Leaderboard

ByUndefined Protector Anti Debugger Anti Dump Anti Tamper Anti Memory Anti Dll Inject Anti ILDasm Resources Compress String Encrypt ControlFlow Virtualization Renamer Merge Dll Add Task: Unpack

Hey there! I made this KeyGenMe because I enjoy playing chess. This challenge is written in .NET and involves some mathematical operations, mixed with a few chess-related twists. Your task is to figure out the logic behind generating a valid serial key based on the username you enter. But be warned—it’s not as simple as just moving a pawn forward ( maybe a hint ) Protection used : None. Goals : 1. Provide valid combination for Username - Serial Key ( Bronze ) 2. Fully KeyGen it - every username with different serial key algorithm ( Silver ) 3. Full KeyGen plus EXPLANATION on what u did and how you figured out everything ( Gold ) Good luck!

Find correct license key, don't try to patch file. Updates & Improvements : + Listen to KAO advices from Version 1.0 + Improved Metamorphic Junk Code Generator + Encrypted VM Handlers + Control-Flow Obfuscation + VM Handler Obfuscation Hint : File Packed with UPX 5.0 just for compression ( just decompress it using -d command ) Thanks to @kao for Tips.

Brief and useful Find correct license key, don't try to patch file. What comes within this crackme : + Code Virtualization + Unique Junkcode Generation + Control-Flow Obfuscation

Hey everyone, I’m sharing an UnpackMe challenge that combines VMProtect packing with runtime function obfuscation using Eclipse Runtime Obfuscator. This should be an interesting challenge for those who enjoy working with dynamic obfuscation and anti-debugging techniques. Protection Details: VMProtect is used for basic packing, with import protection and anti-debug enabled. Eclipse Runtime Obfuscator dynamically obfuscates function execution, making dumped analysis and debugging difficult. Function code is relocated to a new memory region at runtime and accessed through vectored exception handling (VEH) instead of direct execution. Eclipse Runtime Obfuscation Features in this UnpackMe: Exception-Based Execution Handling – Execution is redirected via VEH, preventing direct tracing. Junk Code Injection – Adds meaningless instructions to mislead disassembly and make static analysis harder. Dynamic Function Relocation – Functions are moved at runtime, disrupting predictable memory access. Control Flow Obfuscation – Execution flow is broken up and redirected via exception handling. Anti-Debugging Protection – The binary throws access violations and illegal instructions to interfere with debuggers. Goals: Unpack the binary (remove VMProtect and restore the original imports). Defeat runtime function relocation and deobfuscate the function logic by resorting the original function code. Reconstruct a clean, runnable (optional) version of the executable with original control flow. Explain how you unpacked and fixed the program, detailing the approach to defeating VEH-based execution and restoring the function code. Bonus points if you can crack the password in the console application demo code. Notes: VMProtect is only used for packing, not virtualization. The main challenge comes from Eclipse’s runtime function relocation and exception-based redirections. Dumping the process isn’t enough, as function code is dynamically obfuscated in memory. The obfuscated functions are exported and named "testCCode", "testCCode2", and "DemoFunction" (this function has the crackme code in it). Would love to see a write-up on defeating the VEH-based execution and restoring the original function code! More information can be found about the Eclipse Runtime Obfuscator project on GitHub. Looking forward to seeing your approaches. Good luck and happy reversing!

The Entry Point is virtualized. 2 Parts of the codes are also virtualized. [Your Mission] Just unpack this file and make it run well without any errors or termination. No devirtualiztion are necessary.

This is an example program I used to shell The Enigma 7.7. You can shell it, bypass it, PatchHWID, KeyGen to make it run normally. Of course, it would be best if the shell could be peeled off.Have fun! https://workupload.com/file/EGgppWamMA6 Cracked:

A good understanding of the Portable Executable (PE) file format leads to a good understanding of the operating system. If you know what's in your DLLs and EXEs, you'll be a more knowledgeable programmer. This article, the first of a two-part series, looks at the changes to the PE format that have occurred over the last few years, along with an overview of the format itself. After this update, the author discusses how the PE format fits into applications written for .NET, PE file sections, RVAs, the DataDirectory, and the importing of functions. An appendix includes lists of the relevant image header structures and their descriptions. Note: I have updated the archive to include the second part of this paper and have included the PE32 file used for reference.

Beginner Olly Tutorial Part 01 - Serial fishing. Beginner Olly Tutorial Part 02 - Internal keygen and patching. Beginner Olly Tutorial Part 03 - Unpacking and patching. Beginner Olly Tutorial Part 04 - Unpacking and patching, a more complex case. Beginner Olly Tutorial Part 05 - Inline patching. Beginner Olly Tutorial Part 06 - Packers theory. Beginner Olly Tutorial Part 07 - Cracking Lost Marble's Moho v5.1 using Memory BP's. Beginner Olly Tutorial Part 08 - Breakpoints theory. Beginner Olly Tutorial Part 09 - Defeating magic byte protection. Beginner Olly Tutorial Part 10 - Anti-tampering techniques theory.

Most (if not all) of the best hackers, crackers and reverse engineers are also programmers. It is probably impossible to learn RCE well without any knowledge of programming and many of the oldest txt files on cracking would urge the student - "first go away and learn assembler, then come back and read this". This is truer now than ever before as packers and executable protectors use increasingly complex and diverse methods of preventing unpacking, debugging and rebuilding. This has led to cracking groups coding custom tools rather than just relying on debugger, disassembler and tools like ImpREC. It has also led to loaders becoming increasingly popular, a fact echoed by the excellent Cracking with Loaders series from ARTeam. These however are not so easy to understand for beginners without any prior coding knowledge. I have written this tutorial to fill the gap between the complete beginner and the advanced tutorials on loaders, tracers, etc. Similarly, whilst console based apps and tools may be functional they are far from pretty so my second aim was to illustrate how easy it is to create GUI apps in assembler. In the spirit of the assembler programming and reversing communities I have re-used and adapted code from a wide variety of sources which are remembered with full credit and gratitude where possible.

OllyDbg with Plugin + OllyDBG v1.1 + OllyDBG v2.0.1 + OllyDBG Shadow GUI with Vic Plug-In Enjoy !