The objective is to unpack and crack this application and make it rune whithout error.

 

 

Crack me_enigma.rar

i  can not open

Edited April 5, 201510 yr by CodeEnding

i  can not open

close megadumper or another dumper or debugger

i  can not open

Close all reverse engineering tools.

my windows xp  is not running , I do not have the tools Reverse Engineering

 

I test run on windows 7 64bit  program is running

 

The original assembly crash after load the nag with best obfuscation etc.

Here it is Enigma removed.

Is Enigma 3.70

Furthermore i see is more obfuscation there.

 

 

Crack me_protected_1.rar - 1.2 MB

Its not protected by you , Your app just a line code with timer which remove fake splash screen "Net shield res encrypted " until open exe.

 

Here is right order 

.Net protection :

1. Codecracker net shield (Splash screen) string inside res 

2. crypto 

 

Tut to unpack

1. Have remove enigma fake native by netdumper with different name .

2. trace the exe use cff to patch and make exe runable 

3. if u success to run the exe you can decrypt string from resource [all string restored in crypto encrypted res checkbox mark , use res manger to add crypto encrypted resource or sae 

 

Make sure dump exe must need to run for decrypt string can also use

de4dot --strtype delegate --strtyp emulate

 

because latest crypto de4dot not support .

 

Original exe size under 8 kb

Edited April 6, 201510 yr by Death

Just a simple 3 kb exe used random protection and again uses "Protected or crack me by Ben mehni" 

 

u can use right order is "Unpackme protected as private obfucator"

 

Anyway i gave a old tut for unpack this so can use search button the tut only can be works if you success to decrypt crypto resource first then can follow the old tut i provided . 

same clan https://forum.tuts4you.com/topic/36601-unpackme-simple-net-unpack-me/

Edited April 6, 201510 yr by Death

Its not protected by you , Your app just a line code with timer which remove fake splash screen "Net shield res encrypted " until open exe.

 

Here is right order 

.Net protection :

1. Codecracker net shield (Splash screen) string inside res 

2. crypto 

 

Tut to unpack

1. Have remove enigma fake native by netdumper with different name .

2. trace the exe use cff to patch and make exe runable 

3. if u success to run the exe you can decrypt string from resource [all string restored in crypto encrypted res checkbox mark , use res manger to add crypto encrypted resource or sae 

 

Make sure dump exe must need to run for decrypt string can also use

de4dot --strtype delegate --strtyp emulate

 

because latest crypto de4dot not support .

 

Original exe size under 8 kb

Can you upload your unpacked file ?

@CodeNatif

No because as said before check your old thread .

 

and original packed file not run , reason " Too much obfucation in a little exe " .

 

Provided tuts in tuts4you try unpack your self .

The exe looks like winzip password .

@CodeNatif

No because as said before check your old thread .

 

and original packed file not run , reason " Too much obfucation in a little exe " .

 

Provided tuts in tuts4you try unpack your self .

The exe looks like winzip password .

The file run perfectly for me, i'm on windows 8  X64

Sorry I have to admit but this thread is a joke

• Protection is not made by you
  
• You can't even obfuscate a .NET file properly, and 'Death' pointed out why it crashes : " Too much obfucation in a little exe "
  
• Your useless nickname on the Form's tittle tends to tell us that you did the protection but you did not
  

 

This section is a mess, it's worst than the Trash section. A good crack-me does not need to be OVER-UB3R-Obfuscated ! Look at LoLLo90's old crackme, the source code was readable for human eye, and yet only a few people succeeded.

 

This is nowaday's crackme in this section :

 

 

This is how they "protect" their dummy app, by using these tool in this exact order :

1. SmartAssembly
   
2. SmartAssemby (using it two times will make it ob-obfuscated which is even harder to crack than just obfuscated)
   
3. ConfuserEX (MAX settings! + claiming its modded only because they compiled it themself )
   
4. Appfuscator
   
5. Themida (same reason as before)
   
6. .NET Reactor
   
7. DNGuard
   
8. VMProtect
   
9. SmartAssembly (We want to make it a REAL challenge!)
   
10. Enigma
    

Work on windows 7 64bits:

 

 

Work on windows 8 64bits:

 

 

If crackme does not launch for you, check the programs run on your PC, close any program to reverse and also update your framework.

i agree with my buddy spoonstudio

 

protection used is:

 

1. Crypto Obfuscator (probably without strings encryption option)

2. Appfuscator

3. Confuser ex

4. Net Shield by codecracker

5. Engima

 

the password is: 

Good Job Death 

weird password i guess, anyway here's my unpacked version, not full but is almost deobfuscated

 

 

@Death you don't need to run the file to get the net shield packed assembly

 

 

Crack me_protected_Deob.rar

Edited April 7, 201510 yr by Alcatraz3222

@Alcatraz3222

without run exe can't see the main form . there is 2 exe one splash screen and another is run time executable . 

 

can you say more how did you fix the bsjb pointer ? Bit more explain about offline mode .

 

here is main dumped file run time olly dbg.  # can't find stream hex cause all debugger crash trace time .

and i don't care what protection just keep dig 

_05FE0000_.zip

Edited April 7, 201510 yr by Death

another unpacked file 

to fix the file from enigma , and restore data of CodeCracker packer

dump the file and pass it to de4dot 

go to original file and and start copy hex from this offset E3400 till the eof and past it in the eof dump file 

it should run 

Unpacked.rar

Edited April 7, 201510 yr by n0th!ng

another unpacked file 

to fix the file from enigma , and restore data of CodeCracker packer

dump the file and pass it to de4dot 

go to original file and and start copy hex from this offset E3400 till the eof and past it in the eof dump file 

it should run 

Good Job.

 

@Alcatraz3222

without run exe can't see the main form . there is 2 exe one splash screen and another is run time executable . 

 

can you say more how did you fix the bsjb pointer ? Bit more explain about offline mode .

 

here is main dumped file run time olly dbg.  # can't find stream hex cause all debugger crash trace time .

and i don't care what protection just keep dig 

 

https://forum.tuts4you.com/topic/37001-net-unpacking-codecrackers-net-shield-10/

@Alcatraz3222

provided tut is direct pack codecracker obfucator unpack which is easy to do .

because there embed assembly exist. but here embed is not exist can you say about this pls . / https://forum.tuts4you.com/topic/36996-crackme/#entry173607

Unpack enigma and run original file .

i am confused about your unpack . 

can u please post the dump assembly without use de4dot . here 7zip dump file not have msdos.

 

anyway i am on win 10 , 

Edited April 8, 201510 yr by Death

@Alcatraz3222

provided tut is direct pack codecracker obfucator unpack which is easy to do .

because there embed assembly exist. but here embed is not exist can you say about this pls . / https://forum.tuts4you.com/topic/36996-crackme/#entry173607

Unpack enigma and run original file .

i am confused about your unpack . 

can u please post the dump assembly without use de4dot . here 7zip dump file not have msdos.

 

anyway i am on win 10 , 

don't worry i made a little video of 2 minutes where i explain how to get the packed assembly inside the crackme with enigma

UnpackNetShieldWithEnigma.rar

 

don't worry i made a little video of 2 minutes where i explain how to get the packed assembly inside the crackme with enigma

 

ops , Thank you for the right solution , my problem was => the 7zip only works in windows 7 which i not had . win 10 or xp 7zip the original file achievement can't open .

it need windows 7 os .

Edited April 8, 201510 yr by Death

You can setup TitanHide under Win 10 and unpack via OllyDbg or X32dbg by eXoDia in combination with ScyllaHide.

Thanks

edited 

Tut to Unpack this

1. Just download latest 7zip alpha [Other wise it won't works]

http://sourceforge.net/p/sevenzip/discussion/45797/thread/fd1f6344/

and his video tut 

#20 Post : Alcatraz3222

 

Next rest other junk unpack => 

2. use de4dot -un

 

3. cff place entrypoint and then exe will run 

 

3 . confuserex codecracker decryptor tools , for appfucator use atoms tuts and sae  , 

 

Attached just cracked file 

Crack me-cleaned_Cracked.zip

Edited April 8, 201510 yr by Death