Jump to content
Tuts 4 You

SuperMax Engine ™ BETA Version 3


MatrixReloaded
Go to solution Solved by atom0s,

Recommended Posts

MatrixReloaded

Difficulty : 8
Language : .NET / Delphi / C++
Platform : Windows x32/x64
OS Version : Windows 10 , 8
Packer / Protector : SuperMax Engine BETA

Description :

Hey tuts4you Community !

This is a .net project that I made on my own protector SuperMax protector/packer.

The last one cracked , so I upgraded security system to 3.0 version , it's harder to crack.

See Missions.

Screenshot :

shoot.jpg.e63d7e6852b118ed1c07a77d6f48d1c8.jpg

*Copyright Materials [ GUI ] : https://www.nuget.org/packages/WPFThemes.DarkBlend/

Rule 01 : Tell us  how you cracked it.

Missions:

01 > first , earn the Activation Code and write it here  ...

02 > After that , find data and write them here.

Download File:

SUPERMAX_BETA3_SECURITY_CHALLENGE.rar

 

* exe files protected by a polyphonic custom protector , if anti-virus detected it harmful , disable it ... | file is not harmful it's just a data reader | Thanks.

Give it a try :)

 

 

Edited by MatrixReloaded
Fix File
Link to comment
Share on other sites

MatrixReloaded
3 hours ago, NeoNCoding said:

image.png.4aca9f5ae948a455a5caedd76d068f12.png

Hi NeonCoding , did you changed the application ? the launcher check the blocks before launching ,let me know if you didn't changed anything in files.

thank you.

Edited by MatrixReloaded
Link to comment
Share on other sites

NeoNCoding
36 minutes ago, MatrixReloaded said:

Hi NeonCoding , did you changed the application ? the launcher check the hash of main application before launching ,let me know if you didn't changed anything in files.

thank you.

I didn't changed anything..

Link to comment
Share on other sites

MatrixReloaded
14 hours ago, NeoNCoding said:

It still doing.. 😕

What operating system you're using ?

I checked out this release on 14 different machine with different operating systems , 8 and 10.

It was ok  :

SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar

And remember turn off windows defender it doesn't let the app run pe files from memory.

let me know if still u have problem.

 

Link to comment
Share on other sites

For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7.

Spoiler

CkYKAf9.png

 

Link to comment
Share on other sites

MatrixReloaded
36 minutes ago, kao said:

For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7.

  Hide contents

CkYKAf9.png

 

Hi dear kao , as I mentioned above this challenge is for OS Version : Windows 10 , 8

Please check it out on windows 8 or 10 .

thank you

Link to comment
Share on other sites

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

Spoiler

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

 

  • Haha 5
Link to comment
Share on other sites

MatrixReloaded
22 minutes ago, kao said:

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

  Hide contents

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

I have no idea why you get this crash , it's like the last version that you cracked I didn't change anything in main code.

I checked it on 14 machine and I got no error like this .

Check this out :

https://social.technet.microsoft.com/Forums/windows/en-US/3932e3eb-c034-4eb7-aa06-4a0a8e6ea493/fault-module-namestackhash0a9e?forum=w7itprogeneral

 

can u send it to other people and tell me it has the same error or not , if on my system it has no error I can't debug and fix it 😕

I try to build a version with windows 7 SDK

 

Link to comment
Share on other sites

well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?

Link to comment
Share on other sites

MatrixReloaded
11 hours ago, evlncrn8 said:

well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?

Hi Dear evlncrn8 , yes I did , I checked it , functions are pretty simple I don't know really whay that error happened , I sent the file to 8 different person last night and they run the app with no problem.

can you please check it ?

SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar

thank you

Link to comment
Share on other sites

MatrixReloaded
14 hours ago, kao said:

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

  Reveal hidden contents

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

 

please check this file , I build it with win7 sdk and it works on win10 aslo :

_release8.rar

Link to comment
Share on other sites

  • 2 months later...
  • Solution

Result:

smlXssN.png

How To Do:

1. Dump program while running using something like MegaDumper to see a basic jist of what is done.
2. See that GUI_Modelx86.dll holds all the important information.
3. Unpack GUI_Modelx86.dll.
4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8
5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key.
6. Set key in program, click button and get results above.

To unpack GUI_Modelx86.dll:

1. Load in OllyDbg.
2. Step until ESP changes.
3. Follow ESP in memory, set hardware breakpoint on access.
4. Keep running until you hit a JMP EAX instruction, step into.
5. Dump, fix imports, and you have the dll unpacked now.

Wouldn't really consider this 8/10, it was pretty easy.

  • Like 1
Link to comment
Share on other sites

  • 3 months later...
MatrixReloaded
On 8/13/2018 at 12:51 PM, atom0s said:

Result:

smlXssN.png

How To Do:

1. Dump program while running using something like MegaDumper to see a basic jist of what is done.
2. See that GUI_Modelx86.dll holds all the important information.
3. Unpack GUI_Modelx86.dll.
4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8
5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key.
6. Set key in program, click button and get results above.

To unpack GUI_Modelx86.dll:

1. Load in OllyDbg.
2. Step until ESP changes.
3. Follow ESP in memory, set hardware breakpoint on access.
4. Keep running until you hit a JMP EAX instruction, step into.
5. Dump, fix imports, and you have the dll unpacked now.

Wouldn't really consider this 8/10, it was pretty easy.

Thank you for information , really helpful , please check new packer I made , Bulletproof.NET :)

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...