Jump to content
Tuts 4 You

Search the Community

Showing results for 'confuserEx'.

Didn't find what you were looking for? Try searching for:

More search options

  • Search By Author

Content Type


  • Community Discussions
    • Terms, Privacy Policy & Frequently Asked Questions
    • General Discussions and Off Topic
    • Artscene Community
    • Site Bug Reports and Feedback
  • Reverse Code Engineering
    • Challenge of Reverse Engineering
    • Hardware Reverse Engineering
    • Network Security
    • Malware Reverse Engineering
    • Reverse Engineering Articles
    • Employment and Job Vacancies
  • Developers Forums
    • Programming and Coding
    • Programming Resources
    • Software Security
  • Community Projects
    • Scylla Imports Reconstruction
    • x64dbg
    • Future Community Projects
    • Community Projects Archive


There are no results to display.


  • Demos & Intros
    • 4k
    • 64k
    • Crack Intros
  • Templates
    • AT4RE Patcher
    • diablo2oo2 Universal Patcher (dUP)
    • Ultimate Patching Program (uPPP)
    • Keygen
  • ASCII Artwork
  • Chiptunes
  • Fonts & Icons
  • Source Code
  • Tools & Utilities


  • Departure's Blog
  • Kibloy's Blog
  • Loki's Musings
  • ap0x's Blog
  • cond0lence's Blog
  • D1N's Blog
  • PureBasic Adventures...
  • DAHipHop - Blog
  • Imports Fixer
  • E33's Blog
  • TreaxeR's Blog
  • TreaxeR's Blog
  • Team IREC
  • ghandi's Blog
  • X-88's Blog
  • Blog-Pu55y's ufo
  • mrexodia's Blog
  • Extreme Coders' Blog
  • xSRTsect's Blog
  • overkill's Blog
  • 0xNOP Blog
  • Code Caramelo
  • 随便随便
  • Programming MeMe Blog

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 215 results

  1. kao

    Night Protector

    Actual difficulty: 1/10 - monkey with half-a-brain can do it. You only need to remove packer and decrypt strings - there are existing ConfuserEx tools for that. https://github.com/cawk/ConfuserEx-Static-String-Decryptor @NightBullet: You're changing stuff without any idea what you're doing and why. So, please stop and don't waste other people's time. Learn a thing or two and then come back. You can start here: https://mega.nz/#!YtpmhLhK!wR9iPsB0exxtwV3P9PXOr6K9mFcR357-2YcioQz4NEs It's a tutorial called "Tweaking ConfuserEx" by our respected member @XenocodeRCE. 1234-Decrypted.zip
  2. whoknows

    ConfuserEx2 - Unpack me

    Difficulty : 8 Language : C# Platform : windows OS Version : winall Packer / Protector : ConfuserEx Description : provide serial or unpack me ggggg.rar
  3. Michidu

    ConfuserEx2 - Unpack me

    This is basically just ConfuserEx with some new anti-debugging checks. Password is: ggggg-cleaned.exe
  4. beginner1108

    ConfuserEx 1.0 Modified

    I am a beginner of reversing like as you. I wanna ask you. What is special point of you file than the origin version of ConfuserEx. Your file can be very easy deobfuscated. And there are many tutorials similar with it. You can find many articles and videos on here and YOUTUBE by searching words "confuserex unpack". I uploaded the deobfuscated file. It just only take 5 mins. Currently it doesn't run, but I think it's full enough to analysis original code. Deob.exe
  5. MindSystem

    UnPackMe 1 // ConfuserEx 1.0.0

    Drag-Drop with the argument -d for dynamic decryption or -s for static decryption Example : ConfuserEx-Unpacker.exe -s C:\myfile.exe
  6. collins

    UnPackMe 1 // ConfuserEx 1.0.0

    XenocodeRCE : how to use the ConfuserEx-Unpacker ?
  7. XenocodeRCE

    UnPackMe 1 // ConfuserEx 1.0.0

    indeed http://i.imgur.com/ewf7JZg.png updated source : https://github.com/XenocodeRCE/ConfuserEx-Unpacker
  8. cawk

    UnPackMe 1 // ConfuserEx 1.0.0

    my confuserex unpacker works for this with one slight modification in the anti tamper find method it fails just make it find anti tamper (easiest way just change the if (sections.Count == 3) from a 3 to a 2 this will then fix it and static route work 100%
  9. barotyson

    Barotyson - Crack Me

    Difficulty : 3-4 ? Language : C# Platform : Windows OS Version : Windows Packer / Protector : Some custom things and some option of my confuserex modded Description : Find the right strings Screenshot : Download : CrackMe.exe
  10. Some reasons I'd say that have helped slowly kill the scene, albeit not fully dead but definitely not where it was before: Money - Given that it's much easier to obtain money online via ePayments such as Paypal, Stripe, etc. people are more inclined to stop sharing things for free and instead expect money for their time/work. Nothing wrong with this expect for when it ties into another issue, copy-pasting. Copy-Pasting - Something that has definitely become a huge issue with anything released related to hacking/reversing etc. is that things turn into a copy/paste fest these days. Before, the scene was strict about monitoring for ripping of content and calling out teams/people for things when they were caught. However, now it is so widespread and there is no real sense of respect like before so there is no quality control any longer. (A prime example of this, HackForums. It is nothing but a skid copy/paste fest on that site. There are a few decent coders but the vast majority just copy others stuff, change 1-2 lines of code, rename the project and claim they wrote it. Another example, ConfuserEx, look at all the different 'modded' versions of it that change little to nothing but claim its a fully new protection.) Ego/Attitude - Another thing that has become more of a problem, in my opinion, is the expectation that anyone new to reversing is supposed to just know everything off the bat and otherwise gets flamed asking for help. This is something that has affected this site over the last few years with anyone asking for assistance getting bitched at for no reason. Something that seems to be forgotten by some of the experienced people is that they started off not knowing anything at one point too and instead they just enjoy being assholes to others. Hence why the challenges section of this site have gone under a ton of changes since it just turned into a 'look at my e-dick' fest for a while. Overall though, times have changed, people pay for things more readily than waiting for anything free to come out first. People pay for cracks/exploits/0days/etc. with some paying for large amounts of money. It incentivizes those capable to sell their work instead of releasing it for free and having it ripped within a week. Don't blame them, to be honest either, with sites like HF, copypasting is such a huge problem anymore.
  11. lucifeey

    CrackMe 2 // ConfuserEx 1.0.0-custom

    I just changed unclearly the type charset, so it forces to use normal chars. and the wonderful attribute so some deobfuscators wont detect it as confuserex.
  12. 0xNOP

    Build Modded Confuser Ex

    If you need THE best option out there I could recommend and suggest - http://ki-host.appspot.com/KoiVM - KoiVM is a virtualizing protector for .NET applications, as a plugin of ConfuserEx. Oh, up to mention, its protection has been undefeated for 351 days. (Undefeated as in terms that in 351 days no one ever cracking one of the software protected by it, or even itself (the core protection), while other protectors have been defeated and exploited, their authors always have to keep up with new breaches, KoiVM has always be on top of the game, there has been no papers, no guides, no tutorials, no research on it.) Hope you find it useful and effective!
  13. ifox

    .Net ConfuserEx Modified

    Please share all tools on ConfuserEx. Thanks a lot.
  14. yinhuo

    UnpackMe ConfuserEx Modified

    @SHADOW_UA: Thanks for sharing the method to unpack. @BambooQJ: Thanks for recording but was unable to extract the password protected file "ConfuserEx 脱壳教程.7z".
  15. file protected with confuserex 1.0 give me error - i'm newbie with re maybe i need do something in ollydbg first idk but i want learn not only use unpackers:
  16. atom0s

    best obfuscator / packer

    Every commercial obfuscator is defeated and generally does not update frequently enough to make them worth the money from a protection standpoint. Modifying ConfuserEx yourself and adding more in depth features, altering the existing ones, and such is probably going to be your best bet if you are looking for actual protection. Just keep in mind that .NET is not a secure language to start with so getting a real level of security is not really going to happen. If you don't want to edit ConfuserEx yourself and just want someting permade, https://netguard.io/ is probably your best bet.
  17. Cubixx

    CrackMe // ConfuserEx 1.0.0-custom + SmartAssembly

    Hi! Looks like a great crackme. Im kinda new to reverse engineering. Could anyone please help me ? I know how to unpack generic non-modified obfuscators(SA/ConfuserEx/Noisette..) but im kinda having trouble with this one. Anybody could point me in a good directions ? Thanks!
  18. SkyProud

    [Deobme] ConfuserEX 0.5 custom

    Check: ConfuserEx v1.0.0 The version number is v1.0.0 In CFF Explorer, open MetaData Streams - #Blob, and you will see that in the Ascii section.
  19. Sh4DoVV

    [Deobme] ConfuserEX 0.5 custom

    hi CodeCracker how to unpack this dll ? this file obfuscated by confuserex custom please help me thanks
  20. The search function is broken for me on certain searches for example if i search appfuscator or confuserex i get the 500 internal error i have tried cleaning cache tried different browsers and even different device however if i search assembly for example it will search fine is anyone else having this issue?
  21. [ModuleReport] [IAT] Modules -> mscoree.dll [.] .net @ FileOffset 0x4AC7D0 | MetaData->Version 1.1 (struct version) -> v4.0.30319 (net version required) [.] Flags : 0x0 | Streams : 0x5 (5) -> #~ | #Strings | #US | #GUID | #Blob [!] [.net scan core] ConfuserEx v1.0.0-custom detected! [COR20] MajorRuntimeVersion 0x2 (2) | MinorRuntimeVersion 0x2 (2) -> 0x2.2 (2.2) [COR20] Flags 0x3 [COR20 Flags] [x] IL_ONLY [x] 32BITREQUIRED [ ] IL_LIBRARY [COR20 Flags] [ ] STRONGNAME [ ] NATIVE_EP [ ] TRACKDEBUGDATA [COR20 Flags] [ ] 32BITPREFERRED | 0x0 UNKNOWN [COR20 Flags] Assembly is NOT strong name signed - Scan Took : 1.641 Second(s) [00000054Fh (1359) tick(s)] [504 of 577 scan(s) done]
  22. cawk

    Cawks KeygenMe

    Difficulty : 3-4 Language : .NET Platform : Windows OS Version : All Packer / Protector : confuserex custom Description : Valid submissions 1)a valid serial for your name 2)a working keygen good luck Screenshot : Keygen.exe
  23. I have this malware(possibly Locky variant), which is packed by an unknown packer(de4dot -d). It looks like it's packed by customized ConfuserEx, but I am not 100% sure(newbie). I have tried using tools like NoFuserEx, de4dot, UnconfuserEx, without any luck. I have this idea: maybe I could pause on some memory management API, e.g. VirtualAlloc and monitor the memory region's size it allocates. If the memory region is enough large to hold the malware actual payload, keep an eye on it, maybe I could finally get the payload. So is there any .NET debugger allowing me to pause on System API like VirtualAlloc? I know I could use debugger like Olly, but if I open this malware with Olly, I am debugging the .NET framework, right? Attached is the malware. This malware is packed multi times. dump-unpacked-cleaned.exe
  24. @Etor Madiv already explained a lot, all thumbs up! You don't need to unpack ConfuserEx, or do "a lot of debugging". I think that the easiest way to defeat this "protection" would be to run the application inside virtual machine, and then find "MZ" header of unpacked binary in the memory. Takes just a few minutes with Olly and some memory dumping plugin/tool. Oh, and based on the strings inside unpacked malware, it's called "iSpy Keylogger".
  25. gundamfj

    need help to unpack .NET malware

    Do you successfully unpack all layers and get the final payload? Do you unpack ConfuserEx 1.0 manually?
  • Create New...