Jump to content
Tuts 4 You
  • 0
Sign in to follow this  

Modded ConfuserEx (Find the Password)



Platform: Windows
Language: C#/.NET
OS Version: Windows 10 (I only tested on it so)
Protector: Modded ConfuserEx


Modification to ConfuserEx; constants, math protection, variablesmelter, antide4dot (broked rn), three antidebugs (one inside antitamper), sizeof, antivm, antiemulator, antidnspy, antijustdecompiler, intergritychecking, typescrambler etc 

Unpack the file and find the password. Document how you deobfuscated it.

https://www.virustotal.com/#/file/3cd889f4be35cb440f4a4a1c3ececc62a7075ccddeb76553e06ad12e96d94fe4/detection (false positive because of the obfuscation)

If there are any errors in this thread or in my english, I am sorry, it is my first time at this forum and I am brazillian :P





Share this post

Link to post

1 answer to this question

Recommended Posts

  • 1



Password is





It's relatively easy to get the corretc flag. All your obfuscation routines is not usefull against memory scanning. Enter a wrong pass, click on button, get wrong pass flag, search for it in memory, and the good password is in clear in the file.


Also you should consider something as far as dnlib is concerned to shrunk the old strings from the binary file, because the good password is in clear not only in memory (thats to be expected somehow) but also in raw bytes at offset 00001b790

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
  • Create New...