Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Atipls' Obfuscator

Cursedzx
Cursedzx
in UnPackMe (.NET)

Featured Replies

Posted

Difficulty : Probably 7
Language : C# .NET
Platform : Windows (anyCPU)
OS Version : Windows 7 Above
Packer / Protector : Atipls' obfuscator

Description :

Upload the unpacked file and give me a detailed tutorial. Describe me the specific method or the specific tools in order used.

As I said in the previous unpack challenges XD.

Screenshot :

Capture.PNG

UnpackME.exe

Solved by #Sith

Go to solution
  • Solution

Load file in dnSpy, bypass NtQueryInformationProcess, dump the module, then de4dot and SAE (string only).

UnpackME_unpk.exe

    •
    • Thanks 1
    • Author

    Sith, do you know what NtQueryInformationProcess was used for?

    probably anti debug.. 

    3 hours ago, #Sith said:

    Load file in dnSpy, bypass NtQueryInformationProcess, dump the module, then de4dot and SAE (string only).

    UnpackME_unpk.exe

    @Sith  how to bypass NtQueryInformationProcess ? Can you a little more detail ?

    4 hours ago, Cursedzx said:

    Sith, do you know what NtQueryInformationProcess was used for?

    InheritedFromUniqueProcessId field in PROCESS_BASIC_INFORMATION structure get the ID of the parent process and programm compare it to the some names. I Just changed the InheritedFromUniqueProcessId value to the ID of explorer.exe

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.