Jump to content
Tuts 4 You


Popular Content

Showing content with the highest reputation since 12/19/2019 in all areas

  1. 3 points
    My English is very poor,So, I recorded a tutorial...HAHAHAHA 思路 脚本 var IAT_Statr var IAT_End var Temp_IAT Var bakup_EIP mov bakup_EIP,eip mov IAT_Statr,403000 //IAT表开始位置 mov IAT_End,403208 //IAT结束地址 bp 00414CA9 //85 C0 74 28 64 67 8F 06 00 00 83 C4 04 5F 5E 5B 8B E5 5D C2 14 00 GetAPIAddr: mov Temp_IAT,[IAT_Statr] cmp Temp_IAT,0 je INC_IATADDR cmp Temp_IAT,6FFFFFFF ja INC_IATADDR mov eip,Temp_IAT run mov [IAT_Statr],eax INC_IATADDR: add IAT_Statr,4 cmp IAT_Statr,IAT_End ja RETIATFIX jmp GetAPIAddr RETIATFIX: mov eip,bakup_EIP pause ret 教程(tutorial) https://mega.nz/#!AhFBCAzA!gCL_2iXmcvlwPCk8AQ31gSQbGEiulcdPpVBgKg8ke88 I hope it will help later people. CompareInfo_Obs_dump_.exe Obsidium unpack.7z
  2. 3 points
    Console example x64plgmnrc.exe -G "C:\x64dbg_root" // Set root path for x64dbg x64plgmnrc.exe -U // Update list from server x64plgmnrc.exe -S // Show list of plugins x64plgmnrc.exe -i x64core // Install last version of x64dbg x64plgmnrc.exe -i AdvancedScript // install AdvancedScript https://github.com/horsicq/x64dbg-Plugin-Manager
  3. 2 points
    @NOP you are correct, my bad, I misread. It may be possible, though never attempted it, if the USB thumb drive is partitioned in to two 16GB volumes? Ted.
  4. 2 points
    If you want a trimmed down version of Windows 10 opt for running Windows 10 LTSC 2019, excerpt from Wikipedia... Ted.
  5. 2 points
    Links like what you posted and things like this: https://www.prime-expert.com/articles/b31/how-to-install-windows-7-from-usb-3-0/ https://www.poweriso.com/tutorials/install-windows-7-from-usb-3.0-port.htm http://woshub.com/adding-usb-3-0-controller-drivers-to-windows-7-install-media/ All explain how to create proper bootable USB drives for USB 3.0. You can find the boards USB driver on their site as well for Win7 here: https://www.asus.com/us/Motherboards/PRIME-H310M-E-R2-0/HelpDesk_Download/
  6. 2 points
    Some time ago I found C source for playing the oldschool Reality AdLib Tracker (.rad) tunes, after a while of compiling and experimenting I managed to get a simple working delphi player. + no external dlls + no hassle compilation + music file embedded inside + fairly small size cca 50kb (not packed) Hope somebody finds it useful. RadPlay.zip
  7. 1 point
    The morse code translates to "298,498,108,400,376,118" so you will have to calc the Collatz conjecture for each one of those numbers 298 : 149, 448, 224, 112, 56, 28, 14, 7, 22, 11, 34, 17, 52, 26, 13, 40, 20, 10, 5, 16, 8, 4, 2, 1 498 : 249, 748, 374, 187, 562, 281, 844, 422, 211, 634, 317, 952, 476, 238, 119, 358, 179, 538, 269, 808, 404, 202, 101, 304, 152, 76, 38, 19, 58, 29, 88, 44, 22, 11, 34, 17, 52, 26, 13, 40, 20, 10, 5, 16, 8, 4, 2, 1 108 : 54, 27, 82, 41, 124, 62, 31, 94, 47, 142, 71, 214, 107, 322, 161, 484, 242, 121, 364, 182, 91, 274, 137, 412, 206, 103, 310, 155, 466, 233, 700, 350, 175, 526, 263, 790, 395, 1186, 593, 1780, 890, 445, 1336, 668, 334, 167, 502, 251, 754, 377, 1132, 566, 283, 850, 425, 1276, 638, 319, 958, 479, 1438, 719, 2158, 1079, 3238, 1619, 4858, 2429, 7288, 3644, 1822, 911, 2734, 1367, 4102, 2051, 6154, 3077, 9232, 4616, 2308, 1154, 577, 1732, 866, 433, 1300, 650, 325, 976, 488, 244, 122, 61, 184, 92, 46, 23, 70, 35, 106, 53, 160, 80, 40, 20, 10, 5, 16, 8, 4, 2, 1 400 : 200, 100, 50, 25, 76, 38, 19, 58, 29, 88, 44, 22, 11, 34, 17, 52, 26, 13, 40, 20, 10, 5, 16, 8, 4, 2, 1 376 : 188, 94, 47, 142, 71, 214, 107, 322, 161, 484, 242, 121, 364, 182, 91, 274, 137, 412, 206, 103, 310, 155, 466, 233, 700, 350, 175, 526, 263, 790, 395, 1186, 593, 1780, 890, 445, 1336, 668, 334, 167, 502, 251, 754, 377, 1132, 566, 283, 850, 425, 1276, 638, 319, 958, 479, 1438, 719, 2158, 1079, 3238, 1619, 4858, 2429, 7288, 3644, 1822, 911, 2734, 1367, 4102, 2051, 6154, 3077, 9232, 4616, 2308, 1154, 577, 1732, 866, 433, 1300, 650, 325, 976, 488, 244, 122, 61, 184, 92, 46, 23, 70, 35, 106, 53, 160, 80, 40, 20, 10, 5, 16, 8, 4, 2, 1 118 : 59, 178, 89, 268, 134, 67, 202, 101, 304, 152, 76, 38, 19, 58, 29, 88, 44, 22, 11, 34, 17, 52, 26, 13, 40, 20, 10, 5, 16, 8, 4, 2, 1 but It's not clear what is needed to be summed, the whole sequences or the number of elements in each sequence or ?
  8. 1 point
    The slower SATA speed compared to the PCIe in general, however in your case, because of the chipset limitation that cause that M2 port to operate as PCIe 2.0, this difference is not that big practically (you will get ~800MB/s with a PCIe or ~500 MB/s with a SATA) One of your ports (SATA_2) will be disabled in this scenario and his resource used for the M2 SATA SSD, anything connected to that specific port will not work anymore, you'll have to connect to one of the remaining three. No, guest OS only "sees" the virtualized hardware the host creates for him. Your configuration is main OS Windows and on top of that some type 2 hypervisor (VMware, VirtualBox), so nothing to worry about... Out of curiosity, while it's perfectly fine to use an M2 SSD, any reason why you don't use a normal SSD? I only use these when I must (laptop and such), plus in your case the speed improvement is something like 2:1 with a PCIe M2 SSD or even none with a SATA one.
  9. 1 point
    M.2 (old equivalent name Next Generation Form Factor - NGFF), is a specification for expansion cards and their connectors. M.2 connectors on the host (motherboard) are called sockets, a "Socket 3" type is a socket used for SSDs that use SATA or PCIe. Keys are used to prevent insertion in a wrong socket. Most common for SSDs are B, M or B+M. SATA M2 SSDs are normally B+M "keyed" (they can be inserted in a B or M key socket) PCIe M2 SSDs are normally M "keyed" (they can be inserted in a M key socket only) This can be easily check from the drive specs and from the drive image comparing with the image attached. 2242/2260/2280 refers to the dimensions, these three are the standard ones, "22" is the width mm, last two the length Your motherboard has an "M key" socket that will allow insertion of any SATA (B+M "keyed") or PCIe(M "keyed") SSD M2 card (if your socket would have been of B key type for eg, you could have not used a card keyed for M = PCIe, only SATA one). Also, the specs of the chipset (H310) in your motherboard and the specifications of the motherboard posted by you are clarifiying this: "both SATA & x2 PCIE mode". In my prev post I already explained the lower speed and why with PCIe and the BIOS option thing. Maybe you could simply link the SSDs you have in mind.
  10. 1 point
    Your mobo chipset (H310) supports both M2 SSD types (SATA and PCIe), as also described in the mobo specs "1 x M.2 Socket 3, with M Key, type 2242/2260/2280 storage devices support (both SATA & x2 PCIE mode)". That BIOS option is likely there to force a mode already, I can only guess to be useful for when the card is for some reason not properly detected or for shortening the detection time. Keep in mind that your PCIe mode will be PCIe 2.0 as already noted in the specs "Due to the Chipset limitation, when a M.2 device is installed in PCIe mode, the socket is set to PCIe 2.0." which translates in less transfer speed, up to 1000MB/s in theory (2 lanes, PCIe 2.0), I would expect more like 800 or so. But since this is a desktop PC and since you already seem to want the SATA type of M2 SSD, I would also go with a normal 2.5" SSD disk format with a 3.5" adapter, as previously suggested.
  11. 1 point
    You can use GPT with x64 and 32-bit Windows versions. But MBR only with 32-bit. So if you change your mind, you do not need to revert GPT back to MBR and can keep it. I have not seen any major downside at all with GPT. It should be just fine as a permanent conversion beyond needing to run extremely old OS and the like. Of course GPT -> MBR is always possible with special tools if you really need it. For ideal performance you would get an M2 SSD like a Samsung EVO 2GB and be done with it. Of course this is very much the most expensive but also most fast option. Alternatively, you could opt for a small M2 SSD for the OS and apps, and put your data on a slower PCI SATA drive which is what I do. 256GB has been enough for my SSD at the moment. Of course you need to make sure that the form factor is properly matching before ordering. You can probably get a less mainstream brand one for quite cheap as you mentioned. Otherwise you can just use the PCI SATA drive for everything though the speed increase from using SSD is worth it IMO in the price vs performance tradeoff right now. In fact for modern OS and heavy use its basically a must.
  12. 1 point
    @atom0s : no offence but you should probably try the advice before giving it.. dnSpy/dnLib/de4dot have switched to SDK-style projects. Removing nuget reference is trivial. Adding dnlib project to the dnspy solution and making it compile is not. There are no build dependencies in SDK-style projects, libraries can (and do) target different platforms and it all is one unholy unmaintainable mess. I spent last hour trying to do what you suggested and I've still failed to make it compile. If you manage to build it, would you kindly post the required steps so that I can do that too?
  13. 1 point
    VVVVVV is now open source - https://github.com/TerryCavanagh/VVVVVV Huge archive of abandonware games for various platforms: https://oldgamesdownload.com/
  14. 1 point
    The SATA6G_2 Port is not disabled - it's running in "Shared Mode". About the pictures you've posted .. the second one is a NVMe which your board doesn't support. I bought a NVMe (Samsung EVO 970) for my ROG Maximus XI Hero (Z390) Speedwise (price/performance) i recommend PATRIOT - stay away from the very cheap stuff The difference between NVMe and SSD .. check the screens // If you're still having issues with booting and whatnot .. i can probably help you 'auf deutsch'
  15. 1 point
    I think this is a Microsoft design decision to try to force people to migrate (GPT allows more than 4 logical partitions unlike MBR and is considered superior for this reason despite it not always being necessary - but with a boot partition, EFI partition, Windows partition, OEM recovery partition and then another OS partition you are already at 5). Though technically UEFI must support MBR booting to be standards compliant as far as I have found: "Windows can only boot from GPT on UEFI-based computers running 64-bit versions of Windows 10, 8, 7, Vista, and corresponding server versions." So as a cost of going to 64-bit you will have to use an MBR -> GPT utility before installing. I think it can be done without copying or losing data as its mostly changing some partition sectors at the top of the disk. EaseUS Partition Manager I think can do it as someone mentioned above. Update: https://www.easeus.com/ppc/partition-manager/convert-disk-partition.html MBR and GPT Disk Conversion Mutually convert disks between MBR and GPT in a simple way without deleting the partition Also Windows 10 even has a utility in the system32 directory called mbr2gpt.exe which I think does not cause data loss either. Obviously Microsoft does not offer the other direction like EaseUS because they are pushing people towards GPT. For your question about keeping only 2 partitions, this is not possible as Windows will make an EFI partition and a dummy space partition. But these are relatively small and do not effect your 2 primary partitions. Sometimes even a recovery partition appears. Many OEMs also put factory reset recovery partitions. If you are not very careful and do not have some very good tools on USB keys for manual low level system recovery, its always a good idea to back up first though. But you can go GPT -> MBR and MBR -> GPT without data loss quite easily. Whether the system boots properly after is another story. But if you are totally ready do the conversion and after just install Windows 10 64-bit off the USB its probably enough and don't need to worry about the intermediate boot state. It also helps to be an expert at Windows 10 recovery command prompt - you can run regedit from there and mount the SYSTEM hive in c:\windows\system32\config and make changes that can make a broken system working in a whole slew of driver or drive letter type related issues. I have recovered countless times in this painstaking way when doing complicated migrations. Also, should master and understand bcdedit, among other things like how the boot process order goes and such. diskpart is always pretty useful in some situations. bcdboot and bootsect also come in handy at other times.
  16. 1 point
    It's been a while, here is some new graph related to zbot (warning, they are heavy) Zbot graph: https://www.virustotal.com/graph/embed/gf288663e9d4245c7b8384b9ab36b64f41b58a7df62a145e3ad643bfe140ffb02 (4k nodes) With some additional details related to Microsoft citadel sinkhole operation. CCAM (atmos monitoring): https://www.virustotal.com/graph/embed/g5edbfcddab834a59a105964ffdc24492b03a6a5ab4824cca96949cd0d9a3395b With some details about in the wild locations.
  17. 1 point
    Using grub4dos you can create an MBR USB drive with as many ISOs on it as will fit so long as they are not fragmented (contiguous). However for UEFI, you can only have one ISO loaded at a time. However there are tools which use MBR mode to select the ISO, and then when booted in UEFI mode will boot the selected ISO. Its a bit complicated and it can be done with easy2boot. However if you want to change which ISO is booted, you will have to use a hotkey at start up to select the start up mode, or go into BIOS to change the MBR/UEFI start up. Its all a bit annoying and complicated but its the most versatile way in modern times to create a very useful USB toolkit.
  18. 1 point
    @LCF-AT Yes, you can do it. Use EaseUS Partition Master Orthodox
  19. 1 point
    You haven't backed anything up before doing any of this? ( You are braver than me 😨 ) i cant understand German in the video to see what your problem is, but if there is no solution for install and you have a desktop PC and another hard drive you could install win10 on other HD and use your current HD as a slave to copy data across to recover your files EDIT: It seems you can use mbr2gpt.exe /allowFullOS from command prompt to convert MBR to GPT without losing data if that is your problem?
  20. 1 point
    This is another nice piece of code, maybe old but very interesting, 100% guaranteed Speaking of mutation engines, who doesn't remember the great DAME by Dark Avenger? Here is the full source code DAME.ASM
  21. 1 point
    Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are. SPE32 allows you to encrypt any data and generate a unique decryption code for this data. The encryption algorithm uses randomly selected instructions and encryption keys. https://github.com/PELock/Simple-Polymorphic-Engine-SPE32 Sample polymorphic code in x86dbg window: Another polymorphic code mutation, this time with code junks
  22. 1 point
    I use Zonealarm, you can stop all internet activity at the click of a button I have tried a lot of FW over the years but I prefer the app control of ZA
  23. 1 point
    You will have to be more specific. Look here for more details on vmp crc: https://forum.tuts4you.com/topic/36653-devirtualizeme-vmprotect-2135 https://forum.tuts4you.com/topic/36991-inlineme-vmprotect-isvalidimagecrc
  24. 1 point
    Well, you got the deobfuscated crc routine correct. Out of interest, what did you use to deobfuscate it? There are different types of crc checks in vmp, the two most common ones 1. vm-embedded ones. here the correct crc is hardcoded into the vm-opcodes. 2. table. here vmp stores a large array of sections to check crc for. it stores an array of {address, size, correct_crc, some other things} and just checks every entry. Note that in both cases there are chained checks, so the table or the vm-opcodes are themselves crc protected by another crc check. Try searching the forum, there were several discussions regarding vmp crc before iirc.
  25. 1 point
    Have you disabled any UWP services, Windows core processes and/or used something like ShutUp10 to change privacy controls? There could be a few reasons for the exception, possibly calls to UWP are not being correctly sent or terminated early. Ted.
  26. 1 point
    I only use x64 now so cannot test for you sorry That's probably a good idea, I would install x64 and see how you get on
  27. 1 point
    It's def possible, there are many CD / DVD versions of bootable media with many versions of Windows. I'm sure from USB will be similar A quick search brought up these guides on how to do it... https://www.howtogeek.com/262944/how-to-create-a-master-installation-flash-drive-with-multiple-versions-of-windows/ https://smyl.es/tutorial-how-to-build-the-ultimate-custom-usb-drive-with-multiple-bootable-installs-for-windows-and-linux-and-portableapps-for-windows/
  28. 1 point
    I don't think you will be able to dual boot 32/64 from a 32GB thumb drive as the minimum requirement for a Windows 10 install is 32GB. Running a Windows 10 install from a slow thumb drive and/or USB 2.0 will be painful. Do you have another hard drive you could dual boot with? Ted.
  29. 1 point
    64-bit is definetely advantageous almost no reason to use a 32-bit OS anymore besides some special driver issues as mentioned - compatibility, debugging and so forth. 64-bit can address more than 4GB RAM and native 64-bit apps can be faster than their 32-bit counterparts as obviously double the execution bandwidth for instructions operating on numeric data but not always as it depends on execution context. But generally the smart approach is a 64-bit OS and all 64-bit apps and 32-bit apps where a 64-bit version is not available (for example Visual Studio for whatever reason has dragged their heals on a native 64-bit build with still no plans to port it despite numerous requests). Oh, and also 64-bit OS allows the processor to use virtualization modes which can better support VMs. Personally I find 32-bit assembly a lot more readable than 64-bit however. But this is not an issue again unless dealing with driver-level stuff or in the case a 32-bit build is not available for an only 64-bit binary.
  30. 1 point
    Not sure if you realize this but 32bit apps run fine on 64bit systems. Windows, for example, has a layer built in to allow this all seamlessly. https://docs.microsoft.com/en-us/windows/win32/winprog64/running-32-bit-applications Windows also has compatibility modes to help with running older apps that expect certain subsystems. (Win XP, Vista, 7 etc.) The main reason you may run into issues with say, old unpacking related things is due to driver signing enforcement on newer Windows versions. You can either manually sign said drivers, or disable the enforcement if you absolutely need/want to run things that old. You can also run things in a VM if you need to still have an actual instance of an older 32bit OS running too.
  31. 1 point
    Driver manufacturers are lessing their load by no longer supporting platforms that are basically dead. Both Intel and AMD no longer create 32bit processors for the mainstream market. (Only for embedded systems and similar now.) So there isn't really a reason/means for manufacturers to continue making drivers for platforms they are not intended for or target with their hardware. In a lot of cases you'll see that hardware will specifically state it requires 64bit OS's now too, and not just software with that requirement. That isn't to say you can't find any 32bit versions of things though, there are manufacturer specific implementations of drivers to support said systems as well as older OS's but generally the hardware manufactuer isn't the one supporting it. There's also no guarantee using random drivers from other places will work even if its for the same purpose. Would recommend you use 64bit Windows given that you have the hardware to support it.
  32. 1 point
    There are 32bit drivers available HERE , are any of those compatible?
  33. 1 point
    download it. http://www.wepe.com.cn/
  34. 1 point
    Note: a simple google search for "Intel LGA-1151 chipset driver" yields first result: https://downloadcenter.intel.com/product/90591/Intel-Z170-Chipset. On that page is probably exactly what you want: Intel® USB 3.0 eXtensible Host Controller Driver for Intel® 8/9/100 Series and Intel® C220/C610 Chipset Family Installs Intel® USB 3.0 eXtensible Host Controller Driver (version for Intel® 8 Series/C220 Series Chipset Families and 4th Generation Intel® Core™ Processor U-Series Platform. Driver Windows 7, 32-bit* Windows 7, 64-bit* Windows Server 2008 R2* Latest 9/28/2018 Then go here: https://downloadcenter.intel.com/download/22824/Intel-USB-3-0-eXtensible-Host-Controller-Driver-for-Intel-8-9-100-Series-and-Intel-C220-C610-Chipset-Family?product=90591 Then download your driver: https://downloadcenter.intel.com/downloads/eula/22824/Intel-USB-3-0-eXtensible-Host-Controller-Driver-for-Intel-8-9-100-Series-and-Intel-C220-C610-Chipset-Family?httpDown=https%3A%2F%2Fdownloadmirror.intel.com%2F22824%2Feng%2FIntel(R)_USB_3.0_eXtensible_Host_Controller_Driver_5.0.4.43_v2.zip Then slipstream with dism after mounting the WIM file on the USB drive. Boot off of it and install. Hope it helps. Oh and for more information on identifying your chipset since its probably not Z170 - but almost certainly uses the same drivers as Intel tries to bundle many chipsets into single drivers and that covers many series, but see here for more info: https://en.wikipedia.org/wiki/LGA_1151. There are other ways in XP you can try to identify your chipset like CPU-Z, etc. But ultimately Intel's driver site will have the right driver, if that was the wrong one then slipstreaming it simply won't have any effect when you try to install otherwise it will work perfectly as the hardware ID will be in the driver. Also it could not hurt to make sure you have the v1007 BIOS driver as given in the ASUS link above. Sometimes USB3 compatibility fixes are in those BIOS updates. Always best to update BIOS first IMO.
  35. 1 point
    There also exists the possibility to add a driver into a Win7 x86 image. This can be done using dism.exe add-driver option after mounting the WIM file and so forth. There are plenty of guides on this (not sure maybe the ones above). If your USB controller is integrated into the motherboard which since you cannot find a driver it likely is. Then you can just slipstream the whole chipset driver for the motherboard. Somewhere in the chipset driver, there will be the USB 3.0 driver. AFAIK, this is not a USB issue, but a Windows lacking a driver issue hence the route I mention. Probably very similar to the guides above. I have done this before with SCSI and RAID drivers and such and it has resolved any error messages when done correctly. You can probably mount the WIM file right on the USB drive as well. No need for rufus as if this is a Windows driver-level issue, the normal USB installer should be just fine. Just slipstream the correct latest Win7 x86 chipset driver and off you go.
  36. 1 point
    Rufus states... else you could try an old version http://olddownload.com/rufus-usb/?windows=XP
  37. 1 point
    try using https://rufus.ie/ set gtp for uefi or mbr when creating usb boot , for uefi to needs gtp partition cheme
  38. 1 point
    Could have sworn I read they released a few more repacks of fully removed games afterward. May have misread something then. Either way still really nice to see them fully remove everything and it does appear to be working for everyone that has checked it out. Handful of vids on YouTube covering it and testing/comparing performance of both releases.
  39. 1 point
    h__ps://my-files.ru/ol3d5q pass: exelab + Find method by RVA
  40. 1 point
    https://github.com/DefCon42/op-mutation decided to release the source because it's a neat example of a practical application of linear algebra yes, i know the code does not look great and there's blatant violations of like every standard ever no, i won't change that :^) note: only works with relatively simple operations. add, sub, not, etc will work but higher order operators like multiplication and exponentiation will not
  41. 1 point
    [*] Changed the text How I did it? [*] Added +1 to sum factorial How I didt it? For now that the addresses are well know you can easily calculate the string value and change edit these reg values by patching the exe so it always return what ever you want.
  42. 1 point
    For Harmony You need to load Target executable to the current domain in other words you need to create application loader. The Step: 1. Create new WinForms (loader) - Add reference to 0Harmony.dll and Target.exe - Add button, name it btnOpenApp with click handler private void btnOpenApp_Click(object sender, EventArgs e) { AssemblyName assemblyName = AssemblyName.GetAssemblyName(@"c:\path\to\Target.exe"); var assembly = Assembly.Load(assemblyName); var methodBase = assembly.ManifestModule.ResolveMethod(assembly.EntryPoint.MetadataToken); // do the patch Harmony.Patch(); // Open the Target new Thread(() => { // assume method entry point is static and doesn't have parameter methodBase.Invoke(null, null); }).Start(); } 2. Create class Harmony.cs using Harmony; using System; using System.Reflection; using System.Windows.Forms; namespace YourWinformsNameSpace { internal static class Harmony { public static void Patch() { HarmonyInstance h = HarmonyInstance.Create("test.patch.by.ewwink"); h.PatchAll(Assembly.GetExecutingAssembly()); } [HarmonyPatch(typeof(Target.FormClass), "calculate")] [HarmonyPatch(new Type[] { typeof(int), typeof(int) })] public class Patchcalculate { static void Prefix(int num1, ref int num2) { MessageBox.Show(string.Format("Second param {0} will be patched to 7", num2)); num2 = 7; } } } } The above will patch second parameter for calculate method to 7. make sure target Framework and CPU is match.
  43. 1 point
    virustotal at my door and a small graph about a mbr ransom generator, lot of samples, few itw urls. https://www.virustotal.com/graph/embed/g1eff513400894f7c8930f6e4200093ecd13d231f1d204b8e84e6c8c89481e2bb
  44. 1 point
    Difficulty : 3 Language : Delphi Platform : Windows X86 OS Version : XP and above Packer / Protector : Enigma Protector 5.2 Description : Small unpackme for you guys to try. Screenshot : Enigma Protector 5.2 unpackme.rar
  45. 1 point
    Language : C# Platform : Windows OS Version : Windows 7 Above Packer / Protector : ConfuserEx Plus Extra Description : Provide key, how? UnPackMe.7z
  46. 1 point
    Above post has mistaken explanation of 2nd CHECK, correct explanation, full write-up, keygen sources and binary are HERE, and also keygen binary attached to this post. Valid NAME:KEY pairs examples: bigben:4aWfjhuWTgv6NSM2 impossible:tbxCCxODKA5M7XWB P.S.: also there is forum topic about this task on main post-soviet reverse-engineering forum - LINK. P.P.S.: @lostit, thank you for this challenge. Keygen.exe
  47. 1 point
    Difficulty : 7 Language : Assembler Platform : Windows x32 OS Version : All Windows Packer / Protector : None and No Crypto Description : Rules : No Patch , No Brute.. Only Keygen or Valid Serial... This KeyGen Me is a little hard for non Math Knowers . I think Bruteforce and Self-Keygen is not possible. You must solve the Mat Function to the write a Keygen. i Wish good luck and have fun to solve the KeygenMe Best regards.. Screenshot : s3rh47&x0rz-KeygenMe_new.rar
  48. 1 point
    Name: John Key: 123456¦789013¦6AA445¦2EF70A i am sorry, but atm i have no time to code a keygen, maybe later difficulty is maybe a bit overrated just found a bit time, thanks for challange Sol_KGNme_s3rh47&x0rz.rar
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
  • Create New...