MatrixReloaded Posted May 16, 2018 Posted May 16, 2018 (edited) Difficulty : 8 Language : .NET / Delphi / C++ Platform : Windows x32/x64 OS Version : Windows 10 , 8 Packer / Protector : SuperMax Engine ™ BETA Description : Hey tuts4you Community ! This is a .net project that I made on my own protector SuperMax protector/packer. The last one cracked , so I upgraded security system to 3.0 version , it's harder to crack. See Missions. Screenshot : *Copyright Materials [ GUI ] : https://www.nuget.org/packages/WPFThemes.DarkBlend/ Rule 01 : Tell us how you cracked it. Missions: 01 > first , earn the Activation Code and write it here ... 02 > After that , find data and write them here. Download File: SUPERMAX_BETA3_SECURITY_CHALLENGE.rarFetching info... * exe files protected by a polyphonic custom protector , if anti-virus detected it harmful , disable it ... | file is not harmful it's just a data reader | Thanks. Give it a try Edited May 16, 2018 by MatrixReloaded Fix File
MatrixReloaded Posted May 19, 2018 Author Posted May 19, 2018 (edited) On 5/19/2018 at 12:17 PM, NeoNCoding said: Expand Hi NeonCoding , did you changed the application ? the launcher check the blocks before launching ,let me know if you didn't changed anything in files. thank you. Edited May 19, 2018 by MatrixReloaded
NeoNCoding Posted May 19, 2018 Posted May 19, 2018 On 5/19/2018 at 2:17 PM, MatrixReloaded said: Hi NeonCoding , did you changed the application ? the launcher check the hash of main application before launching ,let me know if you didn't changed anything in files. thank you. Expand I didn't changed anything..
MatrixReloaded Posted May 19, 2018 Author Posted May 19, 2018 On 5/19/2018 at 2:54 PM, NeoNCoding said: I didn't changed anything.. Expand Well , I guess the issue comes from BoxedAppPacker , Try this : SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rarFetching info... Let me know if still you have any problem. Thank you.
NeoNCoding Posted May 20, 2018 Posted May 20, 2018 On 5/19/2018 at 3:57 PM, MatrixReloaded said: Well , I guess the issue comes from BoxedAppPacker , Try this : SUPERMAX_BETA3_SECURITY_CHALLENGE_UNBOXED.rarFetching info... Let me know if still you have any problem. Thank you. Expand It still doing.. 😕
MatrixReloaded Posted May 21, 2018 Author Posted May 21, 2018 On 5/20/2018 at 9:02 PM, NeoNCoding said: It still doing.. 😕 Expand What operating system you're using ? I checked out this release on 14 different machine with different operating systems , 8 and 10. It was ok : SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rarFetching info... And remember turn off windows defender it doesn't let the app run pe files from memory. let me know if still u have problem.
kao Posted May 21, 2018 Posted May 21, 2018 For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7. Reveal hidden contents
MatrixReloaded Posted May 21, 2018 Author Posted May 21, 2018 On 5/21/2018 at 12:10 PM, kao said: For me, this challenge crashes on 64-bit Win7 with .NET 2/3/3.5/4/4.6.2. Works on 32-bit Win7. Reveal hidden contents Expand Hi dear kao , as I mentioned above this challenge is for OS Version : Windows 10 , 8 Please check it out on windows 8 or 10 . thank you
kao Posted May 23, 2018 Posted May 23, 2018 Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Reveal hidden contents It's a perfect protection - if nobody can run it, nobody can crack it. 5
MatrixReloaded Posted May 23, 2018 Author Posted May 23, 2018 On 5/23/2018 at 7:04 PM, kao said: Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Reveal hidden contents It's a perfect protection - if nobody can run it, nobody can crack it. Expand I have no idea why you get this crash , it's like the last version that you cracked I didn't change anything in main code. I checked it on 14 machine and I got no error like this . Check this out : https://social.technet.microsoft.com/Forums/windows/en-US/3932e3eb-c034-4eb7-aa06-4a0a8e6ea493/fault-module-namestackhash0a9e?forum=w7itprogeneral can u send it to other people and tell me it has the same error or not , if on my system it has no error I can't debug and fix it 😕 I try to build a version with windows 7 SDK
evlncrn8 Posted May 23, 2018 Posted May 23, 2018 well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ?
MatrixReloaded Posted May 24, 2018 Author Posted May 24, 2018 On 5/23/2018 at 9:10 PM, evlncrn8 said: well the 0xC0000005 is the good old NT_STATUS_ACCESS_VIOLATION and you got the faulting offset, so that and a pdb should be able to let you know which function crashed, you did get it to generate a pdb on compile.. right ? Expand Hi Dear evlncrn8 , yes I did , I checked it , functions are pretty simple I don't know really whay that error happened , I sent the file to 8 different person last night and they run the app with no problem. can you please check it ? SUPERMAX_BETA3_SECURITY_CHALLENGE_BOOT.rarFetching info... thank you
MatrixReloaded Posted May 24, 2018 Author Posted May 24, 2018 On 5/23/2018 at 7:04 PM, kao said: Crashing on my Win10 inside VMware as well. Windows Defender stopped, no other AV. Reveal hidden contents It's a perfect protection - if nobody can run it, nobody can crack it. Expand please check this file , I build it with win7 sdk and it works on win10 aslo : _release8.rarFetching info...
Solution atom0s Posted August 13, 2018 Solution Posted August 13, 2018 Result: How To Do: 1. Dump program while running using something like MegaDumper to see a basic jist of what is done. 2. See that GUI_Modelx86.dll holds all the important information. 3. Unpack GUI_Modelx86.dll. 4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8 5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key. 6. Set key in program, click button and get results above. To unpack GUI_Modelx86.dll: 1. Load in OllyDbg. 2. Step until ESP changes. 3. Follow ESP in memory, set hardware breakpoint on access. 4. Keep running until you hit a JMP EAX instruction, step into. 5. Dump, fix imports, and you have the dll unpacked now. Wouldn't really consider this 8/10, it was pretty easy. 1
MatrixReloaded Posted December 11, 2018 Author Posted December 11, 2018 On 8/13/2018 at 8:21 AM, atom0s said: Result: How To Do: 1. Dump program while running using something like MegaDumper to see a basic jist of what is done. 2. See that GUI_Modelx86.dll holds all the important information. 3. Unpack GUI_Modelx86.dll. 4. Check out the file in IDA, see how DENCLR_1998 function works. Important information being: dword_10034D84 and dword_100408B8 5. Set breakpoint on the DENCLR_1998 compare against the two dwords above. View values of each. 100408B8 holds the expected key. 6. Set key in program, click button and get results above. To unpack GUI_Modelx86.dll: 1. Load in OllyDbg. 2. Step until ESP changes. 3. Follow ESP in memory, set hardware breakpoint on access. 4. Keep running until you hit a JMP EAX instruction, step into. 5. Dump, fix imports, and you have the dll unpacked now. Wouldn't really consider this 8/10, it was pretty easy. Expand Thank you for information , really helpful , please check new packer I made , Bulletproof.NET :) 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now