Leaderboard

Coding for Kids in Scratch 3 -The Complete Guide to Creating Art Currently a free Kindle eBook at time of posting... https://www.amazon.com/dp/B07MDV3XYB https://www.amazon.com.au/dp/B07MDV3XYB Ted.

Hi guys, I am a fan of FFmpeg CLI tool but its always hard to remember all commandline arguments if I didnt used it for a longer while and I can't find my notes about it (as always).Now I thought it would be a good idea to code a GUI tool where I can use FFmpeg with and store all commandline argument combinations I want into it to call and execute them quickly.I know there are already a few GUI tools out there for FFmpeg but they have some limitations and or are not my taste.So you know I have always a special taste and wanna combine all together in the best case.Now after few months I am done with a first version and wanna also share it with you guys. First Steps -------------------------------------------- Start the app and enter your FFmpeg path.If you dont have it then download a static build from FFmpeg.org or ffmpeg.zeranoe.com/builds/ Next should have installed the VLC player (2.2.6 in my case) How it works? -------------------------------------------- So the app has 2 diffrent GUIs.The main GUI you can use for media editing,converting etc all what you can do with FFmpeg commandline arguments.The seconds GUI I made specially for quick handling of streams to play download them plus more features which could be important. Features: Main GUI -------------------------------------------- -Quick analysis of files after drag & drop into the app and showing the info into it -Full analysis of file by MediaInfo or FFmpeg itself -Preview image of video files & quick playing by your video player -Three diffrent commandline edit controls in main GUI to execute with FFmpeg -Quick Mux / DeMux function to extract / add / change streams without re-encoding in Concat or Input mode -Window to see whole FFmpeg traffic -Storage listview to (add / delete / send / play / record / search) manage your commandlines and infos -NoFile (you can use FFmpeg like in a normal CMD window) Features: Quicky GUI -------------------------------------------- -Store and choose diffrent URLs by menu -Store and choose diffrent commandline args by menu -Store and choose diffrent pre commandline args by menu -Store and choose diffrent names by menu (Will used to save into file and showing in VLC) -Play,Download,Edit,Search functions etc -Store names and URLs into extra listview -Store and call till three custom request headers -Diffrent choosable request methods,user agents and optinal headers -Url checking (with or without SSL) -Reading pagesources -Finding URL extensions -Response Header -Switch View (CRLF) -JSON Viewer -URL Decoder -OnTop On/Off I also created a video with some examples how to use my app but the video was getting a little big with 50 MB so I am sorry for that.Inside you can also find some text files with infos.If something not works or if I forgot to explain some feature or anything else than just post a reply in this topic.Have fun and till later. PS: I also wanna send some extra special thanks to our member fearless who always helped me a lot (without getting crazy - I think so..) with all my coding questions I had.Thank you. Merry Christmas and greetz FFmpeg Quicky 1.0.rar

https://github.com/Pigrecos/Z34Delphi My new repository for using Z3 in delphi(porting z3 c api to delphi). I tried and there were no tools for symbolic execution in delphi

Challenge of Reverse Engineering - Rules and Guidelines All challenges will be reviewed and approved prior to them being made public. You must use and adhere to the above template (when submitting a challenge) and the template in the post below (when submitting an answer/solution). A challenge is regarded as being solved only when a successful solution has been posted containing a tutorial or a detailed explanation. Solutions posted without any information will remain hidden from public view until a tutorial or detailed explanation has been submitted. The challenge will continue to remain unsolved. Please allow up to 48 hours for challenges and solutions to be reviewed.

This is already built into the forum software click search up the top and you have search options... Everywhere Topics This Forum This Topic More options... 😁

Done! This has been added for your user group. I will see how this progresses. Obviously there is a possibility this could be abused by members however I currently trust persons in this group will use it appropriately. Done! You can now download PM's individually or bulk in HTML. The output HTML template is a bit crude. If you have some suggestions I'll contact the developer and propose the ideas with some of my own. Of the other suggestions proposed here I will reply to you all after I have thought them over and have appropriate time to reply accordingly. Thank you! Ted.

As mentioned in a prior thread, Kernighan and Ritchie is the de-facto standard in this case. You can get it for free here: http://www.dipmat.univpm.it/~demeio/public/the_c_programming_language_2.pdf

Confuser + Ilprotector + Enigma

Native layer seems to be protected by Enigma. .NET looks like ILProtector!

Find it funny how the agitator creates the topic to try and bring attention to what he had to post later on Puny schemes. People just have lives; RE isn't going anywhere. Same as there's been one generation of smart, skilled and enthused people, others will follow. Circle of life. What I do find funny is how this "high-level programming" works even with big companies, such as Denuvo. I put quotes because same as Java relies on a ton of shit OTHER people wrote across time, which they now just import, similarly Denuvo relies on VMProtect to shield whatever crap they've got going on. Were it not for it, we'd have gotten ourselves the ol' time SecuROM/SafeDisc fiascos. I digress.. Congrats, ExoD And keep it up, love your work.

Good Luck @mrexodia but we are patiently waiting for the source leaks << Just kidding and check that private message I sent you long ago if you have a minute

My guess would be deep inside the protector...

Did they just doxed a bunch of scene guys or am i too high again to understand anything ? I'm totally with them on the fact that the dude did not cracked the binary in 20m however, since he used a tool he used to code for a long time (2 years ?). Looks like "whos got the biggest D" games are getting funnier

Result: How To Do: 1. Dump program while running using something like MegaDumper to see a basic jist of what is done. 2. See that GUI_Modelx86.dll holds all the important information. 3. Unpack GUI_Modelx86.dll. 4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8 5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key. 6. Set key in program, click button and get results above. To unpack GUI_Modelx86.dll: 1. Load in OllyDbg. 2. Step until ESP changes. 3. Follow ESP in memory, set hardware breakpoint on access. 4. Keep running until you hit a JMP EAX instruction, step into. 5. Dump, fix imports, and you have the dll unpacked now. Wouldn't really consider this 8/10, it was pretty easy.

im cracked with olly dbg movie attached confu.rar

@CodeExplorer: Yes, there is. Start using a browser like any normal person would. You do stupid things and stupid things will happen to you. Why exactly do you think this entire forum should adjust to suit one person, who is using a very outdated browser with an extremely rare combination of settings?

Bullshit. I took a look on their VM (the sample that HellSpider uploaded). It is very simple VM with very simple "obfuscation" (or you can say almost no existing obfuscation). Totally out of league of Themida/VMProtect . (I worked on that a little bit more than one weekend and I think that I need one more weekend to finish devirtualizing his sample, but not so interested in it right now) The only reason that there are no tools/tutorials for it is because it is not as common as Themida/VMProtect. The same is probably true for all the other uncommon "much better" protectors. And about Themida/VMProtect, as someone who wrote a script that automatically devirtualize Themida. As I said in the past, I still think that their VM is better than VMProtect. All the reasons were already listed in this thread.

Well guessing from the first post of the topic creator, he wants to use virtualization as protection (otherwise he wouldn't think about VMProtect or?). I didn't invest time in reversing Themida protected targets yet, neither code virtualized targets (but soon). Just from reading how Themida is using virtual machines as protections, with hybrid virtualizations like SHARK or EAGLE I would say that it's a better choice to go for Themida than VMProtect. Currently I'm working on VMProtect a lot in my free time, and what I can say that the VMs have a pretty straightforward pattern when it comes to the handlers. For me the biggest problem was actually the mutation of the assembly, but with compiler optimization techniques you can clean up the code pretty good and continue your analysis on the demutated code (which is one half the devirtualization process). The other half is pretty much identifying how the handlers work, analyzing them and translating them back but even this is dynamically possible with coding and I would think it's less effort than reversing the different themida vms. And if this isn't the case I would want to see a proof for that..

First you say Themida is trashtier, then you pick a far inferior packer and state that it is better..? People need to start realizing, that if you have no clue what you're talking about, you should either start your sentence with "I assume" or you shouldn't say anything at all. Silence is bliss. VMProtect is actually rather bad, as the virtual machine in VMProtect is really easy to crack. If you have to choose between Themida and VMProtect, you should always pick Themida. Why? Because Themidas virtual machines are much more advanced and much harder to crack than VMProtect. Themida was initially known for their CISC VM which was (at the time) very strong. It has since been defeated (by Deathway) and is now considered weak (since it's actually rather simple once you start to understand it). VMProtect's virtual machine is almost an exact replica of the Themida CISC VM featuring stronger obfuscation, and as such it works in the exact same way, which makes it (almost) equally weak. Since then, Themida developed the RISC machine (RISC64 and RISC128), which was against defeated by Deathway. They then proceeded to develop the FISH and TIGER machines, which features very new tricks such as complex combined handlers (FISH) doing multiple operations each instead of a handler for each operation like CISC had, and also internal (yet simple) cryptography. The TIGER VM is very similar to the FISH VM (since it is built on the same engine), but doesn't utilize the cryptographic internal registers, etc. Themida also features hybrid virtual machines, such as SHARK, which is FISH virtualized by TIGER, or PUMA, which is TIGER virtualized by FISH. The newest machine(s) from Themida is the DOLPHIN machine, which is yet another layer of complexity upon the newer FISH/TIGER engine, while also supplying a hybrid VM called EAGLE, which is FISH virtualized by DOLPHIN (if memory serves right). If you want to compare the complexity of the newer Themida VMs (e.g. EAGLE) vs. VMProtect's VM, you're probably looking at a complexity scale saying 15:1 or something like that. TL;DR Don't listen to the guys above, as they are completely clueless on the topic. Pick Themida if you have to choose between the two of them.

Here are 2 more unpackmes with Enigma 5.4. OEP is not virtualized so for you it must be easy to get the point. Original.rar

hook compileMethod like this HMODULE hJitMod = LoadLibrary(_T("mscorjit.dll")); if (!hJitMod) return; p_getJit = (ULONG_PTR *(__stdcall *)()) GetProcAddress(hJitMod, "getJit"); if (p_getJit) { JIT *pJit = (JIT *)*((ULONG_PTR *)p_getJit()); if (pJit) { DWORD OldProtect; VirtualProtect(pJit, sizeof(ULONG_PTR), PAGE_READWRITE, &OldProtect); compileMethod = pJit->compileMethod; pJit->compileMethod = &my_compileMethod; VirtualProtect(pJit, sizeof(ULONG_PTR), OldProtect, &OldProtect); bHooked = TRUE; } } .but how to hook the jitNativeCode and Compiler::compCompile method....

using C++ hook jit ! look here http://bbs.pediy.com/showthread.php?t=116218 sorry,my english just so so

The Carnal0wnage blog has put up a nice summary of Android hackme/crackme challenges for those interested. http://carnal0wnage.attackresearch.com/2013/08/want-to-break-some-android-apps.html Have fun! -------------------------------------------- Android App testing requires some diverse skills depending on what you're trying to accomplish. Some app testing is like forensics, there's a ton of server side stuff with web services, and there's also times when you need to show failings in programmatic protections or features which requires reversing, debugging, or patching skills.To develop these skills you need some practice targets. Here's a list of all known Android security challenges, both app level vulns and crackme-type (RE/patching):In some cases the write-up and challenge starter info is included, in other cases you might have to Google around as some of these CTF's are old.** Should you need some help with configuring an Android pentest / Crackme environment, cktricky and CG have already written some pieces on that: http://carnal0wnage.attackresearch.com/search?q=android **Android App testing requires some diverse skills depending on what you're trying to accomplish. Some app testing is like forensics, there's a ton of server side stuff with web services, and there's also times when you need to show failings in programmatic protections or features which requires reversing, debugging, or patching skills.To develop these skills you need some practice targets. Here's a list of all known Android security challenges, both app level vulns and crackme-type (RE/patching):In some cases the write-up and challenge starter info is included, in other cases you might have to Google around as some of these CTF's are old.** Should you need some help with configuring an Android pentest / Crackme environment, cktricky and CG have already written some pieces on that: http://carnal0wnage.attackresearch.com/search?q=android **Hacme Bank Android - Foundstone http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspxExploitMe Android - Security Compass http://securitycompass.github.io/AndroidLabs/InSecure Bank - Paladion http://www.paladion.net/downloadapp.htmlGoatDroid - OWASP and Nvisium Security https://github.com/jackMannino/OWASP-GoatDroid-ProjectIG Learner - Intrepidus Group https://play.google.com/store/apps/details?id=com.intrepidusgroup.learnerMoshZuk.apk Description - http://imthezuk.blogspot.com/2011/07/creating-vulnerable-android-application.html File - https://dl.dropboxusercontent.com/u/37776965/Work/MoshZuk.apkCrackme.de’s and deurus's Android Crackmes 1-4 ++ http://crackmes.de/users/deurus/android_crackme01/ http://crackmes.de/users/deurus/android_crackme02/ http://crackmes.de/users/deurus/android_crackme03/ http://crackmes.de/users/deurus/android_crackme04/ http://crackmes.de/users/pnluck/android_signme/Hackplayers.com Crackmes (in Spanish so an extra challenge) http://www.hackplayers.com/2010/12/reto-android-crackme1.html http://www.hackplayers.com/2011/12/reto-14-android-crackme2.htmlNuit du Hack's 2k12 & 2k11 (pre-quals and finals) Android Crackme’s http://blog.w3challs.com/index.php?post/2012/07/02/NDH2k12-wargame-CrackMe-Android http://blog.spiderboy.fr/tag/crackme/Hack.Lu's CTF 2011 Reverse Engineering 300 http://shell-storm.org/repo/CTF/Hacklu-2011/Reversing/Space%20Station%200xB321054A%20(300)/Androidcracking.blogspot.com's Crackme’s http://androidcracking.blogspot.com/2012/01/way-of-android-cracker-0-rewrite.html http://androidcracking.blogspot.com/2010/10/way-of-android-cracker-1.htmlBlueBox Android Challenge http://bluebox.com/labs/android-security-challenge/InsomniDroid Description - http://www.strazzere.com/blog/2012/03/488/ Partial Walkthrough - http://www.fortiguard.com/files/insomnichallenge.pdf (File) http://www.strazzere.com/crackmes/insomnidroid.apkCSAW2011 CTF Android Challenges Android 1 file - http://shell-storm.org/repo/CTF/CSAW-2011/Forensics/Android1%20-%20200%20Points/CSAW2011CTF.apk Android 2 file - http://shell-storm.org/repo/CTF/CSAW-2011/Forensics/Android2%20-%20400%20Points/CSAW2011CTF.apkDefcon 19 Quals b300 dex challenge http://shell-storm.org/repo/CTF/Defcon-19-quals/Binary_L33tness/b300/b300_b258110ad2d6100c4b8GreHack 2012 Reverse Engineering 100 http://repo.shell-storm.org/CTF/GreHack-2012/reverse_engineering/100-GrehAndroidMe.apk/Nullcon HackIM 2012 RE 300 http://www.nullcon.net/challenge/data/Null%20Mobile.apkC0C0N 2011 RE level 100 http://www.nullcon.net/challenge/c0c0n/data/cocon_apk.zipAtast CTF 2012 Bin 300 http://andromedactf.wordpress.com/2013/01/02/atast-ctf-2012-bin300chall5/SecuInside 2011 CTF Level 7 (level 3 is also android but i am unable to find the bin) Witeup - http://codeengn.com/archive/Reverse%20Engineering/Solution%20-%20CTF/2011%20SECUINSIDE%20CTF%20Write-up%20%5BCMU%5D.pdf File - http://big-daddy.fr/repository/CTF2011/SecuInside-CTF/Q7/WonderfulWidget.apk

Turn MethodInfo to DynamicMethod />http://blogs.msdn.com/b/haibo_luo/archive/2006/11/07/turn-methodinfo-to-dynamicmethod.aspx />http://blogs.msdn.com/b/zelmalki/archive/2009/03/29/msil-injection-rewrite-a-non-dynamic-method-at-runtime.aspx />http://www.lesuna.com/blog/net-21453-23556-33073-22771-26426-26680-24515-31243-24207-20195-30721/

Unpacked Use any long key to pass checks. GetMe_unp.zip