Jump to content
Tuts 4 You

Custom made protection v1


Guest Steve

Recommended Posts

Difficulty : 6/10
Language : C#
Platform : Windows x32/x64
OS Version : All
Packer / Protector : Custom 

Description :

try to unpack my custom protector :D It won't be easy(hmmm... I guess)

Screenshot :

f9a56db3dd92ad2e198e232aa6a91e3a.png

UnpackME.rar

Link to comment

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

Link to comment
11 hours ago, Apuromafo said:

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

I don't like creating multiples threads about same file... I just added native + some protections and I want to know if @SHADOW_UA can easy  unpack it or not.

+If could he show me a way how he do that + what he used to unpack.

Link to comment
On 3.01.2018 at 3:59 AM, Apuromafo said:

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

I don't like creating multiples threads about same file... I just added native + some protections and I want to know if @SHADOW_UA can easy  unpack it or not.

+If could he show me a way how he do that + what he used to unpack.

 

well is someone here who could unpack it?

 

 

Link to comment
44 minutes ago, Reza-HNA said:

here is my try
only didn't removed cflow .

UnpackME2_.rar

Wow. Can you tell me please what mark (1-10) you can give for my protection? Was it hard to unpack? and how did you exactly do that if I can ask?

Link to comment

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

  • Like 2
  • Thanks 1
Link to comment
17 hours ago, SHADOW_UA said:

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

Can you share your tool for clean cryptoobfuscator's constants ?  Look forward to.

Edited by collins
Link to comment
On 5/1/2018 at 9:16 AM, SHADOW_UA said:

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

@SHADOW_UA can you hit me up in pm ? i cant pm you, i have a question .. thank you

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...