Leaderboard

Reverse Engineering Denuvo in Hogwarts Legacy Slides Sogen Emulator Source Ted.

@lpu random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. You shouldn't be making any assumptions - it's a crypto problem, not a guessing game. You were given all the data you need to solve it.

Totally forgot about this one. Place to patch to use @boot key and hwid on your pc: VMProtect_HWID_License.vmp.exe+7ED551 -> RAX 0 to 1.Both of them seem to be working just fine. SetSerial should provide successful message as well as VMCode. ScreenRecorderProject1_3.mp4

damn it's already been taken down :/ thank you for trying to upload it anyways!

Hey! Some rabbit holes are fun to dive into. And sometimes you also don't realize you are in a rabbit hole 🙃 (Definitely guilty of that myself here 😅)

@Pau1 : random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. random text so that spoiler actually works. You went in the wrong direction.

This is a known issue, and there is an open bug report with the Invision team to have it resolved. Spoiler contents are also visible in search results too... Ted.

VMProtect v3.8.1 Ultra (Mutation + Virtualization) The target is an old software (from 2010) coded in c++, I just apply the VMP protection without any special code as I show in the two screenshots. All available protection features in VMProtect were used with this unpackme. Refer to the attached images for the specific protection settings used. Challenge is to unpack the file, providing an explanation and details on your methodology. File Information Submitter X0rby Submitted 04/17/2023 Category UnPackMe View File

.NET is kinda cool. Anyways AOB scan 0F 84 71 01 00 00 81 C6 then just flip JE -> JNE. 051B9F43 - 0F84 71010000 - je 051BA0BA in my case its on this address.

Based on your video, this might be another solution. It would be better if more details could be provided. e.g. How do you locate 7ED551h, etc.

You can search: https://forum.tuts4you.com/search/?&q=vmprotect&quick=1&start_after=any&updated_after=any

Someone please share zero 2 automated reversing course. Thank you.

You can look for HydraDragonAntivirus/AutoNuitkaDecompiler: Get malware payload without dynamic analysis with this auto decompiler or my main project. I did with that. If you want dynamic analysis then Is Nuitka No Longer Secure? A Reverse Engineering Tool for Nuitka/Cython-Packed Applications — pymodhook | by qfcy | Medium (There more advanced special python code for pymodhook but it's closed source for vxnet and not made by me so I can't make it public) If you want both dynamic and static: Siradankullanici/nuitka-helper: Symbol Recovery Tool for Nuitka Binaries I did extract with stage1.py or nuitka-extractor extremecoders-re/nuitka-extractor: Tool to extract nuitka compiled executables (or just do dynamic analysis for extract and sometimes it can't extract or Nuitka compiles executable as dll so you need dll loader It seems like it becoming obsolete · Issue #15 · extremecoders-re/nuitka-extractor) my main project not stable but if he is become stable then he can detect is he nuitka and do auto extract with auto decompile and you get source code. Nuitka is actually hiding data in resources section in specia bytecode format. Actual source code starts from (u)python.exe or /python.exe (generally in broken executables) then you need look for <modulecode part for import recovery and Nuitka compiles with everything for obfuscation. So too many comment lines from file exists. You can detect junks by that line contains no u word. Which means this line is junk because u means go to next line in Nuitka bytecode. Nuitka is not obfuscated if he doesn't compile with everything otherwise it's obfuscated. You can improve my script by looking Nuitka bytecode source code. You can post to ay AI to recover code but Gemini is currently best for very long codes. Compared to other obfuscators you need pyarmor with Nuitka to make him more secure (or guardshield with pip install guardshield), otherwise it's easy task if there no too many imports. Rarely user disables compile everything even if the docs then your task much easier but in default Nuitka compiles everything. Nuitka clearly worser than Rust for some reason. 1) Antiviruses flags as malware because malware analysts can't understand Nuitka (even if they are too experinced they really don't know how to solve Nuitka) so you get false positives. 2) It's not good obfuscator and it's not creating millions of line hello world code via normal cython. I don't recommend python to use for avoid reverse engineering but you can still use it. If you want I can give all details which I know with tutorial or I can release my main project for auto Nuitka decomplication. My last words are don't use pyoxidizer, pyinstaller, cx_freeze if you want obfuscate your code because Nuitka is still best open source option for python. Nuitka can't remove python.h so the code must be pseudo python (Cython like style)

Seems like we have a winner! 👍

damn it! this is GENIOUS! (instead of WinAPI old dirty crap!!!) easy! just read the docs :) built a binary using that multi-precision lib: (left vs last build fom @Stuttered ) FileSizeCALC_0.0.11.zip

Update v0.0.10. Thx @jackyjask for pointing to the BigNumber library and assist. See attached. FileSizeCALC_v0.0.10.rar

Would yuo like send valid registration otherwise it's christmas day so I have free times for challenge this one for this last years? Merry Christmas day for everybody 🎂🍾🎉🎊😁🤭.

Antidebug is available in the final version

Sry, but super hyper antidebug,antihijack and etc. dosnt work also whit x64dbg .... You made the protection worse than ever, any cracker will break it. One jump and fake screen bye bye see my pic...

U use again some cheap trick heree but , u know result ..... Keep in mind that I cracked the latest dongles Guardant,Senselock and etc. this will that stop me? name: Mr.Leng key:B4HMR2CA76ACVESM2CL7A7X355RQ63RLGYYVW5VYEV48FWGJ8DZRJ44C78SFN3FF9PPF6UBUERAKCJUY9YJXGT3DXB9JX78A39YLBHUFUDGT @lengyue real hwid is here other vmp instruction u are add here on this target are bullshit rva:451904 Enigma shutdown.rar

let's give a try

Nice. How to do?

Hi Short tutorial for bypass Safengine 2.4 HWID Regards. Safengine Short Tutorial.rar

yeah, mostly it was for x86 when LCFAT was busy withprotectors and Ollydbg scripting (5-10 years ago...) unfortunately (or luckily) LCFAT is now a fully dedicated browser ninja! so its up to us, kids of 2020+ to continue the great adventure and create more meat/bbq/cocacola fun

Hi everyone, Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features: variables, currently command-based only basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A) software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr') hardware breakpoints (access, write, execute), also command-only stepping (over, into, out, n instructions), can be done with buttons/shortcuts memory allocation/deallocation inside the debuggee quickly access API adresses (bp GetProcAddress) syntax highlighting, currently not customizable simple memory map (just addr+size+module+protection basically) The debugger has an easy GUI, for which we looked a lot at Olly Debug engine is TitanEngine, disassembler BeaEngine, icons are from various sources (see About dialog). We use QT for the GUI part. If you have a suggestion, a bug report, need more info, want to contribute, just post here or send me a private message. The latest public build + source can always be found on http://x64dbg.com (click 'Source'->'bin_public') to download the latest build. For now, you can also download the first 'alpha' here We would love to hear from you! Greetings, Mr. eXoDia & Sigma