Leaderboard
-
CodeExplorer
Team Member31Points4,428Posts -
Kurapica
Full Member+5Points1,128Posts -
0xNOP
Full Member4Points169Posts -
whoknows
Full Member+4Points1,964Posts
Popular Content
Showing content with the highest reputation since 11/14/2025 in all areas
-
3 pointsI wanted to devirtualize it manually so I made a disassembler for it using the new yara-x to locate the handlers and the bytecode. Probably going to turn it into a full devirtualizer from binaryshield bytecode straight to x86_64. I saw these values(the one in the cmp comment) put them as input since it was valid I didn't go further. You can find my work at https://github.com/xlatbx59/Bshld, the file with the disassembly is at https://github.com/xlatbx59/Bshld/blob/master/binshield.txt. It was fun to reverse
3 points -
2 pointsHere compiled unlicense with codeexplorer's fixes: unlicense compiled With pyton 3.09 and 3.11 versions.2 points -
2 points
2025.10.15 — x86/x64 v3.5.1.3 1.Patch customization: added a batch of hijack DLLs and you can configure hijack modules on the "Custom Patch Settings" page. Patches can now bundle custom files — non-PE files will be extracted to the target directory together with the patch, while other files can be optionally extracted. Patch data in the cracking modules PYG/PYG64 now supports dynamic expansion. 2.Added a small utility: “Process Hijack DLL Detector” — provides a closed loop from detecting usable hijack DLLs → generating a hijack DLL project → adding that custom hijack module into a patch. 3.The hijack code generator is now compatible with the latest VS2022; fixed intermediate directory settings. 4.When the patch logo popup is closed, the target application's main window is brought to the foreground. 5.The main program now generates a dump file when it crashes. 6.Fixed compatibility issues with VMP 3.x and several bugs — thanks to csjwaman and 真小白 for their bug reports. 7.Added tooltip (tip bubble) support on UI controls so full text can be displayed. 8.Thanks to KuNgBiM and 红豆 for providing multilingual files and proofreading copy. 9.Improved data protection, compatibility, and anti-debugging; thanks to kxoe for the suggestions. 10.Minor UX/details optimizations in the main program — for example, improved prompts when saving bpt projects. Baymax Patch Tools v3.5.1.3.zip Baymax Patch Tools x64 v3.5.1.3.zip Baymax toOls for x64dbg v1.9.5 1. Add replacement function for search data 2. Add feature code option with real-time effect 3. Add more language files Baymax toOls for x64dbg v1.9.5.zip2 points -
1 point -
1 pointgit clone https://github.com/ergrelet/unlicense.git cd unlicense ### Replace the necessary files with your updates pip install --upgrade pip pip install . pip install pyinstaller pyinstaller unlicense.spec1 point -
1 pointI don't know how to create exe with PyInstaller. Also I didn't finished my updates yet.1 point
-
1 pointNo, the above script won't work due to Themida anti-debug tricks, even if program starts with the debugger. I got to say: Themida is great protector. Too bad about antivirus detections like https://www.malwarebytes.com/blog/detections/riskware-patcher-themida I made some new updates to Unlicense: - fixed winlicense v3 detection for the above https://storage.custos.dev/ResourceCryptor_latest.7z - fixed imports for winlicense v3 x64 OEP still needs to be fixed as currently stops before real OEP; You could try --force_oep: --force_oep=0x0115E 0x0115E = OEP rva; as long as you know OEP rva. unlicenseFixed2.rar1 point
-
Server is up , woth better uplink !Use webdav client. like WinSCP host : https://eddynet.cz:9865 u: learn p: 4EKS9umUYme3WAZrC1 point
-
1 pointhi, i am new to devirtualization topic and this challenge was very good for beginners and me. first, my goal was not just obtain the keys but devirtualize whole function automatically and recompile back to be able to patch it. i lifted handlers to LLVM IR and recompiled in a new binary to analyze it this is my final output i know its a little difficult to read, but at least you can see the correct keys clearly if you look at if statements. sadly, code crashes at runtime, i dont know why. it will probably take really long time to identify the problem. i dont think i will do that. maybe i might try VTIL instead of LLVM. i would like to see others approaches on fully devirtualizing this vm. great challange again.1 point -
1 pointFun and not too difficult challenge. I always like me some VM crackmes Valid keys: Had enough fun reversing this so I made a full writeup with disassembler and devirtualized code: https://blog.washi.dev/posts/binaryshield-vm-crackme/1 point -
@Sh4DoVV Can you bypass it without the license key file? Use this key file. Win64GUI.key Regards. sean.1 point -
1 pointThese Chinese forums are paid and you need to be Chinese to join....Chinese people want to learn from our forums but they don't accept any NO-Chinese to learn from them - using websites like Baidu to upload or video hosters that need Chinese number also.1 point -
I want to release a new tutorial about the popular theme Themida - WinLicense. So I see there seems to be still some open questions mostly if my older unpack script does not work anymore and the unpacked files to, etc. So this time I decided to create a little video series on how to unpack and deal with a newer protected Themida target manually where my older public script does fail. A friend of mine did protect unpackme's for this and in the tutorial you will see all steps from A-Z to get this unpackme successfully manually unpacked but this is only one example how you can do it, of course. So the tutorial [videos + text tutorial] is very long and has a run-time of more than three hours and of course it will be necessary that you also read the text parts I made at the same time if possible but if you are already a advanced user then you will have it easier than a newbie. So I hope that you have enough patience to work through the whole tutorial. So the main attention I set on all things which happen after normal unpacking so the unpack process is the simplest part and all what comes after is the most interesting part and how to deal with all problems that happen. It's more or less like a live unpack session. I also wrote some small basic little helper scripts which you can also use for other targets to get valuable information if you need. Short summation: Unpacking Exception analysing VM analysing with UV plugin AntiDump's find & fixing & redirecting "after fix method" Testing on other OS My Special Thanks goes to Lostin who made this unpackme and others + OS's tests. (I want to send a thank you to Deathway again for creating this very handy and helpfully UV plugin). So this is all I have to say about the tutorial so far, just watch and read and then try it by yourself. Oh! and by the way I record ten videos and not only one. If something does not work or you have any problems with this tutorial, etc. then ask in the support topic only. Don't send me tons of PM's, OK! Thank you in advance. PS: Oh! and before someone has again something to complain because of my tutorial style [goes to quickly or is bad or whatever] then I just want to say, maybe you're right so normally I don't like to create and write tutorials. This is really not my thing so keep this in your mind.1 point -
1 pointConsole example x64plgmnrc.exe -G "C:\x64dbg_root" // Set root path for x64dbg x64plgmnrc.exe -U // Update list from server x64plgmnrc.exe -S // Show list of plugins x64plgmnrc.exe -i x64core // Install last version of x64dbg x64plgmnrc.exe -i AdvancedScript // install AdvancedScript https://github.com/horsicq/x64dbg-Plugin-Manager1 point -
1 pointHi everyone, Maybe some of you heard it already, but Sigma and I are working on an x32/x64 debugger for Windows for a few months now... The debugger currently has the following features: variables, currently command-based only basic calculations, can be used in the goto window and in the register edit window. Example: var*@401000+(.45^4A) software breakpoints (INT3, LONG INT3, UD2), currently command-only (just type 'bp addr') hardware breakpoints (access, write, execute), also command-only stepping (over, into, out, n instructions), can be done with buttons/shortcuts memory allocation/deallocation inside the debuggee quickly access API adresses (bp GetProcAddress) syntax highlighting, currently not customizable simple memory map (just addr+size+module+protection basically) The debugger has an easy GUI, for which we looked a lot at Olly Debug engine is TitanEngine, disassembler BeaEngine, icons are from various sources (see About dialog). We use QT for the GUI part. If you have a suggestion, a bug report, need more info, want to contribute, just post here or send me a private message. The latest public build + source can always be found on http://x64dbg.com (click 'Source'->'bin_public') to download the latest build. For now, you can also download the first 'alpha' here We would love to hear from you! Greetings, Mr. eXoDia & Sigma1 point -
1 pointOllyPortable is my portable version of OllyDbg extended with plugins and patches for a good looking and decently working debugger environment. Main features: - Good looking buttons (thanks to the author of Olly Shadow) - Full portability (OllyPath.dll, source is included) - Tested & working on both XP SP3 and Win7 x64 - Manifest to make olly look less Win98 - Useful plugins, sometimes with custom patches Plugin descriptions: - analyzeThis: Analyze code outside the code section of the debugged program. - Asm2Clipboard: Quickly copy ASM code (with labels) to the clipboard. - ClearUDD: Plugin to clear the UDD directory from within olly. - CmdBar: Command bar to quickly set breakpoints/registers etc. - DataRipper: Rip selected data in various formats. - HiddenThreads: Plugin that finds hidden threads. - ICanAttach2: Plugin that fixed anti-attach tricks. - ida_sigs: Plugin to import IDA signatures to the debugged file. - IDAFicator: Great plugin with many features, check the manual. - MnemonicHelp: Simply plugin that loads a help file for the selected mnemonic. - ModuleBCL: Import&Export labels, comments and breakpoints. - multiasm_odbg: Extremely useful plugin for writing code caves. - ODbgScript: Script OllyDbg (Patched by me) - ODBJscript: Script OllyDbg using javascript - oDump: Fixed version of OllyDump that bypasses anti-dump techniques. - OllyCopy: Great plugin to copy addresses, bytes and patterns to the clipboard. - OllyFlow: Generate an IDA graph from analyzed code. - OllyWow64_0.2: Compatibility plugin for WOW64 - RemoveCriticality: Plugin that fixes an exploit that could crash the system when debugging. - SehSpy: Show the SEH context before the reached exception. - SigMaker: Easily make patterns and signatures. - StollyStruct: Plugin that allows viewing memory in structure form (Patched by me) - StrongOD: Hide & Bugfix plugin (Patched by me) - TLSCatch: Plugin that sets a breakpoint on TLS callbacks (when found) - X_CRYPTO: Plugin to hash bytes or text inside olly. I also included the help files for ODbgScript, ODBJScript, Multiasm, Win32 API and x86 opcodes. The list of patches and source code used can be found in the 'Patches' directory. Enjoy, Mr. eXoDia1 point