MatrixReloaded Posted May 16, 2018 Posted May 16, 2018 (edited) Difficulty : 8 Language : .NET / Delphi / C++ Platform : Windows x32/x64 OS Version : Windows 10 , 8 Packer / Protector : SuperMax Engine ™ BETA Description : Hey tuts4you Community ! This is a .net project that I made on my own protector SuperMax protector/packer. The last one cracked , so I upgraded security system to 3.0 version , it's harder to crack. See Missions. Screenshot : *Copyright Materials [ GUI ] : https://www.nuget.org/packages/WPFThemes.DarkBlend/ Rule 01 : Tell us how you cracked it. Missions: 01 > first , earn the Activation Code and write it here ... 02 > After that , find data and write them here. Download File: SUPERMAX_BETA3_SECURITY_CHALLENGE.rar * exe files protected by a polyphonic custom protector , if anti-virus detected it harmful , disable it ... | file is not harmful it's just a data reader | Thanks. Give it a try Edited May 16, 2018 by MatrixReloaded Fix File
MatrixReloaded Posted May 19, 2018 Author Posted May 19, 2018 (edited) 3 hours ago, NeoNCoding said: Hi NeonCoding , did you changed the application ? the launcher check the blocks before launching ,let me know if you didn't changed anything in files. thank you. Edited May 19, 2018 by MatrixReloaded
NeoNCoding Posted May 19, 2018 Posted May 19, 2018 36 minutes ago, MatrixReloaded said: Hi NeonCoding , did you changed the application ? the launcher check the hash of main application before launching ,let me know if you didn't changed anything in files. thank you. I didn't changed anything..
MatrixReloaded Posted May 19, 2018 Author Posted May 19, 2018 25 minutes ago, NeoNCoding said: I didn't changed anything.. Well , I guess the issue comes from BoxedAppPacker , Try this : SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rar Let me know if still you have any problem. Thank you.
NeoNCoding Posted May 20, 2018 Posted May 20, 2018 On 5/19/2018 at 5:57 PM, MatrixReloaded said: Well , I guess the issue comes from BoxedAppPacker , Try this : SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rar Let me know if still you have any problem. Thank you. It still doing.. 😕
MatrixReloaded Posted May 21, 2018 Author Posted May 21, 2018 14 hours ago, NeoNCoding said: It still doing.. 😕 What operating system you're using ? I checked out this release on 14 different machine with different operating systems , 8 and 10. It was ok : SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar And remember turn off windows defender it doesn't let the app run pe files from memory. let me know if still u have problem.
kao Posted May 21, 2018 Posted May 21, 2018 For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7. Spoiler
MatrixReloaded Posted May 21, 2018 Author Posted May 21, 2018 36 minutes ago, kao said: For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7. Hide contents Hi dear kao , as I mentioned above this challenge is for OS Version : Windows 10 , 8 Please check it out on windows 8 or 10 . thank you
kao Posted May 23, 2018 Posted May 23, 2018 Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Spoiler It's a perfect protection - if nobody can run it, nobody can crack it. 5
MatrixReloaded Posted May 23, 2018 Author Posted May 23, 2018 22 minutes ago, kao said: Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Hide contents It's a perfect protection - if nobody can run it, nobody can crack it. I have no idea why you get this crash , it's like the last version that you cracked I didn't change anything in main code. I checked it on 14 machine and I got no error like this . Check this out : https://social.technet.microsoft.com/Forums/windows/en-US/3932e3eb-c034-4eb7-aa06-4a0a8e6ea493/fault-module-namestackhash0a9e?forum=w7itprogeneral can u send it to other people and tell me it has the same error or not , if on my system it has no error I can't debug and fix it 😕 I try to build a version with windows 7 SDK
evlncrn8 Posted May 23, 2018 Posted May 23, 2018 well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?
MatrixReloaded Posted May 24, 2018 Author Posted May 24, 2018 11 hours ago, evlncrn8 said: well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ? Hi Dear evlncrn8 , yes I did , I checked it , functions are pretty simple I don't know really whay that error happened , I sent the file to 8 different person last night and they run the app with no problem. can you please check it ? SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar thank you
MatrixReloaded Posted May 24, 2018 Author Posted May 24, 2018 14 hours ago, kao said: Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Reveal hidden contents It's a perfect protection - if nobody can run it, nobody can crack it. please check this file , I build it with win7 sdk and it works on win10 aslo : _release8.rar
Solution atom0s Posted August 13, 2018 Solution Posted August 13, 2018 Result: How To Do: 1. Dump program while running using something like MegaDumper to see a basic jist of what is done. 2. See that GUI_Modelx86.dll holds all the important information. 3. Unpack GUI_Modelx86.dll. 4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8 5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key. 6. Set key in program, click button and get results above. To unpack GUI_Modelx86.dll: 1. Load in OllyDbg. 2. Step until ESP changes. 3. Follow ESP in memory, set hardware breakpoint on access. 4. Keep running until you hit a JMP EAX instruction, step into. 5. Dump, fix imports, and you have the dll unpacked now. Wouldn't really consider this 8/10, it was pretty easy. 1
MatrixReloaded Posted December 11, 2018 Author Posted December 11, 2018 On 8/13/2018 at 12:51 PM, atom0s said: Result: How To Do: 1. Dump program while running using something like MegaDumper to see a basic jist of what is done. 2. See that GUI_Modelx86.dll holds all the important information. 3. Unpack GUI_Modelx86.dll. 4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8 5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key. 6. Set key in program, click button and get results above. To unpack GUI_Modelx86.dll: 1. Load in OllyDbg. 2. Step until ESP changes. 3. Follow ESP in memory, set hardware breakpoint on access. 4. Keep running until you hit a JMP EAX instruction, step into. 5. Dump, fix imports, and you have the dll unpacked now. Wouldn't really consider this 8/10, it was pretty easy. Thank you for information , really helpful , please check new packer I made , Bulletproof.NET :) 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now