Jump to content
Tuts 4 You
  • 0
Sign in to follow this  
MatrixReloaded

SuperMax Engine ™ BETA Version 3

Question

MatrixReloaded

Difficulty : 8
Language : .NET / Delphi / C++
Platform : Windows x32/x64
OS Version : Windows 10 , 8
Packer / Protector : SuperMax Engine BETA

Description :

Hey tuts4you Community !

This is a .net project that I made on my own protector SuperMax protector/packer.

The last one cracked , so I upgraded security system to 3.0 version , it's harder to crack.

See Missions.

Screenshot :

shoot.jpg.e63d7e6852b118ed1c07a77d6f48d1c8.jpg

*Copyright Materials [ GUI ] : https://www.nuget.org/packages/WPFThemes.DarkBlend/

Rule 01 : Tell us  how you cracked it.

Missions:

01 > first , earn the Activation Code and write it here  ...

02 > After that , find data and write them here.

Download File:

SUPERMAX_BETA3_SECURITY_CHALLENGE.rar

 

* exe files protected by a polyphonic custom protector , if anti-virus detected it harmful , disable it ... | file is not harmful it's just a data reader | Thanks.

Give it a try :)

 

 

Edited by MatrixReloaded
Fix File (see edit history)

Share this post


Link to post

17 answers to this question

Recommended Posts

  • 1
atom0s

Result:

smlXssN.png

How To Do:

1. Dump program while running using something like MegaDumper to see a basic jist of what is done.
2. See that GUI_Modelx86.dll holds all the important information.
3. Unpack GUI_Modelx86.dll.
4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8
5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key.
6. Set key in program, click button and get results above.

To unpack GUI_Modelx86.dll:

1. Load in OllyDbg.
2. Step until ESP changes.
3. Follow ESP in memory, set hardware breakpoint on access.
4. Keep running until you hit a JMP EAX instruction, step into.
5. Dump, fix imports, and you have the dll unpacked now.

Wouldn't really consider this 8/10, it was pretty easy.

  • Like 1

Share this post


Link to post
  • 0
NeoNCoding

image.png.4aca9f5ae948a455a5caedd76d068f12.png

Share this post


Link to post
  • 0
MatrixReloaded
3 hours ago, NeoNCoding said:

image.png.4aca9f5ae948a455a5caedd76d068f12.png

Hi NeonCoding , did you changed the application ? the launcher check the blocks before launching ,let me know if you didn't changed anything in files.

thank you.

Edited by MatrixReloaded (see edit history)

Share this post


Link to post
  • 0
NeoNCoding
36 minutes ago, MatrixReloaded said:

Hi NeonCoding , did you changed the application ? the launcher check the hash of main application before launching ,let me know if you didn't changed anything in files.

thank you.

I didn't changed anything..

Share this post


Link to post
  • 0
MatrixReloaded
25 minutes ago, NeoNCoding said:

I didn't changed anything..

Well , I guess the issue comes from BoxedAppPacker , Try this :

SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rar

Let me know if still you have any problem.

Thank you.

 

Share this post


Link to post
  • 0
NeoNCoding
On 5/19/2018 at 5:57 PM, MatrixReloaded said:

Well , I guess the issue comes from BoxedAppPacker , Try this :

SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rar

Let me know if still you have any problem.

Thank you.

 

It still doing.. 😕

Share this post


Link to post
  • 0
MatrixReloaded
14 hours ago, NeoNCoding said:

It still doing.. 😕

What operating system you're using ?

I checked out this release on 14 different machine with different operating systems , 8 and 10.

It was ok  :

SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar

And remember turn off windows defender it doesn't let the app run pe files from memory.

let me know if still u have problem.

 

Share this post


Link to post
  • 0
kao

For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7.

Spoiler

CkYKAf9.png

 

Share this post


Link to post
  • 0
MatrixReloaded
36 minutes ago, kao said:

For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7.

  Hide contents

CkYKAf9.png

 

Hi dear kao , as I mentioned above this challenge is for OS Version : Windows 10 , 8

Please check it out on windows 8 or 10 .

thank you

Share this post


Link to post
  • 0
MatrixReloaded

Really ? Nobody ? :)

Share this post


Link to post
  • 0
kao

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

Spoiler

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

 

  • Haha 5

Share this post


Link to post
  • 0
MatrixReloaded
22 minutes ago, kao said:

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

  Hide contents

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

I have no idea why you get this crash , it's like the last version that you cracked I didn't change anything in main code.

I checked it on 14 machine and I got no error like this .

Check this out :

https://social.technet.microsoft.com/Forums/windows/en-US/3932e3eb-c034-4eb7-aa06-4a0a8e6ea493/fault-module-namestackhash0a9e?forum=w7itprogeneral

 

can u send it to other people and tell me it has the same error or not , if on my system it has no error I can't debug and fix it 😕

I try to build a version with windows 7 SDK

 

Share this post


Link to post
  • 0
evlncrn8

well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?

Share this post


Link to post
  • 0
MatrixReloaded
11 hours ago, evlncrn8 said:

well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?

Hi Dear evlncrn8 , yes I did , I checked it , functions are pretty simple I don't know really whay that error happened , I sent the file to 8 different person last night and they run the app with no problem.

can you please check it ?

SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rar

thank you

Share this post


Link to post
  • 0
MatrixReloaded
14 hours ago, kao said:

Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV.

  Reveal hidden contents

DBehvHm.png

It's a perfect protection - if nobody can run it, nobody can crack it. :D

 

please check this file , I build it with win7 sdk and it works on win10 aslo :

_release8.rar

Share this post


Link to post
  • 0
MatrixReloaded
On 8/13/2018 at 12:51 PM, atom0s said:

Result:

smlXssN.png

How To Do:

1. Dump program while running using something like MegaDumper to see a basic jist of what is done.
2. See that GUI_Modelx86.dll holds all the important information.
3. Unpack GUI_Modelx86.dll.
4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8
5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key.
6. Set key in program, click button and get results above.

To unpack GUI_Modelx86.dll:

1. Load in OllyDbg.
2. Step until ESP changes.
3. Follow ESP in memory, set hardware breakpoint on access.
4. Keep running until you hit a JMP EAX instruction, step into.
5. Dump, fix imports, and you have the dll unpacked now.

Wouldn't really consider this 8/10, it was pretty easy.

Thank you for information , really helpful , please check new packer I made , Bulletproof.NET :)

  • Like 1

Share this post


Link to post
  • 0
Lumusfor

Thanks for the info man!

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...