Leaderboard

No, the above script won't work due to Themida anti-debug tricks, even if program starts with the debugger. I got to say: Themida is great protector. Too bad about antivirus detections like https://www.malwarebytes.com/blog/detections/riskware-patcher-themida I made some new updates to Unlicense: - fixed winlicense v3 detection for the above https://storage.custos.dev/ResourceCryptor_latest.7z - fixed imports for winlicense v3 x64 OEP still needs to be fixed as currently stops before real OEP; You could try --force_oep: --force_oep=0x0115E 0x0115E = OEP rva; as long as you know OEP rva. unlicenseFixed2.rar

"THEMIDA OPTION_ADVANCED_OEP_IAT_SCRAMBLE" refers to a specific, advanced protection option within the Themida software protection tool. It is a setting that scrambles the Import Address Table (IAT) to make it harder for attackers to analyze the application's functions at the Original Entry Point (OEP), a key target for software cracking What it is: It's a Themida protection feature that modifies the Import Address Table (IAT). How it works: By scrambling the IAT, the option makes it significantly more difficult for attackers to identify and analyze the functions the program uses at its Original Entry Point (OEP). Purpose: The goal is to enhance the security of the application by complicating reverse-engineering and cracking attempts that often rely on manipulating the OEP and IAT. OPTION_ADVANCED_OEP_IAT_SCRAMBLE VALUE YES

Both options are useless.

Hi unfortunately you can't find correct hwid from license key

Hi guys, I've been working on an Appfuscator string decryptor which I used on a malware called Gremlin Stealer ( https://bazaar.abuse.ch/sample/d21c8a005125a27c49343e7b5b612fc51160b6ae9eefa0a0620f67fa4d0a30f6/ ). I used the AsmResolver library. It still needs two things: replace variables by their value and patch ternary operators to decrypt all the strings. I guess I need to look at the control flow graph for that. You can take a look and even contribute or give suggestions on how to approach the problems. GitHubGitHub - lowlevel01/deGremlin: Decrypt and Patch strings...Decrypt and Patch strings obfuscated with Appfuscator. Tested on Gremlin Stealer. - lowlevel01/deGremlin

The target has a license server that collects minimal, anonymized information about the launch. Information about debugger detections, code integrity violations, launches in virtual environment, etc. is also transmitted to the license server. Most likely, you simply did not reach the point where the application would display a MessageBox with a message about detecting a debugger. The debugger was detected by 3 out of 3 methods, ScyllaHide was unable to deceive any of them. The screenshot shows the log of your last target launch.

rar file is password protected

I don't have hwid themida crackme. I have licensed Themida v3.1.8.0 Themida v3.2.2.22. Can someone test this, specially build for OPTION_ADVANCED_OEP_IAT_SCRAMBLE, but it must find OEP for standard options also. It is an x96dbg script; my first fixed x96dbg script: Themida v2.x.x.x OEP Finder fixed.txt https://workupload.com/file/n7nE5xJ9vCM

This setting breaks existing public unpackers

NtUserGetForegroundWindow also has to marked for some advanced targets In my tests Unlicense has some problems with virtualized entry points: sometimes the targets starts, sometimes it doesn't start.

And here is my first fix: fixed jmp dword ptr [import thunk] on old version was wrongly fixed by call dword ptr. imports_fixed1.rar

I need Tips on how to make enigma protector hard to bypass by check some boxes

Hi Short tutorial for bypass Safengine 2.4 HWID Regards. Safengine Short Tutorial.rar

Video_2024-02-12_112004.mp4 Regards. sean.

I remember a previous conversation where CodeCracker asked for something related to Eazfuscator, but I can't recall the specific question. However, I do remember that you provided a solution but I'm surprised that you didn't share your tool, as most beginners nowadays use CodeCracker's tools. He's a humble person who sets a good example for the community. What have you contributed so far? The previous generation loved to share knowledge, but now the well-known reversers keep things private. I understand that some people still copy-paste for profit, but there are also genuine individuals who want to dive deep into the field. Unfortunately, many people have quit, because it's a struggle to learn more without a master. It's hard to find one these days. Ra1n, I know you're skilled, and I'm sorry for what I said, but it's the truth. The reversing community is dying. I miss the good old days when the best were humble and shared their knowledge.