hope we have a better year than 2020 and we get back to some normality... Ted.
    5 points
  3. That is it. Or c:\:$i30:$bitmap inside of a shortcut file would do the job. This will cause immediate corruption in Win10 builds 1803 or later. It will cause prompts to reboot to repair the disk and then chkdsk on boot will be unable to repair. This sounds quite dangerous as it makes downloading zip or rar archives and extracting them potentially harmful if they contain such a shortcut .lnk in them. https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/
    4 points
  4. I will release an update for the tool which allows the skipping of metadata writing errors!
    4 points
  5. 2021 and we are still seeing these lame bugs !
    3 points
  6. 3 points
  7. Found it PSC_-_A-One_DVD_Ripper_6.34crk.xm https://www.youtube.com/watch?v=WT2ulyq5-_Y
    2 points
  8. There's an old DOS game called Cyberia which has this saying in it. Maybe they sampled it from that game: Please enter identification: https://youtu.be/8eXK76pvHFc?t=65 Welcome back to Cyberia: https://youtu.be/8eXK76pvHFc?t=74 May be a clue to help find it.
    2 points
  9. I congratulate everyone on the new year 2021. I wish you all the best in the coming year.
    2 points
  10. Happy New Year 2021 to everyone
    2 points
  11. 2 points
  12. Reverse Engineering the source code of the BioNTech/Pfizer SARS-CoV-2 Vaccine berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/
    2 points
  13. today powered by white wine @ 2015 ( ITA @tonyweb ) src - otondo.com
    2 points
  14. View File CheckMePlease This crackme is created with Qt v4.8.4, The goal of this crackme is to make the CheckBox checked, not to only pass the check when the Check button is pressed. There is also the options of creating an program which will change the state of CheckBox. I don't think is trivial task: I can't even enumerate windows. Submitter CodeExplorer Submitted 12/20/2020 Category CrackMe
    2 points
  15. Microsoft discovers SECOND hacking team dubbed 'Supernova' installed backdoor in SolarWinds software in March - as Feds say first Russian 'act of war' cyber attack struck at least 200 firms and US federal agencies https://www.dailymail.co.uk/news/article-9071645/Microsoft-discovers-SECOND-hacking-team-installed-backdoor-SolarWinds-software-March.html It just keeps getting better...
    2 points
  16. [Unity Asset] Obfuscator assetstore.unity.com/packages/tools/utilities/obfuscator-48919 ZuccNet – Encrypted Facebook Messaging github.com/tomquirk/zuccnet Linux and Powershell matteoguadrini.github.io/posts/linux-and-powershell/ Purism.Librem - take back control and protect your private information puri.sm/ let the shit running by Removing the timebomb from Adobe Flash Player gist.github.com/KuromeSan/56d8b724c0696b54f9f81994ae3591d1 Phantom Malware ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9186656 IObit forums hacked to spread ran
    1 point
  17. A path would immediately cause Windows 10 to crash and display a BSOD when entered into the Chrome address bar. When developers want to interact with Windows devices directly, they can pass a Win32 device namespace path as an argument to various Windows programming functions. For example, this allows an application to interact directly with a physical disk without going through the file system. Lykkegaard told BleepingComputer that he discovered the following Win32 device namespace path for the 'console multiplexer driver' that he believes is used for 'kernel / usermode ipc.' When o
    1 point
  18. Microsoft is like an incredible collection of 0-day's.. Microsoft...
    1 point
  19. Came across these Stylesheets and thought i would share, these are not created by me but look better than the cream, there are 10 different versions for most taste's, here's a sample of them h"""s://github.com/x64dbg/x64dbg/wiki/Stylesheets
    1 point
  20. after almost one year (https://forum.tuts4you.com/topic/42464-coronavirus-covid-19/page/2/?tab=comments#comment-203339) i've now reached 100M point 640×480 jpeg 62,7 kB
    1 point
  21. today powered by Sutto Chardonnay @ 2016 ( @tonyweb ) sutto.it/en/Prodotti/Sutto-chardonnay/ superB!
    1 point
  22. SUNSPOT: An Implant in the Build Process https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/
    1 point
  23. i cant deob the calli ; some new encryption may be ? but i reconstruct the exe with some old tools How i have done ====== 1. dotnet dumper with dont rename option 2. reconstruct blod , us , string with cff explorer (i used) 3. universel fixer for fixed some dummy pe 4. de4dot option --keep-names-d --keep-types 5. now we can reflect the code with lutz reflector 6. confuser codecracker tools 7. drop again de4dot with 45 error what ever now SIMPLE ASSEMBLY EXPLORER for crack CrackMe69420_C_Cracked.exe
    1 point
  24. Beautiful templates, and nice to see someone doing something in asm and thx for libv2 1.5, you might want to see this one who have a replay function https://forum.tuts4you.com/topic/33593-libv2m-v15-with-replay-function/ on KeygenTemp14 you would have just minors modification to make it work. invoke V2M_V15_Init,FUNC(GetForegroundWindow),offset theTune,1000,44100,1 ; v2m initialization with current window invoke V2M_V15_Play,0 invoke V2M_V15_Stop,0 invoke V2M_V15_Close
    1 point
  25. net_3_5_Debug.rar After hook jit i got results like this but i was lazy to clean it all so i just figured out password : testCode_ok just modify the tool i upload here dm me for more infos
    1 point
  26. 1 point
  27. View File DNGuard HVM Try to unpack or alternatively provide the secret key, URL, Name and Address Protections used: DNGuard Enterprice HVM 3.953 Good luck. Submitter Mohd Submitted 09/08/2020 Category UnPackMe (.NET)  
    1 point
  28. 1 point
  29. Usual method I hear is to pull the SPI chip (well SPI on modern but not too modern) from the motherboard and modify offline, and solder back - this is what the repair guys do - you can find some of this info and backup images for the bios on the typical places to get laptop or motherboard schematics web sites although most of them are subscription You can pick up a USB SPI read/write tool on ebay for 20-100$ or so
    1 point
  30. Didn't notice much change, used the same techniques I used for v1, but unlike v1 here I kept your dynamic stuff. WindowsFormsApplication41.exe
    1 point
  31. you need win32 api to do this. Either you translate the semantics of that shellcommand to win32 apis and implement that in assembly, like done here: https://github.com/mmtechslv/killproc/blob/master/src/killproc.asm Or you use the system() api (or shellexecute) and use that in your code: https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/system-wsystem?view=msvc-160 system("taskkill / IM notepad.exe / F") The latter seems to be what you are looking for...
    1 point
  32. another keygen template made on xmas 2o2o the keygen algo is replaced with MirrorMe algo (from Canterwood's keygen template) v2m by Dafunk. Merry xmas 2 all tuts4you members around here KeygenTemp15.zip
    1 point
  33. The entire source code to taskkill has leaked online with the recent Windows XP / Server 2003 / etc. leaks if your goal is to see what the program does in full. https://github.com/bestbat/Windows-Server/blob/master/sdktools/cmdline/taskkill/parse.cpp https://github.com/bestbat/Windows-Server/blob/master/sdktools/cmdline/taskkill/taskkill.cpp https://github.com/PubDom/Windows-Server-2003/blob/master/sdktools/cmdline/taskkill/parse.cpp https://github.com/PubDom/Windows-Server-2003/blob/master/sdktools/cmdline/taskkill/taskkill.cpp Some of the leak is still
    1 point
  34. @tonywebmust be drunk on that wine by now lol!
    1 point
  35. Those big companies are tasting their own poison now, violating the privacy of all humans for years ! Why is it legal when they do it ? no one bats an eye when they spy on users and fu⁠ck us everyday by the name of improving services or protecting their interests ! now it's named an act of war because they are the victims.
    1 point
  36. im new to this forum and would like to introduce myself, my name is Ahmed.. i hope all will be friendkly to me
    1 point
  37. First i dumped file and enigma protector was removed Then i used ILProtector Unpacker by ElektroKill After i use constant decryptor made by cursedsheep and i was able to see the code
    1 point
  38. I just published my own write-ups on my GitHub, if anyone is interested https://github.com/Washi1337/ctf-writeups/tree/master/FlareOn/2020
    1 point
  39. awesome.vmp35_cracked.exe Every other portion of VMP is removed including CRC etc check. But still it will not run until we fix Delegates. It is still left
    1 point
  40. 1 point
  41. https://httptoolkit.tech/blog/inspecting-android-http
    1 point
  42. I am considering to start using Code Virtualizer (mainly because it supports binary formats not only for Windows). Could someone share experience/impressions on this piece of software? If possible, how it stands compared with other code virtualizing obfuscators? Note: I found a paper "Comparing the Effectiveness of Commercial Obfuscators against MATE Attacks" (by several guys from Univerisites of South Alabama and Nebraska), where the Subj: is compared with VMProtect and Themida - I can guess the Code Virtualizer gained some attention, if it became a subject of study. Thanks in
    1 point
  43. awesome_msil_Out.exe Approach: 1. Necrobit is a jit protection, so we use Simple MSIL Decryptor by CodeCracker , and it shall be ran on NetBox 2. Code virtualization is a relatively new feature of .net reactor, added in version 6.2.0.0. Here is the approach i took (i did this about 6 months ago so my memory is kinda rusty ) : (Click spoiler to see hidden contents)
    1 point
  44. they've done a really nice job! valid key: how: simply you need to figure out how VM read instructions/Eh etc and restore them. devirtualizing all .net targets are the same so try to write a devirtualizer for simple VM and learn how to deal with them. some other info you can find here & here. awesome.vmp-devirtualized.exe
    1 point
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...