February 22, 201510 yr Not going to create a new thread for this, here's present for everyone: Modded de4dot, which supports latest .NET Reactor 4.9.7.0. Wow it work ! Thanks for sharing
February 28, 201510 yr Not going to create a new thread for this, here's present for everyone: Modded de4dot, which supports latest .NET Reactor 4.9.7.0. @SHADOW_UA, Thanks for share but it not work with the target Smarty Uninstaller 4.1.1 (home page: http://www.smartuninstall.com) Please try it thanks Edited February 28, 201510 yr by pnta
February 28, 201510 yr @SHADOW_UA, Thanks for share but it not work with the target Smarty Uninstaller 4.1.1 (home page: http://www.smartuninstall.com) Please try it thanks it worked....
February 28, 201510 yr Oh yeah, I tried again on the OS windows 7 (32x) it worked, before I tried it on the OS 8 (64x) and it not workthanks
March 2, 201510 yr hi,guys what is ManagedJitter in "Step 4. Dump methods with ManagedJitter"? is it app? cant google it.. any link plz nvm, found it https://forum.tuts4you.com/topic/35895-unpacking-tools-2-source-code-c-and-binaries/
March 11, 201510 yr Not going to create a new thread for this, here's present for everyone: Modded de4dot, which supports latest .NET Reactor 4.9.7.0. thanks alot. worked on my target.
March 26, 201510 yr Easy method to unpack .NET Reactor last version: Step 1. Check the file. If not native, go to step 3. Step 2. Dump with Megadumper. After dump if file crashes, just add a resource type of RC_DATA named "__" with CFF Explorer Step 3. Check <Module>.cctor. If it not exists go to step 6. Step 4. Dump methods with ManagedJitter Step 5. Go to <Module>.cctor. Double click on method call (there's only one) Point on your mouse cursor on method list to get method token: Convert it to decimal. In this case 06000033 --> 33 in decimal is 51. Open CFF Explorer, go to methods table and find method with your number. In this case, it is 51. Copy RVA address of this method and go to Address Converter. Type in your RVA and click Enter. Edit bytes 1B 30 to 06 2A (return). Save file. Step 6. Clean file with Simple Assembly Explorer Deobfuscator (All Options). @ SHADOW_UA I have exe protector by .Net Reactor , but i can't unpack it ,used de4dot or manual all NG ......
March 27, 201510 yr It was packed by intellilock @ghostfish Thank you for your reply ,O(∩_∩)O~ How to judge it's intellilock? and What tools did you used to detect shell ? if you know how to unpank,you are willing to share?
September 1, 20168 yr hello,my friends i have done it with two tools. 1.de4dot Fixed; 2.dnspy Cra'ckMe.rar
December 15, 20168 yr Errr Anyone share me the ManagedJitter. I can't find it anywhere on the internet
January 1, 20178 yr On 3/2/2015 at 1:23 PM, gavz said: https://forum.tuts4you.com/topic/35895-unpacking-tools-2-source-code-c-and-binaries/ Thank you! For indexers: ManagedJitter CodeCracker dump methods
January 17, 20187 yr I cannot get method token. I am using ILSpy version 2.4.0.1963 @SHADOW_UA Can you check it for me?
January 17, 20187 yr 10 hours ago, xf3t4 said: I cannot get method token. I am using ILSpy version 2.4.0.1963 @SHADOW_UA Can you check it for me? Use dnSpy, it's much better.
Create an account or sign in to comment