X0rby Posted March 24, 2024 Posted March 24, 2024 (edited) On 3/24/2024 at 4:41 PM, windowbase said: @X0rby Just showing off? I didn't change anything, just my usual dbg settings... Edited March 25, 2024 by X0rby 1
boot Posted March 24, 2024 Posted March 24, 2024 1 hour ago, windowbase said: Just showing off? Regards. sean. With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Spoiler Video_2024-03-25_004657.mp4 2
lovejoy226 Posted March 24, 2024 Posted March 24, 2024 6 minutes ago, boot said: With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Hide contents Video_2024-03-25_004657.mp4 1.31 MB · 0 downloads @boot ASAP. Regards. sean. 1
RADIOX Posted March 25, 2024 Posted March 25, 2024 15 hours ago, boot said: With simple tricks, everyone can bypass the Anti-Debug of this target without loading the kernel-driver. If no one is willing to share this method, I will make it public. Hide contents Video_2024-03-25_004657.mp4 1.31 MB · 0 downloads Please try that with the 2 targets i shared
jackyjask Posted March 25, 2024 Posted March 25, 2024 3 minutes ago, RADIOX said: Please try that with the 2 targets i shared one target silently crashes even without any debugger being used steps to run it?
RADIOX Posted March 25, 2024 Posted March 25, 2024 2 hours ago, jackyjask said: silently crashes I'll do a short video the 2 apps running fin without using a debugger
Oliver Posted March 25, 2024 Posted March 25, 2024 @bootbro did you tried solving titan hide driver's blu screen issue? Regards. 1
lovejoy226 Posted March 25, 2024 Posted March 25, 2024 12 minutes ago, Oliver said: @bootbro did you tried solving titan hide driver's blu screen issue? Regards. Regards. sean. 1
boot Posted March 26, 2024 Posted March 26, 2024 14 hours ago, Oliver said: Did you tried solving titan hide driver's blu screen issue? I have tried to add Etw Hook's source code to the source code of TitanHide.sys, but it was not effective and I am not considering it for now. I will release newly compiled plugins and drivers, using methods to bypass signatures. They will not need to disable signatures and can be loaded in normal mode. 2
Oliver Posted March 26, 2024 Posted March 26, 2024 (edited) Wow superb @boot ,what the great jobs you are doing for us bro. Much appreciated. Best of luck. Thank you very much. Edited March 26, 2024 by Oliver 1
boot Posted March 26, 2024 Posted March 26, 2024 4 hours ago, boot said: Not need to disable signatures and can be loaded in normal mode... In theory, it is feasible, but it is unknown whether it will be effective in the new version of Windows OS. Spoiler Refer to these two links for usage: https://forum.tuts4you.com/topic/41774-pass-debugger-check-in-vmprotect-2x/page/2/#comment-219832 https://forum.tuts4you.com/topic/41774-pass-debugger-check-in-vmprotect-2x/page/2/#comment-219837 MyDrv_Plugin_v0.004.zip 2
Oliver Posted March 26, 2024 Posted March 26, 2024 @bootbro i have a question ,when we start titan hide drivers then we can easily debug the latest vmp protected file like putting breakpoints and stepping but when we attach same file to the debugger and after putting breakpoint click on the button why program auto closes?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now