Leaderboard
-
jackyjask
Full Member+84Points1,645Posts -
Stuttered
Full Member31Points91Posts -
CodeExplorer
Team Member30Points4,322Posts -
.hloire
Full Member24Points57Posts
Popular Content
Showing content with the highest reputation since 08/16/2025 in Posts
-
Flare-On 12
6 pointsIt's that time of the year again. It seems we're starting September 26 8PM EST again with a return to Web3 and YARA as well. Four weeks instead of six this year... I wonder what the reason for this is. 🤔 https://flare-on.com/6 points
-
kill a process and prevent it from being created again
Hi @LCF-AT , DriverMonitor is an old tool that has been released for over 20 years. I am accustomed to using this app to load some Windows drivers. For learning and testing purposes, I used some leaked certificates to sign this driver. Now I will upload the signed driver here. I have set up a callback function (ProcessNotifyExRoutine_call_back) in the driver to filter specific process names in order to prevent their loading. Therefore, before uninstalling the driver, the target process cannot be started. This simple APP can kill some driver-protected antivirus software or system-level processes. For example, antivirus software such as Kaspersky and Symantec. If you terminate the system processes (e.g. winlogon.exe and dwm.exe), it will result in a BSOD. bin_v0.002.zip(Requires: 64-bit OS & >= Windows 7) DriverMonitor_EN.rar Video_2025-09-14_161309.mp4 (4.69 MB)4 points
-
Do you know any file size info & calculation tools?
damn it! this is GENIOUS! (instead of WinAPI old dirty crap!!!) easy! just read the docs :) built a binary using that multi-precision lib: (left vs last build fom @Stuttered ) FileSizeCALC_0.0.11.zip4 points
-
Board Update: Invision Community 5
4 pointsThose with keen eyes may have already noticed there has been a change to the board, it has now been updated to Invision Community 5. If you see an issue somewhere please let me know and I'll have a look at fixing it up... Ted.4 points
-
Board Update: Invision Community 5
4 pointsClick on your username at the top of the board and select, "Mark all content as read". It is now as wide as the default theme allows. Is this better? Ted.4 points
-
Nuitka 2.1.5 (Python 3.11)
3 pointsYou can look for HydraDragonAntivirus/AutoNuitkaDecompiler: Get malware payload without dynamic analysis with this auto decompiler or my main project. I did with that. If you want dynamic analysis then Is Nuitka No Longer Secure? A Reverse Engineering Tool for Nuitka/Cython-Packed Applications — pymodhook | by qfcy | Medium (There more advanced special python code for pymodhook but it's closed source for vxnet and not made by me so I can't make it public) If you want both dynamic and static: Siradankullanici/nuitka-helper: Symbol Recovery Tool for Nuitka Binaries I did extract with stage1.py or nuitka-extractor extremecoders-re/nuitka-extractor: Tool to extract nuitka compiled executables (or just do dynamic analysis for extract and sometimes it can't extract or Nuitka compiles executable as dll so you need dll loader It seems like it becoming obsolete · Issue #15 · extremecoders-re/nuitka-extractor) my main project not stable but if he is become stable then he can detect is he nuitka and do auto extract with auto decompile and you get source code. Nuitka is actually hiding data in resources section in specia bytecode format. Actual source code starts from (u)python.exe or /python.exe (generally in broken executables) then you need look for <modulecode part for import recovery and Nuitka compiles with everything for obfuscation. So too many comment lines from file exists. You can detect junks by that line contains no u word. Which means this line is junk because u means go to next line in Nuitka bytecode. Nuitka is not obfuscated if he doesn't compile with everything otherwise it's obfuscated. You can improve my script by looking Nuitka bytecode source code. You can post to ay AI to recover code but Gemini is currently best for very long codes. Compared to other obfuscators you need pyarmor with Nuitka to make him more secure (or guardshield with pip install guardshield), otherwise it's easy task if there no too many imports. Rarely user disables compile everything even if the docs then your task much easier but in default Nuitka compiles everything. Nuitka clearly worser than Rust for some reason. 1) Antiviruses flags as malware because malware analysts can't understand Nuitka (even if they are too experinced they really don't know how to solve Nuitka) so you get false positives. 2) It's not good obfuscator and it's not creating millions of line hello world code via normal cython. I don't recommend python to use for avoid reverse engineering but you can still use it. If you want I can give all details which I know with tutorial or I can release my main project for auto Nuitka decomplication. My last words are don't use pyoxidizer, pyinstaller, cx_freeze if you want obfuscate your code because Nuitka is still best open source option for python. Nuitka can't remove python.h so the code must be pseudo python (Cython like style)3 points
-
Do you know any file size info & calculation tools?
3 points
-
Do you know any file size info & calculation tools?
Update v0.0.10. Thx @jackyjask for pointing to the BigNumber library and assist. See attached. FileSizeCALC_v0.0.10.rar3 points
-
Nuitka 2.1.5 (Python 3.11)
3 pointsNuitka can be easily unpacked and reversed. It doesn't obfuscate your code well. I'm suprised nobody solved this very easily. Also your executable is broken. Here is the full source code: def check_password(): """Check password function""" user_password = input("Enter the password: ") specific_password = "secret110" if user_password specific_password: print("Good boy!") else: print("Bad boy!") if name "__main__": check_password()3 points
-
ConfuserEx 1.6.0
3 points
-
Code Blocks Formatting
3 points
-
Do you know any file size info & calculation tools?
@Stuttered the formatting using Code Blocks seems to be working okay here... using System; using System.IO; using System.Windows.Forms; namespace FileSizeCalculator { public partial class Form1 : Form { private TextBox outputTextBox; public Form1(string filePath = null) { // Set form properties this.Text = "File Size Calculator"; this.Size = new System.Drawing.Size(400, 350); this.AllowDrop = true; this.DragEnter += Form1_DragEnter; this.DragDrop += Form1_DragDrop; // Create a label for instructions Label instructionLabel = new Label { Text = "Drag and drop a PE file here or onto the desktop icon.", AutoSize = true, Location = new System.Drawing.Point(10, 10) }; this.Controls.Add(instructionLabel); // Create a multiline TextBox for output outputTextBox = new TextBox { Multiline = true, ReadOnly = true, ScrollBars = ScrollBars.Vertical, Location = new System.Drawing.Point(10, 40), Size = new System.Drawing.Size(360, 250) }; this.Controls.Add(outputTextBox); // Process file if provided via command-line (desktop icon drop) if (!string.IsNullOrEmpty(filePath)) { ProcessFile(filePath); } } private void Form1_DragEnter(object sender, DragEventArgs e) { if (e.Data.GetDataPresent(DataFormats.FileDrop)) { e.Effect = DragDropEffects.Copy; } } private void Form1_DragDrop(object sender, DragEventArgs e) { string[] files = (string[])e.Data.GetData(DataFormats.FileDrop); if (files.Length > 0) { ProcessFile(files[0]); } } private void ProcessFile(string path) { outputTextBox.Text = string.Empty; if (!File.Exists(path)) { outputTextBox.Text = "File not found."; return; } // Check if it's a PE file (starts with 'MZ') bool isPE = false; try { using (FileStream fs = new FileStream(path, FileMode.Open, FileAccess.Read)) { byte[] header = new byte[2]; if (fs.Read(header, 0, 2) == 2 && header[0] == 77 && header[1] == 90) // 'M' and 'Z' { isPE = true; } } } catch (Exception ex) { outputTextBox.Text = $"Error reading file: {ex.Message}"; return; } if (!isPE) { outputTextBox.Text = "The dropped file is not a valid PE (Portable Executable) file."; return; } FileInfo fi = new FileInfo(path); long sizeInBytes = fi.Length; // Units and descriptions (binary prefixes: 1024-based) var units = new[] { new { Name = "Bytes (B)", Description = "1 Byte = 8 bits", Divisor = 1.0 }, new { Name = "Kilobytes (KB)", Description = "1 KB = 1024 Bytes", Divisor = Math.Pow(1024, 1) }, new { Name = "Megabytes (MB)", Description = "1 MB = 1024 KB = 1,048,576 Bytes", Divisor = Math.Pow(1024, 2) }, new { Name = "Gigabytes (GB)", Description = "1 GB = 1024 MB = 1,073,741,824 Bytes", Divisor = Math.Pow(1024, 3) }, new { Name = "Terabytes (TB)", Description = "1 TB = 1024 GB = 1,099,511,627,776 Bytes", Divisor = Math.Pow(1024, 4) }, new { Name = "Petabytes (PB)", Description = "1 PB = 1024 TB = 1,125,899,906,842,624 Bytes", Divisor = Math.Pow(1024, 5) } }; string output = $"File: {Path.GetFileName(path)}\r\n\r\nFile Size Breakdown:\r\n"; foreach (var unit in units) { double sizeInUnit = sizeInBytes / unit.Divisor; output += $"{unit.Name}: {sizeInUnit:F2} ({unit.Description})\r\n"; } outputTextBox.Text = output; } } static class Program { [STAThread] static void Main(string[] args) { Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); string filePath = args.Length > 0 ? args[0] : null; Application.Run(new Form1(filePath)); } } }Ted.3 points
-
Do you know any file size info & calculation tools?
Hi again, fixed negative numbers bug (or I think that it is fixed 😅) fixed thousand delimiter bug (I hope its work in your system 🤞) added support directories 🤓 source included as before 👇 ShowFileSize__3.rar3 points
-
Eazfuscator.NET v2025.01
3 points
-
Eazfuscator.NET v2025.01
3 points
-
kill a process and prevent it from being created again
Below are some core code snippets. // process monitoring callback function // disable the creation of specified processes VOID ProcessNotifyExRoutine_call_back( PEPROCESS pEProcess, HANDLE hProcessId, PPS_CREATE_NOTIFY_INFO CreateInfo) { if (NULL == CreateInfo) { return; } PCHAR pszImageFileName = PsGetProcessImageFileName(pEProcess); if (0 == _stricmp(pszImageFileName, "avpui.exe")) // target process name { CreateInfo->CreationStatus = STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY; } }NTSTATUS ZwKillProcess(HANDLE pid)//Kill the process { HANDLE hProcess = NULL; CLIENT_ID ClientId; OBJECT_ATTRIBUTES oa; NTSTATUS status; ClientId.UniqueProcess = pid; ClientId.UniqueThread = 0; oa.Length = sizeof(oa); oa.RootDirectory = 0; oa.ObjectName = 0; oa.Attributes = 0; oa.SecurityDescriptor = 0; oa.SecurityQualityOfService = 0; status = ZwOpenProcess(&hProcess, 1, &oa, &ClientId); if (NT_SUCCESS(status)) { ZwTerminateProcess(hProcess, 0); ZwClose(hProcess); return status; }; return FALSE; }bin.zip e.g. video_2025-09-13_120702.mp42 points
-
Code Blocks Formatting
2 points@Teddy Rogers hi! there are fresh issues/complains on forum upgrade over here -> https://forum.tuts4you.com/topic/45674-do-you-know-any-file-size-info-calculation-tools/#comment-2266762 points
-
ConfuserEx 1.6.0
2 points
-
[Release source code(Make Public) fo Code Deobfuscator x86_32/64]
The tool was designed for obfuscated code, not for handling standard code with external calls (iat, etc.). So, when splitting blocks, an address will likely be invalid. There's nothing stopping you from implementing and adding new features to the code. procedure TCFG_Analysis.SplitBlock( split_addr: UInt64); (* Split basic block @ split_addr and create a new basic_blocks[] entry. *) var bb_head,orig_head : UInt64; instr : TCfGIns; tmpIns : TIns; begin OutDbg( Format('>Function:SplitBlock - Entry splitting @ [%08x] ',[split_addr])); if Fbasic_blocks.ContainsKey(split_addr) then Exit; bb_head := split_addr; orig_head := DFSBBSearchHead(split_addr); if orig_head = 0 then begin OutDbg(Format('>Function:SplitBlock - Failed @ [%08x]: orig_head=None ',[split_addr])); // raise Exception.Create('SplitBlock: orig_head not found'); end; OutDbg(Format('>Function:SplitBlock - Got orig_head [%08x] ',[orig_head])); // Create new BBlock Fbasic_blocks.Add(bb_head,[]) ; if Length(Fbasic_blocks[orig_head]) > 0 then begin tmpIns:= Fbasic_blocks[orig_head]; instr := tmpIns[ High(Fbasic_blocks[orig_head]) ]; SetLength(tmpIns, Length(Fbasic_blocks[orig_head])-1); Fbasic_blocks[orig_head] := tmpIns; end else Exit; while True do begin tmpIns:= Fbasic_blocks[orig_head]; Insert(instr,tmpIns,0 ); Fbasic_blocks[orig_head] := tmpIns; if instr.OriginEA = bb_head then break ; tmpIns:= Fbasic_blocks[orig_head]; instr := tmpIns[ High(Fbasic_blocks[orig_head]) ]; SetLength(tmpIns, Length(Fbasic_blocks[orig_head])-1); Fbasic_blocks[orig_head] := tmpIns; end; OutDbg(Format('>>Function:SplitBlock - Split @ [%08x]; original @ [%08x]',[split_addr,orig_head])); end;2 points
-
Do you know any file size info & calculation tools?
Only because this is how the online app does it, I guess? this — PostimagesApp still needs some clean up, and the stretchable is fine. The internal VER I don't care about atm. Nice! I'll take a look at the changes.2 points
-
Do you know any file size info & calculation tools?
2 points
-
Do you know any file size info & calculation tools?
Hmmm... Not sure I can do that, but I'll take a look. Here is v0.0.7. FileSizeCALC_x86_v0.0.7.rar2 points
-
Do you know any file size info & calculation tools?
Hi, Added some lazy codes Fixed some bugs (and added new ones 😅) . ShowFileSize__4.rar2 points
-
Do you know any file size info & calculation tools?
Okay, here is a TEST version. I had to change the code to handle Big Number calculations, which sucked. See attached (if I can get this to work, I'll look at other requests by LFC-AT). FileSizeCALC_TST.rar2 points
-
Do you know any file size info & calculation tools?
You are welcome. It was a good exercise! v0.0.3 is attached with SRC (minor bug fix). FileSizeCalc_v0.0.3.rar2 points
-
Do you know any file size info & calculation tools?
@Stuttered Thank you for the new tool version. Now it looks better and I can use the comma to enter more precise values.Drag & Drop works too but only for single files. All in all you both made a nice tool so far I can use offline. 🙂 I'm really not into Math at all and never was! 🙃 greetz2 points
-
Do you know any file size info & calculation tools?
2 points
-
Do you know any file size info & calculation tools?
Latest attempt to get as close to the web site as possible. See attached PE and SRC. pic — Postimagespic2 — PostimagesFileSizeCalc.rar2 points
-
Do you know any file size info & calculation tools?
Hi guys, thanks for feedback so far. @h4sh3m Thanks for version 2 but its still buggy. If I enter 2 & GB I get this results... Bit: 17179869184 Byte: 2147483648 KB: 2.097.152,000000000000000 MB: 2.048,000000000000000 GB: 2,000000000000000 TB: 0,001953125000000 PB: 0,000001907348633 ...and if I copy & paste the GB results or just enter 2,0 I get this... Bit: 171798691840 Byte: 21474836480 KB: 20.971.520,000000000000000 MB: 20.480,000000000000000 GB: 20,000000000000000 TB: 0,019531250000000 PB: 0,000019073486328 ...whats not so correct. 🙂 @Stuttered Yes similar like or the website like I did post. In your image the results looking very unclean to have a good overview. Even I need to have some manually entering option. So normally there are apps for everything so why the heck I don't find any tool for this calc stuff? One more question, so I always find sometimes those online tools to convert stuff or whatever etc, some nice handy tools but just online only. Is it possible to save that webpage and make some kind of standalone quick loading app etc? PS: Why are the code in code tags (inline?) looks so strange now / too much space between the lines? I also don't see any preview button anymore on that new style! greetz2 points
-
Do you know any file size info & calculation tools?
what's the problem using code sections? eg using System; using System.IO; using System.Windows.Forms; namespace FileSizeCalculator { public partial class Form1 : Form { private TextBox outputTextBox; .... But generally I agree - in the past there were more options to insert source code.... @Teddy Rogers it is a limitation of new upgraded forum board? hmmm why do you need to do that check? the orignal idea was to measure any file in size...2 points
-
Do you know any file size info & calculation tools?
2 points
-
Do you know any file size info & calculation tools?
1st bug report: (ver 2) one more (feature req or bug?) when drag-n-drop a Folder the app accepts it, but does nothing... possible to calc folder as well?2 points
-
Do you know any file size info & calculation tools?
Hi, Added multi file support and replaced float input with integer :) source included as before. ShowFileSize__2.rar2 points
-
Do you know any file size info & calculation tools?
Hey @h4sh3m, thank you for doing this. The tool looks nice and handy so far for a quick offline use. :) 🙂 Only issue I see it that comma or dot is not allowed to use to enter manually "Error occured in getting number !". Do you think you could add this little extra feature too in next version? I would like to copy any of those results I get and paste it into edit control and calc with just for checking etc. But for the moment the tool is nice so far. Just does bother me to get online every time I need to calc something. Thank you. PS: Drag & Drop works also nice. Could you make it doable for multiple files too to add the sizes into result box? Just if possible. greetz2 points
-
Do you know any file size info & calculation tools?
Hi, Your referred online tool is not perfect (2^10 != 1000) :| Made a simple tool for you (source in delphi/pascal included). ShowFileSize.rar2 points
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
toro sentinel logger work over sentinel driver (support LPT/USB) can show the screen shoot for us? also can try pva-based dumper with some mod try to use old sspro driver v5.392 points
-
Leaked VMProtect sources
2 pointsOld version vmp unpack tools pls share version is v.1, v.2 any idea2 points
-
Board Update: Invision Community 5
2 pointsdoes it have an option to become flexible? (eg depends on current browser width?) or thats too much as for 2025 the age of AI and robots :) if you click the bell (top right corner) magic gonna happen :)2 points
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
Hello everyone, I am looking for help or advice regarding backup/emulation of a Sentinel SuperPro LPT dongle that protects my industrial software (PPI). My setup is quite old, but the software is still in daily use for important production tasks. My configuration: Software: PPI (industrial/printing workflow, works with .ppf files) Dongle: Sentinel SuperPro, 25-pin LPT (parallel port), not USB OS: Windows XP (I also have a backup XP system with native LPT1) Dongle drivers: Sentinel Protection Installer 7.5.0 What I've tried so far: sprodump.exe – dump stops at ~60%, produces a small, incomplete .dmp file pva-dmp.exe / other classic LPT dumpers – same result, incomplete or error Tried using giveio.sys and other port access tools – no difference Tried using Toro Dongle Monitor, but it does not support Sentinel LPT Tried Portmon (Sysinternals) – I can see port activity but not actual challenge/response data Tried physical LPT passthrough in VMware Workstation (on a machine with native LPT) – program still requires the dongle to be present, and dump attempts also fail My goal: I would like to make a backup or create an emulator of my Sentinel SuperPro LPT dongle to secure my workflow in case of hardware failure. I am not looking to bypass licensing, just to protect my own investment for business continuity. My questions: Has anyone successfully dumped or emulated a Sentinel SuperPro LPT dongle in 2024? Are there any new tools, methods, or guides for dumping or logging challenge/response for this dongle type? Is there any specialist or service you can recommend who might help with this type of backup/emulation for industrial software? Any best practices for maintaining such legacy systems safely for the future? Any advice, tips, or shared experiences are highly appreciated! Thank you in advance for your support! (If needed, I can upload photos of the dongle, failed dump files, or screenshots.) Best regards, Dak1 point
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
yes, some days ago sspro lpt on wxp sp3 x321 point
-
Eazfuscator.NET v2025.01
1 point@CreateAndInject thought that u missed a piece of the puzzle that @Fr0Mu offered you...1 point
-
Eazfuscator.NET v2025.01
1 point
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
You can try with older drivers. This dumpers are made for older drivers. Recommend you to install 7.41 drivers. First remove 7.5 one. Or try with newer drivers also 7.6 or 7.8.1 point
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
Hi, The hardware key is a Sentinel SuperPro from Rainbow SafeNet on LPT (25 pin) purchased in 2006, recommended Windows environment is XP professional service pack 1 (minimum), secured by Prinect Prepress Heidelberg interface.1 point
-
Help: Sentinel SuperPro LPT Backup/Emulation for Industrial Software (PPI)
Most likely your driver is the problem. What is the OS - DOS or Windows XP? The new dumpers are for XP most of them. You can try the old Safekey dumper. I have it somewhere but have to search for it.1 point
-
Eazfuscator.NET v2025.01
1 point@everyone Can you please write step by step guide tutorials if you solve these kind of problems, so other people get helped by your efforts. No meaning jobs, just showing off. But this is not obligation. your choice for helping others learn. Regards. sean.1 point
-
Eazfuscator.NET v2025.01
1 point@CreateAndInject great success, assuming without @Fr0Mu unpacked will be not possible before ah? thank you both for your time. @others - valid serial1 point
-
Eazfuscator.NET v2025.01
1 pointDevirtualized except 0x06000128 cause of the homomorphic encryption. WindowsFormsApplication41-devirt.exe1 point
-
[unpackme] PESpin.v1.33
1 pointHi, ok normaly you don't really need a tutorial for this but if you are a newbie then I could make a little exception in that case. - Video- Text Infos + details- Res Tool- Unpacked filesJust watch and read and try and if something is not clear then ask again.greetz Unpacking PESpin.v1.33 - No Specials.rar1 point
-
[unpackme] PESpin.v1.33
1 point@LCF-AT and @Silence ... Unpacked work 100%... i hope u all can make tut to unpack this packer for newbie like me1 point