Jump to content
Tuts 4 You

Search the Community

Showing results for 'confuserEx'.

Didn't find what you were looking for? Try searching for:

More search options

  • Search By Author

Content Type


  • Community Discussions
    • Terms, Privacy Policy & Frequently Asked Questions
    • General Discussions and Off Topic
    • Artscene Community
    • Site Bug Reports and Feedback
  • Reverse Code Engineering
    • Challenge of Reverse Engineering
    • Hardware Reverse Engineering
    • Network Security
    • Malware Reverse Engineering
    • Reverse Engineering Articles
    • Employment and Job Vacancies
  • Developers Forums
    • Programming and Coding
    • Programming Resources
    • Software Security
  • Community Projects
    • Scylla Imports Reconstruction
    • x64dbg
    • Future Community Projects
    • Community Projects Archive


There are no results to display.


  • Demos & Intros
    • 4k
    • 64k
    • Crack Intros
  • Templates
    • AT4RE Patcher
    • diablo2oo2 Universal Patcher (dUP)
    • Ultimate Patching Program (uPPP)
    • Keygen
  • ASCII Artwork
  • Chiptunes
  • Fonts & Icons
  • Source Code
  • Tools & Utilities


  • Departure's Blog
  • Kibloy's Blog
  • Loki's Musings
  • ap0x's Blog
  • cond0lence's Blog
  • D1N's Blog
  • PureBasic Adventures...
  • DAHipHop - Blog
  • Imports Fixer
  • E33's Blog
  • TreaxeR's Blog
  • TreaxeR's Blog
  • Team IREC
  • ghandi's Blog
  • X-88's Blog
  • Blog-Pu55y's ufo
  • mrexodia's Blog
  • Extreme Coders' Blog
  • xSRTsect's Blog
  • overkill's Blog
  • 0xNOP Blog
  • Code Caramelo
  • 随便随便
  • Programming MeMe Blog

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 226 results

  1. [L]over

    Paid ConfuserEx Modded

    Difficulty : 4 Language : .NET Platform : Windows OS Version : All Packer / Protector : ConfuserEx Modded Description : Hi , one guy is selling his protector (confuserex modded) and it is really expensive. I want to know if someone can unpack that because I don't trust him and his paid protector =/ Thanks in advanced Good Luck! Screenshot : UNpackme.exe
  2. Hello, so I keep getting asked what’s the best obfuscators around so I am posting this so I don’t keep repeating it. I have decided to give my opinion on all obfuscators if I am missing any let me know If you are a developer of any of these obfuscators don’t take what I say as an insult use it to improve DNGuard - an obfuscator I used to say was Chinese crap however I’ve recently spent some time analysing this and can say that the HVM technology is very strong and makes unpacking a lot harder. However when not using the HVM setting it makes unpacking extremely simple with jit dumping and can use codecrackers unpacker for this. Compatibility on this obfuscator is its biggest flaw (along with price) which can be a big NO for a lot of people as this protector can cause files to not run on certain .NET frameworks if they fixed this issue and improved compatibility across systems it would make this obfuscator much better. Price is extremely high but I suppose has worked in its favour with not many files around and extremely hard to get test files to test features. Eazfuscator - a .NET VM that has been around for a while now with the last unpacker for version 4.8 I think from saneki on GitHub. Since then Eazfuscator has improved a lot however the concept stays the same and sanekis unpacker is still a brilliant base to start from. Meaning that an unpacker for this isn’t extremely difficult. The compatibility and performance of this obfuscator is actually fairly good for a VM and tells the user not to overuse the VM and only apply on secret methods as to save performance. The problem with Eazfuscator is that any protection method apart from the VM isn’t good, de4dot handles the control flow perfectly and the strings can be easily decrypted by either updating de4dot code which isn’t too hard or simply invoke. So if you’re app is sensitive on performance then maybe avoid this one as for all VMs performance is hurt no matter how efficient it is. In conclusion I do think this obfuscator is one of the top of its game as even with the old unpackers it’s still a lot of work to update ILProtector - An obfuscator I really do like the concept of keeping performance and security balanced, however in recent times with the release of dynamic unpackers it has kind of died as it seems the developer is applying small patches instead of fixing this properly so each unpacker only requires a few changes. In terms of static unpacking they have this down well, it’s actually a very hard job to statically unpack this protector so if they were to patch the dynamic flaws it would quickly appear back at the top but it’s credibility has been stumped due to the release of unpackers that I think may still work on the latest version (something I haven’t checked). Compatibility and performance on this obfuscator are good but one flaw of this obfuscator is that if the dynamic method is decrypted the original ilcode is there, they apply no MSIL mangling which in my eyes they should do both. Agile.Net another .NET VM however I haven’t analysed this myself that much but a few things I have noticed is that updating de4dot to support the latest version is not all that challenging however it is time consuming, a few modifications to de4dot can make it supply all the data you need to update it for the VM. the method encryption can be removed by jit dumpers from codecracker, from what I’ve seen in de4dot the obfuscator isn’t to hard to completely unpack but we have to thank 0xd4d for all he has done on this obfuscator he has done all the hard work for us so it’s just a matter of taking his code and updating, yes this takes a very long time to do Netguard - Now this is one I’m very familiar with, as most people know netguard is a modified confuserex however a fairly heavy modification. Now the actual protection isn’t that strong however for its price it’s very good, the base of netguard is still the same concept as confuserex and many of its protections can be defeated in the exact same way, the only real changes are the native stub and mutations. However once you remove these protections like control flow and constants can be removed in the same theory as I use in my confuserex unpacker2. This obfuscator like I said is the best for its price however if you’re looking for something better there are other options if you’re willing to pay, now compatibility and performance on netguard are something that it’s known for and not in a good way, it has improved a lot recently however they still add lots of junk that adds no real benefit and just slows down code. Appfuscator - now I don’t know why people don’t use this obfuscator anymore. In my eyes it’s still extremely powerful, codecrackers tools are not stable and if you’re tool is larger than a crackme then it will fail, appfuscator uses opaque predicates and CFG to generate its control flow both of which have no public solvers for so is an extremely powerful obfuscator especially if you mix it with something custom. Performance wise this is actually negligible effect so still to this day one of the higher rated obfuscators. Babel.Net - this is similar to ilprotector in the way it makes dynamic methods however in a different approach. The good thing about this obfuscator is that it provides you with more options than just encrypt msil where you have cflow constants and other expected protections making it not as simply as dumping the dynamic method. The dynamic methods itself are not tricky to solve dynamically similar to ilprotector, invoke the correct method and you have the dynamic method ready to read with dnlib. Statically it gets slightly more complex however a few hours debugging with dnspy and some static analysis will reveal its secrets of how it decrypts the encrypted bodies. Performance and compatibility wise I don’t really know enough about it but I’ve not really seen many complaints about it ArmDot - a relatively new .NET VM which I’m fairly interested in. At its current stage it needs polishing, they currently put the whole vm into each method it’s encrypted making it extremely slow. I explained to the developer that it holds no real benefit as to devirtualize it follows the same concept as all vms which is find the instruction handlers and convert back as most are 1:1 with CIL it makes this step relatively easy once you have detected all handlers however if this obfuscator works on your file and performs well I do recommend it especially as its new and being actively worked on and the developer is always interested in seeing ways to improve which is a good thing. KoiVM - another magical creation from yck so do we expect anything other than greatness. Now this was something he sold to customers until he left the scene and trusted XenoCodeRCE with and gave it him to improve and use. Xeno decided that he would sell this to others and ended up causing it to be leaked on GitHub however let’s ignore that. KoiVM is absolutely insane and different to all other VMS we talked about so far. This doesn’t relate 1:1 with CIL and actually converts it to a form of ASM meaning if you manage to get all the code back you then need to translate ASM to CIL which again is no easy task. People think because it’s opensource it makes it not worth it. Remember confuser/ex was open source and undefeated for a long time. KoiVM is on another level compared to those. Compatibility and performance does take a hit and has limitations which you can read on koivm website now if you’re app works fine and you’re happy with performance then I would strongly suggest sticking with it. You can even make modifications to confuserex and use it with that as after all it’s a confuserex plugin. These are just my thoughts and personal opinions on these obfuscators. I do not mean any disrespect to the developers apart from what I think is good and bad. If you would like further explanation on anything let me know or any specific obfuscator that I haven’t covered as I most likely have some sort of opinion on it feel free to ask Regards Cawk
  3. BataBo

    Private Obfuscator (Confuserex Mod)

    Language : .NET Platform : Windows Packer / Protector : Private obfuscator(Confuserex mod) Description : Find the password. Don't judge it by assembly name obfuscator, wasn't coded by me. Screenshot : CrackMe.exe
  4. Sayness

    My First CrackMe

    Language : .NET Platform : Windows Packer / Protector : Confuserex mod OS Version : (Windows 7, Windows 8, Windows 10) Description : uncompress the file for to see the code and at the end the file works with the password Screenshot : CrackMe.exe
  5. mamo434376

    Few thoughts on .NET obfuscators

    I know it but most people who have been built cannot build so it is a matter of time before the breakage and spread will spread easily like confuserex my english is not good sorry
  6. mamo434376

    Few thoughts on .NET obfuscators

    and pseudo-private koivm link: https://github.com/BedTheGod/ConfuserEx-Mod-By-Bed/releases
  7. jemmg

    ConfuserEx Mod

    Difficulty : 6-7 Language : C# Platform : Windows OS Version : All Packer / Protector : ConfuserEx Modded Description : Your task is to unpack the file and attach the password and the unpacked file Screenshot : UnpackMe.rar
  8. XenocodeRCE

    Private Obfuscator (Confuserex Mod)

    Hello password is : How I did it : debug used modded dnspy ((obvfuscator checks for dnspy !) or any other native debugger, and look at memory strings, the real password appears multiple times in memory due to how ConfuserEx handle strings in memory 😕 0x2a39cd8 and 0x2a88ff0
  9. Zyhes

    ConfuserEx Fork

    Difficulty: 3-5 Language : .NET Platform: Windows OS Version: All Packer / Protector : ConfuserEx Fork Description : Pretty heavily forked ConfuserEx and I'm not sure if it's good or not. If you get it cracked please post how you did it and don't just say "I used public tools", tell what tools and how. Thank you! Screenshot : Download : CrackMe.exe
  10. I once post it in a China forum, you can visit it in https://www.52pojie.cn/thread-762832-1-1.html by Google Translator I try my best to introduce it using English 1. download x64dbg and download the symbol file of clr.dll (mscorwks.dll if runtime is .net2.0~.net3.5) 2.set a breakpoint at "SystemDomain::ExecuteMainMethod" in clr.dll/mscorwks.dll and run 3.use MegaDumper (I use my ExtremeDumper based on codecracker's megadumper https://github.com/wwh1004/ExtremeDumper) to dump the main module when the program break at "SystemDomain::ExecuteMainMethod" 4.fix pe header and maybe you shoud also fix .net header This way is more complex than use MegaDumper only and directt dump the assembly. But if the assembly is packed with native stub and protected with anti dump (ConfuserEx and others) or protected with whole #US encryption (DNGuardHVM and others), maybe this way is good to dump assemblies. If you can not understand it, you can reply me. Best wish.
  11. leqici

    First CrackMe

    Language : C# Platform : Windows x64 | x86 OS Version : Windows Packer / Protector : Modded ConfuserEX, Riddle, Enigma Protector (My own config) Description A Simple CrackMe Solve the missing key. Screenshot CrackMe.exe
  12. wabafit

    Modified ConfuserEx

    Language : .NET Platform : Windows x64 OS Version : All Packer / Protector : Modified ConfuserEx Description : This is a heavily modified version of ConfuserEx, mostly custom, some copied from other obfuscators seen in the wild. I believe this to be difficult to reverse to some extent, but definitely not even close to impossible. (Also ignore old Discord ID added I changed accounts a while ago.) Also, please document how you were able to reverse it, and post the serial key. Thank you! Screenshot : Download: CrackMeO.exe
  13. lucifeey

    UnPackMe 1 // ConfuserEx 1.0.0

    Difficulty : idk Language : .NET Platform : Windows x64 OS Version : All Packer / Protector : ConfuserEx 1.0.0 Description : Give the unpacked file + tutorial how to unpack it. [!] The file should be runnable after unpacking it [!] Screenshot : UnPackMe01.zip
  14. SunshineProtector

    Verify Your Key

    Language : VB.NET Platform : Windows x86 / x64 OS Version : All Packer / Protector : ConfuserEx Modded Description : Get the key and verify. Screenshot : Crack-me.exe
  15. BillsTheGod

    Modded ConfuserEx (Find the Password)

    Platform: Windows Language: C#/.NET OS Version: Windows 10 (I only tested on it so) Protector: Modded ConfuserEx Objective: Modification to ConfuserEx; constants, math protection, variablesmelter, antide4dot (broked rn), three antidebugs (one inside antitamper), sizeof, antivm, antiemulator, antidnspy, antijustdecompiler, intergritychecking, typescrambler etc Unpack the file and find the password. Document how you deobfuscated it. https://www.virustotal.com/#/file/3cd889f4be35cb440f4a4a1c3ececc62a7075ccddeb76553e06ad12e96d94fe4/detection (false positive because of the obfuscation) If there are any errors in this thread or in my english, I am sorry, it is my first time at this forum and I am brazillian Screenshot: Download: CrackMee.exe
  16. NightBaron

    .NET CrackMe

    Language : .NET Platform : Windows OS Version : All Windows (.NET Framework 4.6 or higher) Packer / Protector : The4Got10's Protector (Modded ConfuserEx) with VM and Native Shield Description : Crack (I don't care if this file is fully unpacked or not) this application and make a short tutorial for it. I want to know my app are strong or weak. Thank! Screenshot : Protected.7z if cant start this app try 2nd file Protected2nd.7z
  17. Modify

    ConfuserEx Light Test

    Language : C# Platform : Windows OS Version : Windows 7 Above Packer / Protector : ConfuserEx Plus Extra Description : Provide key, how? UnPackMe.7z
  18. Teddy Rogers

    Feedback and Ideas

    The posts being hidden are the ones only with the solution. As others members here have pointed out - which I agree with - they only show xyz member is uber. These don't benefit anyone else and no one learns from them. All other posts are approved to be viewed and discussed with other members. The only issue here is the delay in the review and approval process. No one has asked or is saying you need to write a 3000 word essay about how you unpacked each variant of ConfuserEx. We have been very liberal about some of the solutions being given best answer with a small write up - at times a few key dot points is all it needs... Ted.
  19. kao

    Feedback and Ideas

    We all know you have the skills to unpack vanilla version and most of the mods out there. You don't need to post 20 unpacked EXEs to show that - that's not the point of unpackmes. The point is to produce something that others can use as a starting point in their learning path. Also, saying "I used my private unpacker that I'm not gonna share" is equally not helpful for learning. So, perhaps you could start off by writing ONE paper about unpacking modified confuserex?
  20. XenocodeRCE

    Feedback and Ideas

    I think there exists something between "just throw off your unpacked exe" and "write a god damn paper for every confuserex unpackme mod" you see ? For me you are slowly killing your board activities by doing that. The less we see our replies, the less we want to engage into this forum, but that's to be expected no ? By bluring / making these non-informative reply appears grayed it convey a good message to the poster : his reply is ok but not worth being reviewed as an answer.
  21. b1scoito

    ConfuserEx Mod b1scoito Protector

    Difficulty : 7.3 Language : .NET Platform : Windows, x32/x64 OS Version : All Packer / Protector : ConfuserEx Modded Description : ConfuserEx Mod b1scoito Protector Screenshot : unpack.exe
  22. Black Hat Anonymous

    Beds Protector 4.5

    What is the link of your Cawk Unpacker for normal ConfuserEx one bro? the one you shared on forum, when i try to unpack even normal confuser it always throws error like system.io.exception and close down then..
  23. Black Hat Anonymous

    Beds Protector 4.5

    When I tried to run app brother, I was continuously getting an error. and the github link you shared is a confuserex unpacker for normal version by Bed.. Im using Windows 7 SP1 x86 Architecture and 32 bit Windows. is it any system incompatiblity?
  24. cawk

    Beds Protector 4.5

    what do you mean you cant remove the confuserex anti tamper isnt it pretty standard? have i missed something? its normal confuserex tamper my tamper remover in confuserex unpacker removes this fine
  25. CodeExplorer

    Beds Protector 4.5

    Try ManagedJiterFr4 on NetBox 4.0; Plus ConfuserExFixer for removing wrong metadata; some stream left even after removing; You can't do anything without removing anti-tamper; which currently I can't! I've found this: https://github.com/BedTheGod/ConfuserEx-Unpacker-Mod-by-Bed/releases Is any connection with this?
  • Create New...