Jump to content
Tuts 4 You

Search the Community

Showing results for 'confuserEx'.

Didn't find what you were looking for? Try searching for:

More search options

  • Search By Author

Content Type


  • Community Discussions
    • Terms, Privacy Policy & Frequently Asked Questions
    • General Discussions and Off Topic
    • Artscene Community
    • Site Bug Reports and Feedback
  • Reverse Code Engineering
    • Challenge of Reverse Engineering
    • Hardware Reverse Engineering
    • Network Security
    • Malware Reverse Engineering
    • Reverse Engineering Articles
    • Employment and Job Vacancies
  • Developers Forums
    • Programming and Coding
    • Programming Resources
    • Software Security
  • Community Projects
    • Scylla Imports Reconstruction
    • x64dbg
    • Future Community Projects
    • Community Projects Archive


There are no results to display.


  • Demos & Intros
    • 4k
    • 64k
    • Crack Intros
  • Templates
    • AT4RE Patcher
    • diablo2oo2 Universal Patcher (dUP)
    • Ultimate Patching Program (uPPP)
    • Keygen
  • ASCII Artwork
  • Chiptunes
  • Fonts & Icons
  • Source Code
  • Tools & Utilities


  • Departure's Blog
  • Kibloy's Blog
  • Loki's Musings
  • ap0x's Blog
  • cond0lence's Blog
  • D1N's Blog
  • PureBasic Adventures...
  • DAHipHop - Blog
  • Imports Fixer
  • E33's Blog
  • TreaxeR's Blog
  • TreaxeR's Blog
  • Team IREC
  • ghandi's Blog
  • X-88's Blog
  • Blog-Pu55y's ufo
  • mrexodia's Blog
  • Extreme Coders' Blog
  • xSRTsect's Blog
  • overkill's Blog
  • 0xNOP Blog
  • Code Caramelo
  • 随便随便
  • Programming MeMe Blog

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 215 results

  1. Black Hat Anonymous

    Beds Protector 4.5

    What is the link of your Cawk Unpacker for normal ConfuserEx one bro? the one you shared on forum, when i try to unpack even normal confuser it always throws error like system.io.exception and close down then..
  2. Black Hat Anonymous

    Beds Protector 4.5

    When I tried to run app brother, I was continuously getting an error. and the github link you shared is a confuserex unpacker for normal version by Bed.. Im using Windows 7 SP1 x86 Architecture and 32 bit Windows. is it any system incompatiblity?
  3. cawk

    Beds Protector 4.5

    what do you mean you cant remove the confuserex anti tamper isnt it pretty standard? have i missed something? its normal confuserex tamper my tamper remover in confuserex unpacker removes this fine
  4. CodeExplorer

    Beds Protector 4.5

    Try ManagedJiterFr4 on NetBox 4.0; Plus ConfuserExFixer for removing wrong metadata; some stream left even after removing; You can't do anything without removing anti-tamper; which currently I can't! I've found this: https://github.com/BedTheGod/ConfuserEx-Unpacker-Mod-by-Bed/releases Is any connection with this?
  5. CodeExplorer

    ConfuserEx Mod

    Step 1: Few notes: is used .NET module trick; you can dump the .NET module with memcpyLogger, You just have find to the first the block which starts with MZ. You get the module assembly entry point token with ConfuserExConstant.exe - as file input you enter original protected file, The Entry Point Token value is 600009C Tools used: https://www115.zippyshare.com/v/HETHPm4D/file.html Step 1: Dumping .NET module explained before; Step2: Confuser Exceptions Restore - anti-tamper: - this is for decrypting MSIL: https://forum.tuts4you.com/topic/41025-confuser-exceptions-restore-anti-tamper It works just fine you must unmark "Invoke EP" and "Patch Anti-tamper". So after we nop first method from <Module>.ctor - this was the anti-tamper; we also fix the entry point of koi module with 600009C Here is the partial unpacked exe: https://www8.zippyshare.com/v/M78VMowQ/file.html or string decryption I've used this: https://github.com/cawk/ConfuserEx-Static-String-Decryptor/releases Check/Mark "Invoke". For c-flow I've used ConfuserExSwitchKiller. ConfuserExCallFixer.exe for inline methods. Here is completly deobfuscated exe: https://www119.zippyshare.com/v/YFwpUuCv/file.html private void method_1(object sender, EventArgs e) { if (this.textBox_1.get_Text().Length >= 5) { string str = this.textBox_1.get_Text(); if (!Directory.Exists(@"Data\\License")) { MessageBox.Show("Password was not found!", str); } else { StreamReader reader = new StreamReader(@"Data\\License\license.dat"); reader.ReadLine(); string str3 = reader.ReadLine(); reader.Close(); if (Class7.smethod_1(str3) == this.textBox_1.get_Text()) { MessageBox.Show("Good Job !"); } else { MessageBox.Show("password is wrong!"); } } } else { MessageBox.Show("Password is invaled or too short!"); } } public static string smethod_1(string string_2) { byte[] inputBuffer = Convert.FromBase64String(string_2); AesCryptoServiceProvider provider = new AesCryptoServiceProvider { BlockSize = 0x80, KeySize = 0x100, Key = Encoding.ASCII.GetBytes(string_1), IV = Encoding.ASCII.GetBytes(string_0), Padding = PaddingMode.PKCS7, Mode = CipherMode.CBC }; ICryptoTransform transform = provider.CreateDecryptor(provider.Key, provider.IV); byte[] bytes = transform.TransformFinalBlock(inputBuffer, 0, inputBuffer.Length); transform.Dispose(); return Encoding.ASCII.GetString(bytes); }
  6. bb2018

    ConfuserEx Mod

    Try Unpack ME ConfuserEx 1.0.0 No one can do . https://megaup.net/26jqq/unpackme.zip
  7. cawk

    ConfuserEx Mod

    https://github.com/cawk/ConfuserEx-Unpacker-2/blob/master/cawk-Emulator/.NET-Instruction-Emulator-master/CawkEmulatorV4/Instructions/Native/X86MethodToILConverter.cs take a look at this
  8. CodeExplorer

    dnLib Inject MethodDef in TypeDef

    I think the problems is that you try to inject same method in multiple types; https://github.com/yck1509/ConfuserEx/blob/master/Confuser.Core/Helpers/InjectHelper.cs http://www.voidcc.com/project/dnpatch
  9. SkyProud

    Can You See The Code?

    If you could mod ConfuserEx in Unmanaged Code, could you rather say you rewrite it?
  10. kao

    Can You See The Code?

    Everyone can see the code because Cawk's ConfuserEx unpacker works just fine.
  11. pankar

    Can You See The Code?

    Language : .NET Platform : Windows x86 OS Version : All Packer / Protector : ConfuserEx Modded Description : Can you see the code? UnPackMe.exe
  12. leqici

    First CrackMe

    Language : C# Platform : Windows x64 | x86 OS Version : Windows Packer / Protector : Modded ConfuserEX, Riddle, Enigma Protector (My own config) Description A Simple CrackMe Solve the missing key. Screenshot CrackMe.exe
  13. wabafit

    Modified ConfuserEx

    Language : .NET Platform : Windows x64 OS Version : All Packer / Protector : Modified ConfuserEx Description : This is a heavily modified version of ConfuserEx, mostly custom, some copied from other obfuscators seen in the wild. I believe this to be difficult to reverse to some extent, but definitely not even close to impossible. (Also ignore old Discord ID added I changed accounts a while ago.) Also, please document how you were able to reverse it, and post the serial key. Thank you! Screenshot : Download: CrackMeO.exe
  14. Eddy^CZ

    UnpackMe 01 Eddy^Protector

    Language : C# Platform : Windows (7,8,10) (x32) OS Version : Windows 7,8,10 (No virtual machine!!!) Packer / Protector : Eddy^Protector 1.0.5 Description : Hello all. I want introduce my hard work. Please try, run and unpack this challenge. Its not confuserEx another mod. Only experienced reverser can unpack this. Sorry if not working for you. For me works, and on many stable OS´s too. And if you have error (0xc00000005) , simply run again it works on next try.. Sorry i have no time to solve that memory leak. Good luck! AV scan: https://www.hybrid-analysis.com/sample/a5f287aeda9145572209fba0738aa6249ab5569f82a705dad73aca5f099f8a5d/5c5355307ca3e13a9e049b1b Screenshot : $input.31.01.2019 19-03-37_lastest.zip
  15. BillsTheGod

    Modded ConfuserEx (Find the Password)

    Platform: Windows Language: C#/.NET OS Version: Windows 10 (I only tested on it so) Protector: Modded ConfuserEx Objective: Modification to ConfuserEx; constants, math protection, variablesmelter, antide4dot (broked rn), three antidebugs (one inside antitamper), sizeof, antivm, antiemulator, antidnspy, antijustdecompiler, intergritychecking, typescrambler etc Unpack the file and find the password. Document how you deobfuscated it. https://www.virustotal.com/#/file/3cd889f4be35cb440f4a4a1c3ececc62a7075ccddeb76553e06ad12e96d94fe4/detection (false positive because of the obfuscation) If there are any errors in this thread or in my english, I am sorry, it is my first time at this forum and I am brazillian Screenshot: Download: CrackMee.exe
  16. cachito

    ConfuserEx Light Test

    For unpacking 1) cawk unpacker 2) dump after decryption 3) fix EP 4) Proxy call fixer by Davicore 5) Strings decryptor by CC 6) Switch killer by CC 7) Dump resources (empty) 😎 Clean cctor and <module>methods (maybe 4, 5 and 6 can be replaced by cawk unpacker again) I will check the key algo tomorrow, don't have time now. a29p-EP-anti2_noproxy_stringdec-cleaned_deobfuscated-res2-cctor-module.exe -------------------------------------------------------- Username = "Usuario" Code = "161308" int length = username.length(); int num2 = length + 2 - 4 + 40 + 10; return Convert.ToString(419 * num2 * length - length); --------------------------------------------------- EDIT2: I have received a few PMs asking how to fix EP, so I will post the videos I used as reference here. Following this 2 videos you should be able to unpack confuserex fully.
  17. Modify

    ConfuserEx Light Test

    Language : C# Platform : Windows OS Version : Windows 7 Above Packer / Protector : ConfuserEx Plus Extra Description : Provide key, how? UnPackMe.7z
  18. Teddy Rogers

    Feedback and Ideas

    @atom0s I have set the challenge forums to have all posts reviewed. Anything posted that contains a quick answer to the challenge without an explanation on how they solved it will remain hidden from view. General discussions on the challenge will be approved and can continue. With the changes already made over the last view days there are already a number of posts hidden from view. Once someone has submitted a solution with an explanation they will be awarded the best answer. I am open to suggestions on best ways to filter in or out ConfuserEx type challenges. Whether this entails anything from creating a dedicated area or banning them completely. Let me know your thoughts. I have edited the challenge template and removed the need for the challenger to set the difficulty level. It is up to the person adding the solution to determine the difficulty with their solution. I have added a guide on what the difficulty rating scale should be, refer to my post here: https://forum.tuts4you.com/topic/37869-rules-guidelines-template/?tab=comments#comment-198253. Regarding the trolling posts and punishments, I will not touch on this again as I have already answered in one the above replies. In general, if you come across any posts or replies that you feel are inappropriate, insulting, ego-driven or belittling please report the post. Currently, I do not see a need for further moderators however I am willing to think over on it further. If you have any suggestions on who may be interested and good candidates please let me know... Ted.
  19. Zyhes

    ConfuserEx Fork

    Difficulty: 3-5 Language : .NET Platform: Windows OS Version: All Packer / Protector : ConfuserEx Fork Description : Pretty heavily forked ConfuserEx and I'm not sure if it's good or not. If you get it cracked please post how you did it and don't just say "I used public tools", tell what tools and how. Thank you! Screenshot : Download : CrackMe.exe
  20. Teddy Rogers

    Feedback and Ideas

    I have my own take on why this is, there are a number of different reasons. I only have to look at my own interests in RCE over the last few years to partly understand the reason. A full answer to this requires a topic of its own that I will save replying to in full for another day. A number of members now have to have their posts reviewed and approved before it is visible to everyone. I am hoping this will help to reduce things like this from going on in the future. This has been a bone of contention with other members too. I'll have to take in all the suggestions and issues raised and try to come up with workable solutions. One of the problems is reviewing the submissions, currently it is often taken on good faith that the difficulty and content is accurate. I also don't want to restrict too heavily which user groups can submit crackme's as new members have come and made okay entries in the past. You guys fortunately don't see just how many actually do end up getting trashed. Possibly I will have to split the sections up to filter out ConfuserEx trash or stop them altogether. I am open to further suggestions and ideas on this, if you have some keep firing them at me... Ted.
  21. atom0s

    Feedback and Ideas

    Going to leave some suggestions for going into 2019. Will break this into a few posts to make it easier to read/respond to if people want to discuss it. Challenge Section Issues One of the main sections that sees traffic still on this forum is the challenge sections. However, that isn't to say there aren't issues with these sections and the rules that are attached to them. Over the last few years, these sections have undergone some changes, focusing on bettering them but it feels like while the changes were made, they weren't enforced or continued with. These sections have degraded a lot over the last few years for a few reasons, in my opinion. Lack of Real Solutions - One of the biggest issues we still see is a lack of solutions. This became a big enough issue that newer rules and reorganization was done last year to try and help with it, but I feel we are just slipping right back to where we started with that. People post more for their ego and less for the community. Solutions are supposed to include details or a tutorial in how the solution was figured out but instead, that is back to not happening or is extremely lacking in actual info. People just post "unpacked manually" type posts that explain nothing with a solution and that is being accepted which is not what the rules say is a valid solution. Lack of Discussions - Another huge issue is that there is no encouragement to talk and discuss the challenge. Instead, it is actually quite the opposite. Newer members that have questions or request for a tutorial on how a solution was obtained are generally responded to with insults or some other ego-driven response belittling the person asking for help. So many new members land up leaving this forum because there is no real community anymore. Questions are met with ego-driven responses, requests for tutorials/solutions are met with "figure it out yourself" type responses, any type of attempt to learn is seen as leeching anymore. There are a few public and semi-public forums that focus on reverse engineering similar to this site that have grown a lot in the last few years because of how toxic this site has become. Challenge Types/Restrictions - While this isn't something that is at the fault of the staff, there is an issue with the constant reposting of ConfuserEx challenges that make up the majority of whats posted lately. I think we should start enforcing some type of system or rule that limits posting a new challenge that is nothing more than a minor-altered version of ConfuserEx. These are most commonly posted by new members with little to no posts. So also perhaps adding a post limit before being allowed to create a challenge. Along with that, ensuring in some manner that the user has read the rules. (I'm sure there is a forum plugin to force people to read the rules page or at least force it to load and they have to click OK or similar.) In nearly all the reposts of ConfuserEx, it's generally the same thing where people alter the name, edit 1-2 hardcoded values that do nothing, and in return the challenge is still fully unpackable by automated tools. Challenge Rankings - As kao pointed out, having the submitter of the challenge be the one that rates the difficulty is a bit of a skewed value. Most of these new posters always rate their protection 10/10 when they edit two lines in ConfuserEx and upload a sample. Most of these people posting these things are not even able to unpack it themselves, let alone unpack even basic things like UPX. There is really no reason to have the person posting the challenge be required to include a rank. Instead, this should be optional and a suggestion. The people solving the challenge should give a rating instead. Along with this, I think we should, as a community, create a guideline on how to rank a challenge. Be it a 1 to 10 type system or something else, I think there should be some kind of guideline as to what the value means so that others can look at a challenge, see a number and understand that it could be something they are interested in. A challenge that I personally feel is 2/10 may be an 8/10 to someone else that's new, or similar. Instead, perhaps ranking the numbers in terms of what's involved and if automation works/is available for parts of it. For example: 1/10 = An automated solution exists that works for this challenge. (ie. Running upx's unpack switch from the command line, de4dot works entirely, the ConfuserEx tools work, etc.) 2/10 = Automated solutions work but some minor manual work is required. 3/10 = Automated solutions may/may not work. Manual work is required, seen as basic/entry level understanding. 4/10 = Automated solutions may/may not work. Manual work is required, seen as higher than basic but still easy. ... 10/10 = Automated solutions do not exist. Manual work is required. Includes VMs and other difficult processing. and so on. This is something that could help let users gauge things easier. This could also be used to allow the poster of the challenge to better gauge their challenge.
  22. kao

    Feedback and Ideas

    I do miss the old times with people actually posting new and interesting stuff in here. Last few years have been really tough. I don't have a solution to that, just the feeling that it's the biggest problem that needs addressing. As for smaller and easier to solve things: 1) It would be nice to have faster actions to stop troll-fights between techlord's fans and their opponents. Last thing we need here is the toxic atmosphere they bring; 2) It's time to stop "Difficulty 10/10" nonsense in crackmes that contain nothing more than a rebranded ConfuserEx. For example, create a rule that members with "Junior" title are not allowed to post crackmes, as they almost inevitably submit total garbage. Or maybe crackme section moderators could do more filtering (I'm not saying they are not doing a good job - they are!, just that the acceptance rules are too relaxed); My 2 cents. kao.
  23. Eddy^CZ

    KeygenMe v1 Eddy^CZ [Eddy^Protector]

    Difficulty : 10 Language : C# .NET 4.0 Platform : Windows x64/x86 OS Version : All Packer / Protector : Eddy^Protector Description : Hello im back. I developping new obfuscator based on ConfuserEx vanilla. But really different and increased protection to 200%. I used some cool algos like: XXTEA, RC6 , RSA. Provide all 200 Key pairs to solve this KeygenMe. Happy decrypting! KeygenMe Eddy^CZ 2019.zip
  24. Which Obfucastor is better Appfuscator, ConfuserEx, Engima, .net Reactor, Themida.
  25. Written in .NET, L0rdix has been developed with stealth in mind. The malware is obfuscated using the standard ConfuserEx obfuscator, and some samples have been tweaked with the more sophisticated .NETGuard obfuscator. Not only performs a number of standard scans to detect VM environments but also uses WMI queries and registry keys to search for strings which may indicate sandbox products. https://www.zdnet.com/article/l0rdix-becomes-the-new-swiss-army-knife-of-hacking
  • Create New...