Jump to content
Tuts 4 You

Leaderboard


Popular Content

Showing content with the highest reputation since 05/17/2019 in all areas

  1. 5 points
    Download: https://github.com/horsicq/pex64dbg/releases Sources: https://github.com/horsicq/pex64dbg More Info: http://n10info.blogspot.com/2019/05/pe-viewer-plugin-for-x64dbg.html
  2. 2 points
    @LCF-AT Open T:\Program Files\brave\73.2.17.13\brave_resources.pak to a hex editor (dont try w/ notepad++) ASCII search for : brave_new_tab.js replace it with arave_new_tab.js or whitespace whole @ : <script src="chrome://newtab/brave_new_tab.js"></script> tested & working greets @NeWOT
  3. 2 points
    Embarrassing. Don't trust anything that looks like a pregnancy test kit... Ted.
  4. 1 point
    @LCF-AT alternative, if u like to have the status labels etc. w/o bgimage @: you can search @ T:\Program Files\brave\73.2.17.13\brave_resources.pak for : background-image: url(${e=>e.background}); and whitespace it. -- this is the brave_new_tab.js (694kb) each time new open a new tab, loads this!! https://www17.zippyshare.com/v/Ufg3tbew/file.html
  5. 1 point
    Themida removed (dumped and fixed) still protected by eazfuscator i don't know how to devitualize it but i guess it can be unpacked without debugging, so here your Anti debug has no sense in this protection someone can continue CrackMe Themida removed.rar
  6. 1 point
    I made a small tutorial (originally published on Training Circle forum) about keygenning a recent ATM malware sample who passed our gate. this is addressed to beginners. keygenning.dispcash.19.tutorial.zip
  7. 1 point
    do you even google? https://superuser.com/a/1266695
  8. 1 point
    Sometimes I think Opera is run by a bunch of idiots. I've been using Opera since it was built on Presto engine. They break old versions compatibility without a blink of an eye, I have lost my favourites countless times by upgrading previous version of Opera, it was gone like that - hundreds of bookmarks, since then I have stopped using it at all. Then I have switched to this Chrome based version (just because I was too used to right mouse gestures) and I hate it, they change colors like this pink shit, they change the way startup window is shown (speeddial), they have added some artificial animations after opening a new tabs, it's not possible to assign keyboard shortcuts to many actions (why?). I have contacted with them on their Twitter support many times with bug reports, filed their forms to report bugs - no response at all... You should see their support forums, many people are upset about their "breaking changes" and they don't do anything about it. I'm thinking about moving to Vivaldi, looks like much more customizable version.
  9. 1 point
    Heres the unpacked file found an old unpacker i had which worked on this file (i wont share) Metadata could be cleaned some more but here it is UnpackedBed.exe
  10. 1 point
    You got to start ManagedJitterFr4 (for Confuser) on NetBox 4.0; after that just Jit button when the first assembly is logged - first assembly is the main assembly.
  11. 1 point
    After using ManagedJiterFr4 on NetBox 4.0 some metadata streams got corrupted so I got to restore them; I've just have to change first method called which is anti-tamper to 062A (a simply return). For removing invalid streams the strategy is to first set number of streams to a smaller size like 8. #US with a space at the end (" "); yoi don't seems to be a valid stream! Here is a partially unpacked exe: https://www118.zippyshare.com/v/liRTdnBO/file.html It uses delegates!
  12. 1 point
    Just a quick thought/idea ... did you try to put/apply owner-draw flag also for menu item in resources? This way it should send/call the WM_MEASUREITEM for every items and your processing should be the same. [EDIT] Sorry, re-reading your message, you're already using ownerdrawn flag for your menu in resources ... so my previous answer is not useful. Anyway, itemData is a "place" to put custom information and, by default, as far as I remember, it should be empty/uninitialized and/or system-reserved ... unless you put something in it. That's why you actually *have to* modify the resources' menu to set it explicitly. I found this maybe useful quote: https://docs.microsoft.com/en-us/windows/desktop/menurc/using-menus You created popup menu straight by code, right (not using resources) ? You could use the SetMenuItemInfo (as suggested in the quoted link) to set only the itemdata ... without having to re-set the item text again. -- It's a lot I don't play with this stuff, so everyone is very welcome to correct me Best Regards, Tony
  13. 1 point
    To get unpackmeplease.dll and yes.dll i've just use WinAPI CopyFileA in target process, and after i use standard method to set new Content in component after initialization.
  14. 1 point
    Run the target first with NETBox so won't kill .NET PE. Dump with MegaDumper. In dumped exe change Image Base to 400000 Fix relocation with Universal Fixer Native DLL UnpackMePlease.dll missing: DllSaver break if module contains UnpackMePlease Unpacked exes: https://www112.zippyshare.com/v/26CxsdFV/file.html
  15. 1 point
    https://github.com/Pigrecos/Z34Delphi My new repository for using Z3 in delphi(porting z3 c api to delphi). I tried and there were no tools for symbolic execution in delphi
  16. 1 point
    Unpacked Use any long key to pass checks. GetMe_unp.zip
  17. 1 point
    time consumed is 10 seconds plus however long it took to find his devirtualizer
  18. 1 point
  19. 1 point
    thought I would post this since it's extremely useful for working on some embedded targets. the basic principle is you use a cheap logic analyzer to intercept read requests to the chip ( usually from the microprocessor of your target ) since some designs they store special information in small chips on PCB, like serial number, password, settings, etc. after the CPU reads all the addresses its interested in over the SPI or I2C bus your logic analyzer sees the waveforms and captures the data. then this utility will convert the logic analyzer file to a binary dump of the chip by reconstructing the flash memory contents so you can see what's inside and load into IDA. very useful source code and intro https://github.com/alainiamburg/sniffROM/wiki/Getting-Started https://github.com/alainiamburg/sniffROM
  20. 1 point
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up
×
×
  • Create New...