Leaderboard
-
CodeExplorer
Team Member34Points4,542Posts -
RADIOX
Full Member7Points192Posts -
VB56390
Full Member7Points164Posts -
decode
Full Member6Points42Posts
Popular Content
Showing content with the highest reputation since 01/30/2026 in all areas
-
2 points -
2 points
Firstly You Must Set Hardware Breakpoints on your Target address (where you want to make changes) Then You Must Break on System DLL Entry (For Identify the last Loaded DLL Before The Pointer Stop on your Target address) Finally Set Memory Breakpoint on Write at .data Section of your main EXE Here we Go Like Last Example: Our DLL Befor Stop at our address is: wsock32.dll Next Step Restart Target and Finding Static Opcode in Static Stack and check our DLL Target Code if Unpacked Summary: main:0002064F:10:0; tgsdk.dll:00006310:00:0; tgsdk.dll:00006638:74:0When Our Loader Loop Checking First Byte of RVA 1 in Stack and when Checking is OK, That means EIP is running in 004012EC, and our Target DLL is unpacked and ready to write the Loader Data. I hope This Tuto Can Help Greetings AT4RE2 points -
2 pointsInteresting 🌝 this is reminded me to the old days, is it possible to create a tutorial video I don't see good unpacking tutorials theses days2 points
-
Hello everyone I have been developing my own EXE protection and encryption system for a long time Taking inspiration from solutions like VMProtect and Themida I am trying to build a structure that includes various security layers such as packer encryption obfuscation anti dump and more To test this work and identify its shortcomings I prepared a small test EXE The application is a simple program that asks for a license key and your goal is to crack this application and gain access I encrypted and protected this test application using the protection system I developed Download link https://dosya.co/x5e4xyewg94d/CrackMe.exe.html VirusTotal analysis https://www.virustotal.com/gui/url-analysis/u-a65e75a253a80ae0a2ef0e23a218db163333faf2ce84401f76168cb764444c2a-a6822794 I kindly ask you to analyze it using reverse engineering techniques and try to break it and if possible share with me The parts you found difficult The weaknesses you found easy The strong and weak points of the protection My goal is purely to learn see my mistakes and make the system more robust For experienced experts it may be a simple application please excuse that in advance I hope it will be an educational exercise for beginners and intermediate level users Thank you in advance to everyone who participates Good luck to all1 point -
@cTrI the site will not disappear, bcoz the webdav server configured connection to single only no parallel connections allowed, if u use multiple winscp clients from the same location(ip) then u may abuse...1 point -
1 point
-
Any have any idea to handle this kind protection ?1 point -
Catch the exit and/or terminate process routine(s) (I assume the PE is auto-exiting when tampered with). And walk the stack back until you find the logic that controls the check(s).1 point -
Unpacked CFF Explorer_protected_unp_cl.7z1 point -
1 point -
1 pointNo pressure; anyone can enjoy doing CTF challenges here. Old-day masters no longer exist1 point
-
1 pointSorry, I'm really short on time for tutorials. Besides it won't be much of use, as mostly custom tools are used. But I could try to answer some questions.1 point -
1 point
Master, thank you very much for your interest; we are learning valuable information. However, for a DLL protected by VMP or Themida, how can we detect the point shown in the image via x32dbg? Where should we place the bp, or is there a simpler way? Professor, thank you very much for your interest; we are learning valuable information. However, for a DLL protected by VMP or Themida, how can we detect the point shown in the image via x32dbg? Where should we place the bp, or is there a simpler way?1 point
-
<font style="vertical-align: inherit;"><font style="vertical-align: inherit;">version.dpr</font></font>1 point -
Should I download all the necessary courses now? They are truly amazing, but from what I know, WebDAV isn't very stable. I'm honestly worried that the site might disappear...but I'm worried that downloading (too much) might put too much strain on the server.1 point -
1 pointI don't know how to create exe with PyInstaller. Also I didn't finished my updates yet.1 point
-
Use version.ASM to load your dll. compile with fasm.1 point