Posted February 23, 20205 yr Language : .NET Platform : Windows [x32/x64] OS Version : Windows 10 Packer / Protector : ConfuserEX Custom [Dark Protector Mod] Description : Unpack the exe to find the key! If you would give a brief explanation on how you unpacked it. The exe has max protections and will pop up a messagebox once you enter the correct password. Protections Added to this Unpack Exe: Junk Code, Anti De4Dot, Anti Debug, Anti Dump, Anti ILDasm, Anti Tamper, Calli Protection, Constant Dis, Constants, Control Flow, Hide Methods, Invalid Metadata, MD5 Checksum, Mid Ref Proxy, Mutate Constants, Mutations, Module Flood, Reference Proxy, Renamer, Resources, and Stack Underflow. Screenshot : UnpackMe_MaxSettings.exe
March 20, 20214 yr Solution private void button1_Click(object sender, EventArgs e) { if (this.textBox1.Text == "int73") { MessageBox.Show("congrat you wins"); } } 1. you need to remove Anti Tamper manually ( you can search on youtube , theres much tutorial ) 2. Remove Native Methods using x86Fixer (https://cdn.discordapp.com/attachments/718479256979767317/797817808905175040/x86_Retranslater.rar) and change to ILOnly 3. Remove Anti Decompiler (Search on Prab's Github) 4. Remove Call to Calli (Search CalliFixers on github) 5. Then remove junk ( simply u can use de4dot for this ) 6. Resolve the delegates ( i forgot which link , u can find on this forums ) 7. Remove Mutation ( you can use Public Mutations remover) 8. Decrypt String using ConstantDec by cs( you can search on goole , and download on any,run) 9. against remove mutation but this is for Parse mutations ( you can simply download Mindsystem Supercalculator ) 10. Remove Manually Junk Flow ( i dont know what is this called , bcuz the code does nothing just nop all the instruction that don't needed ) 11. Fix Ref proxy ( you can use ProxyCallFixer v1.2 by theproxy) 12. Remove Junk Class ( you can do it manually / you can download Unsealer in Github) 13. De4dot to rename 14. Remove Everything in <Module> ( bcuz its useless again) UnpackMe_MaxSettings_NoTamper_NoX86_NoAntiDecompiler_NoCalli_NoJunk_nodelegate_NoMutation_NoConstant_NoMutation_NoJunkFlow_noProxy_NoJunkClass-cleaned_NoModule.exe Edited March 20, 20214 yr by Mr-Toms
June 21, 20232 yr On 2/23/2020 at 7:13 AM, Babyhamsta said: Protections Added to this Unpack Exe: Junk Code, Anti De4Dot, Anti Debug, Anti Dump, Anti ILDasm, Anti Tamper, Calli Protection, Constant Dis, Constants, Control Flow, Hide Methods, Invalid Metadata, MD5 Checksum, Mid Ref Proxy, Mutate Constants, Mutations, Module Flood, Reference Proxy, Renamer, Resources, and Stack Underflow. If the purpose of all that is to protect and hide the key, then that's a very bad use of the protection. Make sure to write a secure source code before using protections... Quote to find the key! If you would give a brief explanation on how you unpacked it It can be done in 1 sec from memory : 0x385fc70 : DarksProtector - dark#5000 0x385fc98 : int73 ===> PASSWORD 0x385fca4 : congrat you wins 0x385fcb8 : label2 0x385fcc4 : Unpack me for the password!! :) Edited June 21, 20232 yr by X0rby
Create an account or sign in to comment