Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Deobme] ConfuserEX 0.5 custom

XenocodeRCE
XenocodeRCE
in UnPackMe (.NET)

Featured Replies

Posted

jd6kUKq.png


 


Just a custom version of ConfuserEX 0.5


 


Nothing that special, very  humble modifications


 


I post it here in order to know what shall I improve


 


https://www.sendspace.com/file/p1fsts


 


 


    •
    • Like 1

    Solved by CodeExplorer

    Go to solution

    Nice pe header + structure .net modification


    •
    • Like 1
    • Author

    Alcatrazz successfully deobed this and give me hints about how I shall improve this !


     


    It's time to do some research about the MSIL and clr structure ...


    I already made a net obfuscator

     

    But now I will make a .NET Scrambler anti decompiler, Will be called cachi chien obfuscator

    •
    • Like 2

    ConfuserExFixer does the job for metadata problems!


    Deobfuscated file:


    https://www.sendspace.com/file/il8370

    • Author

    ConfuserExFixer does the job for metadata problems!

    Deobfuscated file:

    https://www.sendspace.com/file/il8370

     

    Constants still remains encrypted ;)

    Edited by SpoonStudio

    to fix metadata just use Universal fixer (without .NET options) next change number of streams to 9 


    then pass it to de4dot


    use ConfuserExSwitchKiller to deobfuscate cflow obfuscation 


    then code some tool to fix constants 


     


     


    looking forward to see your modded ConfuserEx 


    CrackTest2_fix-cleaned.rar

    Edited by n0th!ng

    • Like 4
    • Author

    to fix metadata just use Universal fixer (without .NET options) next change number of streams to 9 

    then pass it to de4dot

    use ConfuserExSwitchKiller to deobfuscate cflow obfuscation 

    then code some tool to fix constants 

     

     

    looking forward to see your modded ConfuserEx 

     

    Nicely done ! With Antitamper de4dot would have messed up the assembly so beware

     

    I'm constantly improving ConfuserEX, it takes me about 4h a day, reading ECMA and so on.

     

    I may post another chall at the very end of the week (Hint : clr emulation || PE32+)

    • Solution

    Here is my unpacked:


    https://www.sendspace.com/file/3g70nn


     


    The button code does nothing from what I've saw!

    •
    • Like 1
    • 1 year later...

    hi CodeCracker

    how to unpack this dll ?

    this file obfuscated by confuserex custom

    please help me

    thanks

     

    Edited by Teddy Rogers

    Check: ConfuserEx v1.0.0

    The version number is v1.0.0

    In CFF Explorer, open MetaData Streams - #Blob, and you will see that in the Ascii section.

     

    CFF_Explorer1.PNG

    Edited by SkyProud
    Further details provided.

    • Author
    2 hours ago, SkyProud said:

    Check: ConfuserEx v1.0.0

    The version number is v1.0.0

    In CFF Explorer, open MetaData Streams - #Blob, and you will see that in the Ascii section.

     

    CFF_Explorer1.PNG

     

    wrong its v0.5, i faked the version info. Don't rely on this kind of things, go and deep-analysis the file

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.