Posted February 26, 20196 yr Language : . NET Platform : Windows OS Version : Windows 7/Windows 8/Windows 10 Packer / Protector : ILProtector + Enigma Description : Unpack the file and get the password. Screenshot : Test_protected.rar
February 26, 20196 yr File does not seem to be runnable on my VM - please fix this before I can continue.
May 15, 20196 yr After you dump the main exe (.NET) with MegaDumper: Exception messages: Unable to load DLL 'Test32.dll': The specified module could not be found. (Exception from HRESULT: 0x8007007E) So you got to dump that dll with DllSaver. Enigma Only unpacked exes: https://www95.zippyshare.com/v/b0258Ft4/file.html
May 15, 20196 yr 6 hours ago, CodeExplorer said: After you dump the main exe (.NET) with MegaDumper: Exception messages: Unable to load DLL 'Test32.dll': The specified module could not be found. (Exception from HRESULT: 0x8007007E) So you got to dump that dll with DllSaver. Enigma Only unpacked exes: https://www95.zippyshare.com/v/b0258Ft4/file.html Heres ilprotected file cleaned Test_protected_bodyRestored.exe
June 23, 20196 yr 1. dump ilprotector native runtime you can inject a dll to call OpenFileDialog and dump 2. decrypt method body fix ILProtectorUnpacker's hook, then it works Test.ip.exe.7z Edited June 23, 20196 yr by wwh1004
June 23, 20196 yr @CodeExplorer Could you please leave the DllSaver download please? Thanks! Edited June 23, 20196 yr by Asura
June 23, 20196 yr 4 hours ago, Asura said: Could you please leave the DllSaver download please? Thanks! Strange here attachments downloads works ok. Here is external download link: https://www3.zippyshare.com/v/fDchNW5P/file.html
June 23, 20196 yr 15 hours ago, wwh1004 said: 1. dump ilprotector native runtime you can inject a dll to call OpenFileDialog and dump 2. decrypt method body fix ILProtectorUnpacker's hook, then it works Test.ip.exe.7z 6.04 kB · 2 downloads Dumping of ILProtector Native -- Done inject a DLL - Which DLL and Where and How ? Fix IL Protector HOOK - Any info about it Brother ???
June 24, 20196 yr 20 hours ago, Black Hat Anonymous said: Dumping of ILProtector Native -- Done inject a DLL - Which DLL and Where and How ? Fix IL Protector HOOK - Any info about it Brother ??? Code like this. You can copy dlls in OpenFileDialog. If you can't copy dlls (maybe anti dump?), you can use the code like "File.WriteAllBytes(@"I:\Downloads\Yes.dll2", File.ReadAllBytes(@"I:\Downloads\Yes.dll"));". ILProtector detects the first few bytes of the compiled machine code. You can fake it.
June 25, 20196 yr 1. Dumped native dll from Enigma's Virtual Box. 2. Break at OEP of Enigma, and dump binary with Mega Dumper. 3. Put Dumped files in one folder and the unpack with @CodeExplorer's Tool Here is my unpacked file. unpacked.rar
July 25, 20196 yr Author On 5/15/2019 at 4:47 PM, CodeExplorer said: After you dump the main exe (.NET) with MegaDumper: Exception messages: Unable to load DLL 'Test32.dll': The specified module could not be found. (Exception from HRESULT: 0x8007007E) So you got to dump that dll with DllSaver. Enigma Only unpacked exes: https://www95.zippyshare.com/v/b0258Ft4/file.html Which options did you use to get the file? I tried but the file is not correct
January 15, 20205 yr Author On 6/25/2019 at 1:16 PM, GautamGreat said: 1. Dumped native dll from Enigma's Virtual Box. 2. Break at OEP of Enigma, and dump binary with Mega Dumper. 3. Put Dumped files in one folder and the unpack with @CodeExplorer's Tool Here is my unpacked file. unpacked.rar 531.45 kB · 30 downloads how to do Break at OEP of Enigma, and dump binary with Mega Dumper?
Create an account or sign in to comment