Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

The objective is to unpack and crack this application and make it rune whithout error.


 


 


ME0gE8m.png


Crack me_enigma.rar

i  can not open


Edited by CodeEnding

i  can not open

close megadumper or another dumper or debugger

  • Author

i  can not open

Close all reverse engineering tools.

my windows xp  is not running , I do not have the tools Reverse Engineering


 


I test run on windows 7 64bit  program is running


 


:prop:


The original assembly crash after load the nag with best obfuscation etc.


Here it is Enigma removed.


Is Enigma 3.70


Furthermore i see is more obfuscation there.


 


 


Crack me_protected_1.rar - 1.2 MB


Its not protected by you , Your app just a line code with timer which remove fake splash screen "Net shield res encrypted " until open exe.


 


Here is right order 


.Net protection :


1. Codecracker net shield (Splash screen) string inside res 


2. crypto 


 


Tut to unpack


1. Have remove enigma fake native by netdumper with different name .


2. trace the exe use cff to patch and make exe runable 


3. if u success to run the exe you can decrypt string from resource [all string restored in crypto encrypted res checkbox mark , use res manger to add crypto encrypted resource or sae 


 


Make sure dump exe must need to run for decrypt string can also use


de4dot --strtype delegate --strtyp emulate


 


because latest crypto de4dot not support .


 


Original exe size under 8 kb


Edited by Death

Just a simple 3 kb exe used random protection and again uses "Protected or crack me by Ben mehni" 


 


u can use right order is "Unpackme protected as private obfucator"


 


Anyway i gave a old tut for unpack this so can use search button the tut only can be works if you success to decrypt crypto resource first then can follow the old tut i provided . 


same clan https://forum.tuts4you.com/topic/36601-unpackme-simple-net-unpack-me/


Edited by Death

  • Author

Its not protected by you , Your app just a line code with timer which remove fake splash screen "Net shield res encrypted " until open exe.

 

Here is right order 

.Net protection :

1. Codecracker net shield (Splash screen) string inside res 

2. crypto 

 

Tut to unpack

1. Have remove enigma fake native by netdumper with different name .

2. trace the exe use cff to patch and make exe runable 

3. if u success to run the exe you can decrypt string from resource [all string restored in crypto encrypted res checkbox mark , use res manger to add crypto encrypted resource or sae 

 

Make sure dump exe must need to run for decrypt string can also use

de4dot --strtype delegate --strtyp emulate

 

because latest crypto de4dot not support .

 

Original exe size under 8 kb

Can you upload your unpacked file ?

@CodeNatif


No because as said before check your old thread .


 


and original packed file not run , reason " Too much obfucation in a little exe " .


 


Provided tuts in tuts4you try unpack your self .


The exe looks like winzip password .


  • Author

@CodeNatif

No because as said before check your old thread .

 

and original packed file not run , reason " Too much obfucation in a little exe " .

 

Provided tuts in tuts4you try unpack your self .

The exe looks like winzip password .

The file run perfectly for me, i'm on windows 8  X64

Sorry I have to admit but this thread is a joke


  • Protection is not made by you
  • You can't even obfuscate a .NET file properly, and 'Death' pointed out why it crashes : " Too much obfucation in a little exe "
  • Your useless nickname on the Form's tittle tends to tell us that you did the protection but you did not

 


This section is a mess, it's worst than the Trash section. A good crack-me does not need to be OVER-UB3R-Obfuscated ! Look at LoLLo90's old crackme, the source code was readable for human eye, and yet only a few people succeeded.


 


This is nowaday's crackme in this section :


 


SwxiPAt.jpg


 


This is how they "protect" their dummy app, by using these tool in this exact order :


  1. SmartAssembly
  2. SmartAssemby (using it two times will make it ob-obfuscated which is even harder to crack than just obfuscated)
  3. ConfuserEX (MAX settings! + claiming its modded only because they compiled it themself )
  4. Appfuscator
  5. Themida (same reason as before)
  6. .NET Reactor
  7. DNGuard
  8. VMProtect
  9. SmartAssembly (We want to make it a REAL challenge!)
  10. Enigma
  • Author

Work on windows 7 64bits:


 


vvSrAT8.png


 


Work on windows 8 64bits:


 


4FEFJGS.png


 


If crackme does not launch for you, check the programs run on your PC, close any program to reverse and also update your framework.


i agree with my buddy spoonstudio


 


protection used is:


 


1. Crypto Obfuscator (probably without strings encryption option)


2. Appfuscator


3. Confuser ex


4. Net Shield by codecracker


5. Engima


 


the password is: 



Good Job Death

weird password i guess, anyway here's my unpacked version, not full but is almost deobfuscated


 


 


@Death you don't need to run the file to get the net shield packed assembly


 


 


EyrTF0f.png

Crack me_protected_Deob.rar

Edited by Alcatraz3222

@Alcatraz3222


without run exe can't see the main form . there is 2 exe one splash screen and another is run time executable . 


 


can you say more how did you fix the bsjb pointer ? Bit more explain about offline mode .


 


here is main dumped file run time olly dbg.  # can't find stream hex cause all debugger crash trace time .



and i don't care what protection just keep dig 

_05FE0000_.zip

Edited by Death

another unpacked file 


to fix the file from enigma , and restore data of CodeCracker packer


dump the file and pass it to de4dot 


go to original file and and start copy hex from this offset E3400 till the eof and past it in the eof dump file 


it should run 


Unpacked.rar

Edited by n0th!ng

  • Author

another unpacked file 

to fix the file from enigma , and restore data of CodeCracker packer

dump the file and pass it to de4dot 

go to original file and and start copy hex from this offset E3400 till the eof and past it in the eof dump file 

it should run 

Good Job.

 

@Alcatraz3222

without run exe can't see the main form . there is 2 exe one splash screen and another is run time executable . 

 

can you say more how did you fix the bsjb pointer ? Bit more explain about offline mode .

 

here is main dumped file run time olly dbg.  # can't find stream hex cause all debugger crash trace time .

and i don't care what protection just keep dig 

 

https://forum.tuts4you.com/topic/37001-net-unpacking-codecrackers-net-shield-10/

@Alcatraz3222


provided tut is direct pack codecracker obfucator unpack which is easy to do .


because there embed assembly exist. but here embed is not exist can you say about this pls . / https://forum.tuts4you.com/topic/36996-crackme/#entry173607


Unpack enigma and run original file .


i am confused about your unpack . 


can u please post the dump assembly without use de4dot . here 7zip dump file not have msdos.


 


anyway i am on win 10 , 


Edited by Death

@Alcatraz3222

provided tut is direct pack codecracker obfucator unpack which is easy to do .

because there embed assembly exist. but here embed is not exist can you say about this pls . / https://forum.tuts4you.com/topic/36996-crackme/#entry173607

Unpack enigma and run original file .

i am confused about your unpack . 

can u please post the dump assembly without use de4dot . here 7zip dump file not have msdos.

 

anyway i am on win 10 , 

don't worry i made a little video of 2 minutes where i explain how to get the packed assembly inside the crackme with enigma

UnpackNetShieldWithEnigma.rar

 




don't worry i made a little video of 2 minutes where i explain how to get the packed assembly inside the crackme with enigma



 



ops , Thank you for the right solution , my problem was => the 7zip only works in windows 7 which i not had . win 10 or xp 7zip the original file achievement can't open .


it need windows 7 os .


Edited by Death

You can setup TitanHide under Win 10 and unpack via OllyDbg or X32dbg by eXoDia in combination with ScyllaHide.


Thanks


edited 


Tut to Unpack this


1. Just download latest 7zip alpha [Other wise it won't works]


http://sourceforge.net/p/sevenzip/discussion/45797/thread/fd1f6344/


and his video tut 


#20 icon_share.pngPost : Alcatraz3222


 


Next rest other junk unpack => 


2. use de4dot -un


 


3. cff place entrypoint and then exe will run 


 


3 . confuserex codecracker decryptor tools , for appfucator use atoms tuts and sae  , 


 


Attached just cracked file 


Crack me-cleaned_Cracked.zip

Edited by Death

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.