Jump to content
Tuts 4 You

Leaderboard

  1. Teddy Rogers

    Teddy Rogers

    Administrator


    • Points

      18

    • Content Count

      8,979


  2. kao

    kao

    Full Member+


    • Points

      17

    • Content Count

      2,358


  3. Xyl2k

    Xyl2k

    Full Member


    • Points

      12

    • Content Count

      119


  4. Kurapica

    Kurapica

    Full Member


    • Points

      11

    • Content Count

      862


Popular Content

Showing content with the highest reputation since 09/20/2020 in all areas

  1. So you want to download some releases from snd? alright let's see at snd.webscene.ir, the distribution section menu contain a link pointing at hxtps://keygens.pro/ Super, looks like there a lot of cracks over here! and the site is virus free, right? So let's pick something, i don't know, maybe 7-Data.Card.Recovery.1.1.keygen-SND hxtps://keygens.pro/crack/729775/ lol @ description on the page, didn't know reagan was from snd and born in russia Anyway we got redirected on a download page after clicking 'Download only Keygen' button, we have to fill a captcha and agree
    7 points
  2. Info: https://www.reddit.com/r/windowsxp/comments/iz46du/the_windows_xp_source_code_has_been_leaked_on/ Most of the torrent includes previous leaked data/files. But now claims to include the full source to Windows XP (looks like SP1 based on pics people have posted). If you plan to download this (42gig torrent) I'd seriously recommend a VPN.
    5 points
  3. Here are some of my keygen/crack GFX's / templates i've made on photoshop + WinASM studio these days : (1) https://imgur.com/vS71RaO (2) https://imgur.com/3fWUf30 (3) https://imgur.com/5YfB8Xg (4) https://imgur.com/2Bt54Ne (5) https://imgur.com/fDC4FfK (6) https://imgur.com/p4TBQ4J (7) https://imgur.com/gNOgPnR (8) https://imgur.com/vkwSQ01 Please note that PERYFERiAH team is not a warez group. It is actually a vlogging team since i was making vlogs in high school in the past. And the people of the PERYFERiAH (PRF for short) were actually my
    3 points
  4. Eric S. Raymond is either very naive or has been smoking some strong stuff... Microsoft is not going to abandon the only thing that differentiates them from Ubuntu. Windows kernel is here to stay for a very long time.
    3 points
  5. Comments by a developer inside the Windows Media Player source code pastebin.com/PTLeWhc2
    3 points
  6. What I find of most interest is the API index and any documentation that exist. Line comments in the code can tell you a lot about what was going on internally within Windows. I recall chuckling over things like this in code comments, "Certain lame apps (Norton Desktop setup)"... Ted.
    3 points
  7. 205 downloads

    I want to release a new tutorial about the popular theme Themida - WinLicense. So I see there seems to be still some open questions mostly if my older unpack script does not work anymore and the unpacked files to, etc. So this time I decided to create a little video series on how to unpack and deal with a newer protected Themida target manually where my older public script does fail. A friend of mine did protect unpackme's for this and in the tutorial you will see all steps from A-Z to get this unpackme successfully manually unpacked but this is only one example how you can do it, of course. S
    3 points
  8. @underthevoidDid you try downloading from this thread, most of the links from this thread is working for me. vnekrilov's thread Rar file I am not an expert in unpacking, but u may try compile your own small executable files and protect it with various protection options one at a time and analyze/compare with that original, that way you can learn what is happening with each protection options.
    2 points
  9. Search for the keyword: vnekrilov He published a set of scripts and tutorial covering pretty much all features of Asprotect. Tutorial was machine-translated from Russian to English but it was sufficient for learning purposes.
    2 points
  10. After spending three days i m still stuck at 4th challenge now i understand what it mean to be a reverse engineer. May be i will not solve all(or may be even the half of them) the challenge but i still try my best till the last day.
    2 points
  11. 2 points
  12. bleepingcomputer.com/news/microsoft/windows-xp-and-server-2003-compiled-from-leaked-source-code/
    2 points
  13. "App does not want to close, ask user if he wants to blow it away" Ted.
    2 points
  14. https://dev.to/gabbersepp/create-a-net-profiler-with-the-profiling-api-start-of-an-unexpected-journey-198n https://github.com/gabbersepp/dev.to-posts/tree/master/blog-posts/net-internals call-c-from-cpp debugging-profiler digging-into-callbacks how-does-profiler-work how-to-debug-with-windbg marshal-example net-bitness profiler-attach/code/DevToNetProfiler profiler-fn-enter-arguments profiler-fn-enter-leave-x64 profiler-fn-enter-leave stacktrace-linenumber/code/DevToNetProfiler write-net-profiler
    2 points
  15. With all respect to the efforts of the authors of the challenges, I advise you guys not to evaluate yourself or skills based on how many challenges of those you were able to solve, do it only for fun, it can be really depressing not to be able to pass some of the challenges, it's just a CTF in the end.
    2 points
  16. I never expected Tuts 4 You to keep going for nearly twenty years and here it is, not far off twenty. If I, and the site, are still around in another 50 years it will be an achievement worth celebrating... Ted.
    2 points
  17. 12,200 downloads

    A collection of tutorials aimed particularly for newbie reverse engineers. 01. Olly + assembler + patching a basic reverseme 02. Keyfiling the reverseme + assembler 03. Basic nag removal + header problems 04. Basic + aesthetic patching 05. Comparing on changes in cond jumps, animate over/in, breakpoints 06. "The plain stupid patching method", searching for textstrings 07. Intermediate level patching, Kanal in PEiD 08. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor 09. Explaining the Visual Basic concept, introduction to SmartCheck and configurati
    2 points
  18. You have to distinguish between unpacking and de-virtualization. For Unpacking you can mostly avoid full devirtualization, in fact it's common to dump and append the full VM to the unpacked file to easier circumvent antidump and other protections. This is done e.g. in some of the LCF-AT tutorials for Themida. With modern protectors you will also run into virtualization during api redirection, but here it's usually possible to trace execution and fish the wrapped API at specific locations ("press f9 16 times", etc.), thereby it's not necessary to fully defeat virtualization. All that is of
    1 point
  19. @ashoka_: that is a very good attitude! Every year we get some people who are just asking for answers. Sooner or later they get the flag - but they don't learn anything in the process. So, keep on working and learning!
    1 point
  20. Man, Flareon is for experienced reversers or at least those who are not just starting, I recommend that you start mastering the basics and familiarize yourself with the many concepts that you may need to understand, and come back next year to play those Flareon challenges, you will definitely score better.
    1 point
  21. So you are new to reverse engineering and your friend suggested Flareon ? you really have some good friends.
    1 point
  22. retroreversing.com/source-code/decompiled-retail-console-games bonus IBM will list its IT infrastructure services unit, which provides technical support for 4,600 clients in 115 countries and has a backlog of $60 billion, as a separate company with a new name by the end of 2021. reuters.com/article/us-ibm-divestiture/ibm-to-break-up-109-year-old-company-to-focus-on-cloud-growth-idUSKBN26T1TZ and you still cracking?
    1 point
  23. Just a little tip, JitDumper is good as long as you are running it against an executable which needs .NET 4.0 or earlier but once you start unpacking DLLs which require .NET 4.5 or higher, it will probably crash, so it's going to be obsolete sooner or later and a new approach will have to be created.
    1 point
  24. Thanks NOP i went with Elcomsoft in the end as i was having a few problems with hashcat and the tables. it is something i would like to come back to though as its something you need a few days to understand not the few hrs i have had, also would like to dig deeper into John the ripper. Cain and Abel wasn't that great as you say it's dated as is ophcrack Anyway i found the password within 10 minutes, it was a 40 character password, and much longer than originally thought and wouldn't be easy to guess as its random " Hj0KNmz2" exc... so it shows again passwords mean nothing if your us
    1 point
  25. Do you have a CUDA compatible GPU? It would be MUCH faster using GPU over CPU, C&A is an old app which, I think only officially works with XP, NT and 2000 and has been known not to recover some newer accounts / windows versions I recommend Hashcat, John the ripper or a pre rolled windows app which supports modern GPUs like the many from Elcomsoft 😀
    1 point
  26. When I was growing up, IT department was held responsible for all hardware misconfigurations and backup f*kups. In the new "Agile/DevOps age" they blame the hardware instead..
    1 point
  27. Heya, sorry I didn't see all the replies to this. Just happened to be cruising through, and remembered the thread. The VB6-specific code cache is at https://www.fortypoundhead.com/browse.asp?catid=122 Looks like y'all already found Github space for all of it. It's kinda of weird to discover my old stuff in there. Some of it I even forgot about, after all these years.
    1 point
  28. hmmm..things sound funky out there these days.. cheers B https://www.toptutorials.co.uk/games-cracker-empress-wants-to-crowdfund-denuvo-cracks-torrentfreak/ https://www.reddit.com/r/Piracy/comments/gqg4fc/why_did_codex_stop_cracking_denuvo_games/ https://torrentfreak.com/games-cracker-empress-wants-to-crowdfund-denuvo-cracks-200926/
    1 point
  29. romainthomas.fr/post/20-09-r2con-obfuscated-whitebox-part1/ bonus Really Atari ST? - os2museum.com/wp/really-atari-st/ - troll @ sqlite.org/copyright.html -> Buy button -> hwaci.com/cgi-bin/license-step1 Bringing Edge to Linux - venturebeat.com/2020/09/22/microsoft-edge-linux-developers-october-2020/
    1 point
  30. Your fear is unwarranted. Please post your link... Ted.
    1 point
  31. here's the keygen template from the first pic. the keygen algo is removed from the project. xm by zalza (low-pitched by me to sound better for the kg) KeygenTemp4.zip
    1 point
  32. Keep the source code bloopers coming, gotta love it
    1 point
  33. Okay a bit late but maybe this'll help somebody. Shellcode is not a vulnerability, it's the code that can be used to exploit a vulnerability. The vulnerability is something that executes the shellcode (like a buffer overflow, use after free or something else). Which is not supplied in the link. Writing shellcode does need the ability to write Assembly that a Reverse engineer has. So he could make shellcode (which is similar to inline patching). However RCE goes way deeper it is the skill to deduce function out of complex VM's, obfuscation, functions and what not. You can then use th
    1 point
  34. God bless you for this shit !
    1 point
  35. Like once every 10 years?
    1 point
  36. Yes, this is likely coded in PureBasic... 👍 Ted.
    1 point
  37. First of all, this crackme is version dependent, it only works with Python 3.8 x86. I don't have it installed, so I had to replace _pytransform.dll with the x64 equivalent downloaded from here to be able to run it with my x64 version of Python 3.8. By looking in the memory of python.exe and placing hardware breakpoints on write on an encrypted code of PyArmor (that starts with \x50\x59\x41\x52\x4d...) we can find a place in _pytransform.dll where it decrypts it to the actual marshalled code object of Python. It is a function at RVA 0x254D0. Then we have to deal with the second layer of Py
    1 point
  38. Fun challenge. I went for finding just the key algorithm rather than fully devirtualizing, but the code is pretty clear. Here some sample keys: Approach: Keygen.7z
    1 point
  39. Sure, i gonna release a unpacker for net reactor 6x soon.
    1 point
  40. In my opinion that solution will be acceptable only if the tool used is public.
    1 point
  41. It's a really good question. The answer really depends. Let me give you few recent examples. Example #1: Extreme Coders names the tools and explains HOW to solve the crackme. A lot of effort is required but all the tools can be found via Google. So I have zero issues with the solution. Example #2: Prab names the tools but no explanation is given. "x86 retranslater" definitely cannot be found not on Google. "Clean control flow" tells the obvious thing but it doesn't explain HOW to do that. What's the point of such solution? The only thing reader wi
    1 point
  42. 1 point
  43. If the only reason you want to learn RE is to have a unique skill for your resume/job application, you're very mistaken. Don't even try that. Anyone can learn to write (crappy) JavaScript/PHP/CSS in a few weeks and call himself/herself a "freelance web developer". Not everyone can become a reverse engineer - it requires a specific mindset and dedication. As for job positions, it really depends where you live and what your area of expertise would be. Analyzing malware requires a totally different skillset than finding bugs in hardware chips. Entry level positions usually are paid similar
    1 point
  44. Not necessary to unpack to get the key. Key: Steps :
    1 point
  45. Try ManagedJiterFr4 on NetBox 4.0; Plus ConfuserExFixer for removing wrong metadata; some stream left even after removing; You can't do anything without removing anti-tamper; which currently I can't! I've found this: https://github.com/BedTheGod/ConfuserEx-Unpacker-Mod-by-Bed/releases Is any connection with this?
    1 point
  46. Here, fixed that for you: "If the user is an idiot who disables all MS Office security settings, the malware will run automatically upon hovering over hyperlink." It's the same as to claim that office macro malware runs automatically if user has enabled office macroses - total nonsense and FUD.
    1 point
  47. PATCH BUTTON IS DEACTIVATED ! exe file is not crunched hi folks, last days i made 2 patches. This one use OGL. CODE & GFX: inc SOUND: dalezy Runtime Software DiskExplorer For Linux v4.36.rar
    1 point
  48. Ported to FASM diablo2oo2's snr patchengine and little search&replace patch example. snr_example_scr_fasm.zip
    1 point
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...