Language : .NET
Platform : Windows x32/x64
OS Version : All
Packer / Protector : Anti Dump + IL Protection + Enigma Protector 3.50

Description :

You need to unpack and change the Text. "Tuts4you Special Unpack Edition"

Screenshot :

 

UnpackMe by Lucifer.exe

Before this is approved please edit your topic so it follows the correct posting format...

Ted.

2 hours ago, Teddy Rogers said:

Before this is approved please edit your topic so it follows the correct posting format...

Ted.

I edited it according to rules

UnpackMe by Lucy_changed.zip

Run the target first with NETBox so won't kill .NET PE.
Dump with MegaDumper.

In dumped exe change Image Base to 400000
Fix relocation with Universal Fixer

Native DLL UnpackMePlease.dll missing:
DllSaver break if module contains UnpackMePlease

Unpacked exes:
https://www112.zippyshare.com/v/26CxsdFV/file.html

 

On 5/8/2019 at 10:23 PM, #Sith said:

UnpackMe by Lucy_changed.zip 1.09 MB · 0 downloads

How did you change the text without actually unpacking it ??? any guide or anything ?? 

Please 

2 hours ago, CodeExplorer said:

Run the target first with NETBox so won't kill .NET PE.
Dump with MegaDumper.

In dumped exe change Image Base to 400000
Fix relocation with Universal Fixer

Native DLL UnpackMePlease.dll missing:
DllSaver break if module contains UnpackMePlease

Unpacked exes:
https://www112.zippyshare.com/v/26CxsdFV/file.html

 

Running Perfect bro !! as its .net we can bypass anti dump with put bp on _corexmain using x64dbg or using enigma unpacker script by giv.. but what method you told is not clear .. and after it as i dump the exe with megadumper ... only one dll comes not both..
as its ilprotected and dll name -- unpackmeplease.dll and yes.dll i loaded in enigma so at dumping only one dll came out not the second one.

How you manage to get both of the dll bro ?
and after that as we have both dll of ilprotection with exe then how you bypassed the ilprotection latest ? any video will be appreciated awesome. 
or any text guide will also be ok.... thank you so much.. by the way nice work !!

Run original exe with NETBox 4.0 forget to specify version 4.0:
https://forum.tuts4you.com/topic/39321-netbox/
Dump .NET exe main module with MegaDumper:
https://forum.tuts4you.com/topic/24087-dotnet-dumper-10/page/3/?tab=comments#comment-177260

Quote

Native DLL UnpackMePlease.dll missing:
DllSaver break if module contains UnpackMePlease

You should load original exe with dllsaver:
https://forum.tuts4you.com/topic/39871-dllsaver/

As for ILProtector unpacking I've used a private tool I won't share!
 

3 hours ago, Black Hat Anonymous said:

How did you change the text without actually unpacking it ??? any guide or anything ?? 

Please 

To get unpackmeplease.dll and yes.dll i've just use WinAPI CopyFileA in target process, and after i use standard method to set new Content in component after initialization.

On 5/15/2019 at 10:33 PM, #Sith said:

To get unpackmeplease.dll and yes.dll i've just use WinAPI CopyFileA in target process, and after i use standard method to set new Content in component after initialization.

Thanks You Brother.  but i m geeting always unpackmeplease.dll only .... im not able to get yes.dll any tutorial or instruction will be much appreciated... visual like image/video will be definitely --- GOLD 
Instruction will still be perfect .... 

On 5/15/2019 at 4:27 PM, CodeExplorer said:

Run original exe with NETBox 4.0 forget to specify version 4.0:
https://forum.tuts4you.com/topic/39321-netbox/
Dump .NET exe main module with MegaDumper:
https://forum.tuts4you.com/topic/24087-dotnet-dumper-10/page/3/?tab=comments#comment-177260

You should load original exe with dllsaver:
https://forum.tuts4you.com/topic/39871-dllsaver/

As for ILProtector unpacking I've used a private tool I won't share!
 

Hello why change image base to that specific value? Sorry for the newbie question.