Posted May 2, 201510 yr Just a custom version of ConfuserEX 0.5 Nothing that special, very humble modifications I post it here in order to know what shall I improve https://www.sendspace.com/file/p1fsts
May 2, 201510 yr Author Alcatrazz successfully deobed this and give me hints about how I shall improve this ! It's time to do some research about the MSIL and clr structure ...
May 2, 201510 yr I already made a net obfuscator But now I will make a .NET Scrambler anti decompiler, Will be called cachi chien obfuscator
May 6, 201510 yr ConfuserExFixer does the job for metadata problems!Deobfuscated file:https://www.sendspace.com/file/il8370
May 6, 201510 yr Author ConfuserExFixer does the job for metadata problems! Deobfuscated file: https://www.sendspace.com/file/il8370 Constants still remains encrypted Edited May 6, 201510 yr by SpoonStudio
May 6, 201510 yr to fix metadata just use Universal fixer (without .NET options) next change number of streams to 9 then pass it to de4dotuse ConfuserExSwitchKiller to deobfuscate cflow obfuscation then code some tool to fix constants looking forward to see your modded ConfuserEx CrackTest2_fix-cleaned.rar Edited May 6, 201510 yr by n0th!ng
May 6, 201510 yr Author to fix metadata just use Universal fixer (without .NET options) next change number of streams to 9 then pass it to de4dot use ConfuserExSwitchKiller to deobfuscate cflow obfuscation then code some tool to fix constants looking forward to see your modded ConfuserEx Nicely done ! With Antitamper de4dot would have messed up the assembly so beware I'm constantly improving ConfuserEX, it takes me about 4h a day, reading ECMA and so on. I may post another chall at the very end of the week (Hint : clr emulation || PE32+)
May 7, 201510 yr Solution Here is my unpacked:https://www.sendspace.com/file/3g70nn The button code does nothing from what I've saw!
December 23, 20168 yr hi CodeCracker how to unpack this dll ? this file obfuscated by confuserex custom please help me thanks Edited December 23, 20168 yr by Teddy Rogers
December 23, 20168 yr Check: ConfuserEx v1.0.0 The version number is v1.0.0 In CFF Explorer, open MetaData Streams - #Blob, and you will see that in the Ascii section. Edited December 23, 20168 yr by SkyProud Further details provided.
December 23, 20168 yr Author 2 hours ago, SkyProud said: Check: ConfuserEx v1.0.0 The version number is v1.0.0 In CFF Explorer, open MetaData Streams - #Blob, and you will see that in the Ascii section. wrong its v0.5, i faked the version info. Don't rely on this kind of things, go and deep-analysis the file
Create an account or sign in to comment