Jump to content
Tuts 4 You

EazFuscator 2019.1


Prab

Recommended Posts

whoknows

same version already done @ 

https://forum.tuts4you.com/topic/41323-eazfuscatornet-20191-w-homomorphic-encryption/#comment-199617

 

  • Like 1
Link to post
1 hour ago, whoknows said:

same version already done @ 


https://forum.tuts4you.com/topic/41323-eazfuscatornet-20191-w-homomorphic-encryption/#comment-199617

 

oh thanks, sorry my bad

Link to post
  • 4 weeks later...
Sabry Aryha
On 4/16/2020 at 7:27 PM, CreateAndInject said:

Why do you make a 2019.1 CrackMe rather than 2020.1?

coul you try to crack 2020.1 :D

Link to post
Sabry Aryha
20 hours ago, CreateAndInject said:

@maristroch I think I can do it except VM.

no one made a crack for the latest version there is only a keygen for 2019.1 but 2020.1 people says that its uncrackable because of there good vm

Link to post
0x59

maristroch 2020.1 is not uncrackablee is just difficulty to analyze 

Link to post
whoknows
https://github.com/JemmyLoveJenny/JemmyLoveJenny.github.io/blob/master/articles/Eazfuscator-Anti-Virtual-IL/Eazfuscator-Anti-Virtual-IL.md

 

Link to post
TobitoFatito
Posted (edited)
On 5/17/2020 at 6:41 AM, Prab said:

It might have a few weird instructions since i'm new to this :D

Crackme-cleaned-Devirtualized2.zip

Info:

This is the first version of eaz that i analyze so i can't say how 2019.x is different from 2020.1 but its definitely not uncrackable

Steps i took (as i should have included since the beginning):

1 Learn how CIL works / CIL fundamentals (there are some nice ebooks that i can't link here :D )

2 Learn how the assembly reader/writer of your choice works (dnlib for example)

3 Learn how a simple VM works ( https://github.com/TobitoFatitoNulled/MemeVM (the original creator of this vm left so this is a fork to keep the project alive))

4 https://github.com/saneki/eazdevirt See how the previous devirt was made (and you could also check previous eazvm protected executables)

5 Practice your skills trying to make MemeVM Devirt, you can message me if you have any issues with this step (You can always disable renaming on memevm to make the process easier to understand).

6 Start renaming a EazVM test assembly (you can make your own with trial) with all the knowledge you got from the previous steps (and find how crypto streams are initialized, where opcodes are located & how they are connected to the handlers etc etc etc, things that you would find in a vm)

Editing saneki's eazdevirt might be a good idea, though i was more comfortable making my own base.

Edited by TobitoFatito
more info as i should have included earlier o.O (see edit history)
  • Like 3
  • Thanks 3
Link to post
localhost0

With eazfuscator, you only protect your less important files.
you can protect your important files with vmprotect or better protection.

briefly this protection is like shit.

Link to post
TobitoFatito
Posted (edited)
52 minutes ago, mamo434376 said:

With eazfuscator, you only protect your less important files.
you can protect your important files with vmprotect or better protection.

briefly this protection is like shit.

Who are you to say that it's shit? Have you made an unpacker for it? If you do, you are free to correct me but if you don't you shouldn't make these silly comments, in my opinion.

Edited by TobitoFatito
less toxic :D (see edit history)
  • Thanks 3
Link to post
whoknows

@Abigor 

well done mate... the validation shits inside, is custom...

Link to post
BlackHat

How these Unpacking Posts are getting approved ? It is clearly written in the Rules that the solution of challenge will not be accepted if you don't describe the steps. 
Here everyone showing that they have cleaned it but no one is telling how ? so literally this is not a valid contribution to the forum if you don't descibe how it has been done. 

Just uploading files of cleaned is not all about unpacking. I think everyone must need to describe the steps or approach he has done to clean it. 
If I sound rude, I am sorry but this is what i feel. 

  • Thanks 2
Link to post
localhost0
Posted (edited)
On 5/18/2020 at 12:50 PM, TobitoFatito said:

Who are you to say that it's shit? Have you made an unpacker for it? If you do, you are free to correct me but if you don't you shouldn't make these silly comments, in my opinion.

almost everyone here has opened this protection.
the same protection exists in the beds protector private (over) and was easy to remove.
and empty talk.

 

Edited by mamo434376 (see edit history)
  • Confused 1
Link to post
Sabry Aryha
On 5/16/2020 at 7:08 PM, 0x59 said:

maristroch 2020.1 is not uncrackablee is just difficulty to analyze 

someone told me that they have a very good vm and its very hard to crack the license.
I only have a keygen for the version 2019.1 but 2019.2 - 2020.1 there is nothing and I think no one made something.

but if you can do a crack for eaz that would be great.

 

On 5/17/2020 at 7:52 PM, TobitoFatito said:

Literally just finished recompiler might have a few weird instructions :D

Crackme-cleaned-Devirtualized2.zip 99.97 kB · 12 downloads

could you please explain how do you cleaned that so good?

Link to post
TobitoFatito
Posted (edited)
2 hours ago, 0x59 said:

Eaz 2020.1 
Crackme-Cleaned.exe
 

Capture.PNG

What's the point of this? You ran my file under de4dot and repost it? :D i can recognise my file ya know, i intentionally left this out (i haven't finished local types yet but i manually set the third local to int32) + i added 9 locals when only 3 get used :D

4pEkxfB.png

Edited by TobitoFatito (see edit history)
  • Haha 5
Link to post
Washi
On 5/18/2020 at 12:59 PM, BlackHat said:

How these Unpacking Posts are getting approved ? It is clearly written in the Rules that the solution of challenge will not be accepted if you don't describe the steps. 
Here everyone showing that they have cleaned it but no one is telling how ? so literally this is not a valid contribution to the forum if you don't descibe how it has been done. 

Just uploading files of cleaned is not all about unpacking. I think everyone must need to describe the steps or approach he has done to clean it. 
If I sound rude, I am sorry but this is what i feel. 

Have to agree with this here. As far as I know, tuts4you is a place for educational content, not a place for showing off. What's the point of sharing just the unpacked binary, other than for bragging rights?

  • Like 1
Link to post
TobitoFatito
14 hours ago, 0x59 said:

TobitoFatito 

Its true i didn't devirt it , my friend did it ;)

Sothat's don't make me skid ;)

But i made it clear that i recognise that file being mine, did your friend download my file run it through de4dot and then give you the file to post it? it legit makes 0 sense.

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...