Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted
The objective is to unpack the program completely !

 

 

List of people who have managed this challenge:

 

-

-

-

-

 

 

UnpackMe.rar

boxed app...


PE: protector: Confuser(1.X)[-]


PE: protector: DNGuard(-)[-]


PE: protector: Dotfuscator(-)[-]


PE: protector: Goliath(-)[-]


PE: library: .NET(v4.0.30319)[-]


PE: linker: Microsoft Linker(8.0)[EXE32]


 


:pray:


Yep.

BoxedApp packer

DNGuard
ConfuserEx v0.4.0
ConfuserEx v0.3.0-custom
ObfuscatedByGoliath
Protected By Ben Mhenni.dll

 

That what i have extracted from the exe.

Since is a Framework 4.5 i can't do much on XP just remove first layer.

IMHO is just a silly way to protect a exe.

Packed : Boxed + dng + confuser ex + crypto + AppFuscator


 


Can't do AppFuscator string for the cflow 

WindowsFormsApplication11_Unpacked.zip

Edited by Death

We are in the role of rats who speed on the wheel again.


The user test on us varoius ways of protecting his tools or maybe worse....


anyway user and pass :



  if (!(Class38.WindowsFormsApplication11.exe(-1636090519, "UnpackMeChallenge") & Class38.WindowsFormsApplication11.exe(this.WindowsFormsApplication11.exe.Text, "ProtectedLogin")) || true)
   {
       goto Label_0127;
   }
Label_010C:
   MessageBox.Show("Good Job !");
Label_0117:
   MessageBox.Show("Fail");
Label_0127:
   switch ((0x28cef1b2 ^ 0x28cef1b3))
   {
       case 0:
       case 2:
       case 3:
       case 4:
           goto Label_0117;
 
       case 5:
           goto Label_0127;
 
       case 6:
           goto Label_010C;
   }
}

Username : ProtectedLogin


Password : UnpackMeChallenge


Edited by Death

Edited fixed


 


br.s for else


 


Just drink and feel alone and bored just do this by hand 


100% completed Unpacked [2 hours] passed from borred .


 


Just enjoy your challange #10000 


cause i see you everyday make challange with lot useless obfucator .


Your main exe size may be under kb . but click pack + obfucate + native make your littile exe size 2 mb .


20 byte to 2 mb [ By useless obc and packer ]


 


 


well here it is 1 line code 


 


 


 JmiW8pJ.jpg


 


 


T H I S     I S   M A Y    B E   M Y  L A S T    P E R O R M A N C E  in your unpackme


 


attached 


WindowsFormsApplication11-cleaned_UnpackeD2_Fixed.zip

Edited by Death

The user want to do some bad things and to implement a fool proof protection.


That is why it put here to make us rats speening the wheel.


I think that kind of challenges are just trash.


"Just drink and feel alone and bored just do this by hand"


:type:  :bow_arrow: 


anyway we can learn something from here 


 


cflow encrypted by junk non reference with int null + [Lot junk non ref]  .


 


So i see reflector is a deobfucator for it [Not ilspy]


 


cause we see obfucated


 


decompile Ilspy 2



private void method_1()
{
   ComponentResourceManager componentResourceManager = new ComponentResourceManager(typeof(GForm0));
   this.button_0 = new Button();
   this.textBox_0 = new TextBox();
   this.textBox_1 = new TextBox();
   this.pictureBox_0 = new PictureBox();
   ISupportInitialize BeginInit() = this.pictureBox_0;
   base.SuspendLayout();
   Control arg_A9_0 = this.button_0;
   //GForm0.int_0 = 2136656571;
   arg_A9_0.Location = new Point(135, 48);
   <Module>.object_3 = null;
   <Module>.int_7 = -1852116043;
   this.button_0.Name = "button1";
   Control arg_103_0 = this.button_0;
   <Module>.object_6 = componentResourceManager;
   int arg_FE_0 = 133;
   int arg_FE_1 = 23;
   <Module>.int_3 = -1410905245;
   object arg_F9_0 = componentResourceManager;
   <Module>.int_2 = 1845842485;
   <Module>.object_2 = arg_F9_0;
   arg_103_0.Size = new Size(arg_FE_0, arg_FE_1);
   this.button_0.TabIndex = 0;
   this.button_0.Text = "Login";
   <Module>.object_1 = null;
   ButtonBase arg_149_0 = this.button_0;
   bool arg_149_1 = true;
   GForm0.object_0 = componentResourceManager;
   <Module>.int_0 = 1057425350;
   arg_149_0.UseVisualStyleBackColor = arg_149_1;
   <Module>.object_6 = null;
   Control arg_176_0 = this.button_0;
   GForm0.object_0 = "502a9eda-92ad-40ce-a4ca-8422897be2bb981bff38-7df7-4cf6-ba23-c6d38d807d6ecf7fd485-35af-";
   <Module>.object_3 = null;
   arg_176_0.Click += new EventHandler(this.method_0);
   Control arg_1A4_0 = this.textBox_0;
   int arg_19F_0 = 204;
   <Module>.int_0 = -1411494653;
   int arg_19F_1 = 22;
   <Module>.int_0 = 1308380089;
   arg_1A4_0.Location = new Point(arg_19F_0, arg_19F_1);
   this.textBox_0.Name = "textBox1";
   Control arg_1F6_0 = this.textBox_0;
   <Module>.int_2 = 1657774894;
   int arg_1DD_0 = 100;
   int arg_1DD_1 = 20;
   <Module>.int_4 = -1557401652;
   Size arg_1F6_1 = new Size(arg_1DD_0, arg_1DD_1);
   <Module>.int_7 = 744302617;
   <Module>.int_6 = 1203310366;
   arg_1F6_0.Size = arg_1F6_1;
   GClass0.object_1 = componentResourceManager;
   this.textBox_0.TabIndex = 1;
   this.textBox_1.Location = new Point(98, 22);
   this.textBox_1.Name = "textBox2";
   GForm0.int_0 = -2051646939;
   this.textBox_1.Size = new Size(100, 20);
   Control arg_274_0 = this.textBox_1;
   int arg_274_1 = 1;
   GForm0.object_0 = "a3fe5bec-6707-4087-8a36-3cf33fad326bfd";
   arg_274_0.TabIndex = arg_274_1;
   PictureBox arg_295_0 = this.pictureBox_0;
   ResourceManager arg_28B_0 = componentResourceManager;
   <Module>.object_0 = componentResourceManager;
   arg_295_0.Image = (Image)arg_28B_0.GetObject("pictureBox1.Image");
   object arg_2AE_0 = 1876936332;
   <Module>.int_5 = -1040838703;
   GClass0.object_1 = arg_2AE_0;
   this.pictureBox_0.Location = new Point(32, 77);
   Control arg_2DE_0 = this.pictureBox_0;
   string arg_2DE_1 = "pictureBox1";
   GForm0.object_0 = componentResourceManager;
   arg_2DE_0.Name = arg_2DE_1;
   this.pictureBox_0.Size = new Size(374, 66);
   <Module>.object_3 = null;
   GForm0.int_0 = -1978466511;
   this.pictureBox_0.TabIndex = 2;
   <Module>.object_4 = 1957620381;
   this.pictureBox_0.TabStop = false;
   <Module>.int_5 = -1932913121;
   <Module>.int_8 = 2097519326;
   float arg_36B_0 = 6f;
   <Module>.object_0 = null;
   GForm0.object_0 = "821c82af-1da0-44a7-8898-f9f35ba00f15fca2528e-bf73-4";
   base.AutoScaleDimensions = new SizeF(arg_36B_0, 13f);
   base.AutoScaleMode = AutoScaleMode.Font;
   object arg_38B_0 = componentResourceManager;
   <Module>.int_7 = -1950879357;
   <Module>.object_2 = arg_38B_0;
   <Module>.object_0 = componentResourceManager;
   base.ClientSize = new Size(440, 159);
   <Module>.int_0 = 1503776956;
   <Module>.object_6 = componentResourceManager;
   GClass0.object_1 = null;
   base.Controls.Add(this.pictureBox_0);
   <Module>.object_6 = null;
   Control.ControlCollection arg_403_0 = base.Controls;
   object arg_3E9_0 = componentResourceManager;
   <Module>.int_8 = 1809257038;
   GClass0.object_0 = arg_3E9_0;
   Control arg_403_1 = this.textBox_1;
   GClass0.object_1 = 1952428595;
   arg_403_0.Add(arg_403_1);
   <Module>.int_0 = -563903361;
   Control.ControlCollection arg_428_0 = base.Controls;
   <Module>.int_2 = -1529522494;
   arg_428_0.Add(this.textBox_0);
   <Module>.object_4 = 1818084011;
   base.Controls.Add(this.button_0);
   base.Name = "Form1";
   <Module>.int_2 = 1987339265;
   this.Text = "UnpackMe Challenge !! ~";
   <Module>.object_0 = null;
   ((ISupportInitialize)this.pictureBox_0).EndInit();
   base.ResumeLayout(false);
   int arg_4A2_0 = 796469985;
   <Module>.int_6 = 1335196033;
   <Module>.int_8 = -1051365525;
   <Module>.int_4 = arg_4A2_0;
   GForm0.int_0 = -1980982856;
   base.PerformLayout();
   <Module>.object_5 = componentResourceManager;
   GClass0.object_0 = componentResourceManager;
}

 

Deobucated decompile By Reflector

Io0k5Ps.jpg

 

its not calculated code its non ref junk code

 

which reflector can deobfucate it .

 

Our codecracker can create static junk resolver for it for people i think need who want rip code

WindowsFormsApplication11_Rebuild.zip

Edited by Death

@


ghostfish


today may be i am ok  :)


 


@


GIV


yes i see But i still post because i see appfucator all people like to use because it never make crash exe and dng and crypto is also same they wont make crash after multi obfucation  .



GForm0.object_0 = "Foolish";

Edited by Death

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.