Jump to content
Tuts 4 You

Leaderboard

  1. CodeExplorer

    CodeExplorer

    Moderator


    • Points

      14

    • Content Count

      3,124


  2. Xyl2k

    Xyl2k

    Full Member


    • Points

      13

    • Content Count

      143


  3. whoknows

    whoknows

    Full Member


    • Points

      12

    • Content Count

      839


  4. kao

    kao

    Full Member+


    • Points

      11

    • Content Count

      2,393


Popular Content

Showing content with the highest reputation since 12/25/2020 in all areas

  1. Happy New Year 2021 For All members
    5 points
  2. Happy New Year and welcome to 2021! I hope we have a better year than 2020 and we get back to some normality... Ted.
    5 points
  3. That is it. Or c:\:$i30:$bitmap inside of a shortcut file would do the job. This will cause immediate corruption in Win10 builds 1803 or later. It will cause prompts to reboot to repair the disk and then chkdsk on boot will be unable to repair. This sounds quite dangerous as it makes downloading zip or rar archives and extracting them potentially harmful if they contain such a shortcut .lnk in them. https://www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/
    4 points
  4. I will release an update for the tool which allows the skipping of metadata writing errors!
    4 points
  5. 2021 and we are still seeing these lame bugs !
    3 points
  6. 3 points
  7. Have you installed and tried Intel Driver & Support Assistant? Let it find the appropriate up-to-date drivers for you. Alternatively, I recall an article last week rating something like Driver Genius 20 Platinum being good at finding drivers. I don't believe it to be free though. Ted.
    2 points
  8. Came across these Stylesheets and thought i would share, these are not created by me but look better than the cream, there are 10 different versions for most taste's, here's a sample of them h"""s://github.com/x64dbg/x64dbg/wiki/Stylesheets
    2 points
  9. Found it PSC_-_A-One_DVD_Ripper_6.34crk.xm https://www.youtube.com/watch?v=WT2ulyq5-_Y
    2 points
  10. There's an old DOS game called Cyberia which has this saying in it. Maybe they sampled it from that game: Please enter identification: https://youtu.be/8eXK76pvHFc?t=65 Welcome back to Cyberia: https://youtu.be/8eXK76pvHFc?t=74 May be a clue to help find it.
    2 points
  11. I congratulate everyone on the new year 2021. I wish you all the best in the coming year.
    2 points
  12. Happy New Year 2021 to everyone
    2 points
  13. 2 points
  14. Reverse Engineering the source code of the BioNTech/Pfizer SARS-CoV-2 Vaccine berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/
    2 points
  15. today powered by white wine @ 2015 ( ITA @tonyweb ) src - otondo.com
    2 points
  16. + nowdays, there are all these shits to deal with @ zdnet.com/article/firefox-to-ship-network-partitioning-as-a-new-anti-tracking-defense/
    1 point
  17. Just update drivers straight from the source like Intel or motherboard or hard drive manufacturer. These driver finding tools are a big nonsense, maybe for esoteric or totally obsolete hardware it could be worth a try. Anyway coders and reversers should be aware enough to be efficient and wise and use common sense. I've kept every driver up to date. Generally they get better, occasionally bad driver releases happen. But Microsoft playing with changes in Win10 builds which the hardware companies are not interested in keeping up with until it stabilizes is the cause of bugs. I've stopp
    1 point
  18. You probably want the chipset driver or other drivers for the intel platform you are using: https://downloadcenter.intel.com/product/53/Chipsets
    1 point
  19. Hi Here is a link i hop it can help you: https://www.lifewire.com/free-driver-updater-tools-2619206
    1 point
  20. HashPass ghacks.net/2021/01/21/hashpass-is-an-unconventional-password-generator-that-hashes-text-and-converts-them-to-strong-passwords/ Comparison between web browsers spyware.neocities.org/articles/browsers.html github.com/muslayev/icecat-win64 Malware found on laptops given out by government bbc.com/news/technology-55749959 Web hosting company is entering the tape storage techradar.com/news/this-web-hosting-company-is-entering-the-tape-storage-business Anyone know any funny programming jokes? news.ycombinator.com/item?id=25850739 How We
    1 point
  21. [Unity Asset] Obfuscator assetstore.unity.com/packages/tools/utilities/obfuscator-48919 ZuccNet – Encrypted Facebook Messaging github.com/tomquirk/zuccnet Linux and Powershell matteoguadrini.github.io/posts/linux-and-powershell/ Purism.Librem - take back control and protect your private information puri.sm/ let the shit running by Removing the timebomb from Adobe Flash Player gist.github.com/KuromeSan/56d8b724c0696b54f9f81994ae3591d1 Phantom Malware ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9186656 IObit forums hacked to spread ran
    1 point
  22. A path would immediately cause Windows 10 to crash and display a BSOD when entered into the Chrome address bar. When developers want to interact with Windows devices directly, they can pass a Win32 device namespace path as an argument to various Windows programming functions. For example, this allows an application to interact directly with a physical disk without going through the file system. Lykkegaard told BleepingComputer that he discovered the following Win32 device namespace path for the 'console multiplexer driver' that he believes is used for 'kernel / usermode ipc.' When o
    1 point
  23. Microsoft is like an incredible collection of 0-day's.. Microsoft...
    1 point
  24. after almost one year (https://forum.tuts4you.com/topic/42464-coronavirus-covid-19/page/2/?tab=comments#comment-203339) i've now reached 100M point 640×480 jpeg 62,7 kB
    1 point
  25. today powered by Sutto Chardonnay @ 2016 ( @tonyweb ) sutto.it/en/Prodotti/Sutto-chardonnay/ superB!
    1 point
  26. i cant deob the calli ; some new encryption may be ? but i reconstruct the exe with some old tools How i have done ====== 1. dotnet dumper with dont rename option 2. reconstruct blod , us , string with cff explorer (i used) 3. universel fixer for fixed some dummy pe 4. de4dot option --keep-names-d --keep-types 5. now we can reflect the code with lutz reflector 6. confuser codecracker tools 7. drop again de4dot with 45 error what ever now SIMPLE ASSEMBLY EXPLORER for crack CrackMe69420_C_Cracked.exe
    1 point
  27. Beautiful templates, and nice to see someone doing something in asm and thx for libv2 1.5, you might want to see this one who have a replay function https://forum.tuts4you.com/topic/33593-libv2m-v15-with-replay-function/ on KeygenTemp14 you would have just minors modification to make it work. invoke V2M_V15_Init,FUNC(GetForegroundWindow),offset theTune,1000,44100,1 ; v2m initialization with current window invoke V2M_V15_Play,0 invoke V2M_V15_Stop,0 invoke V2M_V15_Close
    1 point
  28. net_3_5_Debug.rar After hook jit i got results like this but i was lazy to clean it all so i just figured out password : testCode_ok just modify the tool i upload here dm me for more infos
    1 point
  29. View File DNGuard HVM Try to unpack or alternatively provide the secret key, URL, Name and Address Protections used: DNGuard Enterprice HVM 3.953 Good luck. Submitter Mohd Submitted 09/08/2020 Category UnPackMe (.NET)  
    1 point
  30. Test_App_-_Full_-_End_Encrptoin-Unpacked.rar --Not unpacked by me-- Hook jit and after use dng hvm unpacker by @CodeExplorer just update anti-eh anti-eh2 anti-jit Open hvmruntime.dll on ghidra and go to Export/VMRuntime and start analysing it
    1 point
  31. Console.WriteLine("Hello"); Console.WriteLine("This is unpackme"); Console.ReadKey();
    1 point
  32. Didn't notice much change, used the same techniques I used for v1, but unlike v1 here I kept your dynamic stuff. WindowsFormsApplication41.exe
    1 point
  33. you need win32 api to do this. Either you translate the semantics of that shellcommand to win32 apis and implement that in assembly, like done here: https://github.com/mmtechslv/killproc/blob/master/src/killproc.asm Or you use the system() api (or shellexecute) and use that in your code: https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/system-wsystem?view=msvc-160 system("taskkill / IM notepad.exe / F") The latter seems to be what you are looking for...
    1 point
  34. another keygen template made on xmas 2o2o the keygen algo is replaced with MirrorMe algo (from Canterwood's keygen template) v2m by Dafunk. Merry xmas 2 all tuts4you members around here KeygenTemp15.zip
    1 point
  35. ThreatNix has uncovered a large scale phishing campaign using GitHub pages and targeted Facebook ads that has affected more than 615000 users. The campaign is targeting Nepal, Egypt, Philippines along with a large number of other countries. threatnix.io/blog/large-scale-phishing-campaign-affecting-615000-users-worldwide/
    1 point
  36. @tonywebmust be drunk on that wine by now lol!
    1 point
  37. im new to this forum and would like to introduce myself, my name is Ahmed.. i hope all will be friendkly to me
    1 point
  38. awesome.vmp35_cracked.exe Every other portion of VMP is removed including CRC etc check. But still it will not run until we fix Delegates. It is still left
    1 point
  39. ILSpy mod by Medsft: NET assembly browser and decompiler, debugger, High and Low level Editor Project renamed. ILSpy NEXT. NET assembly browser and decompiler, debugger, High and Low level Editor Description: ILSpy (latest ILSpy public version 2.2.0.1737) -add debugger from the SharpDeveloper studio -add CopyFullyQualifiedTypeName.Plugin -add OpCodeTableForm -add to treeview contextmenu: - strong name utility - rename class utility - Jump to EntryPoint - string viewer utility (search enable) - extension exeecute utility (reservatio
    1 point
  40. https://httptoolkit.tech/blog/inspecting-android-http
    1 point
  41. I am considering to start using Code Virtualizer (mainly because it supports binary formats not only for Windows). Could someone share experience/impressions on this piece of software? If possible, how it stands compared with other code virtualizing obfuscators? Note: I found a paper "Comparing the Effectiveness of Commercial Obfuscators against MATE Attacks" (by several guys from Univerisites of South Alabama and Nebraska), where the Subj: is compared with VMProtect and Themida - I can guess the Code Virtualizer gained some attention, if it became a subject of study. Thanks in
    1 point
  42. awesome_msil_Out.exe Approach: 1. Necrobit is a jit protection, so we use Simple MSIL Decryptor by CodeCracker , and it shall be ran on NetBox 2. Code virtualization is a relatively new feature of .net reactor, added in version 6.2.0.0. Here is the approach i took (i did this about 6 months ago so my memory is kinda rusty ) : (Click spoiler to see hidden contents)
    1 point
  43. .NET Reactor v6.2.0.0 changed a few things. First, they added code virtualization which is not that hard because it's more straightforward than rest of code virtualization implementations that are in the market. You forgot to protect your code with this feature. Secondly, you can now hide your external and internal calls with their new "Hide calling" feature. You can use de4dot standard ProxyCallFixer1 to fix those delegates. Of course firstly you need to read them from initialization method but reading method is already implemented in the base version of de4dot (which is used for resources, s
    1 point
  44. Many years ago I wrote a software protector called MyAppSecured. Somewhere in the middle of porting it from Delphi to C++ I lost my interest in this project. Just found it on my HDD so I thought it might be helpful for someone. In short, the GUI of this protector is written in C++ and the protection stub in written in MASM. The C++ code loads a target in memory and adds 2 PE sections to it. One for the TLS callback code and one for the main code. The MASM stub will be written to those 2 sections. This protector has just 2 protection features: Analyze Immunity (anti-debug) and Me
    1 point
  45. Hello All 😁 this's my first post in Tuts 4 You , Hope it won't be the last 😅 Cmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries Based on Unicorn & Capstone Engine & javascript . https://github.com/Coldzer0/Cmulator this's a work of 3 months , and the Development is Active , the project is fully written in FreePascal 😎 i'm planning to port the project "C" so it last longer ( so we get more contributors ) . Hope you find it useful
    1 point
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...