X0rby Posted March 24 Posted March 24 (edited) On 3/24/2024 at 4:41 PM, windowbase said: @X0rby Just showing off? I didn't change anything, just my usual dbg settings... Edited March 25 by X0rby 1
boot Posted March 24 Posted March 24 1 hour ago, windowbase said: Just showing off? Regards. sean. With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Spoiler Video_2024-03-25_004657.mp4 2
Sean the hard worker Posted March 24 Posted March 24 6 minutes ago, boot said: With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Hide contents Video_2024-03-25_004657.mp4 1.31 MB · 0 downloads @boot ASAP. Regards. sean. 1
RADIOX Posted March 25 Posted March 25 15 hours ago, boot said: With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Hide contents Video_2024-03-25_004657.mp4 1.31 MB · 0 downloads Please try that with the 2 targets i shared
jackyjask Posted March 25 Posted March 25 3 minutes ago, RADIOX said: Please try that with the 2 targets i shared one target silently crashes even without any debugger being used steps to run it?
RADIOX Posted March 25 Posted March 25 2 hours ago, jackyjask said: silently crashes I'll do a short video the 2 apps running fin without using a debugger
Oliver Posted March 25 Posted March 25 @bootbro did you tried solving titan hide driver's blu screen issue? Regards. 1
Sean the hard worker Posted March 25 Posted March 25 12 minutes ago, Oliver said: @bootbro did you tried solving titan hide driver's blu screen issue? Regards. Regards. sean. 1
boot Posted March 26 Posted March 26 14 hours ago, Oliver said: Did you tried solving titan hide driver's blu screen issue? I have tried to add Etw Hook's source code to the source code of TitanHide.sys, but it was not effective and I am not considering it for now. I will release newly compiled plugins and drivers, using methods to bypass signatures. They will not need to disable signatures and can be loaded in normal mode. 2
Oliver Posted March 26 Posted March 26 (edited) Wow superb @boot ,what the great jobs you are doing for us bro. Much appreciated. Best of luck. Thank you very much. Edited March 26 by Oliver 1
boot Posted March 26 Posted March 26 4 hours ago, boot said: Not need to disable signatures and can be loaded in normal mode... In theory, it is feasible, but it is unknown whether it will be effective in the new version of Windows OS. Spoiler Refer to these two links for usage: https://forum.tuts4you.com/topic/41774-pass-debugger-check-in-vmprotect-2x/page/2/#comment-219832 https://forum.tuts4you.com/topic/41774-pass-debugger-check-in-vmprotect-2x/page/2/#comment-219837 MyDrv_Plugin_v0.004.zip 2
Oliver Posted March 26 Posted March 26 @bootbro i have a question ,when we start titan hide drivers then we can easily debug the latest vmp protected file like putting breakpoints and stepping but when we attach same file to the debugger and after putting breakpoint click on the button why program auto closes?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now